| |
| |||||||
Log-Analyse und Auswertung: Hat mein Laptop Trojaner oder andere Schadsoftware?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
02.01.2017, 21:55
| #1 |
 |  Hat mein Laptop Trojaner oder andere Schadsoftware? Hallo! Ich habe vor kurzen den Rechner eines Freundes hier im Forum reinigen lassen und war erstaunt, wie viel Schadsoftware unterwegs ist im weltweiten Netz. Deshalb würde ich mich freuen, wenn jemand einen kurzen Blick auf meinen eigenen Laptop werfen könnte. Herzlichen Dank schon mal! Marcus Anbei der Bericht vom FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01-01-2017
durchgeführt von MaTo (Administrator) auf MATO-VAIO (02-01-2017 21:45:06)
Gestartet von C:\Users\MaTo\Desktop
Geladene Profile: MaTo (Verfügbare Profile: MaTo)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VAIOTM\VTSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgfwsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
() C:\Program Files (x86)\Foscam Web Components\CloudIPCPlgSvr.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\19.5.0\ToolbarUpdater.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
() C:\Program Files (x86)\AVG Secure Search\vprot.exe
() C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe
(Creative Technology Ltd.) C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6600\Bin\HPNetworkCommunicator.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VAIOTM\VTUsr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11775592 2011-01-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2186856 2011-01-18] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [226672 2010-12-24] (Alps Electric Co., Ltd.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-05] (Intel Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Secure Search\vprot.exe [1707080 2016-08-22] ()
HKLM-x32\...\Run: [Philips Device Listener] => C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe [380416 2012-02-15] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe [241757 2010-12-08] (Creative Technology Ltd)
HKLM-x32\...\Run: [Module Loader] => C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe [57344 2007-07-23] (Creative Technology Ltd.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-3750928020-1356550509-532969043-1000\...\Run: [Facebook Update] => C:\Users\MaTo\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-11-03] (Facebook Inc.)
HKU\S-1-5-21-3750928020-1356550509-532969043-1000\...\Run: [HP Officejet 6600 (NET)] => C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe [2676584 2011-09-09] (Hewlett-Packard Co.)
HKU\S-1-5-21-3750928020-1356550509-532969043-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818360 2016-11-30] (Google)
HKU\S-1-5-21-3750928020-1356550509-532969043-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-3750928020-1356550509-532969043-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3750928020-1356550509-532969043-1000\...\Run: [Google Update] => C:\Users\MaTo\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2016-12-17] (Google Inc.)
HKU\S-1-5-21-3750928020-1356550509-532969043-1000\...\MountPoints2: {4f8ea37f-6784-11e2-a6b9-f0bf9758530c} - E:\Setup.exe
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\tray.exe [1010008 2015-04-08] (Garmin Ltd. or its subsidiaries)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MouseRecorder.lnk [2016-12-22]
ShortcutTarget: MouseRecorder.lnk -> C:\Program Files (x86)\MouseRecorder\MouseRecorder.exe (Bartels Media GmbH)
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{460C5B85-53D0-46A2-B837-AB28E88414E2}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKU\S-1-5-21-3750928020-1356550509-532969043-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=COSP&ptag=G3A0B15BED265&conlogo=CT3210127
HKU\S-1-5-21-3750928020-1356550509-532969043-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEF&bmod=SVEF
URLSearchHook: HKLM-x32 - DVDVideoSoftTB DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Users\MaTo\AppData\LocalLow\DVDVideoSoftTB_DE\prxtbDVD2.dll (ClientConnect Ltd.)
URLSearchHook: HKU\S-1-5-21-3750928020-1356550509-532969043-1000 - DVDVideoSoftTB DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Users\MaTo\AppData\LocalLow\DVDVideoSoftTB_DE\prxtbDVD2.dll (ClientConnect Ltd.)
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3750928020-1356550509-532969043-1000 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?pc=COSP&ptag=G3A0B15BED265&form=CONBDF&conlogo=CT3210127&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3750928020-1356550509-532969043-1000 -> 5AAD72905A3F4695946604AECA800FEE URL =
SearchScopes: HKU\S-1-5-21-3750928020-1356550509-532969043-1000 -> {11B0718C-1ACF-47D8-8690-9BF6E2BB2F31} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=AFFF2CC6-4A72-49F5-9FF3-86F0E4AFBFA5&apn_sauid=980DCAB9-066A-4EFD-BC75-4E9AA9F1772E
SearchScopes: HKU\S-1-5-21-3750928020-1356550509-532969043-1000 -> {4FB0FA3B-73FE-4064-BFC0-320E595CA9B4} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKU\S-1-5-21-3750928020-1356550509-532969043-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?pc=COSP&ptag=G3A0B15BED265&form=CONBDF&conlogo=CT3210127&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3750928020-1356550509-532969043-1000 -> {8E14DF40-412B-4895-874B-3165D5E34CC8} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2625848
SearchScopes: HKU\S-1-5-21-3750928020-1356550509-532969043-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={CEF6ADD5-D0C9-4F87-BA04-00BF6845414C}&mid=1affdf9a21a247d08908414908468890-bf8b9b35eef3f016e2735a933324dc2eca82a163&lang=de&ds=AVG&pr=fr&d=2013-01-30 16:01:20&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3750928020-1356550509-532969043-1000 -> {C381AE95-2783-4BAD-8DCF-C0CC659599C0} URL = hxxp://de.shopping.com/?linkin_id=8056363
SearchScopes: HKU\S-1-5-21-3750928020-1356550509-532969043-1000 -> {E2799826-3D5D-4E7F-838E-DEE7C9113973} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-16/4?mpre=hxxp://shop.ebay.de/?_nkw={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-10-18] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-15] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => Keine Datei
BHO-x32: DVDVideoSoftTB DE Toolbar -> {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} -> C:\Users\MaTo\AppData\LocalLow\DVDVideoSoftTB_DE\prxtbDVD2.dll [2014-03-26] (ClientConnect Ltd.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-08-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-24] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: AVG Security Toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Secure Search\19.6.0.592\AVG Secure Search_toolbar.dll [2016-08-22] (AVG Secure Search)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-23] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-15] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-24] (Oracle Corporation)
Toolbar: HKLM-x32 - DVDVideoSoftTB DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Users\MaTo\AppData\LocalLow\DVDVideoSoftTB_DE\prxtbDVD2.dll [2014-03-26] (ClientConnect Ltd.)
Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\19.6.0.592\AVG Secure Search_toolbar.dll [2016-08-22] (AVG Secure Search)
Toolbar: HKU\S-1-5-21-3750928020-1356550509-532969043-1000 -> Kein Name - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} - Keine Datei
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Keine Datei
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\19.5.0\ViProtocol.dll [2016-08-22] (AVG Secure Search)
FireFox:
========
FF DefaultProfile: JonDoFox
FF ProfilePath: C:\Users\MaTo\AppData\Roaming\Philips-Songbird\Profiles\vl0z8fpz.default [2014-06-26]
FF Extension: (7digital Music Store) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\7digital@songbirdnest.com [2013-09-27] [ist nicht signiert]
FF Extension: (Artwork Extras) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\albumart@songbirdnest.com [2013-09-27] [ist nicht signiert]
FF Extension: (CD Rip Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\cd-rip@songbirdnest.com [2013-09-27] [ist nicht signiert]
FF Extension: (Concerts) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\concerts@songbirdnest.com [2013-09-27] [ist nicht signiert]
FF Extension: (AAC Decoding Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\ewaacdec@songbirdnest.com [2013-09-27] [ist nicht signiert]
FF Extension: (H.264 Video Decoding Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\ewh264dec@songbirdnest.com [2013-09-27] [ist nicht signiert]
FF Extension: (MP3 Encoding Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\ewmp3enc@songbirdnest.com [2013-09-27] [ist nicht signiert]
FF Extension: (MPEG-4 Video Decoding Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\ewmpeg4dec@songbirdnest.com [2013-09-27] [ist nicht signiert]
FF Extension: (File association) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\fileassociation@philips.com [2013-09-27] [ist nicht signiert]
FF Extension: (Philips GoGear Device Manager) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\gogear@songbirdnest.com [2013-09-27] [ist nicht signiert]
FF Extension: (gonzo) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\gonzo@songbirdnest.com [2013-09-27] [ist nicht signiert]
FF Extension: (Gracenote Metadata Lookup Provider) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\gracenote@songbirdnest.com [2013-09-27] [ist nicht signiert]
FF Extension: (German (de) Language Pack) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\langpack-de@songbirdnest.com [2013-09-27] [ist nicht signiert]
FF Extension: (mashTape) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\mashTape@songbirdnest.com [2013-09-27] [ist nicht signiert]
FF Extension: (MSC Device Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\msc@songbirdnest.com [2013-09-27] [ist nicht signiert]
FF Extension: (MTP Device Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\mtp@songbirdnest.com [2013-09-27] [ist nicht signiert]
FF Extension: (Philips addon manager) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-addon-manager@philips.com [2013-09-27] [ist nicht signiert]
FF Extension: (Philips Branding) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-branding@philips.com [2013-09-27] [ist nicht signiert]
FF Extension: (LikeMusic) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-likemusic@philips.com [2013-09-27] [ist nicht signiert]
FF Extension: (Philips auto msc-mtp switch) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-msc-mtp-switch@philips.com [2013-09-27] [ist nicht signiert]
FF Extension: (Philips Promotions) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-promotions@philips.com [2013-09-27] [ist nicht signiert]
FF Extension: (Philips Skin) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-skin@philips.com [2013-09-27] [ist nicht signiert]
FF Extension: (Philips UI) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-ui@philips.com [2013-09-27] [ist nicht signiert]
FF Extension: (Purple Rain) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\purplerain@songbirdnest.com [2013-09-27] [ist nicht signiert]
FF Extension: (Windows Media Playback) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\windowsmedia@songbirdnest.com [2013-09-27] [ist nicht signiert]
FF SearchPlugin: C:\Users\MaTo\AppData\Roaming\Philips-Songbird\Profiles\vl0z8fpz.default\searchplugins\7digital.xml [2013-09-27]
FF ProfilePath: C:\Users\MaTo\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox [2017-01-01]
FF user.js: detected! => C:\Users\MaTo\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\user.js [2016-12-11]
FF NewTab: Mozilla\Firefox\Profiles\JonDoFox -> about:blank
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\JonDoFox -> Startpage HTTPS
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\JonDoFox -> Startpage HTTPS
FF Homepage: Mozilla\Firefox\Profiles\JonDoFox -> google.de
FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> ftp", "127.0.0.1"
FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> ftp_port", 4001
FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> gopher", "127.0.0.1"
FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> gopher_port", 4001
FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> http", "127.0.0.1"
FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> http_port", 4001
FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> socks", "127.0.0.1"
FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> socks_port", 4001
FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> socks_remote_dns", true
FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> ssl", "127.0.0.1"
FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> ssl_port", 4001
FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> type", 4
FF Extension: (HTTPS-Everywhere) - C:\Users\MaTo\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\https-everywhere-eff@eff.org [2016-12-12]
FF Extension: (JonDoFox) - C:\Users\MaTo\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{437be45a-4114-11dd-b9ab-71d256d89593}.xpi [2013-12-10] [ist nicht signiert]
FF Extension: (Cookie Monster) - C:\Users\MaTo\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{45d8ff86-d909-11db-9705-005056c00008} [2016-12-12]
FF Extension: (NoScript) - C:\Users\MaTo\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-12-09] [ist nicht signiert]
FF Extension: (Adblock Plus) - C:\Users\MaTo\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-12-12]
FF Extension: (ProfileSwitcher) - C:\Users\MaTo\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{fa8476cf-a98c-4e08-99b4-65a69cb4b7d4}.xpi [2014-01-09] [ist nicht signiert]
FF SearchPlugin: C:\Users\MaTo\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\duckduckgo-ssl-javascript-free.xml [2013-08-06]
FF SearchPlugin: C:\Users\MaTo\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\google-de-ssl.xml [2013-08-06]
FF SearchPlugin: C:\Users\MaTo\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\google-encrypted-no-personalization.xml [2013-08-06]
FF SearchPlugin: C:\Users\MaTo\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick---deutsch.xml [2013-08-06]
FF SearchPlugin: C:\Users\MaTo\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick-ssl-pictures---deutsch.xml [2013-08-06]
FF SearchPlugin: C:\Users\MaTo\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick-ssl-pictures---english.xml [2013-08-06]
FF SearchPlugin: C:\Users\MaTo\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick.xml [2013-08-06]
FF SearchPlugin: C:\Users\MaTo\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-eng-ger.xml [2013-08-06]
FF SearchPlugin: C:\Users\MaTo\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-esp-ale.xml [2013-08-06]
FF SearchPlugin: C:\Users\MaTo\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-fra-all.xml [2013-08-06]
FF SearchPlugin: C:\Users\MaTo\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\metager2.xml [2013-08-06]
FF SearchPlugin: C:\Users\MaTo\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ssl-wikipedia-deutsch.xml [2013-08-06]
FF SearchPlugin: C:\Users\MaTo\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ssl-wikipedia-english.xml [2013-08-06]
FF SearchPlugin: C:\Users\MaTo\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\startpage-https---deutsch.xml [2013-08-06]
FF SearchPlugin: C:\Users\MaTo\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\startpage-https.xml [2013-08-06]
FF ProfilePath: C:\Users\MaTo\AppData\Roaming\Mozilla\Firefox\Profiles\4qvotah6.default-1479575001104 [2017-01-01]
FF user.js: detected! => C:\Users\MaTo\AppData\Roaming\Mozilla\Firefox\Profiles\4qvotah6.default-1479575001104\user.js [2016-12-11]
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\18.9.0.230 => nicht gefunden
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden
FF HKU\S-1-5-21-3750928020-1356550509-532969043-1000\...\Firefox\Extensions: [{3d90f257-fa16-4fd0-9407-f1fc34a25274}] - C:\Program Files (x86)\Show-Password\150.xpi
FF Extension: (Show-Password) - C:\Program Files (x86)\Show-Password\150.xpi [2013-12-29] [ist nicht signiert]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml [2016-08-22]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-27] ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-27] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\19.5.0\\npsitesafety.dll [Keine Datei]
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @FOSCAM Web Components -> C:\Program Files (x86)\Foscam Web Components\npIPcamCloud.dll [2016-10-28] (foscam)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-08-27] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3750928020-1356550509-532969043-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\MaTo\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3750928020-1356550509-532969043-1000: @tools.google.com/Google Update;version=3 -> C:\Users\MaTo\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-3750928020-1356550509-532969043-1000: @tools.google.com/Google Update;version=9 -> C:\Users\MaTo\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-08-27] (Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.startfenster.de
CHR StartupUrls: Default -> "hxxps://www.google.de/"
CHR Session Restore: Default -> ist aktiviert.
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\gcswf32.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll => Keine Datei
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\pdf.dll => Keine Datei
CHR Plugin: (McAfee SiteAdvisor) - C:\Users\MaTo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.31.137.7\McChPlg.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll => Keine Datei
CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll => Keine Datei
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll => Keine Datei
CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll => Keine Datei
CHR Profile: C:\Users\MaTo\AppData\Local\Google\Chrome\User Data\Default [2017-01-02]
CHR Extension: (Easy Auto Refresh) - C:\Users\MaTo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2016-11-17]
CHR Extension: (ProxFlow) - C:\Users\MaTo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2016-10-11]
CHR Extension: (Angry Birds) - C:\Users\MaTo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-12-13]
CHR Extension: (Google Drive) - C:\Users\MaTo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (GeoGebra Math Apps) - C:\Users\MaTo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnbaboaihhkjoaolfnfoablhllahjnee [2016-05-24]
CHR Extension: (Google Cast) - C:\Users\MaTo\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-03-24]
CHR Extension: (GoSaVe) - C:\Users\MaTo\AppData\Local\Google\Chrome\User Data\Default\Extensions\daccdohjljfghikpggghpoapieofnjfp [2014-10-09]
CHR Extension: (Google Kalender) - C:\Users\MaTo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2015-10-14]
CHR Extension: (PictaCast for Chromecast® - Trial) - C:\Users\MaTo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekgaebaencakkggokbokmgojdbafnefi [2016-12-16]
CHR Extension: (Google Docs Offline) - C:\Users\MaTo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\MaTo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-12-29]
CHR Extension: („Pin it“-Button) - C:\Users\MaTo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2016-11-02]
CHR Extension: (Local Image File Viewer) - C:\Users\MaTo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhlckkgdiojkapplglfeomlkjllphilo [2016-07-26]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\MaTo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-03-31]
CHR Extension: (AVG SafePrice) - C:\Users\MaTo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2016-12-16]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\MaTo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Youtube Unblocker) - C:\Users\MaTo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogkphheoljabmbmgijoidhmlehnhlmim [2014-11-04]
CHR Extension: (Save Flash) - C:\Users\MaTo\AppData\Local\Google\Chrome\User Data\Default\Extensions\okpfiebkkmjcnodegbbbiellepfhoglm [2014-10-09]
CHR Extension: (Chrome Media Router) - C:\Users\MaTo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-17]
CHR HKU\S-1-5-21-3750928020-1356550509-532969043-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\MaTo\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-01-07]
CHR HKU\S-1-5-21-3750928020-1356550509-532969043-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [engeblojhfeingnjnfpiceofljnjpldp] - C:\Users\MaTo\AppData\Local\CRE\engeblojhfeingnjnfpiceofljnjpldp.crx <nicht gefunden>
CHR HKU\S-1-5-21-3750928020-1356550509-532969043-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3750928020-1356550509-532969043-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3750928020-1356550509-532969043-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\MaTo\AppData\Roaming\DVDVideoSoft\DVDVideoSoftBrowserExtension.crx [2012-11-17]
CHR HKLM-x32\...\Chrome\Extension: [engeblojhfeingnjnfpiceofljnjpldp] - C:\Users\MaTo\AppData\Local\CRE\engeblojhfeingnjnfpiceofljnjpldp.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [jimlgadlmmpnoagdcbciogmhpoeejhon] - C:\Users\MaTo\AppData\Roaming\Bloson\bloson_cr_1.0b1.crx [2012-09-03]
CHR HKLM-x32\...\Chrome\Extension: [logekkkdbdidmmcgkonmmonclldogceg] - C:\Program Files (x86)\Show-Password\150.crx [2013-12-29]
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [647864 2016-11-02] (AVG Technologies CZ, s.r.o.)
R2 avgfws; C:\Program Files (x86)\AVG\Av\avgfwsa.exe [1828472 2016-11-02] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5337696 2016-11-02] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [727512 2016-11-02] (AVG Technologies CZ, s.r.o.)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2014-10-09] (Creative Labs) [Datei ist nicht signiert]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-10-09] (Creative Labs) [Datei ist nicht signiert]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [Datei ist nicht signiert]
R2 FosCloudSvrNacl; C:\Program Files (x86)\Foscam Web Components\CloudIPCPlgSvr.exe [100472 2016-10-28] ()
S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [708616 2015-04-08] (Garmin Ltd. or its subsidiaries)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [235216 2013-10-16] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2016-12-09] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2180624 2016-12-09] (Electronic Arts)
S4 Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [313840 2010-02-24] (Sonic Solutions)
S4 Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [362992 2010-02-24] (Sonic Solutions)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [864000 2010-09-27] (Sony Corporation)
R2 vToolbarUpdater19.5.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\19.5.0\ToolbarUpdater.exe [1277512 2016-08-22] (AVG Secure Search)
S3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1656600 2016-03-31] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 ArcCD; kein ImagePath
R1 archlp; C:\Windows\SysWow64\drivers\archlp.sys [142848 2010-01-12] ()
U1 ArcRec; kein ImagePath
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
S4 ArcUdfs; kein ImagePath
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [303616 2012-12-28] () [Datei ist nicht signiert]
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [73992 2016-10-23] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [312576 2016-10-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [267520 2016-10-19] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [254208 2016-09-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [299264 2016-07-27] (AVG Technologies CZ, s.r.o.)
R0 avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-02-17] (Disc Soft Ltd)
S3 GEARAspiWDM; C:\Windows\SysWOW64\Drivers\GEARAspiWDM.sys [15664 2011-07-15] (GEAR Software Inc.)
S3 ksaud; C:\Windows\System32\drivers\ksaud.sys [1588480 2013-04-08] (Creative Technology Ltd.)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2012-12-28] () [Datei ist nicht signiert]
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R2 risdsnpe; C:\Windows\system32\drivers\risdsnxc64.sys [98816 2010-12-24] (REDC)
S0 PxHlpa64; System32\Drivers\PxHlpa64.sys [X]
S3 semav6msr64; \??\C:\Windows\system32\drivers\semav6msr64.sys [X]
S3 semav6thermal64ro; \??\C:\Windows\system32\drivers\semav6thermal64ro.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-01-02 21:45 - 2017-01-02 21:46 - 00045730 _____ C:\Users\MaTo\Desktop\FRST.txt
2017-01-02 21:44 - 2017-01-02 21:45 - 00000000 ____D C:\FRST
2017-01-02 21:32 - 2017-01-02 21:33 - 02418176 _____ (Farbar) C:\Users\MaTo\Desktop\FRST64.exe
2017-01-02 21:23 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2017-01-02 21:23 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2017-01-02 21:23 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2017-01-02 21:23 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2017-01-02 21:23 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2017-01-02 21:23 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2017-01-02 21:23 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2017-01-02 21:23 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2017-01-02 21:23 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2017-01-02 21:23 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2017-01-02 21:23 - 2013-10-02 01:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2017-01-02 21:23 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2017-01-02 21:23 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2017-01-02 21:23 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2017-01-02 21:23 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2017-01-02 21:23 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2017-01-02 21:23 - 2013-10-01 21:57 - 06578176 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2017-01-02 21:23 - 2013-10-01 21:55 - 05698048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2017-01-02 21:22 - 2017-01-02 21:22 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ICCWDT_01009.Wdf
2017-01-02 21:19 - 2015-08-05 18:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2017-01-02 21:19 - 2015-08-05 18:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2017-01-02 21:18 - 2015-12-16 19:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2017-01-02 21:18 - 2015-12-16 19:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2017-01-02 21:18 - 2015-12-16 19:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2017-01-02 21:18 - 2015-12-16 19:48 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2017-01-02 21:18 - 2015-12-16 19:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2017-01-02 21:18 - 2015-12-16 19:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2016-12-31 16:41 - 2016-12-31 16:41 - 00022371 _____ C:\Users\MaTo\Downloads\PB_KAZ_KtoNr_0873524105_09-12-2016_1259.pdf
2016-12-30 20:33 - 2016-12-30 20:33 - 00021195 _____ C:\Users\MaTo\Downloads\3L104.pdf
2016-12-30 16:25 - 2016-12-30 16:25 - 00778620 _____ C:\Users\MaTo\Downloads\Unsere_Nachricht_fuer_Sie (1).PDF
2016-12-30 12:23 - 2016-12-30 12:23 - 02843982 _____ C:\Users\MaTo\Downloads\Information_20161101.pdf
2016-12-29 00:54 - 2016-12-29 00:54 - 02384806 _____ C:\Users\MaTo\Downloads\635713632054154000534256879.zip
2016-12-29 00:53 - 2016-12-29 00:53 - 03638898 _____ C:\Users\MaTo\Downloads\FI8910W user manual-V2.0.zip
2016-12-29 00:27 - 2016-12-29 00:27 - 00000000 ____D C:\Users\MaTo\AppData\Roaming\NaclFosCloudSdkLog
2016-12-29 00:27 - 2016-12-29 00:27 - 00000000 ____D C:\Users\MaTo\AppData\Roaming\fosIPCamera
2016-12-29 00:27 - 2016-12-29 00:27 - 00000000 ____D C:\Users\MaTo\AppData\Roaming\fos_nacl_log
2016-12-29 00:27 - 2016-12-29 00:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foscam Web Components
2016-12-29 00:27 - 2016-12-29 00:27 - 00000000 ____D C:\Program Files (x86)\Foscam Web Components
2016-12-29 00:26 - 2016-12-29 00:26 - 03734552 _____ (FOSCAM ) C:\Users\MaTo\Downloads\FoscamWebComponents.exe
2016-12-28 23:54 - 2013-11-15 16:47 - 01643520 _____ C:\Users\MaTo\Desktop\IPCamera.exe
2016-12-28 23:53 - 2016-12-28 23:53 - 00822582 _____ C:\Users\MaTo\Downloads\IPCameraTool version 1.0.0.1 - 20131120.zip
2016-12-28 22:28 - 2016-12-28 22:28 - 00280106 _____ C:\Users\MaTo\Downloads\Leistungsbeschreibung.pdf
2016-12-28 18:25 - 2016-12-28 18:25 - 00262215 _____ C:\Users\MaTo\Downloads\Direkt_Depot_8008327182_Abrechnung_Kauf_JP3756600007_Order_109650600_001_20161220 (1).pdf
2016-12-25 20:56 - 2016-12-25 20:56 - 00121412 _____ C:\Users\MaTo\Downloads\Umsaetze_KtoNr471862300_EUR_25-12-2016_2056.pdf
2016-12-25 20:55 - 2016-12-25 20:55 - 00120621 _____ C:\Users\MaTo\Downloads\Umsaetze_KtoNr471862300_EUR_25-12-2016_2055.pdf
2016-12-23 23:24 - 2017-01-02 20:51 - 00080732 _____ C:\Users\MaTo\Documents\Test2.mrf
2016-12-23 17:03 - 2016-12-23 23:03 - 00083742 _____ C:\Users\MaTo\Documents\Test1.mrf
2016-12-22 13:19 - 2016-12-22 20:53 - 00046362 _____ C:\Users\MaTo\Documents\Macro_Ball_Buch_Uhr.mrf
2016-12-22 12:30 - 2016-12-23 07:53 - 00046082 _____ C:\Users\MaTo\Documents\Macro_GW_WM_WB.mrf
2016-12-22 11:30 - 2016-12-22 17:03 - 00000000 ____D C:\Users\MaTo\AppData\Roaming\Mouse Recorder
2016-12-22 11:30 - 2016-12-22 11:30 - 00001079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MouseRecorder.lnk
2016-12-22 11:30 - 2016-12-22 11:30 - 00000000 ____D C:\ProgramData\MouseRecorder
2016-12-22 11:30 - 2016-12-22 11:30 - 00000000 ____D C:\Program Files (x86)\MouseRecorder
2016-12-22 11:29 - 2016-12-22 11:29 - 02542672 _____ (Bartels Media GmbH ) C:\Users\MaTo\Downloads\mouserecordersetup.exe
2016-12-20 19:36 - 2016-12-20 19:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-12-20 19:34 - 2016-12-20 19:34 - 03313008 _____ (AVG Technologies CZ, s.r.o.) C:\Users\MaTo\Downloads\AVG_Protection_806.exe
2016-12-20 17:39 - 2016-12-20 17:39 - 00262215 _____ C:\Users\MaTo\Downloads\Direkt_Depot_8008327182_Abrechnung_Kauf_JP3756600007_Order_109650600_001_20161220.pdf
2016-12-14 12:16 - 2016-12-14 12:16 - 00160506 _____ C:\Users\MaTo\Downloads\leistungsantrag_v1 (6).pdf
2016-12-14 12:15 - 2016-12-14 12:15 - 00847775 _____ C:\Users\MaTo\Downloads\leistungsantrag_v2.pdf
2016-12-14 12:14 - 2016-12-14 12:14 - 00160506 _____ C:\Users\MaTo\Downloads\leistungsantrag_v1 (5).pdf
2016-12-14 10:09 - 2016-12-14 10:09 - 03212472 _____ (AVG Technologies CZ, s.r.o.) C:\Users\MaTo\Downloads\AVG_PCTuneUp_1759 (1).exe
2016-12-14 09:09 - 2016-11-21 19:16 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-12-14 09:09 - 2016-11-21 19:16 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-12-14 09:09 - 2016-11-21 19:12 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-12-14 09:09 - 2016-11-21 19:12 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-12-14 09:09 - 2016-11-21 19:12 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-12-14 09:09 - 2016-11-21 19:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-12-14 09:09 - 2016-11-21 19:12 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-12-14 09:09 - 2016-11-21 19:12 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-12-14 09:09 - 2016-11-21 19:12 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-12-14 09:09 - 2016-11-21 19:12 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-12-14 09:09 - 2016-11-21 19:12 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-12-14 09:09 - 2016-11-21 19:12 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-12-14 09:09 - 2016-11-21 19:12 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-12-14 09:09 - 2016-11-21 19:12 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-12-14 09:09 - 2016-11-21 19:12 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2016-12-14 09:09 - 2016-11-21 19:12 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-12-14 09:09 - 2016-11-21 19:12 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-12-14 09:09 - 2016-11-21 19:12 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-12-14 09:09 - 2016-11-21 19:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-12-14 09:09 - 2016-11-21 19:12 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-12-14 09:09 - 2016-11-21 19:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-12-14 09:09 - 2016-11-21 19:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-12-14 09:09 - 2016-11-20 17:20 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-12-14 09:09 - 2016-11-20 17:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-12-14 09:09 - 2016-11-20 17:20 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-12-14 09:09 - 2016-11-20 17:20 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2016-12-14 09:09 - 2016-11-20 17:20 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-12-14 09:09 - 2016-11-20 17:19 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-12-14 09:09 - 2016-11-20 17:19 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-12-14 09:09 - 2016-11-20 17:19 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-12-14 09:09 - 2016-11-20 17:19 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-12-14 09:09 - 2016-11-20 17:19 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-12-14 09:09 - 2016-11-20 17:19 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-12-14 09:09 - 2016-11-20 17:19 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-12-14 09:09 - 2016-11-20 17:19 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-12-14 09:09 - 2016-11-20 17:19 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-12-14 09:09 - 2016-11-20 17:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-12-14 09:09 - 2016-11-20 17:19 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-12-14 09:09 - 2016-11-20 17:19 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-12-14 09:09 - 2016-11-20 17:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-12-14 09:09 - 2016-11-20 16:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-12-14 09:09 - 2016-11-20 16:57 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-12-14 09:09 - 2016-11-20 16:57 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-12-14 09:09 - 2016-11-20 16:57 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-12-14 09:09 - 2016-11-20 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-12-14 09:09 - 2016-11-20 16:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-12-14 09:09 - 2016-11-20 15:07 - 00467392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-12-14 09:09 - 2016-11-17 17:41 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-12-14 09:09 - 2016-11-15 00:27 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-12-14 09:09 - 2016-11-14 23:39 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-12-14 09:09 - 2016-11-12 20:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-12-14 09:09 - 2016-11-12 20:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-12-14 09:09 - 2016-11-12 20:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-12-14 09:09 - 2016-11-12 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-12-14 09:09 - 2016-11-12 20:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-12-14 09:09 - 2016-11-12 20:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-12-14 09:09 - 2016-11-12 20:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-12-14 09:09 - 2016-11-12 20:21 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-12-14 09:09 - 2016-11-12 20:15 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-12-14 09:09 - 2016-11-12 20:14 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-12-14 09:09 - 2016-11-12 20:09 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-12-14 09:09 - 2016-11-12 20:08 - 25759744 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-12-14 09:09 - 2016-11-12 20:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-12-14 09:09 - 2016-11-12 20:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-12-14 09:09 - 2016-11-12 20:07 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-12-14 09:09 - 2016-11-12 20:07 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-12-14 09:09 - 2016-11-12 19:56 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-12-14 09:09 - 2016-11-12 19:53 - 06049280 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-12-14 09:09 - 2016-11-12 19:52 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-12-14 09:09 - 2016-11-12 19:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-12-14 09:09 - 2016-11-12 19:41 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-12-14 09:09 - 2016-11-12 19:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-12-14 09:09 - 2016-11-12 19:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-12-14 09:09 - 2016-11-12 19:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-12-14 09:09 - 2016-11-12 19:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-12-14 09:09 - 2016-11-12 19:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-12-14 09:09 - 2016-11-12 19:29 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-12-14 09:09 - 2016-11-12 19:29 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-12-14 09:09 - 2016-11-12 19:29 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-12-14 09:09 - 2016-11-12 19:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-12-14 09:09 - 2016-11-12 19:27 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-12-14 09:09 - 2016-11-12 19:20 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-12-14 09:09 - 2016-11-12 19:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-12-14 09:09 - 2016-11-12 19:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-12-14 09:09 - 2016-11-12 19:17 - 20302848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-12-14 09:09 - 2016-11-12 19:15 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-12-14 09:09 - 2016-11-12 19:14 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-12-14 09:09 - 2016-11-12 19:14 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-12-14 09:09 - 2016-11-12 19:14 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-12-14 09:09 - 2016-11-12 19:14 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-12-14 09:09 - 2016-11-12 19:11 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-12-14 09:09 - 2016-11-12 19:10 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-12-14 09:09 - 2016-11-12 19:08 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-12-14 09:09 - 2016-11-12 19:08 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-12-14 09:09 - 2016-11-12 19:03 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-12-14 09:09 - 2016-11-12 18:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-12-14 09:09 - 2016-11-12 18:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-12-14 09:09 - 2016-11-12 18:52 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-12-14 09:09 - 2016-11-12 18:51 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-12-14 09:09 - 2016-11-12 18:49 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-12-14 09:09 - 2016-11-12 18:47 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-12-14 09:09 - 2016-11-12 18:41 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-12-14 09:09 - 2016-11-12 18:40 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-12-14 09:09 - 2016-11-12 18:38 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-12-14 09:09 - 2016-11-12 18:37 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-12-14 09:09 - 2016-11-12 18:36 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-12-14 09:09 - 2016-11-12 18:36 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-12-14 09:09 - 2016-11-12 18:35 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-12-14 09:09 - 2016-11-12 18:21 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-12-14 09:09 - 2016-11-12 18:20 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-12-14 09:09 - 2016-11-12 18:11 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-12-14 09:09 - 2016-11-12 18:05 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-12-14 09:09 - 2016-11-12 18:02 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-12-14 09:09 - 2016-11-12 18:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-12-14 09:09 - 2016-11-10 17:32 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-12-14 09:09 - 2016-11-10 17:19 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-12-14 09:09 - 2016-11-09 17:41 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-12-14 09:09 - 2016-11-09 17:33 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-12-14 09:09 - 2016-11-09 17:33 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-12-14 09:09 - 2016-11-09 17:33 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-12-14 09:09 - 2016-11-09 17:33 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-12-14 09:09 - 2016-11-09 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-12-14 09:09 - 2016-11-09 17:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-12-14 09:09 - 2016-11-09 17:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-12-14 09:09 - 2016-11-09 17:17 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-12-14 09:09 - 2016-11-09 17:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-12-14 09:09 - 2016-11-09 17:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-12-14 09:09 - 2016-11-09 17:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-12-14 09:09 - 2016-11-09 17:02 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-12-14 09:09 - 2016-11-09 16:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-12-14 09:09 - 2016-11-06 17:33 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-12-14 09:09 - 2016-11-06 17:16 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-12-14 09:09 - 2016-11-06 17:01 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-12-14 09:09 - 2016-10-27 16:33 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2016-12-14 09:09 - 2016-10-27 16:20 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2016-12-14 09:09 - 2016-10-11 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-12-14 09:09 - 2016-10-11 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-12-14 09:09 - 2016-10-11 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-12-14 09:09 - 2016-10-11 16:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-12-14 09:09 - 2016-10-11 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-12-14 09:09 - 2016-10-11 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-12-14 09:09 - 2016-10-11 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-12-14 09:09 - 2016-10-11 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-12-14 09:09 - 2016-10-11 16:32 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-12-14 09:09 - 2016-10-11 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-12-14 09:09 - 2016-10-11 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-12-14 09:09 - 2016-10-11 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-12-14 09:09 - 2016-10-11 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-12-14 09:09 - 2016-10-11 16:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-12-14 09:09 - 2016-10-11 16:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-12-14 09:09 - 2016-10-11 16:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-12-14 09:09 - 2016-10-11 16:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-12-14 09:09 - 2016-10-11 16:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-12-14 09:09 - 2016-10-11 16:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-12-14 09:09 - 2016-10-11 16:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-12-14 09:09 - 2016-10-11 16:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:24 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-12-14 09:09 - 2016-10-11 16:24 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-12-14 09:09 - 2016-10-11 16:21 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-12-14 09:09 - 2016-10-11 16:18 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-12-14 09:09 - 2016-10-11 16:18 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-12-14 09:09 - 2016-10-11 16:18 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-12-14 09:09 - 2016-10-11 16:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-12-14 09:09 - 2016-10-11 16:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-12-14 09:09 - 2016-10-11 16:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-12-14 09:09 - 2016-10-11 16:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-12-14 09:09 - 2016-10-11 16:18 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:18 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-12-14 09:09 - 2016-10-11 16:18 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 16:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-12-14 09:09 - 2016-10-11 16:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-12-14 09:09 - 2016-10-11 16:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-12-14 09:09 - 2016-10-11 15:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-12-14 09:09 - 2016-10-11 15:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-12-14 09:09 - 2016-10-11 15:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2016-12-14 09:09 - 2016-10-11 15:55 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-12-14 09:09 - 2016-10-11 15:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-12-14 09:09 - 2016-10-11 15:51 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-12-14 09:09 - 2016-10-11 15:51 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-12-14 09:09 - 2016-10-11 15:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-12-14 09:09 - 2016-10-11 15:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 15:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 15:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-12-14 09:09 - 2016-10-11 14:18 - 00419648 _____ C:\Windows\SysWOW64\locale.nls
2016-12-14 09:09 - 2016-10-11 14:17 - 00419648 _____ C:\Windows\system32\locale.nls
2016-12-14 09:09 - 2016-10-08 14:06 - 00633296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-12-14 09:09 - 2016-10-04 16:31 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-12-14 09:09 - 2016-10-04 16:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-12-14 09:09 - 2016-10-04 16:31 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-12-14 09:09 - 2016-10-04 16:31 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-12-14 09:09 - 2016-10-04 16:13 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-12-14 09:09 - 2016-10-04 16:13 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-12-14 09:09 - 2016-10-04 16:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-12-14 09:09 - 2016-10-04 16:13 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-12-14 08:53 - 2016-12-14 08:53 - 03212472 _____ (AVG Technologies CZ, s.r.o.) C:\Users\MaTo\Downloads\AVG_PCTuneUp_1759.exe
2016-12-13 23:00 - 2016-12-13 23:00 - 00227328 _____ C:\Users\MaTo\Downloads\wkn_846900_historic.xls
2016-12-13 14:04 - 2016-12-13 22:59 - 00076451 _____ C:\Users\MaTo\Downloads\wkn_846900_historic.csv
2016-12-13 13:53 - 2016-12-13 13:53 - 00000000 ____D C:\Users\MaTo\Desktop\Skandia RS
2016-12-13 08:36 - 2016-12-13 08:36 - 00000370 _____ C:\Windows\PFRO.log
2016-12-12 17:45 - 2016-12-13 08:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-12 15:17 - 2016-12-12 15:17 - 00037574 _____ C:\Users\MaTo\Downloads\Gesamtplan_kurz_GV.rtf
2016-12-12 15:16 - 2016-12-12 15:16 - 00030497 _____ C:\Users\MaTo\Downloads\2016-11-18_GV_Top8_Vorlage1.pdf
2016-12-12 09:51 - 2016-12-12 09:51 - 00126464 _____ C:\Users\MaTo\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-12 09:44 - 2017-01-02 21:41 - 00004948 _____ C:\Windows\setupact.log
2016-12-12 09:44 - 2016-12-12 09:44 - 00000000 _____ C:\Windows\setuperr.log
2016-12-12 09:43 - 2016-12-15 08:44 - 00491480 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-12 00:01 - 2017-01-02 21:36 - 06794146 ____H C:\Users\MaTo\AppData\Local\IconCache.db
2016-12-06 14:54 - 2016-12-06 14:54 - 00474891 _____ C:\Users\MaTo\Downloads\Extremwertaufgaben_Übungsaufgaben.pdf
2016-12-05 14:40 - 2016-12-05 14:40 - 00177969 _____ C:\Users\MaTo\Downloads\Uebungsblatt Zehnerpotenzen.pdf
2016-12-05 14:39 - 2016-12-05 14:39 - 00497224 _____ C:\Users\MaTo\Downloads\bungsblatt zur KA6_2015.pdf
2016-12-05 14:39 - 2016-12-05 14:39 - 00101499 _____ C:\Users\MaTo\Downloads\Uebungen zu Potenzen.pdf
2016-12-03 21:17 - 2016-12-03 21:17 - 00578057 _____ C:\Users\MaTo\Downloads\Vorteilskonto_Antrag.pdf
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-01-02 21:44 - 2014-01-07 19:13 - 00000000 ___RD C:\Users\MaTo\Google Drive
2017-01-02 21:44 - 2009-07-14 05:45 - 00022704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-02 21:44 - 2009-07-14 05:45 - 00022704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-02 21:41 - 2012-08-26 18:02 - 00000000 ____D C:\ProgramData\MFAData
2017-01-02 21:39 - 2011-02-28 03:35 - 00000000 ____D C:\ProgramData\NVIDIA
2017-01-02 21:39 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-02 21:22 - 2011-02-28 03:33 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-01-02 21:22 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-01-02 21:20 - 2016-08-01 13:11 - 00000000 ____D C:\Users\MaTo\AppData\Local\pokemon
2017-01-02 21:16 - 2016-08-01 13:11 - 00000000 ____D C:\Users\MaTo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2017-01-02 20:58 - 2013-03-07 16:45 - 00000000 ____D C:\Users\MaTo\AppData\Roaming\Origin
2017-01-02 20:58 - 2013-03-07 16:41 - 00000000 ____D C:\ProgramData\Origin
2017-01-02 20:15 - 2014-02-03 10:13 - 00059922 _____ C:\Users\MaTo\Desktop\GoalUnited.xlsx
2017-01-02 20:09 - 2012-09-16 18:06 - 00000924 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3750928020-1356550509-532969043-1000UA.job
2017-01-02 20:09 - 2012-09-16 18:06 - 00000902 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3750928020-1356550509-532969043-1000Core.job
2017-01-02 18:24 - 2012-08-06 14:49 - 00003930 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{BE12FA58-E9B7-41DF-9421-112F4137524D}
2017-01-01 22:14 - 2016-10-25 15:16 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2016-12-29 21:36 - 2012-10-22 17:16 - 00000000 ___RD C:\Users\MaTo\Documents\Scanned Documents
2016-12-29 01:27 - 2014-06-30 11:46 - 00000000 ____D C:\Users\MaTo\AppData\Roaming\HpUpdate
2016-12-29 00:27 - 2012-08-06 14:27 - 00000000 ____D C:\Users\MaTo\AppData\Roaming
2016-12-28 23:51 - 2012-08-06 14:27 - 00000000 ___RD C:\Users\MaTo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-23 23:24 - 2012-08-06 14:27 - 00000000 ___RD C:\Users\MaTo\Documents
2016-12-22 20:35 - 2013-12-08 20:31 - 04313088 ___SH C:\Users\MaTo\Desktop\Thumbs.db
2016-12-22 18:36 - 2016-06-26 21:46 - 00981504 ___SH C:\Users\MaTo\Downloads\Thumbs.db
2016-12-22 11:30 - 2009-07-14 04:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2016-12-20 20:15 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Desktop
2016-12-20 19:45 - 2011-02-28 03:44 - 00000000 ____D C:\Program Files (x86)\Sony
2016-12-20 19:43 - 2011-02-28 03:35 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-12-20 19:39 - 2016-10-25 15:15 - 00000000 ____D C:\Users\MaTo\AppData\Local\AvgSetupLog
2016-12-20 19:38 - 2015-03-06 09:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-12-20 19:36 - 2013-08-02 14:35 - 00000000 ____D C:\ProgramData\AVG
2016-12-20 19:36 - 2012-08-26 18:17 - 00000000 ____D C:\Program Files (x86)\AVG
2016-12-17 10:45 - 2015-03-06 15:25 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-17 10:45 - 2015-03-06 15:25 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-17 10:45 - 2015-03-06 15:13 - 00003716 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3750928020-1356550509-532969043-1000UA
2016-12-17 10:45 - 2015-03-06 15:13 - 00003444 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3750928020-1356550509-532969043-1000Core
2016-12-17 10:45 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Tasks
2016-12-16 14:46 - 2014-01-07 19:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-12-15 08:56 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Microsoft.NET
2016-12-15 08:55 - 2009-07-14 04:20 - 00000000 __RSD C:\Windows\assembly
2016-12-15 08:52 - 2011-02-28 12:24 - 00699682 _____ C:\Windows\system32\perfh007.dat
2016-12-15 08:52 - 2011-02-28 12:24 - 00149790 _____ C:\Windows\system32\perfc007.dat
2016-12-15 08:52 - 2009-07-14 06:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-15 08:52 - 2009-07-14 03:36 - 00654480 _____ C:\Windows\system32\perfh009.dat
2016-12-15 08:52 - 2009-07-14 03:36 - 00122352 _____ C:\Windows\system32\perfc009.dat
2016-12-15 08:46 - 2009-07-14 03:34 - 00189440 ____H C:\Users\Default\NTUSER.DAT.LOG1
2016-12-15 08:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\en-US
2016-12-15 08:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\en-US
2016-12-15 08:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Boot
2016-12-15 08:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppPatch
2016-12-15 08:40 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Internet Explorer
2016-12-15 08:40 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files (x86)\Internet Explorer
2016-12-14 23:08 - 2013-11-24 16:15 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-12-14 23:08 - 2012-12-09 17:34 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-12-14 23:04 - 2013-07-24 22:53 - 00000000 ____D C:\Windows\system32\MRT
2016-12-14 22:57 - 2012-08-26 21:12 - 135632432 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-12-14 22:57 - 2009-07-14 05:45 - 00000000 ____D C:\Windows\debug
2016-12-14 22:52 - 2012-09-05 19:59 - 01594964 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-12-13 13:48 - 2013-03-11 12:07 - 00000000 ____D C:\Users\MaTo\Desktop\Marcus
2016-12-13 08:36 - 2013-02-14 09:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-11 23:29 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Logs
2016-12-10 14:21 - 2012-09-30 13:08 - 00000000 ____D C:\Update
2016-12-09 17:24 - 2013-03-07 16:41 - 00000000 ____D C:\Program Files (x86)\Origin
2016-12-09 17:23 - 2013-03-07 16:45 - 00000000 ____D C:\Users\MaTo\AppData\Local\Origin
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-06-27 08:07 - 2014-06-23 11:45 - 0003728 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2015-12-08 11:24 - 2015-12-08 11:24 - 0000070 _____ () C:\Users\MaTo\AppData\Roaming\0DE9530.html
2014-01-22 20:30 - 2014-01-22 20:30 - 0003584 _____ () C:\Users\MaTo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-04-09 18:23 - 2013-04-09 18:23 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-10-09 18:59 - 2010-06-29 08:04 - 0001772 _____ () C:\ProgramData\cfSB1095.ini
2014-10-09 18:59 - 2013-04-03 05:50 - 0001772 _____ () C:\ProgramData\cfSB1095A.ini
2012-08-09 09:17 - 2012-08-09 09:17 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2012-12-27 21:46 - 2012-12-27 21:46 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-10-14 04:32
==================== Ende von FRST.txt ============================
|
| Themen zu Hat mein Laptop Trojaner oder andere Schadsoftware? |
| adobe, avg, cid, defender, explorer, ftp, google, helper, home, homepage, installation, mozilla, mp3, officejet, prozesse, realtek, registry, scan, secure search, security, services.exe, siteadvisor, svchost.exe, system, trojaner, usb, windows |
Baum-Darstellung