Keyboard Probleme - Malware vermutet

mh1981 · 08.09.2016, 14:10

Hallo zusammen

Ich habe seit ein paar Tagen das Problem, dass meine Tastatur immer wieder Aussetzer hat. Ich habe Batterien gewechselt, neu installiert, gestartet etc. Es hat leider alles nichts geholfen. Ein Freund hat mir nun gesagt, dass dies auch durch einen Keylogger oder andere Malware verursacht sein könnte und mir empfohlen mich hier zu melden, was ich hiermit gerne mache

Vielen Dank schon im Voraus für die Unterstüztung. Echt toll was Ihr hier bietet.

PS: Addition.txt als Anhang da zu lange

FRST.txt:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
durchgeführt von Marc (Administrator) auf HUE101-W (08-09-2016 14:58:49)
Gestartet von C:\Users\Marc\Downloads
Geladene Profile: Marc (Verfügbare Profile: sysadmin & Marc)
Platform: Windows 8.1 (Update) (X64) Sprache: German (Germany)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.01\AsusFanControlService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(FileZilla Project) C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\NCS2\WMIProv\ncs2prov.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
() C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
konnte nicht auf den Prozess zugreifen -> DipAwayMode.exe
(Postbox, Inc.) C:\Program Files (x86)\Postbox\postbox.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Spotify Ltd) C:\Users\Marc\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(LG Electronics) C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe
(TODO: <Company name>) C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplitterHook64App.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google, Inc) C:\Users\Marc\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Marc\AppData\Roaming\Dashlane\DashlanePlugin.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Marc\AppData\Roaming\Dashlane\Dashlane.exe
(Bartels Media GmbH) C:\Program Files (x86)\PhraseExpress\phraseexpress.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.1\Lightshot.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(LG Electronics Inc.) C:\Program Files (x86)\LG Electronics\TrueColorFinder\bin\TrueColorFinder.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\Marc\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(DonationCoder.com) C:\Program Files (x86)\FindAndRunRobot\FindAndRunRobot.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Trend Micro Inc.) C:\Users\Marc\Downloads\HijackThis.exe
() C:\Program Files (x86)\ASUS\AI Suite III\AsusMiniBar.exe
() C:\Program Files\Notepad2\Notepad2.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7573208 2014-04-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1385840 2014-04-15] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-04-11] (Intel Corporation)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [490760 2013-08-19] (CyberLink Corp.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [831576 2016-08-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282632 2013-04-02] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.)
HKLM-x32\...\Run: [FileZilla Server Interface] => C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe [2462680 2015-06-12] (FileZilla Project)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [67864 2016-08-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-08-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1867448 2016-07-28] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2599644957-2847619135-2017443304-1003\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23375200 2016-07-29] (Google)
HKU\S-1-5-21-2599644957-2847619135-2017443304-1003\...\Run: [Spotify Web Helper] => C:\Users\Marc\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1554032 2016-07-14] (Spotify Ltd)
HKU\S-1-5-21-2599644957-2847619135-2017443304-1003\...\Run: [ScreenSplitter] => C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe [693288 2014-01-22] (LG Electronics)
HKU\S-1-5-21-2599644957-2847619135-2017443304-1003\...\Run: [Dropbox Update] => C:\Users\Marc\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-12] (Dropbox, Inc.)
HKU\S-1-5-21-2599644957-2847619135-2017443304-1003\...\Run: [GoogleChromeAutoLaunch_DEC2D89A3B6F06ADCC4F89EA2A899238] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [961352 2016-08-03] (Google Inc.)
HKU\S-1-5-21-2599644957-2847619135-2017443304-1003\...\Run: [Google Update] => C:\Users\Marc\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2016-04-01] (Google Inc.)
HKU\S-1-5-21-2599644957-2847619135-2017443304-1003\...\Run: [Google Photos Backup] => C:\Users\Marc\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [3790936 2016-04-09] (Google, Inc)
HKU\S-1-5-21-2599644957-2847619135-2017443304-1003\...\Run: [Dashlane] => C:\Users\Marc\AppData\Roaming\Dashlane\Dashlane.exe [227200 2016-05-31] ()
HKU\S-1-5-21-2599644957-2847619135-2017443304-1003\...\Run: [DashlanePlugin] => C:\Users\Marc\AppData\Roaming\Dashlane\DashlanePlugin.exe [286080 2016-05-31] ()
HKU\S-1-5-21-2599644957-2847619135-2017443304-1003\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2599644957-2847619135-2017443304-1003\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [884920 2016-06-30] (Adobe Systems Incorporated)
IFEO\notepad.exe: [Debugger] "C:\Program Files\Notepad2\Notepad2.exe" /z
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PhraseExpress.lnk [2016-03-30]
ShortcutTarget: PhraseExpress.lnk -> C:\Program Files (x86)\PhraseExpress\phraseexpress.exe (Bartels Media GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TrueColorFinder.lnk [2015-05-15]
ShortcutTarget: TrueColorFinder.lnk -> C:\Program Files (x86)\LG Electronics\TrueColorFinder\bin\TrueColorFinder.exe (LG Electronics Inc.)
Startup: C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-09-03]
ShortcutTarget: Dropbox.lnk -> C:\Users\Marc\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2015-01-02]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Find And Run Robot.lnk [2015-09-19]
ShortcutTarget: Find And Run Robot.lnk -> C:\Program Files (x86)\FindAndRunRobot\FindAndRunRobot.exe (DonationCoder.com)
Startup: C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneDrive for Business.lnk [2015-06-04]
ShortcutTarget: OneDrive for Business.lnk -> C:\Program Files\Microsoft Office 15\root\office15\GROOVE.EXE (Keine Datei)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0CA57EF1-5464-49AE-860C-34BA2A049894}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2487A8D5-1C94-41D3-BA79-AAC7C323324F}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-2599644957-2847619135-2017443304-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE12&ocid=UE12DHP
SearchScopes: HKU\S-1-5-21-2599644957-2847619135-2017443304-1003 -> {C5AA6A53-12C3-453A-9376-BA5D50998268} URL = hxxps://www.google.ch/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-08-19] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-08-11] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-08-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-08-11] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-08] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2016-08-11] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-08] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\f3v184pk.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll [2014-08-07] ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-08-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-08-11] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-08-24] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll [2014-08-07] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-08-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-08-08] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-08-08] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader\XI\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-08-24] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2599644957-2847619135-2017443304-1003: @hola.org/FlashPlayer -> C:\Users\Marc\AppData\Local\Hola\firefox\app\flash\NPSWF32_18_0_0_232.dll [2015-09-25] ()
FF Plugin HKU\S-1-5-21-2599644957-2847619135-2017443304-1003: @hola.org/vlc -> C:\Users\Marc\AppData\Local\Hola\firefox\app\vlc\npvlc.dll [2015-09-25] (Hola)
FF Plugin HKU\S-1-5-21-2599644957-2847619135-2017443304-1003: @tools.google.com/Google Update;version=3 -> C:\Users\Marc\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-19] (Google Inc.)
FF Plugin HKU\S-1-5-21-2599644957-2847619135-2017443304-1003: @tools.google.com/Google Update;version=9 -> C:\Users\Marc\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-19] (Google Inc.)
FF Extension: (Firefox Hotfix) - C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\f3v184pk.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-05]
FF Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\f3v184pk.default\Extensions\firefox@zenmate.com.xpi [2016-08-23]
FF Extension: (Dashlane) - C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\f3v184pk.default\Extensions\jetpack-extension@dashlane.com.xpi [2016-08-23]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-06-08]

Chrome: 
=======
CHR HomePage: Default -> hxxp://google.com/
CHR StartupUrls: Default -> "hxxp://google.com/"
CHR DefaultSearchURL: Default -> hxxps://www.google.ch/search?q={searchTerms}
CHR DefaultSearchKeyword: Default -> google.ch_
CHR Session Restore: Default -> ist aktiviert.
CHR Profile: C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (SEOquake) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\akdgnmcogleenhbclghghlkkdndkjdjc [2016-08-31]
CHR Extension: (Google Docs) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-07]
CHR Extension: (Google Drive) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-30]
CHR Extension: (Web Developer) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2016-08-19]
CHR Extension: (YouTube) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (JSONView) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chklaanhfefbnpoihckbnefhakgolnmc [2016-07-07]
CHR Extension: (Google Search) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-28]
CHR Extension: (MozBar) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\eakacpaijcpapndcfffdgphdiccmpknp [2016-09-08]
CHR Extension: (Adobe Acrobat) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-09-08]
CHR Extension: (Google Calendar) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2015-10-14]
CHR Extension: (Dashlane) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2016-09-08]
CHR Extension: (Full Page Screen Capture) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2016-09-08]
CHR Extension: (Google Docs Offline) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-30]
CHR Extension: (Google Photos) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcglmfcclpfgljeaiahehebeoaiicbko [2016-04-02]
CHR Extension: (Kindle Cloud Reader) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2016-05-08]
CHR Extension: (Apps Launcher) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijmgkhchjindcjamnckoiahagecjnkdc [2016-09-08]
CHR Extension: (WhatFont) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2016-06-19]
CHR Extension: (Bananatag Email Tracking) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpbnpbfpgjkblmejlgkfkekajajhjcid [2016-08-31]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2016-09-08]
CHR Extension: (StayFocusd) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji [2015-07-02]
CHR Extension: (Momentum) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\laookkfknpbbblfpciffpaejjkokdgca [2016-08-19]
CHR Extension: (Skype) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-08-31]
CHR Extension: (Google Maps) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-03-31]
CHR Extension: (Chrono Download Manager) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\mciiogijehkdemklbdcbfkefimifhecn [2016-08-19]
CHR Extension: (Screencastify (Screen Video Recorder)) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmeijimgabbpbgpdklnllpncmdofkcpn [2016-08-19]
CHR Extension: (Allow-Control-Allow-Origin: *) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlfbmbojpeacfghkpbjhddihlkkiljbi [2016-08-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (HubSpot Sales) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiiaigjnkhngdbnoookogelabohpglmd [2016-08-31]
CHR Extension: (Evernote Web Clipper) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2016-08-31]
CHR Extension: (Gmail) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-31]
CHR Extension: (Majestic Backlink Analyzer) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnmjaflneibolacpepklokkjnakmikmg [2016-08-19]
CHR Extension: (Kein Name) - C:\Users\Marc\Downloads\gcuf-new-caster-chrome-extension [2016-09-05]
CHR Profile: C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 1
CHR HKU\S-1-5-21-2599644957-2847619135-2017443304-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Marc\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2016-04-06]
CHR HKU\S-1-5-21-2599644957-2847619135-2017443304-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-08-24] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2159320 2016-08-22] (Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [988184 2016-08-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [470600 2016-08-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [470600 2016-08-24] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1453696 2016-08-24] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-28] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2014-01-28] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-24] () [Datei ist nicht signiert]
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.01\AsusFanControlService.exe [382776 2014-04-24] (ASUSTeK Computer Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [320672 2016-08-04] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3189488 2016-07-05] (Microsoft Corporation)
S3 CliqzMaintenance; C:\Program Files (x86)\Cliqz Maintenance Service\maintenanceservice.exe [152352 2016-08-21] (Cliqz GmbH)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [240576 2013-10-06] (DTS, Inc)
R2 FileZilla Server; C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe [794584 2015-06-12] (FileZilla Project)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-04-11] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2015-04-21] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-10-29] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] ()
R0 asstor64; C:\Windows\System32\drivers\asstor64.sys [84816 2014-03-14] (Asmedia Technology)
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-24] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [144664 2016-08-19] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [154392 2016-08-19] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2016-03-30] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-05-18] (Avira Operations GmbH & Co. KG)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [457496 2014-03-14] (Intel Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R4 IOMap; C:\Windows\system32\drivers\IOMap64.sys [24824 2014-04-24] (ASUSTeK Computer Inc.)
R3 ks2m2avs; C:\Windows\System32\Drivers\ks2m2avs.sys [359120 2013-07-24] (Native Instruments GmbH)
R3 ks2m2usb_svc; C:\Windows\System32\Drivers\ks2m2usb.sys [85200 2013-07-24] (Native Instruments GmbH)
S3 LGDDCDevice; C:\Windows\SysWOW64\LGI2CDriver.sys [16384 2012-10-08] (LG Soft India) [Datei ist nicht signiert]
S3 LGII2CDevice; C:\Windows\SysWOW64\LGPII2CDriver.sys [10752 2012-12-27] (LG Soft India) [Datei ist nicht signiert]
S3 MbswMailbox; C:\Program Files (x86)\ASUS\AI Suite III\690b33e1-0462-4e84-9bea-c7552b45432a.sys [17208 2014-08-07] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [118272 2014-03-20] (Intel Corporation)
R3 Scarlett_UAC2Audio; C:\Windows\system32\DRIVERS\Scarlett_UAC2Audio.sys [98200 2014-07-14] (Focusrite Audio Engineering Limited.)
R3 synusb64; C:\Windows\System32\drivers\synusb64.sys [30352 2011-12-14] (Steinberg Media Technologies GmbH)
S3 umpusbvista; C:\Windows\system32\DRIVERS\umpusbvista.sys [64872 2012-09-13] (Texas Instruments Inc)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 YMIDUSBW; C:\Windows\system32\drivers\ymidusbx64.sys [51496 2013-04-04] (Yamaha Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-08 14:58 - 2016-09-08 14:59 - 00042512 _____ C:\Users\Marc\Downloads\FRST.txt
2016-09-08 14:58 - 2016-09-08 14:58 - 02397696 _____ (Farbar) C:\Users\Marc\Downloads\FRST64.exe
2016-09-08 14:58 - 2016-09-08 14:58 - 00000000 ____D C:\FRST
2016-09-08 14:56 - 2016-09-08 14:56 - 00000000 ____D C:\Users\Marc\Evernote
2016-09-08 14:49 - 2016-09-08 14:49 - 00000000 ____D C:\Users\Marc\Downloads\backups
2016-09-08 13:27 - 2016-09-08 13:27 - 04299170 _____ C:\Users\Marc\Downloads\Logos.fremd-20160908T112708Z.zip
2016-09-08 12:29 - 2016-09-08 12:29 - 00388608 _____ (Trend Micro Inc.) C:\Users\Marc\Downloads\HijackThis.exe
2016-09-08 11:51 - 2016-09-08 11:51 - 00039173 _____ C:\Users\Marc\Downloads\Invoice RG-2158.pdf
2016-09-07 19:59 - 2016-09-07 19:59 - 00071053 _____ C:\Users\Marc\Downloads\auszug.pdf
2016-09-07 18:44 - 2016-09-07 18:44 - 00000558 _____ C:\Users\Public\Desktop\MAMP.lnk
2016-09-07 18:44 - 2016-09-07 18:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAMP
2016-09-07 18:44 - 2014-07-30 14:13 - 02097152 _____ (The GLib developer community) C:\Windows\SysWOW64\CORE_RL_glib_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 01324544 _____ C:\Windows\SysWOW64\CORE_RL_magick_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 01129984 _____ (Red Hat Software) C:\Windows\SysWOW64\CORE_RL_pango_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00700928 _____ (ImageMagick Studio LLC) C:\Windows\SysWOW64\CORE_RL_wand_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00464896 _____ C:\Windows\SysWOW64\IM_MOD_RL_pattern_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00449024 _____ (David Turner, Robert Wilhelm, & Werner Lemberg) C:\Windows\SysWOW64\CORE_RL_ttf_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00430592 _____ C:\Windows\SysWOW64\CORE_RL_Magick++_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00427520 _____ (The GTK developer community) C:\Windows\SysWOW64\CORE_RL_librsvg_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00352256 _____ (Mike Welles, mike@onshore.com) C:\Windows\SysWOW64\CORE_RL_tiff_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00307200 _____ (D. R. Commander) C:\Windows\SysWOW64\CORE_RL_jpeg_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00295424 _____ C:\Windows\SysWOW64\CORE_RL_libxml_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00278016 _____ (Google Inc.) C:\Windows\SysWOW64\CORE_RL_webp_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00232960 _____ (Little CMS) C:\Windows\SysWOW64\CORE_RL_lcms_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00215040 _____ C:\Windows\SysWOW64\IM_MOD_RL_magick_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00180224 _____ (Michael David Adams) C:\Windows\SysWOW64\CORE_RL_jp2_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00157184 _____ (Communications and Remote Sensing Lab) C:\Windows\SysWOW64\CORE_RL_openjpeg_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00153088 _____ (Glenn Randers-Pehrson - glennrp@users.sf.net) C:\Windows\SysWOW64\CORE_RL_png_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00132096 _____ C:\Windows\SysWOW64\IM_MOD_RL_png_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00115712 _____ C:\Windows\SysWOW64\IM_MOD_RL_dcm_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00090112 _____ C:\Windows\SysWOW64\IM_MOD_RL_msl_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00068096 _____ (Jean-loup Gailly and Mark Adler) C:\Windows\SysWOW64\CORE_RL_zlib_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00055808 _____ C:\Windows\SysWOW64\IM_MOD_RL_svg_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00050688 _____ (Julian Seward, jseward@acm.org) C:\Windows\SysWOW64\CORE_RL_bzlib_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00049664 _____ (Carlo Baldassi) C:\Windows\SysWOW64\CORE_RL_lqr_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00043520 _____ C:\Windows\SysWOW64\IM_MOD_RL_tiff_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00042496 _____ C:\Windows\SysWOW64\IM_MOD_RL_pdf_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00041984 _____ C:\Windows\SysWOW64\IM_MOD_RL_jpeg_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00041984 _____ (Markus Kuhn, Friedrich-Alexander-University of Erlangen-Nuremberg) C:\Windows\SysWOW64\CORE_RL_jbig_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00038400 _____ C:\Windows\SysWOW64\IM_MOD_RL_ps_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00034816 _____ C:\Windows\SysWOW64\IM_MOD_RL_dds_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00033792 _____ C:\Windows\SysWOW64\IM_MOD_RL_json_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00032256 _____ C:\Windows\SysWOW64\IM_MOD_RL_psd_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00031744 _____ C:\Windows\SysWOW64\IM_MOD_RL_pnm_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00030720 _____ C:\Windows\SysWOW64\IM_MOD_RL_miff_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00027648 _____ C:\Windows\SysWOW64\IM_MOD_RL_pict_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00027648 _____ C:\Windows\SysWOW64\IM_MOD_RL_bmp_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00027136 _____ C:\Windows\SysWOW64\IM_MOD_RL_ps3_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00027136 _____ C:\Windows\SysWOW64\IM_MOD_RL_dpx_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00025600 _____ C:\Windows\SysWOW64\IM_MOD_RL_meta_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00023552 _____ C:\Windows\SysWOW64\IM_MOD_RL_ps2_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00022528 _____ C:\Windows\SysWOW64\IM_MOD_RL_gif_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00022016 _____ C:\Windows\SysWOW64\IM_MOD_RL_mpc_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00022016 _____ C:\Windows\SysWOW64\IM_MOD_RL_cmyk_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00021504 _____ C:\Windows\SysWOW64\IM_MOD_RL_wpg_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00020992 _____ C:\Windows\SysWOW64\IM_MOD_RL_mat_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00020992 _____ C:\Windows\SysWOW64\IM_MOD_RL_icon_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00020480 _____ C:\Windows\SysWOW64\IM_MOD_RL_rgb_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00019968 _____ C:\Windows\SysWOW64\IM_MOD_RL_ycbcr_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00019456 _____ C:\Windows\SysWOW64\IM_MOD_RL_viff_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00019456 _____ C:\Windows\SysWOW64\IM_MOD_RL_cin_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00019456 _____ C:\Windows\SysWOW64\IM_MOD_RL_bgr_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00018432 _____ C:\Windows\SysWOW64\IM_MOD_RL_jp2_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00017920 _____ C:\Windows\SysWOW64\IM_MOD_RL_pcx_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00017920 _____ C:\Windows\SysWOW64\IM_MOD_RL_pcd_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00017408 _____ C:\Windows\SysWOW64\IM_MOD_RL_xpm_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00017408 _____ C:\Windows\SysWOW64\IM_MOD_RL_txt_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00017408 _____ C:\Windows\SysWOW64\IM_MOD_RL_sgi_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00017408 _____ C:\Windows\SysWOW64\IM_MOD_RL_dib_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00016896 _____ C:\Windows\SysWOW64\IM_MOD_RL_pcl_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00016896 _____ C:\Windows\SysWOW64\IM_MOD_RL_palm_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00016896 _____ C:\Windows\SysWOW64\IM_MOD_RL_fits_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00016384 _____ C:\Windows\SysWOW64\IM_MOD_RL_xcf_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00015872 _____ C:\Windows\SysWOW64\IM_MOD_RL_pdb_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00015360 _____ C:\Windows\SysWOW64\IM_MOD_RL_webp_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00015360 _____ C:\Windows\SysWOW64\IM_MOD_RL_sun_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00015360 _____ C:\Windows\SysWOW64\IM_MOD_RL_pango_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00015360 _____ C:\Windows\SysWOW64\IM_MOD_RL_hdr_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00014848 _____ C:\Windows\SysWOW64\IM_MOD_RL_yuv_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00014848 _____ C:\Windows\SysWOW64\IM_MOD_RL_tga_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00014336 _____ C:\Windows\SysWOW64\IM_MOD_RL_cut_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00013824 _____ C:\Windows\SysWOW64\IM_MOD_RL_emf_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00013312 _____ C:\Windows\SysWOW64\IM_MOD_RL_vips_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00013312 _____ C:\Windows\SysWOW64\IM_MOD_RL_mpeg_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00013312 _____ C:\Windows\SysWOW64\IM_MOD_RL_jbig_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00012800 _____ C:\Windows\SysWOW64\IM_MOD_RL_xbm_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00012800 _____ C:\Windows\SysWOW64\IM_MOD_RL_rle_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00012800 _____ C:\Windows\SysWOW64\IM_MOD_RL_raw_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00012800 _____ C:\Windows\SysWOW64\IM_MOD_RL_pes_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00012800 _____ C:\Windows\SysWOW64\IM_MOD_RL_ipl_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00012288 _____ C:\Windows\SysWOW64\IM_MOD_RL_dng_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00011776 _____ C:\Windows\SysWOW64\IM_MOD_RL_xps_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00011776 _____ C:\Windows\SysWOW64\IM_MOD_RL_wbmp_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00011776 _____ C:\Windows\SysWOW64\IM_MOD_RL_vicar_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00011776 _____ C:\Windows\SysWOW64\IM_MOD_RL_uil_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00011776 _____ C:\Windows\SysWOW64\IM_MOD_RL_tim_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00011776 _____ C:\Windows\SysWOW64\IM_MOD_RL_sfw_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00011776 _____ C:\Windows\SysWOW64\IM_MOD_RL_mtv_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00011776 _____ C:\Windows\SysWOW64\IM_MOD_RL_html_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00011776 _____ C:\Windows\SysWOW64\IM_MOD_RL_histogram_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00011776 _____ C:\Windows\SysWOW64\IM_MOD_RL_gray_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00011776 _____ C:\Windows\SysWOW64\IM_MOD_RL_ept_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00011776 _____ C:\Windows\SysWOW64\IM_MOD_RL_cip_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00011776 _____ C:\Windows\SysWOW64\IM_MOD_RL_cals_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00011776 _____ C:\Windows\SysWOW64\IM_MOD_RL_avs_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00011776 _____ C:\Windows\SysWOW64\IM_MOD_RL_aai_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00011264 _____ C:\Windows\SysWOW64\IM_MOD_RL_vid_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00011264 _____ C:\Windows\SysWOW64\IM_MOD_RL_ttf_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00011264 _____ C:\Windows\SysWOW64\IM_MOD_RL_pwp_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00011264 _____ C:\Windows\SysWOW64\IM_MOD_RL_map_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00011264 _____ C:\Windows\SysWOW64\IM_MOD_RL_jnx_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00011264 _____ C:\Windows\SysWOW64\IM_MOD_RL_caption_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00011264 _____ C:\Windows\SysWOW64\IM_MOD_RL_art_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00010752 _____ C:\Windows\SysWOW64\IM_MOD_RL_xtrn_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00010752 _____ C:\Windows\SysWOW64\IM_MOD_RL_uyvy_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00010752 _____ C:\Windows\SysWOW64\IM_MOD_RL_sct_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00010752 _____ C:\Windows\SysWOW64\IM_MOD_RL_rla_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00010752 _____ C:\Windows\SysWOW64\IM_MOD_RL_plasma_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00010752 _____ C:\Windows\SysWOW64\IM_MOD_RL_otb_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00010752 _____ C:\Windows\SysWOW64\IM_MOD_RL_mono_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00010752 _____ C:\Windows\SysWOW64\IM_MOD_RL_label_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00010752 _____ C:\Windows\SysWOW64\IM_MOD_RL_hrz_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00010752 _____ C:\Windows\SysWOW64\IM_MOD_RL_fax_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00010240 _____ C:\Windows\SysWOW64\IM_MOD_RL_url_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00010240 _____ C:\Windows\SysWOW64\IM_MOD_RL_rgf_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00010240 _____ C:\Windows\SysWOW64\IM_MOD_RL_pix_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00010240 _____ C:\Windows\SysWOW64\IM_MOD_RL_mvg_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00010240 _____ C:\Windows\SysWOW64\IM_MOD_RL_clipboard_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00010240 _____ C:\Windows\SysWOW64\IM_MOD_RL_braille_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00009728 _____ C:\Windows\SysWOW64\IM_MOD_RL_stegano_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00009728 _____ C:\Windows\SysWOW64\IM_MOD_RL_screenshot_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00009728 _____ C:\Windows\SysWOW64\IM_MOD_RL_mac_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00009728 _____ C:\Windows\SysWOW64\IM_MOD_RL_debug_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00009216 _____ C:\Windows\SysWOW64\IM_MOD_RL_thumbnail_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00009216 _____ C:\Windows\SysWOW64\IM_MOD_RL_scr_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00009216 _____ C:\Windows\SysWOW64\IM_MOD_RL_null_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00009216 _____ C:\Windows\SysWOW64\IM_MOD_RL_info_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00009216 _____ C:\Windows\SysWOW64\IM_MOD_RL_gradient_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00009216 _____ C:\Windows\SysWOW64\IM_MOD_RL_clip_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00008704 _____ C:\Windows\SysWOW64\IM_MOD_RL_xc_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00008704 _____ C:\Windows\SysWOW64\IM_MOD_RL_tile_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00008704 _____ C:\Windows\SysWOW64\IM_MOD_RL_matte_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00008704 _____ C:\Windows\SysWOW64\IM_MOD_RL_mask_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00008704 _____ C:\Windows\SysWOW64\IM_MOD_RL_inline_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00008704 _____ C:\Windows\SysWOW64\IM_MOD_RL_hald_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00008192 _____ C:\Windows\SysWOW64\IM_MOD_RL_preview_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00008192 _____ C:\Windows\SysWOW64\IM_MOD_RL_mpr_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00008192 _____ C:\Windows\SysWOW64\IM_MOD_RL_fd_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00008192 _____ C:\Windows\SysWOW64\IM_MOD_RL_djvu_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00007680 _____ C:\Windows\SysWOW64\IM_MOD_RL_wmf_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00007680 _____ C:\Windows\SysWOW64\IM_MOD_RL_fpx_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00007680 _____ C:\Windows\SysWOW64\IM_MOD_RL_exr_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00007680 _____ C:\Windows\SysWOW64\IM_MOD_RL_dps_.dll
2016-09-07 18:44 - 2014-07-30 14:13 - 00007680 _____ C:\Windows\SysWOW64\IM_MOD_RL_dot_.dll
2016-09-07 18:43 - 2016-09-07 18:44 - 00000000 ____D C:\MAMP
2016-09-07 18:42 - 2016-09-07 18:43 - 304366648 _____ (appsolute Gmbh ) C:\Users\Marc\Downloads\MAMP_MAMP_PRO_3.2.2.exe
2016-09-07 18:21 - 2016-09-07 18:21 - 00002523 _____ C:\Users\Public\Desktop\Evernote.lnk
2016-09-07 18:21 - 2016-09-07 18:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2016-09-07 17:04 - 2016-09-07 17:04 - 00101037 _____ C:\Users\Marc\Downloads\Raiffeisen_1473260640624.pdf
2016-09-07 16:55 - 2016-09-07 16:55 - 00050536 _____ C:\Users\Marc\Downloads\Sales Tax Report.pdf
2016-09-07 16:53 - 2016-09-07 16:53 - 00113870 _____ C:\Users\Marc\Downloads\CHE-488.437.154_MWST-Abrechnung_1._Semester_2016.pdf
2016-09-07 15:11 - 2016-09-07 15:11 - 00041342 _____ C:\Users\Marc\Downloads\Zugangsdaten 26851.pdf
2016-09-07 13:59 - 2016-09-07 13:59 - 00054019 _____ C:\Users\Marc\Downloads\Zugangsdaten 72551.pdf
2016-09-07 10:27 - 2016-09-07 10:27 - 00039007 _____ C:\Users\Marc\Downloads\Invoice RG-2157.pdf
2016-09-07 08:25 - 2016-09-07 08:25 - 18881962 _____ C:\Users\Marc\Downloads\wetransfer-e071b4.zip
2016-09-06 15:01 - 2016-09-06 15:01 - 00039318 _____ C:\Users\Marc\Downloads\Invoice RG-2156.pdf
2016-09-06 12:24 - 2016-09-06 12:24 - 00326781 _____ C:\Users\Marc\Downloads\Huerlimann Letter.pdf
2016-09-05 20:56 - 2016-09-05 20:56 - 142929796 _____ C:\Users\Marc\Downloads\wetransfer-62cfd5.zip
2016-09-05 18:17 - 2016-09-05 18:17 - 01617711 _____ C:\Users\Marc\Downloads\swiss magic Slack export Sep 5 2016.zip
2016-09-05 09:11 - 2016-09-05 01:24 - 00000000 ____D C:\Users\Marc\Downloads\gcuf-new-caster-chrome-extension
2016-09-05 09:10 - 2016-09-05 09:10 - 00497679 _____ C:\Users\Marc\Downloads\demo.zip
2016-09-04 13:22 - 2016-09-04 13:22 - 00532919 _____ C:\Users\Marc\Downloads\151218_sts-geltungsbereich.pdf
2016-09-03 12:19 - 2016-09-03 12:25 - 00000000 ____D C:\Users\Marc\AppData\Local\CLIQZ
2016-09-03 12:19 - 2016-09-03 12:19 - 00001089 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CLIQZ.lnk
2016-09-03 12:19 - 2016-09-03 12:19 - 00001077 _____ C:\Users\Public\Desktop\CLIQZ.lnk
2016-09-03 12:19 - 2016-09-03 12:19 - 00000000 ____D C:\Users\Marc\AppData\Roaming\CLIQZ
2016-09-03 12:19 - 2016-09-03 12:19 - 00000000 ____D C:\Program Files (x86)\Cliqz Maintenance Service
2016-09-03 12:19 - 2016-09-03 12:19 - 00000000 ____D C:\Program Files (x86)\CLIQZ
2016-09-03 12:18 - 2016-09-03 12:18 - 50224984 _____ C:\Users\Marc\Downloads\CLIQZ.de.win32.installer.exe
2016-09-03 01:50 - 2016-09-03 01:50 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-09-02 11:11 - 2016-09-02 11:11 - 01197716 _____ C:\Users\Marc\Desktop\GLA_220_d-M4861322.pdf
2016-09-02 09:45 - 2016-09-02 09:45 - 00000627 _____ C:\Users\Marc\Downloads\sitemap.xml
2016-09-01 18:25 - 2016-09-01 18:25 - 00000053 _____ C:\Users\Marc\Downloads\googledc2bd9491e6598d1.html
2016-09-01 17:38 - 2016-09-01 17:39 - 06662856 _____ (Tim Kosse) C:\Users\Marc\Downloads\FileZilla_3.21.0_win64-setup.exe
2016-08-31 09:12 - 2016-08-31 09:12 - 00003226 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task
2016-08-31 09:11 - 2016-08-31 09:11 - 00001169 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2016-08-31 09:11 - 2016-08-31 09:11 - 00001157 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2016-08-31 09:09 - 2014-04-24 08:29 - 00024824 ____R (ASUSTeK Computer Inc.) C:\Windows\system32\Drivers\IOMap64.sys
2016-08-23 15:29 - 2016-08-23 15:29 - 00480284 _____ C:\Users\Marc\Documents\IMG_20160823_0001.pdf
2016-08-22 13:42 - 2016-08-22 13:42 - 00023997 _____ C:\Users\Marc\Downloads\280x166.jpg.zip
2016-08-22 11:32 - 2016-08-22 11:32 - 00008560 _____ C:\Users\Marc Hürlimann\Downloads\Malkurs Toscana.tmd
2016-08-22 10:54 - 2016-08-22 10:54 - 06294363 _____ C:\Users\Marc\Downloads\Software_Concept.pdf
2016-08-21 13:48 - 2016-08-21 13:48 - 00100317 _____ C:\Users\Marc\Downloads\KNUCHEKVcardPRINT.zip
2016-08-21 13:47 - 2016-08-21 13:47 - 00000000 ____D C:\Users\Marc\AppData\Local\Tempzxpsign99784e0228c95e8d
2016-08-21 13:46 - 2016-08-21 13:46 - 00000000 ____D C:\Users\Marc\AppData\Local\Tempzxpsignd1cb506373ec2177
2016-08-21 13:46 - 2016-08-21 13:46 - 00000000 ____D C:\Users\Marc\AppData\Local\Tempzxpsign45fa92d68a9ed3c9
2016-08-21 12:38 - 2016-08-21 12:38 - 00003063 _____ C:\Users\Marc\Downloads\wp-config.php
2016-08-21 12:04 - 2016-08-21 12:04 - 06647784 _____ (Tim Kosse) C:\Users\Marc\Downloads\FileZilla_3.20.1_win64-setup.exe
2016-08-21 12:04 - 2016-08-21 12:04 - 06569088 _____ (Tim Kosse) C:\Users\Marc\Downloads\FileZilla_3.19.0_win64-setup.exe
2016-08-20 11:51 - 2016-08-20 11:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2016-08-20 10:09 - 2016-09-08 14:53 - 00023986 _____ C:\Users\Marc\AppData\Roaming\Notepad2.ini
2016-08-20 10:09 - 2016-08-20 10:09 - 00358912 _____ C:\Users\Marc\Downloads\Notepad2_4.2.25_x64.exe
2016-08-20 10:09 - 2016-08-20 10:09 - 00000000 ____D C:\Program Files\Notepad2
2016-08-19 19:48 - 2016-06-18 22:06 - 00590688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2016-08-19 19:48 - 2016-06-18 22:06 - 00072408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys
2016-08-19 19:48 - 2016-06-11 21:52 - 00379232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-08-19 19:48 - 2016-06-11 21:52 - 00057184 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2016-08-19 19:48 - 2016-06-11 20:05 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\gpresult.exe
2016-08-19 19:48 - 2016-06-11 19:14 - 00192512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpresult.exe
2016-08-19 19:48 - 2016-06-11 18:50 - 00987136 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-08-19 19:48 - 2016-06-11 18:46 - 00482304 _____ (Microsoft Corporation) C:\Windows\system32\tpmvsc.dll
2016-08-19 19:48 - 2016-06-11 18:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-08-19 19:48 - 2016-06-11 18:37 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-08-19 19:48 - 2016-06-11 18:24 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-08-19 19:48 - 2016-06-11 18:20 - 00413184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-08-19 19:48 - 2016-06-11 18:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-08-19 19:48 - 2016-06-11 05:44 - 00107984 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2016-08-19 19:48 - 2016-06-11 05:44 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2016-08-19 19:48 - 2016-06-10 22:07 - 03820544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2016-08-19 19:48 - 2016-06-10 22:03 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-08-19 19:48 - 2016-06-10 21:04 - 03547136 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-08-19 19:48 - 2016-06-10 20:11 - 06521800 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2016-08-19 19:48 - 2016-06-10 20:11 - 01487992 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2016-08-19 19:48 - 2016-06-10 20:11 - 00261376 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2016-08-19 19:48 - 2016-06-10 20:11 - 00125024 _____ (Microsoft Corporation) C:\Windows\system32\cryptxml.dll
2016-08-19 19:48 - 2016-06-10 20:10 - 00099136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptxml.dll
2016-08-19 19:48 - 2016-06-10 20:07 - 03273728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2016-08-19 19:48 - 2016-06-10 20:04 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-08-19 19:48 - 2016-06-09 21:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-08-19 19:48 - 2016-06-09 20:18 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-08-19 19:48 - 2016-06-07 20:10 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\hbaapi.dll
2016-08-19 19:48 - 2016-06-07 19:13 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hbaapi.dll
2016-08-19 19:48 - 2016-06-04 02:38 - 01613528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-08-19 19:48 - 2016-06-04 02:37 - 01970968 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-08-19 19:48 - 2016-05-29 09:08 - 22361344 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-08-19 19:48 - 2016-05-28 20:31 - 19788688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-08-19 19:48 - 2016-05-18 23:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2016-08-19 19:48 - 2016-05-18 23:15 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2016-08-19 19:48 - 2016-05-18 22:56 - 01291776 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2016-08-19 19:48 - 2016-05-18 22:33 - 01060352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2016-08-19 19:48 - 2016-05-18 22:28 - 02635264 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2016-08-19 19:48 - 2016-05-18 22:16 - 02317824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2016-08-19 19:48 - 2016-05-14 22:26 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-08-19 19:48 - 2016-05-14 07:19 - 01134768 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-08-19 19:48 - 2016-05-14 01:08 - 00111616 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2016-08-19 19:48 - 2016-05-14 01:08 - 00032768 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2016-08-19 19:48 - 2016-05-14 01:08 - 00032512 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2016-08-19 19:48 - 2016-05-14 00:24 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-08-19 19:48 - 2016-05-13 23:42 - 03667968 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-08-19 19:48 - 2016-05-13 23:30 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-08-19 19:48 - 2016-05-13 23:29 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-08-19 19:48 - 2016-05-13 23:27 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2016-08-19 19:48 - 2016-05-13 23:27 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-08-19 19:48 - 2016-05-13 23:26 - 02230784 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-08-19 19:48 - 2016-05-13 23:26 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-08-19 19:48 - 2016-05-13 23:18 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-08-19 19:48 - 2016-05-13 23:18 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-08-19 19:48 - 2016-05-13 23:16 - 00727040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-08-19 19:48 - 2016-05-13 23:16 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-08-19 19:48 - 2016-05-12 20:36 - 00034600 _____ (Microsoft Corporation) C:\Windows\system32\UserAccountBroker.exe
2016-08-19 19:48 - 2016-05-12 19:39 - 00030984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserAccountBroker.exe
2016-08-19 19:48 - 2016-05-06 23:59 - 00331608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2016-08-19 19:48 - 2016-05-06 19:13 - 00138240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-08-19 19:48 - 2016-05-05 20:28 - 01661072 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-08-19 19:48 - 2016-05-05 19:39 - 01212256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-08-19 19:48 - 2016-05-05 19:18 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-08-19 19:48 - 2016-05-05 19:02 - 03320832 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-08-19 19:48 - 2016-05-05 18:37 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-08-19 19:48 - 2016-05-05 18:34 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-08-19 19:48 - 2016-05-05 18:29 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-08-19 19:48 - 2016-05-05 17:28 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-08-19 19:48 - 2016-05-05 17:16 - 02464768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-08-19 19:48 - 2016-04-16 15:56 - 01080320 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-08-19 19:48 - 2016-04-10 07:35 - 00551256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2016-08-19 19:48 - 2016-04-10 00:15 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2016-08-19 19:48 - 2016-04-10 00:14 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Geolocation.dll
2016-08-19 19:48 - 2016-04-10 00:10 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-08-19 19:48 - 2016-04-10 00:09 - 00754176 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2016-08-19 19:48 - 2016-04-10 00:02 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2016-08-19 19:48 - 2016-04-09 23:59 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Geolocation.dll
2016-08-19 19:48 - 2016-04-09 23:59 - 00020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2016-08-19 19:48 - 2016-04-09 23:56 - 00543232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2016-08-19 19:48 - 2016-04-09 23:55 - 00881152 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2016-08-19 19:48 - 2016-04-09 23:52 - 00281088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2016-08-19 19:48 - 2016-04-07 18:06 - 00927744 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2016-08-19 19:48 - 2016-04-06 23:21 - 00114528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys
2016-08-19 19:48 - 2016-04-06 20:20 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2016-08-19 19:48 - 2016-04-06 20:17 - 18825216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2016-08-19 19:48 - 2016-04-06 18:25 - 15158272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2016-08-19 19:48 - 2016-04-06 00:37 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
2016-08-19 19:48 - 2016-04-02 15:58 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfgLib.dll
2016-08-19 19:48 - 2016-04-01 19:40 - 00322048 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2016-08-19 19:48 - 2016-04-01 18:53 - 00348672 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2016-08-19 19:48 - 2016-04-01 18:50 - 00737280 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-08-19 19:48 - 2016-02-04 18:57 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\httpprxp.dll
2016-08-19 19:48 - 2016-02-04 18:49 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2016-08-19 19:48 - 2016-02-04 18:39 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2016-08-19 19:45 - 2016-08-02 08:54 - 25808384 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-08-19 19:45 - 2016-08-02 08:32 - 02894336 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-08-19 19:45 - 2016-08-02 08:31 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-08-19 19:45 - 2016-08-02 08:20 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-08-19 19:45 - 2016-08-02 08:18 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-08-19 19:45 - 2016-08-02 08:18 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-08-19 19:45 - 2016-08-02 07:55 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-08-19 19:45 - 2016-08-02 07:54 - 20343808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-08-19 19:45 - 2016-08-02 07:51 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-08-19 19:45 - 2016-08-02 07:47 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-08-19 19:45 - 2016-08-02 07:46 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-08-19 19:45 - 2016-08-02 07:41 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-08-19 19:45 - 2016-08-02 07:40 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-08-19 19:45 - 2016-08-02 07:39 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-08-19 19:45 - 2016-08-02 07:38 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-08-19 19:45 - 2016-08-02 07:38 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-08-19 19:45 - 2016-08-02 07:36 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-08-19 19:45 - 2016-08-02 07:28 - 15412224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-08-19 19:45 - 2016-08-02 07:23 - 02868224 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-08-19 19:45 - 2016-08-02 07:21 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-08-19 19:45 - 2016-08-02 07:20 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-08-19 19:45 - 2016-08-02 07:15 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-08-19 19:45 - 2016-08-02 07:15 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-08-19 19:45 - 2016-08-02 07:14 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-08-19 19:45 - 2016-08-02 07:11 - 13808128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-08-19 19:45 - 2016-08-02 07:10 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-08-19 19:45 - 2016-08-02 06:59 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-08-19 19:45 - 2016-08-02 06:56 - 02393088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-08-19 19:45 - 2016-08-02 06:53 - 01316352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-08-19 19:45 - 2016-08-02 06:51 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-08-19 19:45 - 2016-07-08 16:18 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-08-19 19:44 - 2016-07-09 02:09 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-08-19 19:44 - 2016-07-09 02:08 - 00332632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-08-19 19:44 - 2016-07-08 16:32 - 01753600 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2016-08-19 19:44 - 2016-07-08 16:25 - 01491456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2016-08-19 19:44 - 2016-07-08 16:22 - 01445376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-08-19 19:44 - 2016-07-08 16:19 - 00840704 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2016-08-19 19:44 - 2016-07-08 16:17 - 00696832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2016-08-19 19:44 - 2016-07-08 00:33 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-08-19 19:44 - 2016-07-07 23:53 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-08-19 19:44 - 2016-07-07 22:06 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-08-19 19:44 - 2016-07-06 16:26 - 07793152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-08-19 19:44 - 2016-07-06 16:26 - 07075328 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2016-08-19 19:44 - 2016-07-06 16:23 - 05270016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2016-08-19 19:44 - 2016-07-06 16:21 - 05265920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-08-19 19:44 - 2016-05-19 01:18 - 00563024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-08-19 19:44 - 2016-05-19 01:18 - 00397232 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-08-19 19:44 - 2016-05-19 01:16 - 00178016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-08-19 19:44 - 2016-05-19 00:28 - 00340880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-08-19 19:43 - 2016-07-12 16:08 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-08 14:57 - 2014-08-08 19:11 - 00000000 ____D C:\Users\Marc\AppData\Roaming\ClassicShell
2016-09-08 14:56 - 2016-06-03 20:32 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-09-08 14:56 - 2015-06-23 16:31 - 00000000 ___RD C:\Users\Marc\Google Drive
2016-09-08 14:56 - 2014-08-07 21:14 - 00000000 ____D C:\Users\Marc\AppData\Local\Adobe
2016-09-08 14:56 - 2014-08-07 21:12 - 00000000 ____D C:\Users\Marc
2016-09-08 14:55 - 2015-06-14 10:24 - 00000000 ____D C:\Users\Marc\AppData\Local\CrashDumps
2016-09-08 14:55 - 2014-08-08 19:06 - 00001132 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-08 14:55 - 2014-08-07 21:12 - 00000000 __SHD C:\Users\Marc\IntelGraphicsProfiles
2016-09-08 14:54 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-08 14:53 - 2015-07-22 21:41 - 00000000 ____D C:\Users\Marc\Documents\PhraseExpress
2016-09-08 14:25 - 2014-08-07 17:49 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-09-08 14:24 - 2016-04-01 13:16 - 00001134 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2599644957-2847619135-2017443304-1003UA.job
2016-09-08 14:24 - 2014-08-08 19:06 - 00001136 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-08 14:00 - 2015-06-12 21:49 - 00001238 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2599644957-2847619135-2017443304-1003UA.job
2016-09-08 12:48 - 2016-05-20 07:34 - 00000404 _____ C:\Windows\Tasks\update-sys.job
2016-09-08 11:05 - 2016-05-20 07:34 - 00000404 _____ C:\Windows\Tasks\update-S-1-5-21-2599644957-2847619135-2017443304-1003.job
2016-09-08 10:32 - 2014-08-07 21:12 - 00000000 ____D C:\Users\Marc\AppData\Local\Packages
2016-09-08 10:17 - 2014-03-18 12:03 - 01888316 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-08 10:17 - 2014-03-18 11:25 - 00819414 _____ C:\Windows\system32\perfh007.dat
2016-09-08 10:17 - 2014-03-18 11:25 - 00175992 _____ C:\Windows\system32\perfc007.dat
2016-09-08 10:17 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-09-08 00:00 - 2015-06-12 21:49 - 00001186 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2599644957-2847619135-2017443304-1003Core.job
2016-09-07 19:24 - 2016-04-01 13:16 - 00001082 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2599644957-2847619135-2017443304-1003Core.job
2016-09-07 18:54 - 2014-08-07 21:18 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2599644957-2847619135-2017443304-1003
2016-09-07 18:24 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-09-06 09:27 - 2015-07-22 21:39 - 00000000 ____D C:\Users\Public\Documents\PhraseExpress
2016-09-05 20:55 - 2014-10-25 13:13 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Skype
2016-09-05 19:52 - 2016-04-23 15:41 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Dashlane
2016-09-03 01:50 - 2014-08-08 19:45 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Dropbox
2016-09-02 14:02 - 2014-12-08 21:54 - 00000000 ____D C:\Users\Marc\AppData\Roaming\vlc
2016-09-02 09:53 - 2016-05-18 17:28 - 00000000 ____D C:\Users\Marc\AppData\Roaming\FileZilla
2016-09-02 09:51 - 2014-08-08 22:32 - 00000000 ____D C:\Users\Marc\Documents\Outlook-Dateien
2016-08-31 22:02 - 2014-09-13 14:52 - 00000000 ____D C:\Users\Marc\AppData\Local\Spotify
2016-08-31 18:27 - 2014-09-13 14:52 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Spotify
2016-08-31 10:57 - 2016-05-02 15:31 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Franz
2016-08-31 09:12 - 2016-04-27 17:14 - 00002299 _____ C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-08-31 09:12 - 2014-08-08 22:00 - 00003178 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2599644957-2847619135-2017443304-1003
2016-08-31 09:11 - 2014-08-07 17:51 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-08-31 09:09 - 2015-05-09 10:50 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Slack
2016-08-31 09:09 - 2015-05-09 10:50 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies
2016-08-31 09:09 - 2015-05-09 10:50 - 00000000 ____D C:\Users\Marc\AppData\Local\SquirrelTemp
2016-08-31 09:09 - 2015-05-09 10:50 - 00000000 ____D C:\Users\Marc\AppData\Local\slack
2016-08-31 09:09 - 2014-08-08 20:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-08-31 09:09 - 2014-08-07 17:25 - 00000000 ____D C:\ProgramData\Package Cache
2016-08-23 09:52 - 2014-08-07 21:18 - 00083916 ____H C:\Users\Marc\AppData\Local\IconCache.db.backup
2016-08-23 09:14 - 2014-10-25 13:13 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-08-23 09:14 - 2014-10-25 13:13 - 00000000 ____D C:\ProgramData\Skype
2016-08-21 04:25 - 2015-06-23 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-08-20 11:51 - 2016-05-20 07:34 - 00003250 _____ C:\Windows\System32\Tasks\update-S-1-5-21-2599644957-2847619135-2017443304-1003
2016-08-20 11:51 - 2016-05-20 07:34 - 00000424 _____ C:\Users\Marc\AppData\Local\UserProducts.xml
2016-08-20 08:30 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2016-08-20 08:25 - 2016-03-30 19:09 - 00002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-19 20:41 - 2016-06-08 17:48 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2016-08-19 20:41 - 2016-06-08 17:48 - 00002057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2016-08-19 20:39 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-19 20:27 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2016-08-19 20:27 - 2013-08-22 16:44 - 05156192 _____ C:\Windows\system32\FNTCACHE.DAT
2016-08-19 20:26 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-08-19 20:23 - 2016-03-30 18:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2016-08-19 20:23 - 2016-03-30 18:43 - 00000000 ____D C:\ProgramData\LogiShrd
2016-08-19 19:52 - 2014-08-07 14:29 - 00000000 ____D C:\Windows\system32\MRT
2016-08-19 19:50 - 2014-08-07 17:22 - 00000000 ____D C:\Users\sysadmin
2016-08-19 19:48 - 2014-08-07 14:29 - 147640136 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-08-19 19:48 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\SecureBootUpdates
2016-08-19 19:42 - 2015-05-15 13:08 - 00000000 ____D C:\Users\Marc\AppData\Local\ElevatedDiagnostics
2016-08-19 19:37 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-08-19 19:34 - 2013-08-22 17:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-19 19:33 - 2016-05-02 15:31 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Franz
2016-08-19 19:33 - 2016-05-02 15:31 - 00000000 ____D C:\Users\Marc\AppData\Local\Franz
2016-08-19 19:33 - 2014-08-08 21:57 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-08-19 19:27 - 2014-08-08 20:12 - 00154392 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2016-08-19 19:27 - 2014-08-08 20:12 - 00144664 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2016-08-19 19:19 - 2016-04-01 13:16 - 00004082 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2599644957-2847619135-2017443304-1003UA
2016-08-19 19:19 - 2016-04-01 13:16 - 00003702 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2599644957-2847619135-2017443304-1003Core
2016-08-19 19:19 - 2014-08-08 19:06 - 00004108 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-08-19 19:19 - 2014-08-08 19:06 - 00003872 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-08-19 19:16 - 2014-10-02 08:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-08-10 12:15 - 2015-05-23 14:31 - 0003136 _____ () C:\Program Files (x86)\unins000.dat
2015-05-23 14:31 - 2015-05-23 14:31 - 0718497 _____ () C:\Program Files (x86)\unins000.exe
2016-06-08 15:33 - 2016-06-09 14:45 - 0000033 _____ () C:\Users\Marc\AppData\Roaming\AdobeWLCMCache.dat
2015-06-12 15:53 - 2015-06-12 15:54 - 0065588 _____ () C:\Users\Marc\AppData\Roaming\Camdata.ini
2015-06-12 15:53 - 2015-06-12 15:54 - 0000408 _____ () C:\Users\Marc\AppData\Roaming\CamLayout.ini
2015-06-12 15:53 - 2015-06-12 15:54 - 0000408 _____ () C:\Users\Marc\AppData\Roaming\CamShapes.ini
2015-06-12 15:53 - 2015-06-12 15:54 - 0004540 _____ () C:\Users\Marc\AppData\Roaming\CamStudio.cfg
2015-04-03 21:53 - 2015-04-03 22:09 - 0038429 _____ () C:\Users\Marc\AppData\Roaming\Durch Trennzeichen getrennte Werte.ADR
2015-04-03 21:38 - 2015-04-03 21:38 - 0012961 _____ () C:\Users\Marc\AppData\Roaming\Durch Trennzeichen getrennte Werte.CAL
2014-08-16 14:08 - 2014-09-14 17:21 - 0009305 _____ () C:\Users\Marc\AppData\Roaming\Durch Trennzeichen getrennte Werte.EML
2016-06-09 14:54 - 2016-06-09 14:54 - 0000028 _____ () C:\Users\Marc\AppData\Roaming\kulerdata.json
2016-08-20 10:09 - 2016-09-08 14:53 - 0023986 _____ () C:\Users\Marc\AppData\Roaming\Notepad2.ini
2015-06-12 15:49 - 2015-06-12 15:53 - 0000096 _____ () C:\Users\Marc\AppData\Roaming\version2.xml
2014-09-29 17:25 - 2014-09-29 17:25 - 0000037 ___SH () C:\Users\Marc\AppData\Local\70149b02515b3bb20dd492.47983420
2015-09-17 07:59 - 2015-09-17 07:59 - 0000046 _____ () C:\Users\Marc\AppData\Local\DonationCoder_findrunrobot_InstallInfo.dat
2016-05-20 07:34 - 2016-05-20 07:34 - 0000003 _____ () C:\Users\Marc\AppData\Local\updater.log
2016-05-20 07:34 - 2016-08-20 11:51 - 0000424 _____ () C:\Users\Marc\AppData\Local\UserProducts.xml
2014-08-07 17:26 - 2014-08-07 17:26 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Marc\AppData\Local\Temp\130524206068843568.exe
C:\Users\Marc\AppData\Local\Temp\avgnt.exe
C:\Users\Marc\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp6egkj_.dll
C:\Users\Marc\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpyhfpth.dll
C:\Users\Marc\AppData\Local\Temp\ExPromo.exe
C:\Users\Marc\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.5.487.exe
C:\Users\Marc\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.5.779.exe
C:\Users\Marc\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.5.855.exe
C:\Users\Marc\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.5.903.exe
C:\Users\Marc\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.6.120.exe
C:\Users\Marc\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.6.256.exe
C:\Users\Marc\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.6.344.exe
C:\Users\Marc\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.6.390.exe
C:\Users\Marc\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.9.105.exe
C:\Users\Marc\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.9.624.exe
C:\Users\Marc\AppData\Local\Temp\LogiOptionsfileUninstaller.exe
C:\Users\Marc\AppData\Local\Temp\LogiOptionsUninstaller.exe
C:\Users\Marc\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Marc\AppData\Local\Temp\proxy_vole2808053125290094910.dll
C:\Users\Marc\AppData\Local\Temp\proxy_vole299376011413694679.dll
C:\Users\Marc\AppData\Local\Temp\proxy_vole6186791580569949246.dll
C:\Users\Marc\AppData\Local\Temp\RoboForm-Setup.exe
C:\Users\Marc\AppData\Local\Temp\shutdown1407665642.exe
C:\Users\Marc\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Marc\AppData\Local\Temp\uninstall.exe
C:\Users\sysadmin\AppData\Local\Temp\7z.dll
C:\Users\sysadmin\AppData\Local\Temp\7z.exe
C:\Users\sysadmin\AppData\Local\Temp\ISSetup.dll
C:\Users\sysadmin\AppData\Local\Temp\PDFCreator-1_7_2_setup.exe
C:\Users\sysadmin\AppData\Local\Temp\Setup.exe
C:\Users\sysadmin\AppData\Local\Temp\Silverlight.exe
C:\Users\sysadmin\AppData\Local\Temp\SKUtil.dll
C:\Users\sysadmin\AppData\Local\Temp\SKUtil2008.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-09-08 04:46

==================== Ende von FRST.txt ============================

cosinus · 08.09.2016, 14:32

Teste doch erstmal eine kabelgebundene Tastatur bevor man hier unnötigerweise stundenlang das System scant. Es sei denn du hast handfeste Hinweise auf Befall.

mh1981 · 09.09.2016, 09:29

Ich habe leider keine andere Tastatur. Ich bin gerade umgezogen und müsste eine kaufen gehen. Ich habe kürzlich von einem Skype Kontakt einen Link geklickt, der dann viele zwielichtige Seiten geöffnet hat. Wenn die Auswertung zuviel Arbeit ist, werde ich am Montag eine neue Tastatur kaufen gehen. Vielen Dank.

cosinus · 09.09.2016, 09:37

Probleme mit dem wireless keyboard sind hier aber am plausibelsten. Und wie gesagt: wenn du handfeste Hinweise auf einen Befall hast, dann buddeln wir auch tiefer. Aber offensichtlich gab es ja nie Virenfunde bei dir.

mh1981 · 09.09.2016, 09:47

Ok. Dann werde ich am Montag eine neue Tastatur kaufen gehen und würde mich nochmals melden falls das Problem noch weiter besteht. Vielen Dank. Das beruhigt mich schon

cosinus · 09.09.2016, 10:06

Na du musst ja keine neue gleich kaufen. Es reicht wenn du eine von einem Nachbarn mal kurz leihen kannst. So lernst du auch gleich die neuen Nachbarn mal kennen

08.09.2016, 14:32	#2
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Keyboard Probleme - Malware vermutet Teste doch erstmal eine kabelgebundene Tastatur bevor man hier unnötigerweise stundenlang das System scant. Es sei denn du hast handfeste Hinweise auf Befall. __________________ __________________

09.09.2016, 09:37	#4
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Keyboard Probleme - Malware vermutet Probleme mit dem wireless keyboard sind hier aber am plausibelsten. Und wie gesagt: wenn du handfeste Hinweise auf einen Befall hast, dann buddeln wir auch tiefer. Aber offensichtlich gab es ja nie Virenfunde bei dir. __________________ Logfiles bitte immer in CODE-Tags posten

09.09.2016, 10:06	#6
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Keyboard Probleme - Malware vermutet Na du musst ja keine neue gleich kaufen. Es reicht wenn du eine von einem Nachbarn mal kurz leihen kannst. So lernst du auch gleich die neuen Nachbarn mal kennen __________________ --> Keyboard Probleme - Malware vermutet

Keyboard Probleme - Malware vermutet

Log-Analyse und Auswertung: Keyboard Probleme - Malware vermutet