tillobel | 18.03.2015 20:07 | WIN7 Meldung Script.Adware.DealPly.G (Engine B) Guten Abend an die Helfer hier,
habe bei meinem neuen Lapi die Fehlermeldung bekommen von G Data:
Script.Adware.DealPly.G (Engine B)
Hier mal die FRST.txt und addition
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by User (administrator) on RWE-HOTTE on 18-03-2015 19:57:41
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available profiles: User)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdBgInx64.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(LULU SOFTWARE LIMITED) C:\Program Files (x86)\Soda PDF 6\creator-ws.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqgpc01.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(LULU SOFTWARE LIMITED) C:\Program Files (x86)\Soda PDF 6\ws.exe
() C:\Users\User\AppData\Roaming\Search Protection\SP.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1756792 2014-05-20] (G Data Software AG)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2024800 2014-06-04] (Wondershare)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134784 2014-02-25] ( (Atheros Communications))
HKU\S-1-5-21-192083289-1371779681-2328390087-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-192083289-1371779681-2328390087-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31344744 2015-02-26] (Skype Technologies S.A.)
HKU\S-1-5-21-192083289-1371779681-2328390087-1000\...\Run: [Search Protection] => C:\Users\User\AppData\Roaming\Search Protection\SP.EXE [901144 2015-03-10] ()
HKU\S-1-5-21-192083289-1371779681-2328390087-1000\...\Run: [Browser Extensions] => C:\Users\User\AppData\Roaming\BrowserExtensions\BEHelper.exe [550000 2015-03-10] ()
HKU\S-1-5-21-192083289-1371779681-2328390087-1000\...\Policies\Explorer: [NoDrives] 65536
HKU\S-1-5-21-192083289-1371779681-2328390087-1000\...\Policies\Explorer: [NoViewOnDrive] 65536
HKU\S-1-5-21-192083289-1371779681-2328390087-1000\...\MountPoints2: E - E:\LaunchU3.exe -a
HKU\S-1-5-21-192083289-1371779681-2328390087-1000\...\MountPoints2: {0ddbfbcb-b828-11e4-ad5f-ac9e17d23840} - E:\LaunchU3.exe -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-192083289-1371779681-2328390087-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.search.yahoo.com/?type=937811&fr=spigot-yhp-ie
SearchScopes: HKU\S-1-5-21-192083289-1371779681-2328390087-1000 -> DefaultScope {8F17D790-19DE-42BC-914D-DF279FFCCEFB} URL = https://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
SearchScopes: HKU\S-1-5-21-192083289-1371779681-2328390087-1000 -> {8F17D790-19DE-42BC-914D-DF279FFCCEFB} URL = https://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
BHO: Browser Extensions -> {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} -> C:\Users\User\AppData\Roaming\BrowserExtensions\Coupons64.dll [2015-03-10] ()
BHO: CHIP Best Deal BHO -> {7553EA3C-F8DA-4188-B7BC-956894EA54F5} -> C:\Program Files (x86)\chip\Internet Explorer\chip64.dll [2014-11-18] ()
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-02-23] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-02-23] (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: Browser Extensions -> {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} -> C:\Users\User\AppData\Roaming\BrowserExtensions\Coupons.dll [2015-03-10] ()
BHO-x32: CHIP Best Deal BHO -> {7553EA3C-F8DA-4188-B7BC-956894EA54F5} -> C:\Program Files (x86)\chip\Internet Explorer\chip32.dll [2014-11-18] ()
BHO-x32: Soda PDF 6 Helper -> {ACEC6276-3D7B-4AA9-BE79-23520A23026D} -> C:\Program Files (x86)\Soda PDF 6\creator-ie-helper.dll [2014-02-20] (LULU SOFTWARE LIMITED)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Soda PDF 6 Toolbar - {35251526-B7A4-44E4-8B2E-FD62AE267B82} - C:\Program Files (x86)\Soda PDF 6\creator-ie-plugin.dll [2014-02-20] (LULU SOFTWARE LIMITED)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.192.1
FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ic500lzi.default
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Homepage: https://de.search.yahoo.com/?type=937811&fr=spigot-yhp-ff
FF Keyword.URL: https://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-16] ()
FF Plugin: @java.com/DTPlugin,version=10.75.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-02-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.75.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-02-23] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-16] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: Soda PDF 6 -> C:\Program Files (x86)\Soda PDF 6\np-previewer.dll [2014-02-20] (LULU SOFTWARE LIMITED)
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ic500lzi.default\searchplugins\yahoo_ff.xml [2015-03-18]
FF Extension: Ebay Shopping Assistant by Spigot - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ic500lzi.default\Extensions\{24d26487-6274-48b1-b500-22f24884f971} [2015-03-18]
FF Extension: Start Page - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ic500lzi.default\Extensions\{7a526449-3a92-426f-8ca4-47439918f2b1} [2015-03-18]
FF Extension: Slick Savings - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ic500lzi.default\Extensions\{90477448-b59c-48cd-98af-6a298cbc15d2} [2015-03-18]
FF Extension: CHIP Best Deal - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ic500lzi.default\Extensions\ciuvo-extension@chip.de.xpi [2015-03-18]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2015-02-14]
FF HKLM-x32\...\Firefox\Extensions: [soda_pdf_6_conv@sodapdf.com] - C:\Program Files (x86)\Soda PDF 6\resources\firefoxextension
FF Extension: Soda PDF 6 Creator - C:\Program Files (x86)\Soda PDF 6\resources\firefoxextension [2015-03-10]
FF HKU\S-1-5-21-192083289-1371779681-2328390087-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-02-25] (Windows (R) Win 7 DDK provider) [File not signed]
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2250360 2014-10-14] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [2683760 2014-05-20] (G Data Software AG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [3228136 2014-08-21] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700536 2014-05-20] (G Data Software AG)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-12] (Intel Corporation)
S3 LULU Software CrashHandler; C:\Program Files (x86)\Soda PDF 6\crash-handler-ws.exe [744800 2014-02-20] (LULU SOFTWARE LIMITED)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R3 Soda PDF 6; C:\Program Files (x86)\Soda PDF 6\ws.exe [1573728 2014-02-20] (LULU SOFTWARE LIMITED)
R2 Soda PDF 6 Creator; C:\Program Files (x86)\Soda PDF 6\creator-ws.exe [620384 2014-02-20] (LULU SOFTWARE LIMITED)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-25] (Atheros) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 ATP; C:\Windows\System32\DRIVERS\AsusTP.sys [71952 2014-03-31] (ASUS Corporation)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [55808 2015-02-13] (G Data Software AG)
R1 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [20992 2015-02-13] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [142336 2015-02-13] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [64000 2015-02-13] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64512 2015-02-24] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2015-02-16] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [61440 2015-02-13] (G Data Software AG)
R3 TXEIx64; C:\Windows\System32\DRIVERS\TXEIx64.sys [88592 2014-02-17] (Intel Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-18 19:57 - 2015-03-18 19:58 - 00016509 _____ () C:\Users\User\Desktop\FRST.txt
2015-03-18 19:55 - 2015-03-18 19:57 - 00000000 ____D () C:\FRST
2015-03-18 19:54 - 2015-03-18 19:54 - 02095616 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2015-03-18 18:50 - 2015-03-18 18:50 - 504670190 _____ () C:\Users\User\Documents\Stahlkrieg an der Ruhe → Krupp und Meyer.mp4
2015-03-18 18:26 - 2015-03-18 18:26 - 42957630 _____ () C:\Users\User\Documents\Goals - Highlights _ Borussia Dortmund vs Bayern München _ 5-2.mp4
2015-03-18 18:23 - 2015-03-18 18:23 - 273958840 _____ () C:\Users\User\Documents\Borussia BVB 09 Deutscher Meister 2011 - das Fussballwunder von Dortmund.mp4
2015-03-18 18:19 - 2015-03-18 18:19 - 78384573 _____ () C:\Users\User\Documents\Das Wunder von Dortmund (Malaga) - CL 09.04.2013 (Schlussphase ungeschnitten).mp4
2015-03-18 18:19 - 2015-03-18 18:19 - 448747103 _____ () C:\Users\User\Documents\BVB Deutscher Meister 1995 - 34. Spieltag Konferenz.mp4
2015-03-18 18:16 - 2015-03-18 18:16 - 62169910 _____ () C:\Users\User\Documents\You'll Never Walk Alone - BVB Dortmund (1080p).mp4
2015-03-18 18:15 - 2015-03-18 18:15 - 208282953 _____ () C:\Users\User\Documents\Talk im Turm mit Werner Hansch und Willi _Ente_ Lippens.mp4
2015-03-18 18:13 - 2015-03-18 18:13 - 244771289 _____ () C:\Users\User\Documents\Willi _Ente_ Lippens - Rot Weiss Essen.mp4
2015-03-18 18:12 - 2015-03-18 18:12 - 06159685 _____ () C:\Users\User\Documents\Willi _Ente_ Lippens über Westkurven-Legende Sirenen Willi.mp4
2015-03-18 18:11 - 2015-03-18 18:12 - 47455049 _____ () C:\Users\User\Documents\_Ente_ Lippens - Fussball im Revier.mp4
2015-03-18 18:11 - 2015-03-18 18:11 - 27718451 _____ () C:\Users\User\Documents\1970_ Lippens gegen Pele an der Torwand.mp4
2015-03-18 18:10 - 2015-03-18 18:10 - 37205783 _____ () C:\Users\User\Documents\Markus Lanz (vom 21. November 2012) - ZDF (4_5).mp4
2015-03-18 18:09 - 2015-03-18 18:09 - 45859801 _____ () C:\Users\User\Documents\Markus Lanz (vom 21. November 2012) - ZDF (5_5).mp4
2015-03-18 18:08 - 2015-03-18 18:08 - 36074527 _____ () C:\Users\User\Documents\Markus Lanz (vom 21. November 2012) - ZDF (1_5) (cut).mp4
2015-03-18 18:08 - 2015-03-18 18:08 - 33409730 _____ () C:\Users\User\Documents\Markus Lanz (vom 21. November 2012) - ZDF (3_5) (cut).mp4
2015-03-18 18:04 - 2015-03-18 18:05 - 37584517 _____ () C:\Users\User\Documents\Markus Lanz (vom 21. November 2012) - ZDF (2_5).mp4
2015-03-18 18:04 - 2015-03-18 18:04 - 194696961 _____ () C:\Users\User\Documents\Fussball-Nostalgie-Tour innen Ruhrpott.mp4
2015-03-18 17:54 - 2015-03-18 19:01 - 00000000 ____D () C:\Users\User\AppData\Roaming\BrowserExtensions
2015-03-18 17:54 - 2015-03-18 17:55 - 00000000 ____D () C:\Users\User\AppData\Roaming\Search Protection
2015-03-18 17:54 - 2015-03-18 17:54 - 00001289 _____ () C:\Users\Public\Desktop\YTD Video Downloader.lnk
2015-03-18 17:54 - 2015-03-18 17:54 - 00000000 ____D () C:\ProgramData\YTD Video Downloader
2015-03-18 17:54 - 2015-03-18 17:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
2015-03-18 17:54 - 2015-03-18 17:54 - 00000000 ____D () C:\Program Files (x86)\GreenTree Applications
2015-03-18 17:52 - 2015-03-18 17:52 - 11123720 _____ () C:\Users\User\Downloads\YTDSetup.exe
2015-03-18 06:16 - 2015-03-18 06:16 - 00000000 ____D () C:\Users\User\Desktop\Arbeitsblätter Aduis.com
2015-03-16 18:47 - 2015-03-16 18:48 - 00000000 ____D () C:\Users\User\Documents\Wechseldatenträger
2015-03-13 07:46 - 2015-03-13 07:46 - 00000000 ____D () C:\Users\User\Tracing
2015-03-13 07:37 - 2015-03-18 19:44 - 00000000 ____D () C:\Users\User\AppData\Roaming\Skype
2015-03-13 07:37 - 2015-03-13 07:37 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-03-13 07:37 - 2015-03-13 07:37 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-13 07:37 - 2015-03-13 07:37 - 00000000 ____D () C:\Users\User\AppData\Local\Skype
2015-03-13 07:37 - 2015-03-13 07:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-03-13 07:36 - 2015-03-13 07:37 - 00000000 ____D () C:\ProgramData\Skype
2015-03-13 07:34 - 2015-03-13 07:34 - 01380448 _____ (Skype Technologies S.A.) C:\Users\User\Downloads\SkypeSetup.exe
2015-03-12 19:47 - 2015-03-12 19:56 - 413557735 _____ () C:\Users\User\Downloads\Die_Himmelsleiter_Sehnsucht_nach_Morge_Folge1_2015-02-27_2015_122688.mp4
2015-03-12 19:47 - 2015-03-12 19:56 - 356482746 _____ () C:\Users\User\Downloads\Die_Himmelsleiter_Sehnsucht_nach_Morge_Folge2_2015-02-28_2015_122688.mp4
2015-03-12 19:47 - 2015-03-12 19:54 - 375842940 _____ () C:\Users\User\Downloads\Nicht_mit_mir_Liebling_2015-02-26_2215_122688.mp4
2015-03-12 19:43 - 2015-03-12 19:54 - 506837575 _____ () C:\Users\User\Downloads\Fremd_Fischen_2015-02-15_0300_122688.mp4
2015-03-12 19:43 - 2015-03-12 19:48 - 413314204 _____ () C:\Users\User\Downloads\Wilsberg_Russisches_Roulette_2015-02-14_2015_122688.mp4
2015-03-12 19:40 - 2015-03-12 19:44 - 513609719 _____ () C:\Users\User\Downloads\The_Voice_Kids_2015-03-06_2015_122688.mp4
2015-03-12 19:38 - 2015-03-12 19:40 - 229733322 _____ () C:\Users\User\Downloads\WISO_2015-03-10_0255_122688.mp4
2015-03-12 15:30 - 2015-03-12 15:32 - 321761282 _____ () C:\Users\User\Downloads\Tatort_Das_Haus_am_Ende_der_Strasse_2015-02-22_2015_122688.mp4
2015-03-12 15:28 - 2015-03-12 15:30 - 125357237 _____ () C:\Users\User\Downloads\Die_Rene_Schwuchow_Show_6_vor_12_Die_Rene_Schwuchow_Show_6_vor_12_2015-02-13_2354_122688.mp4
2015-03-12 15:28 - 2015-03-12 15:30 - 122124425 _____ () C:\Users\User\Downloads\Die_Rene_Schwuchow_Show_6_vor_12_Die_Rene_Schwuchow_Show_6_vor_12_2015-02-20_2354_122688.mp4
2015-03-12 15:28 - 2015-03-12 15:29 - 112627766 _____ () C:\Users\User\Downloads\Die_Rene_Schwuchow_Show_6_vor_12_Die_Rene_Schwuchow_Show_6_vor_12_2015-02-27_2354_122688.mp4
2015-03-12 14:56 - 2015-03-12 15:03 - 415299441 _____ () C:\Users\User\Downloads\Sportschau_Fussball_Bundesliga_Der_23_Spieltag_2015-02-28_1830_122688.mp4
2015-03-12 14:54 - 2015-03-12 15:02 - 182247639 _____ () C:\Users\User\Downloads\In_aller_Freundschaft_Herzstillstand_Folge658_2015-02-20_1215_122688.mp4
2015-03-12 14:53 - 2015-03-12 15:01 - 184860536 _____ () C:\Users\User\Downloads\In_aller_Freundschaft_Alles_auf_Anfang_Folge675_2015-02-15_1705_122688.mp4
2015-03-12 14:52 - 2015-03-12 15:01 - 181176868 _____ () C:\Users\User\Downloads\In_aller_Freundschaft_Nervenkrieg_Folge661_2015-02-25_1215_122688.mp4
2015-03-12 14:52 - 2015-03-12 14:59 - 156601111 _____ () C:\Users\User\Downloads\In_aller_Freundschaft_Fehldiagnose_Folge676_2015-02-22_1805_122688.mp4
2015-03-12 14:51 - 2015-03-12 15:00 - 188342933 _____ () C:\Users\User\Downloads\In_aller_Freundschaft_Keine_Kompromisse_Folge677_2015-02-28_0825_122688.mp4
2015-03-12 14:50 - 2015-03-12 15:00 - 193380163 _____ () C:\Users\User\Downloads\In_aller_Freundschaft_Auf_Gedeih_und_Verderb_Folge662_2015-02-26_1215_122688.mp4
2015-03-12 14:50 - 2015-03-12 14:59 - 172102107 _____ () C:\Users\User\Downloads\In_aller_Freundschaft_Aus_allen_Wolken_Folge663_2015-02-27_1215_122688.mp4
2015-03-12 14:49 - 2015-03-12 14:59 - 185221762 _____ () C:\Users\User\Downloads\In_aller_Freundschaft_Mein_Leben_Folge665_2015-03-03_1215_122688.mp4
2015-03-12 14:49 - 2015-03-12 14:59 - 177975145 _____ () C:\Users\User\Downloads\In_aller_Freundschaft_Tauwetter_Folge664_2015-03-02_1215_122688.mp4
2015-03-12 14:48 - 2015-03-12 14:58 - 187293891 _____ () C:\Users\User\Downloads\In_aller_Freundschaft_Meilensteine_Folge666_2015-03-04_1215_122688.mp4
2015-03-12 14:47 - 2015-03-12 14:59 - 174669189 _____ () C:\Users\User\Downloads\In_aller_Freundschaft_Mit_einem_Paukenschlag_Folge668_2015-03-06_1215_122688.mp4
2015-03-12 14:47 - 2015-03-12 14:56 - 166485273 _____ () C:\Users\User\Downloads\In_aller_Freundschaft_Zwei_Leben_Folge670_2015-03-10_1215_122688.mp4
2015-03-12 14:47 - 2015-03-12 14:53 - 163336720 _____ () C:\Users\User\Downloads\In_aller_Freundschaft_Weihnachtswunder_Folge669_2015-03-09_1215_122688.mp4
2015-03-12 14:46 - 2015-03-12 14:52 - 160385431 _____ () C:\Users\User\Downloads\In_aller_Freundschaft_Schutzengel_Folge678_2015-03-10_2100_122688.mp4
2015-03-12 14:45 - 2015-03-12 14:54 - 202482811 _____ () C:\Users\User\Downloads\In_aller_Freundschaft_Die_jungen_Aerzte_Courage_Folge4_2015-02-19_1850_122688.mp4
2015-03-12 14:45 - 2015-03-12 14:51 - 195981312 _____ () C:\Users\User\Downloads\In_aller_Freundschaft_Die_jungen_Aerzte_Ehrlichkeit_Folge5_2015-02-26_1850_122688.mp4
2015-03-12 14:45 - 2015-03-12 14:48 - 190436477 _____ () C:\Users\User\Downloads\In_aller_Freundschaft_Die_jungen_Aerzte_Naechstenliebe_Folge6_2015-03-05_1850_122688.mp4
2015-03-12 08:59 - 2015-03-12 09:51 - 00000000 ____D () C:\Users\User\Documents\Rund um die Arbeit Karina
2015-03-12 08:59 - 2015-03-12 08:59 - 00000000 ____D () C:\Users\User\Documents\Qualitätshandbuch neu
2015-03-12 08:58 - 2015-03-12 21:35 - 00000000 ____D () C:\Users\User\AppData\Roaming\dvdcss
2015-03-12 07:31 - 2015-03-13 07:27 - 00000000 ____D () C:\Users\User\Documents\Steuer 2014
2015-03-12 07:22 - 2015-03-18 07:02 - 00000000 ____D () C:\Users\User\Downloads\Urlaub 2015
2015-03-12 07:18 - 2015-03-15 23:30 - 00000000 ____D () C:\Users\User\Documents\UseNeXT
2015-03-11 07:36 - 2015-02-20 05:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 07:36 - 2015-02-20 05:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 07:36 - 2015-02-20 05:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 07:36 - 2015-02-20 05:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 07:36 - 2015-02-20 05:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 07:36 - 2015-02-20 05:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 07:36 - 2015-02-20 05:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 07:36 - 2015-02-20 05:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 07:36 - 2015-02-20 04:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 07:36 - 2015-02-20 04:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 07:36 - 2015-02-03 04:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 07:36 - 2015-02-03 04:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-11 07:36 - 2015-02-03 04:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-11 07:36 - 2015-02-03 04:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-11 07:36 - 2015-02-03 04:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-11 07:36 - 2015-02-03 04:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-11 07:36 - 2015-02-03 04:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-11 07:36 - 2015-02-03 04:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-11 07:36 - 2015-02-03 04:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-11 07:36 - 2015-02-03 04:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-11 07:36 - 2015-02-03 04:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 07:36 - 2015-02-03 04:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-11 07:36 - 2015-02-03 04:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-11 07:36 - 2015-02-03 04:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-11 07:36 - 2015-02-03 04:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-11 07:36 - 2015-02-03 04:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-11 07:36 - 2015-02-03 04:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-11 07:36 - 2015-02-03 04:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-11 07:36 - 2015-02-03 04:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-11 07:36 - 2015-02-03 04:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-11 07:36 - 2015-02-03 04:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-11 07:36 - 2015-02-03 04:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-11 07:36 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-11 07:36 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-11 07:36 - 2015-02-03 04:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-11 07:36 - 2015-02-03 04:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-11 07:36 - 2015-02-03 04:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-11 07:36 - 2015-02-03 04:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-11 07:36 - 2015-02-03 04:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-11 07:36 - 2015-02-03 04:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 07:36 - 2015-02-03 04:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-11 07:36 - 2015-02-03 04:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-11 07:36 - 2015-02-03 04:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 07:36 - 2015-02-03 04:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-11 07:36 - 2015-02-03 04:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-11 07:36 - 2015-02-03 04:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 07:36 - 2015-02-03 04:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-11 07:36 - 2015-02-03 04:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 07:36 - 2015-02-03 04:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-11 07:36 - 2015-02-03 04:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-11 07:36 - 2015-02-03 04:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 07:36 - 2015-02-03 04:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-11 07:36 - 2015-02-03 04:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-11 07:36 - 2015-02-03 04:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-11 07:36 - 2015-02-03 04:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 07:36 - 2015-02-03 04:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-11 07:36 - 2015-02-03 04:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-11 07:36 - 2015-02-03 04:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 07:36 - 2015-02-03 04:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-11 07:36 - 2015-02-03 04:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-11 07:36 - 2015-02-03 04:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-11 07:36 - 2015-02-03 04:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-11 07:36 - 2015-02-03 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-11 07:36 - 2015-02-03 04:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-11 07:36 - 2015-02-03 04:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 07:36 - 2015-02-03 04:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 07:36 - 2015-02-03 04:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-11 07:36 - 2015-02-03 04:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-11 07:36 - 2015-02-03 04:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-11 07:36 - 2015-02-03 04:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-11 07:36 - 2015-02-03 04:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-11 07:36 - 2015-02-03 04:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 07:36 - 2015-02-03 04:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-11 07:36 - 2015-02-03 04:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 07:36 - 2015-02-03 04:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-11 07:36 - 2015-02-03 04:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-11 07:36 - 2015-02-03 04:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-11 07:36 - 2015-02-03 04:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 07:36 - 2015-02-03 04:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 07:36 - 2015-02-03 04:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 07:36 - 2015-02-03 04:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-11 07:36 - 2015-02-03 04:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 07:36 - 2015-02-03 04:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 07:36 - 2015-02-03 04:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-11 07:36 - 2015-02-03 04:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 07:36 - 2015-02-03 04:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 07:36 - 2015-02-03 04:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-11 07:36 - 2015-02-03 04:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 07:36 - 2015-02-03 04:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-11 07:36 - 2015-02-03 04:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-11 07:36 - 2015-02-03 04:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-11 07:36 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 07:36 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 07:36 - 2015-02-03 04:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 07:36 - 2015-02-03 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 07:36 - 2015-02-03 04:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 07:36 - 2015-02-03 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-11 07:36 - 2015-02-03 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 07:36 - 2015-02-03 03:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-11 07:36 - 2015-01-31 00:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-11 07:36 - 2014-10-31 23:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-11 07:36 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-11 07:36 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-11 07:35 - 2015-03-06 06:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-11 07:35 - 2015-03-06 06:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-11 07:35 - 2015-03-06 06:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-11 07:35 - 2015-03-06 06:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-11 07:35 - 2015-03-06 06:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 07:35 - 2015-03-06 06:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-11 07:35 - 2015-03-06 06:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-11 07:35 - 2015-03-06 06:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-11 07:35 - 2015-03-06 06:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-11 07:35 - 2015-03-06 06:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-11 07:35 - 2015-03-06 06:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-11 07:35 - 2015-03-06 06:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-11 07:35 - 2015-03-06 06:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-11 07:35 - 2015-03-06 06:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-11 07:35 - 2015-03-06 06:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-11 07:35 - 2015-03-06 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-11 07:35 - 2015-03-06 06:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-11 07:35 - 2015-03-06 06:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-11 07:35 - 2015-03-06 06:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-11 07:35 - 2015-03-06 06:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 07:35 - 2015-03-06 06:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 07:35 - 2015-03-06 06:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 07:35 - 2015-03-06 06:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-11 07:35 - 2015-03-06 06:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 07:35 - 2015-03-06 06:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-11 07:35 - 2015-03-06 06:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-11 07:35 - 2015-03-06 06:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-11 07:35 - 2015-03-06 06:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-11 07:35 - 2015-03-06 06:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-11 07:35 - 2015-03-06 06:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-11 07:35 - 2015-03-06 06:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-11 07:35 - 2015-02-13 06:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 07:35 - 2015-02-13 06:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 07:35 - 2015-02-03 04:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 07:35 - 2015-02-03 04:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 07:35 - 2015-02-03 04:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 07:35 - 2015-02-03 04:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-11 07:35 - 2015-01-31 04:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-11 07:35 - 2015-01-31 04:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 07:35 - 2015-01-31 00:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-11 07:35 - 2015-01-17 03:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 07:35 - 2015-01-17 03:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 07:34 - 2015-02-26 04:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 07:34 - 2015-02-24 04:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 07:34 - 2015-02-24 03:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-11 07:34 - 2015-02-21 02:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 07:34 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 07:34 - 2015-02-21 01:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-11 07:34 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 07:34 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 07:34 - 2015-02-21 00:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 07:34 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 07:34 - 2015-02-20 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 07:34 - 2015-02-20 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 07:34 - 2015-02-20 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-11 07:34 - 2015-02-20 03:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 07:34 - 2015-02-20 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-11 07:34 - 2015-02-20 03:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 07:34 - 2015-02-20 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 07:34 - 2015-02-20 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 07:34 - 2015-02-20 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-11 07:34 - 2015-02-20 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-11 07:34 - 2015-02-20 03:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 07:34 - 2015-02-20 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-11 07:34 - 2015-02-20 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 07:34 - 2015-02-20 03:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 07:34 - 2015-02-20 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 07:34 - 2015-02-20 03:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-11 07:34 - 2015-02-20 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 07:34 - 2015-02-20 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 07:34 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 07:34 - 2015-02-20 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-11 07:34 - 2015-02-20 03:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-11 07:34 - 2015-02-20 03:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-11 07:34 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 07:34 - 2015-02-20 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 07:34 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 07:34 - 2015-02-20 03:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-11 07:34 - 2015-02-20 03:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-11 07:34 - 2015-02-20 02:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-11 07:34 - 2015-02-20 02:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-11 07:34 - 2015-02-20 02:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-11 07:34 - 2015-02-20 02:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 07:34 - 2015-02-20 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-11 07:34 - 2015-02-20 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-11 07:34 - 2015-02-20 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 07:34 - 2015-02-20 02:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 07:34 - 2015-02-20 02:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 07:34 - 2015-02-20 02:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-11 07:34 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 07:34 - 2015-02-20 02:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 07:34 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 07:34 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 07:34 - 2015-02-20 02:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-11 07:34 - 2015-02-20 02:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 07:34 - 2015-02-20 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 07:34 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 07:34 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 07:34 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 07:34 - 2015-02-04 04:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 07:34 - 2015-02-04 03:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-10 21:41 - 2015-03-12 07:40 - 00000000 ____D () C:\Users\User\Documents\Versicherungen, Kündigungen usw-
2015-03-10 13:27 - 2015-03-10 13:27 - 00008930 _____ () C:\Users\User\Desktop\Wittenberg_e243psbfid.txt
2015-03-10 13:09 - 2015-03-10 13:09 - 00000000 ____D () C:\Users\User\AppData\Roaming\ABBYY FineReader Engine 9.0
2015-03-10 13:09 - 2015-03-10 13:09 - 00000000 ____D () C:\Users\User\AppData\Local\ABBYY FineReader Engine 9.0
2015-03-10 13:09 - 2015-03-10 13:09 - 00000000 ____D () C:\Users\Public\ABBYY FineReader Engine 9.0
2015-03-10 13:00 - 2015-03-10 13:00 - 00000963 _____ () C:\Users\Public\Desktop\Soda PDF 6.lnk
2015-03-10 13:00 - 2015-03-10 13:00 - 00000000 ____D () C:\Users\User\AppData\Roaming\LULU_Software_Limited
2015-03-10 12:55 - 2015-03-10 13:07 - 00000000 ____D () C:\Program Files (x86)\Soda PDF 6
2015-03-10 12:55 - 2015-03-10 12:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soda PDF 6
2015-03-10 12:53 - 2015-03-10 12:53 - 00000000 ____D () C:\ProgramData\Soda PDF 6
2015-03-10 09:43 - 2015-03-10 09:43 - 00000000 ____D () C:\Users\User\AppData\Local\Wondershare
2015-03-10 09:42 - 2015-03-10 12:56 - 00000000 ____D () C:\Program Files\Wondershare
2015-03-10 09:42 - 2015-03-10 09:45 - 00000000 ____D () C:\Users\User\AppData\Roaming\Wondershare
2015-03-10 09:19 - 2015-03-10 09:27 - 00000000 ____D () C:\Users\User\AppData\Roaming\PDF Software
2015-03-10 09:18 - 2015-03-10 09:42 - 00000000 ____D () C:\Program Files (x86)\Soda PDF 5
2015-03-10 09:14 - 2015-03-10 09:14 - 00000000 ____D () C:\ProgramData\LULU Software
2015-03-10 07:22 - 2015-03-10 09:16 - 00000000 ____D () C:\Program Files\PDF Editor 64bit 4
2015-03-10 07:22 - 2015-03-10 07:22 - 00620176 _____ () C:\Windows\cadkasdeinst01_64.exe
2015-03-10 07:22 - 2015-03-10 07:22 - 00000000 ____D () C:\Users\User\AppData\Roaming\CAD-KAS
2015-03-05 20:33 - 2015-03-05 20:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-05 16:12 - 2015-03-05 16:12 - 00000000 ____D () C:\Users\User\Handyschaden
2015-03-05 16:09 - 2015-03-13 07:26 - 00000000 ____D () C:\Users\User\Desktop\Karina
2015-03-05 15:36 - 2015-03-05 15:36 - 00001272 _____ () C:\Users\User\Desktop\Snipping Tool.lnk
2015-03-03 23:04 - 2015-03-03 23:04 - 00000000 ____D () C:\Program Files (x86)\MSECache
2015-03-03 13:56 - 2015-03-03 13:56 - 00000400 _____ () C:\Windows\ODBC.INI
2015-03-03 13:54 - 2015-03-05 08:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-03-03 13:54 - 2015-03-03 13:54 - 00002619 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Office-Dokument öffnen.lnk
2015-03-03 13:54 - 2015-03-03 13:54 - 00002615 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Neues Office-Dokument.lnk
2015-03-03 13:52 - 2015-03-03 13:52 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2015-03-03 13:52 - 2015-03-03 13:52 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio
2015-03-03 13:33 - 2015-03-03 13:47 - 00000000 ____D () C:\Starbuck BDRip Line Dubbed XviD - VCF
2015-03-02 06:36 - 2015-03-02 06:36 - 00000325 _____ () C:\Users\User\Desktop\HP Druckerdiagnosetools.url
2015-03-01 13:58 - 2015-03-01 13:58 - 00001052 _____ () C:\Users\User\Desktop\Dokumente - Verknüpfung.lnk
2015-03-01 09:32 - 2015-03-01 09:32 - 00000000 ____D () C:\ProgramData\Canneverbe Limited
2015-02-28 14:59 - 2015-03-07 16:33 - 00000000 ____D () C:\Users\User\AppData\Roaming\HpUpdate
2015-02-28 14:58 - 2015-02-28 14:58 - 00000000 ____D () C:\Windows\Hewlett-Packard
2015-02-27 12:42 - 2015-02-27 12:42 - 00000000 ____D () C:\Users\User\AppData\Local\PDF24
2015-02-27 12:40 - 2015-02-27 12:40 - 00001079 _____ () C:\Users\Public\Desktop\PDF24 Creator.lnk
2015-02-27 12:40 - 2015-02-27 12:40 - 00001059 _____ () C:\Users\Public\Desktop\PDF24 Fax.lnk
2015-02-27 12:40 - 2015-02-27 12:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2015-02-27 12:40 - 2015-02-27 12:40 - 00000000 ____D () C:\Program Files (x86)\PDF24
2015-02-27 12:39 - 2015-02-27 12:39 - 00003406 _____ () C:\Windows\System32\Tasks\chipSWU
2015-02-27 12:39 - 2015-02-27 12:39 - 00000000 ____D () C:\Program Files (x86)\chip
2015-02-26 14:42 - 2015-03-17 07:22 - 00000000 ____D () C:\Users\User\Documents\Eigene Scans
2015-02-26 14:38 - 2015-02-26 14:38 - 00000000 ____D () C:\Users\User\AppData\Local\HP
2015-02-26 07:30 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-26 07:30 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-25 14:17 - 2015-02-25 14:17 - 00000000 ____D () C:\Users\User\AppData\Local\Microsoft Help
2015-02-25 14:17 - 2015-02-25 14:17 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-25 11:05 - 2015-03-18 08:44 - 00000000 ____D () C:\Users\User\Documents\Abrechnungen Honorardozent
2015-02-25 09:26 - 2015-02-25 09:26 - 00000000 ____D () C:\Users\User\AppData\Roaming\WinRAR
2015-02-25 09:26 - 2015-02-25 09:26 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-02-25 09:26 - 2015-02-25 09:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-02-25 09:26 - 2015-02-25 09:26 - 00000000 ____D () C:\Program Files\WinRAR
2015-02-25 09:12 - 2015-03-12 09:00 - 00000000 ____D () C:\Users\User\Documents\Briefe
2015-02-24 19:44 - 2015-02-24 20:16 - 00000000 ____D () C:\Users\User\AppData\Local\.elfohilfe
2015-02-24 15:29 - 2015-03-14 12:06 - 00000000 ____D () C:\Users\User\Documents\Autogrammadresse, Listen, Briefe
2015-02-24 06:31 - 2015-02-24 06:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA INTERNET SECURITY
2015-02-23 09:52 - 2015-02-23 09:52 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2015-02-23 09:50 - 2015-02-23 09:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-02-23 09:50 - 2015-02-23 09:49 - 00320424 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-02-23 09:50 - 2015-02-23 09:49 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-02-23 09:50 - 2015-02-23 09:49 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-02-23 09:50 - 2015-02-23 09:49 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-02-22 21:21 - 2015-02-22 21:28 - 25136134 _____ () C:\Users\User\Downloads\Das_letzte_Schweigen_2015-02-20_2310_122688.mp4
2015-02-22 21:20 - 2015-02-22 21:29 - 42091451 _____ () C:\Users\User\Downloads\Untreu_2015-02-18_2015_122688.mp4
2015-02-22 20:36 - 2015-02-22 20:36 - 00000000 ____D () C:\Program Files\Java
2015-02-22 10:41 - 2015-02-22 10:41 - 00000355 _____ () C:\Users\User\Desktop\Netzwerk - Verknüpfung.lnk
2015-02-20 20:44 - 2015-02-20 20:44 - 00001021 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Twin.lnk
2015-02-20 20:44 - 2015-02-20 20:44 - 00001009 _____ () C:\Users\Public\Desktop\Anti-Twin.lnk
2015-02-20 20:44 - 2015-02-20 20:44 - 00000000 ____D () C:\Program Files (x86)\AntiTwin
2015-02-20 20:03 - 2015-02-20 20:03 - 00000000 ____D () C:\Hausarbeit
2015-02-20 18:37 - 2015-03-14 12:06 - 00047104 _____ () C:\Users\User\Desktop\Autogrammanforderung 2014.xls
2015-02-19 17:01 - 2015-03-05 16:12 - 00000000 ____D () C:\Users\User\Desktop\Sarah
2015-02-19 07:44 - 2015-03-08 10:34 - 00009682 _____ () C:\Users\User\ESt2014_Wycislik_Sarah.elfo
2015-02-17 21:34 - 2015-02-17 21:34 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2015-02-17 21:29 - 2015-02-17 21:29 - 00000000 ____D () C:\Users\User\Desktop\Qualitätshandbuch neu
2015-02-17 07:24 - 2015-02-17 07:38 - 00000000 ____D () C:\Users\User\AppData\Roaming\Soda PDF 7
2015-02-17 07:19 - 2015-02-17 07:19 - 00000000 ____D () C:\ProgramData\Soda PDF 7
2015-02-17 07:04 - 2014-09-05 03:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-17 07:04 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-17 07:04 - 2012-02-11 07:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2015-02-17 07:04 - 2012-02-11 07:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2015-02-17 07:04 - 2011-02-25 07:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-02-17 07:04 - 2011-02-25 06:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-02-17 06:47 - 2015-02-17 06:48 - 00000000 ____D () C:\ProgramData\VirtualizedApplications
2015-02-16 21:59 - 2015-03-05 18:36 - 00000000 ____D () C:\Users\User\AppData\Roaming\SoftGrid Client
2015-02-16 21:59 - 2015-02-16 21:59 - 00000000 ____D () C:\Users\User\AppData\Local\SoftGrid Client
2015-02-16 21:29 - 2015-02-24 20:27 - 00017058 _____ () C:\Users\User\ESt2014_Wittenberg_Horst_und_Wittenberg_Karina.elfo
2015-02-16 19:34 - 2015-02-16 19:34 - 00000000 ____D () C:\Users\User\AppData\Roaming\elsterformular
2015-02-16 19:33 - 2015-02-16 19:33 - 00001464 _____ () C:\Users\Public\Desktop\ElsterFormular.lnk
2015-02-16 19:33 - 2015-02-16 19:33 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-16 19:33 - 2015-02-16 19:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2015-02-16 19:33 - 2015-02-16 19:33 - 00000000 ____D () C:\ProgramData\elsterformular
2015-02-16 19:32 - 2015-02-16 19:32 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2015-02-16 16:42 - 2015-02-16 16:42 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-02-16 11:26 - 2015-02-16 11:26 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-02-16 11:26 - 2015-02-16 11:26 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2015-02-16 11:25 - 2015-02-16 11:25 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-02-16 11:24 - 2015-02-16 11:30 - 00000000 ____D () C:\ProgramData\Adobe
2015-02-16 07:20 - 2015-03-13 07:30 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps
2015-02-16 07:19 - 2015-02-16 07:19 - 00106272 _____ (G Data Software) C:\Windows\system32\Drivers\GRD.sys
2015-02-16 07:19 - 2015-02-16 07:19 - 00018160 _____ (G Data Software) C:\Windows\system32\Drivers\GdPhyMem.sys
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-18 19:42 - 2015-01-08 11:03 - 01498004 ____N () C:\Windows\WindowsUpdate.log
2015-03-18 18:15 - 2015-02-14 12:24 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-18 06:13 - 2011-04-12 08:43 - 00698926 _____ () C:\Windows\system32\perfh007.dat
2015-03-18 06:13 - 2011-04-12 08:43 - 00149034 _____ () C:\Windows\system32\perfc007.dat
2015-03-18 06:13 - 2009-07-14 06:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-17 13:43 - 2015-02-14 12:33 - 00000000 ____D () C:\Users\User\AppData\Roaming\vlc
2015-03-17 13:42 - 2009-07-14 05:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-03-17 13:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-03-17 07:24 - 2009-07-14 05:45 - 00021680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-17 07:24 - 2009-07-14 05:45 - 00021680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-17 07:16 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-16 19:46 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-16 10:02 - 2015-02-14 12:24 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe
2015-03-16 09:59 - 2015-02-14 12:24 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-16 09:59 - 2015-02-14 12:24 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-16 09:59 - 2015-02-14 12:24 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-03-16 09:28 - 2009-07-14 05:45 - 00414256 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-15 23:01 - 2015-02-14 15:14 - 00000000 ____D () C:\Users\User\AppData\Roaming\UseNeXT
2015-03-13 07:21 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-13 07:19 - 2015-01-08 12:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-13 07:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-13 07:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-13 06:44 - 2015-02-13 17:29 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-13 06:38 - 2015-02-13 17:29 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-05 18:37 - 2015-01-08 13:17 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-03-05 18:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-03-05 15:47 - 2015-02-14 12:26 - 00000915 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-03-05 15:47 - 2015-02-13 17:26 - 00000866 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-03-05 08:10 - 2009-07-14 03:34 - 00000534 _____ () C:\Windows\win.ini
2015-03-04 11:06 - 2015-02-14 12:56 - 00000000 ____D () C:\ProgramData\HP
2015-03-03 22:49 - 2015-02-14 12:57 - 00181704 _____ () C:\Windows\hpoins28.dat
2015-03-03 22:49 - 2015-02-14 12:57 - 00001324 _____ () C:\ProgramData\hpzinstall.log
2015-03-03 22:49 - 2015-02-11 22:25 - 00110808 _____ () C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-03 13:54 - 2011-04-12 08:55 - 00000000 ____D () C:\Windows\ShellNew
2015-03-03 13:54 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\IME
2015-03-03 13:51 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2015-03-03 13:48 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system
2015-02-28 14:59 - 2015-02-14 12:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-02-28 14:59 - 2015-02-14 12:52 - 00000000 ____D () C:\Program Files (x86)\Hp
2015-02-26 14:38 - 2015-02-14 13:07 - 00000000 ____D () C:\Users\User\AppData\Roaming\HP
2015-02-24 06:30 - 2015-02-13 16:16 - 00064512 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys
2015-02-24 03:17 - 2010-11-21 04:27 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-02-17 21:35 - 2015-01-08 13:08 - 01646762 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-02-16 11:29 - 2015-02-13 19:33 - 00000000 ____D () C:\Users\User\AppData\Roaming\Adobe
==================== Files in the root of some directories =======
2015-02-13 16:16 - 2015-02-13 16:16 - 0000000 _____ () C:\Users\User\AppData\Roaming\gdfw.log
2015-02-13 16:16 - 2015-02-13 16:16 - 0000779 _____ () C:\Users\User\AppData\Roaming\gdscan.log
2015-02-14 12:57 - 2015-03-03 22:49 - 0001324 _____ () C:\ProgramData\hpzinstall.log
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-17 08:29
==================== End Of Log ============================ --- --- ---
--- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by User at 2015-03-18 19:59:34
Running from C:\Users\User\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: G DATA INTERNET SECURITY (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AS: G DATA INTERNET SECURITY (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G DATA Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Anti-Twin (Installation 20.02.2015) (HKLM-x32\...\Anti-Twin 2015-02-20 20.44.25) (Version: - Joerg Rosenthal, Germany)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.14 - ASUS)
Browser Extensions (HKU\S-1-5-21-192083289-1371779681-2328390087-1000\...\{3A787631-66A2-4634-B928-A37E73B58FB6}) (Version: 2.8 - Spigot, Inc.) <==== ATTENTION
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
CHIP Best Deal (HKLM-x32\...\{7553EA3C-F8DA-4188-B7BC-956894EA54F5}) (Version: 1.4.21 - Ciuvo GmbH)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software_Min (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.0.20150211 - Landesfinanzdirektion Thüringen)
F4200 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
G DATA INTERNET SECURITY (HKLM-x32\...\{85203592-3610-4FB9-AA11-15B2255B5A12}) (Version: 25.0.2.5 - G DATA Software AG)
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet F4200 All-In-One Driver Software 13.0 Rel. 3 (HKLM\...\{A00C9114-40E6-4C70-A619-7DF264B23485}) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Solutions Framework (HKLM-x32\...\{E35601C0-BA8E-4F32-919A-C7EF4CA81F67}) (Version: 11.51.0048 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Java 7 Update 75 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417075FF}) (Version: 7.0.750 - Oracle)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 36.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 de)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.27040 - Realtek Semiconductor Corp.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Search Protection (HKU\S-1-5-21-192083289-1371779681-2328390087-1000\...\Search Protection) (Version: 11.2.0.2 - Spigot, Inc.) <==== ATTENTION
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
Soda PDF 6 (HKLM-x32\...\Soda6) (Version: 6.1.9.15110 - LULU Software Limited)
Soda PDF 6 Convert Module (HKLM-x32\...\{BB8E1BCF-AE3B-44F4-A3B1-BFDEEDFE9D1D}) (Version: 6.1.8.15098 - LULU Software Limited)
Soda PDF 6 Create Module (HKLM-x32\...\{35709A4D-0D4F-4CBD-BE15-4361885217A6}) (Version: 6.1.8.15098 - LULU Software Limited)
Soda PDF 6 Edit Module (HKLM-x32\...\{E2318CE7-8F9A-48DD-B85B-BAAD3097CA6D}) (Version: 6.1.8.15098 - LULU Software Limited)
Soda PDF 6 Forms Module (HKLM-x32\...\{1FA232C6-024E-4085-8A8D-8A065339EF75}) (Version: 6.1.8.15098 - LULU Software Limited)
Soda PDF 6 Insert Module (HKLM-x32\...\{946BF77C-726A-4ABE-9490-585EF18BFBDC}) (Version: 6.1.8.15098 - LULU Software Limited)
Soda PDF 6 OCR Module (HKLM-x32\...\{875294AB-A642-40AF-ABC9-87F8E6AD59BA}) (Version: 6.1.8.15098 - LULU Software Limited)
Soda PDF 6 Review Module (HKLM-x32\...\{2D95BE46-24F6-4065-99AB-BDDB867DCE01}) (Version: 6.1.8.15098 - LULU Software Limited)
Soda PDF 6 Secure Module (HKLM-x32\...\{AAE9B03F-9205-4C26-948F-10584D7D410D}) (Version: 6.1.8.15098 - LULU Software Limited)
Soda PDF 6 View Module (HKLM-x32\...\{719A8CE6-9E05-4321-833C-E84FAD8B68DF}) (Version: 6.1.8.15098 - LULU Software Limited)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version: - Tangysoft Ltd.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows-Treiberpaket - ASUS (ATP) Mouse (03/17/2014 1.0.0.207) (HKLM\...\AA2CC56D4BBEE037DC99871F5F6551133D2A0CC3) (Version: 03/17/2014 1.0.0.207 - ASUS)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
YTD Video Downloader 4.8.9 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8.9 - GreenTree Applications SRL) <==== ATTENTION
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-192083289-1371779681-2328390087-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
==================== Restore Points =========================
10-03-2015 13:04:17 Installed Soda PDF 6 Create Module
10-03-2015 13:04:58 Installed Soda PDF 6 OCR Module
10-03-2015 13:05:52 Installed Soda PDF 6 Secure Module
10-03-2015 13:06:27 Installed Soda PDF 6 Forms Module
10-03-2015 13:07:12 Installed Soda PDF 6 Review Module
13-03-2015 06:34:12 Windows Update
15-03-2015 22:46:14 Windows-Sicherung
15-03-2015 23:41:00 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {28198945-1BD0-412E-AF7F-89CE88D1E4EB} - System32\Tasks\chipSWU => Cscript.exe "C:\Program Files (x86)\chip\Internet Explorer\swu.vbs"
Task: {48515C69-566C-403E-8480-8D15322B2C4C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {5B830D2D-3A99-4BFB-88C7-17F82DEFC5D7} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {A82D695C-6B6D-4CD0-8553-9A180F45A47E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: {E0ED4FB4-3FC7-4A82-BC5F-46239128A5E4} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-03-31] (AsusTek)
Task: {ED02416B-B0FB-4695-81B2-B60A76CFDEF6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-16] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) ==============
2014-02-25 22:11 - 2014-02-25 22:11 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2015-01-21 03:06 - 2015-01-21 03:06 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-05-20 02:38 - 2014-05-20 02:38 - 00340088 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2015-03-10 17:45 - 2015-03-10 17:45 - 00901144 _____ () C:\Users\User\AppData\Roaming\Search Protection\SP.EXE
2015-03-10 09:43 - 2014-06-04 10:21 - 00571904 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2015-03-10 09:43 - 2014-05-19 17:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-192083289-1371779681-2328390087-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.192.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-192083289-1371779681-2328390087-500 - Administrator - Disabled)
Gast (S-1-5-21-192083289-1371779681-2328390087-501 - Limited - Disabled)
User (S-1-5-21-192083289-1371779681-2328390087-1000 - Administrator - Enabled) => C:\Users\User
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/17/2015 07:17:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/16/2015 09:31:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/16/2015 09:31:10 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (03/16/2015 09:31:10 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.
Kontext: Windows Anwendung
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (03/16/2015 09:31:10 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (03/16/2015 09:31:10 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Element nicht gefunden. (HRESULT : 0x80070490) (0x80070490)
Error: (03/16/2015 09:31:10 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (03/16/2015 09:31:10 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Die Eigenschaftenspeicherdaten können von Windows Search nicht geladen werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Die Inhaltsindexdatenbank ist fehlerhaft. (HRESULT : 0xc0041800) (0xc0041800)
Error: (03/16/2015 09:31:10 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (03/16/2015 09:31:10 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=4700} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
System errors:
=============
Error: (03/17/2015 11:56:04 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 43. Der interne Fehlerstatus lautet: 252.
Error: (03/17/2015 11:56:04 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 43. Der interne Fehlerstatus lautet: 252.
Error: (03/17/2015 11:55:53 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 43. Der interne Fehlerstatus lautet: 252.
Error: (03/17/2015 11:55:53 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 43. Der interne Fehlerstatus lautet: 252.
Error: (03/17/2015 11:55:53 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 43. Der interne Fehlerstatus lautet: 252.
Error: (03/17/2015 07:16:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "HP Support Solutions Framework Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (03/17/2015 07:16:40 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst HP Support Solutions Framework Service erreicht.
Error: (03/16/2015 09:31:10 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/16/2015 09:31:10 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1073473535.
Error: (03/15/2015 11:33:50 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Microsoft Office Sessions:
=========================
Error: (03/17/2015 07:17:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/16/2015 09:31:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/16/2015 09:31:10 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description:
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (03/16/2015 09:31:10 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kontext: Windows Anwendung
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (03/16/2015 09:31:10 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (03/16/2015 09:31:10 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Element nicht gefunden. (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer
Error: (03/16/2015 09:31:10 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore
Error: (03/16/2015 09:31:10 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Die Inhaltsindexdatenbank ist fehlerhaft. (HRESULT : 0xc0041800) (0xc0041800)
Error: (03/16/2015 09:31:10 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description:
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt
Error: (03/16/2015 09:31:10 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description:
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
4700
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU N3540 @ 2.16GHz
Percentage of memory in use: 22%
Total physical RAM: 8078.54 MB
Available physical RAM: 6247.9 MB
Total Pagefile: 16155.27 MB
Available Pagefile: 13552.31 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:698.54 GB) (Free:562.7 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: E06598BF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=698.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================ Hier noch Malwarebytes anti-malware, poste es gleich Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 18.03.2015
Scan Time: 20:14:29
Logfile: Malwarebytes.txt
Administrator: Yes
Version: 2.00.4.1028
Malware Database: v2015.03.18.06
Rootkit Database: v2015.02.25.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: User
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 340104
Time Elapsed: 17 min, 38 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 1
PUP.Optional.Spigot.A, C:\Users\User\AppData\Roaming\Search Protection\SP.exe, 6452, , [ee10bb8b226863d398232a97659e1be5]
Modules: 0
(No malicious items detected)
Registry Keys: 9
PUP.Optional.Spigot, HKLM\SOFTWARE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}, , [bf3fad99d5b55adc9d3b71b86e95718f],
PUP.Optional.Spigot, HKLM\SOFTWARE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}\INPROCSERVER32, , [bf3fad99d5b55adc9d3b71b86e95718f],
PUP.Optional.Spigot, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}, , [bf3fad99d5b55adc9d3b71b86e95718f],
PUP.Optional.Spigot, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}, , [bf3fad99d5b55adc9d3b71b86e95718f],
PUP.Optional.Spigot, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}, , [bf3fad99d5b55adc9d3b71b86e95718f],
PUP.Optional.Spigot, HKU\S-1-5-21-192083289-1371779681-2328390087-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}, , [bf3fad99d5b55adc9d3b71b86e95718f],
PUP.Optional.Spigot, HKU\S-1-5-21-192083289-1371779681-2328390087-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}, , [bf3fad99d5b55adc9d3b71b86e95718f],
PUP.Optional.MyEmoticons.A, HKU\S-1-5-21-192083289-1371779681-2328390087-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Search Protection, , [31cd9aac890162d456b96497d72c38c8],
PUP.Optional.BrowserExtensions.A, HKU\S-1-5-21-192083289-1371779681-2328390087-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\BROWSER EXTENSIONS, , [e41abe8877133afc597f17a87093b050],
Registry Values: 3
PUP.Optional.BrowserExtensions.A, HKU\S-1-5-21-192083289-1371779681-2328390087-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\BROWSER EXTENSIONS|SS_Ver, 2.8, , [e41abe8877133afc597f17a87093b050]
PUP.Optional.Spigot.A, HKU\S-1-5-21-192083289-1371779681-2328390087-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Search Protection, "C:\Users\User\AppData\Roaming\Search Protection\SP.EXE" /autostart, , [ee10bb8b226863d398232a97659e1be5]
PUP.Optional.Spigot.A, HKU\S-1-5-21-192083289-1371779681-2328390087-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Browser Extensions, "C:\Users\User\AppData\Roaming\BrowserExtensions\BEHelper.exe", , [f6082a1cdab0dd59506a08b9897a9d63]
Registry Data: 1
PUP.Optional.Spigot.A, HKU\S-1-5-21-192083289-1371779681-2328390087-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, https://de.search.yahoo.com/?type=937811&fr=spigot-yhp-ie, Good: (www.google.com), Bad: (https://de.search.yahoo.com/?type=937811&fr=spigot-yhp-ie),,[708e66e07a1055e1689dc32045c0d52b]
Folders: 0
(No malicious items detected)
Files: 6
PUP.Optional.Spigot, C:\Users\User\AppData\Roaming\BrowserExtensions\Coupons64.dll, , [bf3fad99d5b55adc9d3b71b86e95718f],
PUP.Optional.Spigot, C:\Users\User\AppData\Roaming\BrowserExtensions\Coupons.dll, , [bf3fad99d5b55adc9d3b71b86e95718f],
PUP.Optional.Spigot.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ic500lzi.default\searchplugins\yahoo_ff.xml, , [d9258db9e4a6023477dd7f3c36cd4ab6],
PUP.Optional.Spigot.A, C:\Users\User\AppData\Roaming\Search Protection\SP.exe, , [ee10bb8b226863d398232a97659e1be5],
PUP.Optional.Spigot.A, C:\Users\User\AppData\Roaming\BrowserExtensions\BEHelper.exe, , [f6082a1cdab0dd59506a08b9897a9d63],
PUP.Optional.Spigot.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ic500lzi.default\prefs.js, Good: (), Bad: (user_pref("browser.startup.homepage", "https://de.search.yahoo.com/?type=937811&fr=spigot-yhp-ff");), ,[34ca9da9f892989e6d5a220814f2a35d]
Physical Sectors: 0
(No malicious items detected)
(end) Wäre dankbar für Hilfe.
Gruß |