Wolverine85 | 29.07.2015 21:47 | Ok, das erklärt das. :-D
Fixlog.txt Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x86) Version: 26-07-2015
durchgeführt von Windows an 2015-07-29 10:37:43 Run:2
Gestartet von C:\Users\Windows\Desktop
Geladene Profile: Windows (Verfügbare Profile: Windows)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
RealDownloader (Version: 17.0.11 - RealNetworks, Inc.) Hidden
*****************
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{20C2051A-1ACA-48B4-9BA5-24625DCBD880}\\SystemComponent => Wert nicht gefunden.
==== Ende vom Fixlog 10:37:43 ==== Hallo Dennis,
hier das MBAM.txt Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlaufdatum: 29.07.2015
Suchlaufzeit: 10:54
Protokolldatei: MBAM.txt
Administrator: Ja
Version: 2.1.8.1057
Malware-Datenbank: v2015.07.29.02
Rootkit-Datenbank: v2015.07.29.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x86
Dateisystem: NTFS
Benutzer: Windows
Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 340216
Abgelaufene Zeit: 15 Min., 20 Sek.
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(keine bösartigen Elemente erkannt)
Module: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 7
PUP.Optional.MultiPlug, HKU\S-1-5-21-1553175452-9795684-1435174660-1000_Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}, , [abdb54930f7b73c3beef9831d42eeb15],
PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, , [98ee0bdc8a0033037aeacbc2e51d2ed2],
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32LDR , , [24627275e2a83ef8365b207b5da72bd5],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, , [98eea54212789b9b91a7dfbcb1539c64],
PUP.Optional.SuperOptimizer.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, , [077feff87a10d85e012a554812f2e31d],
PUP.Optional.SuperOptimizer.C, HKU\S-1-5-19\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, , [315506e1721854e29d8e306d040047b9],
PUP.Optional.SuperOptimizer.C, HKU\S-1-5-20\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, , [e99d4a9df69487af86a5c6d78183a55b],
Registrierungswerte: 6
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\chrome.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130605164995157949, , [612539aeb3d743f3820ee9b206fe3ec2]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\explorer.xxx|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130605164995157949, , [51355592ccbe2e0899f764372adaa35d]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\firefox.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130605164995157949, , [4541a3449af01d198f01e5b6ff05d32d]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\iexplore.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130605164995157949, , [01858562cac094a2b4dc2a71848048b8]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32Ldr |{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130605164995157949, , [24627275e2a83ef8365b207b5da72bd5]
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [98eea54212789b9b91a7dfbcb1539c64]
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Ordner: 2
PUP.Optional.AdPeak.A, C:\temp, , [fe88d21562289d99b29f152b4bb852ae],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\13987050614816356636, , [8afcc02746441125c617e8bac341e31d],
Dateien: 41
PUP.Optional.SupTab.A, C:\Users\Windows\AppData\Roaming\{37E99E86-D615-4B08-937F-F8F935C455F3}_ANZHUANG\{2E089831-61B1-4CF2-8553-300574316F09}_DIYIGE\tmp\SupTab_v5.8.8.777_noblank_amy.exe, , [94f2da0d88027fb75e5b58e83dc332ce],
PUP.Optional.WPM.A, C:\Users\Windows\AppData\Roaming\{37E99E86-D615-4B08-937F-F8F935C455F3}_ANZHUANG\{2E089831-61B1-4CF2-8553-300574316F09}_DIYIGE\tmp\wpm_v20.0.0.1270.exe, , [d6b00ed944463600a083a88641c033cd],
PUP.Optional.Wajam.A, C:\Users\Windows\AppData\Local\Temp\x1e5zwux.20o.exe, , [fb8b11d644460333324778ca817f05fb],
PUP.Optional.SearchProtect.A, C:\Users\Windows\AppData\Local\Temp\nsg44DF.tmp, , [5e281bccbecced490054fb34659c728e],
PUP.Optional.Conduit.A, C:\Users\Windows\AppData\Local\Temp\nsg9371.exe, , [216543a4c7c3c472179a8f9bcf3225db],
PUP.Optional.Conduit.A, C:\Users\Windows\AppData\Local\Temp\nsl1568.exe, , [a9dde5023d4d2c0a6c45b179e51c0000],
PUP.Optional.SearchProtect.A, C:\Users\Windows\AppData\Local\Temp\utt14E8.tmp.exe, , [f88e13d4c3c7b68070930426cb365aa6],
PUP.Optional.SearchProtect.A, C:\Users\Windows\AppData\Local\Temp\nslECF1.exe, , [f096984f9eec10265711718d10f0f907],
PUP.Optional.Conduit.A, C:\Users\Windows\AppData\Local\Temp\sp-downloader.exe, , [186ee60197f3082e66610fe64bb5728e],
PUP.Optional.Conduit.A, C:\Users\Windows\AppData\Local\Temp\nslF01.exe, , [1670c81f07830b2b5958f9316e93837d],
PUP.Optional.SearchProtect.A, C:\Users\Windows\AppData\Local\Temp\nsr5065.exe, , [523430b7e9a1cc6a8edabf3fdc24669a],
PUP.Optional.SearchProtect.A, C:\Users\Windows\AppData\Local\Temp\nsr54AA.exe, , [f0967473a4e64beb73f5af4f0af65ba5],
PUP.Optional.SearchProtect.A, C:\Users\Windows\AppData\Local\Temp\nsw7C1A.exe, , [f492648378120f274f1954aaa9572cd4],
PUP.Optional.Conduit.A, C:\Users\Windows\AppData\Local\Temp\nsw8EA0.exe, , [572faf38068450e6d9d8d654956ca060],
PUP.Optional.InstallCore.A, C:\Users\Windows\AppData\Local\Temp\nsa1067.tmp, , [3c4af8efee9c41f5496d80a2c63b50b0],
PUP.Optional.SearchProtect.A, C:\Users\Windows\AppData\Local\Temp\nsb8030.exe, , [6c1a45a2bdcdad89a9bfea14a85855ab],
PUP.Optional.AdlSoft, C:\Users\Windows\AppData\Local\Temp\ICReinstall_DownloadManagerSetup.exe, , [e99d18cf33577abce21f60c3e9186d93],
PUP.Optional.InstallCore.A, C:\Users\Windows\AppData\Local\Temp\ICReinstall_nsa1067.tmp, , [90f65f88a8e21026f0c6bf638f72e41c],
PUP.Optional.LiMo, C:\Users\Windows\AppData\Local\Temp\GPUpd545610221.exe, , [d4b211d6a0ea43f3320c59bcb74e1ce4],
PUP.Optional.APNToolBar.A, C:\Users\Windows\AppData\Local\Temp\APNSetup.exe, , [8bfb60877f0b46f0b5d75d4b0df447b9],
PUP.Optional.EZDownloader.A, C:\Users\Windows\AppData\Local\Temp\5869D\temp\EzDownloader_setup.exe, , [c5c1d6113b4f05316c1cfa27b44cec14],
PUP.Optional.MultiPlug.A, C:\Users\Windows\AppData\Local\Temp\5869D\temp\hpds_setup.exe, , [8cfa94536d1d26105f9b5583e1202cd4],
PUP.Optional.Bundlore.A, C:\Users\Windows\AppData\Local\Temp\7ef056ec-91eb-43e5-a9f8-4351eed6c28b\setup.exe, , [51358463e0aac76f090cb97df10f20e0],
PUP.Optional.MySearchDial.C, C:\Users\Windows\AppData\Local\Temp\is11143978\uninstall.exe, , [127433b48bffb77f662a640d8382ff01],
PUP.Optional.Conduit.A, C:\Users\Windows\AppData\Local\Temp\nsbB676\SpSetup.exe, , [3d491fc8ee9c88ae956824d216ea43bd],
PUP.Optional.SmartInstaller, C:\Users\Windows\AppData\Local\Temp\TMP53DDE266\SI.exe, , [bcca9057f397fe38246679c43ac640c0],
PUP.Optional.SkyTech.A, C:\Users\Windows\AppData\Local\Temp\fullpackage_temp1397072485\alilog.dll, , [2165bd2a6d1d58de62e6d87d41c0f60a],
PUP.Optional.SkyTech.A, C:\Users\Windows\AppData\Local\Temp\fullpackage_temp1397072485\package1.zip, , [e1a54f986d1d87af07416bea0cf554ac],
PUP.Optional.V9.ShrtCln, C:\Users\Windows\AppData\Local\Temp\fullpackage_temp1397072485\qSE.exe, , [7f07c423d1b971c520d3c96f15eb6f91],
PUP.Optional.IePluginService.A, C:\Users\Windows\AppData\Local\Temp\fullpackage_temp1397072485\tmp\SupTab.exe, , [ec9a1ccbee9cf83e94797b9c1ae72ad6],
PUP.Optional.PositiveFinds.SID.A, C:\Users\Windows\AppData\Local\Temp\PositiveFinds\Setup.exe, , [6d19d611c2c889ad996bfd759f66867a],
PUP.Optional.OpenCandy, C:\Users\Windows\Downloads\AstroburnLite180-0182.exe, , [f096c4235a301422629fca9bd82d649c],
PUP.Optional.OpenCandy, C:\Users\Windows\Downloads\DAEMONToolsPro550-0388.exe, , [e5a1cd1a6228e84e6b96c4a111f446ba],
PUP.Optional.Downloader.C, C:\Users\Windows\Downloads\flashplayer.exe, , [6422faed6327f6402ee3ac1634cd2fd1],
PUP.Optional.AdlSoft, C:\Users\Windows\Downloads\DownloadManagerSetup.exe, , [018553945139c37325dc6bb80100e818],
PUP.Optional.AdPeak.A, C:\temp\lsp2.log, , [fe88d21562289d99b29f152b4bb852ae],
PUP.Optional.AdPeak.A, C:\temp\comment.txt, , [fe88d21562289d99b29f152b4bb852ae],
PUP.Optional.AdPeak.A, C:\temp\InstallFilter32.msi, , [fe88d21562289d99b29f152b4bb852ae],
PUP.Optional.AdPeak.A, C:\temp\output.txt, , [fe88d21562289d99b29f152b4bb852ae],
PUP.Optional.AdPeak.A, C:\temp\t.txt, , [fe88d21562289d99b29f152b4bb852ae],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\13987050614816356636\cd5b15e575e1c3d00b61573b1c9fc110.ini, , [8afcc02746441125c617e8bac341e31d],
Physische Sektoren: 0
(keine bösartigen Elemente erkannt)
(end) AdwCleaner Code:
# AdwCleaner v4.208 - Bericht erstellt 29/07/2015 um 11:23:37
# Aktualisiert 09/07/2015 von Xplode
# Datenbank : 2015-07-26.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x86)
# Benutzername : Windows - WINDOWS-PC
# Gestarted von : C:\Users\Windows\Downloads\AdwCleaner_4.208(1).exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Datei Gelöscht : C:\Users\Windows\AppData\Roaming\Mozilla\Firefox\Profiles\9zlsofni.default-1432717163689\foxydeal.sqlite
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:51904;hxxps=127.0.0.1:51904
Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1
Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17909
-\\ Mozilla Firefox v39.0 (x86 de)
*************************
AdwCleaner[R0].txt - [16532 Bytes] - [11/12/2014 16:17:01]
AdwCleaner[R1].txt - [4994 Bytes] - [21/07/2015 10:08:03]
AdwCleaner[R2].txt - [1701 Bytes] - [21/07/2015 10:13:05]
AdwCleaner[R3].txt - [1892 Bytes] - [29/07/2015 11:22:45]
AdwCleaner[S0].txt - [16075 Bytes] - [11/12/2014 16:20:05]
AdwCleaner[S1].txt - [4826 Bytes] - [21/07/2015 10:09:11]
AdwCleaner[S2].txt - [1530 Bytes] - [21/07/2015 10:14:15]
AdwCleaner[S3].txt - [1582 Bytes] - [29/07/2015 11:23:37]
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1641 Bytes] ########## JRT Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.4 (07.27.2015:1)
OS: Windows 7 Home Premium x86
Ran by Windows on 29.07.2015 at 22:37:03,91
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{10AD2C61-0898-4348-8600-14A342F22AC3}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] C:\ProgramData\13987050614816356636
~~~ FireFox
Emptied folder: C:\Users\Windows\AppData\Roaming\mozilla\firefox\profiles\9zlsofni.default-1432717163689\minidumps [5 files]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 29.07.2015 at 22:42:47,62
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ FRST Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version: 28-07-2015
durchgeführt von Windows (Administrator) auf WINDOWS-PC (29-07-2015 22:43:58)
Gestartet von C:\Users\Windows\Desktop
Geladene Profile: Windows (Verfügbare Profile: Windows)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(DATEV eG) C:\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe
(DATEV eG) C:\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Pro Advanced\DTShellHlp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [TkBellExe] => c:\program files\real\realplayer\Update\realsched.exe [296520 2014-07-12] (RealNetworks, Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157992 2015-07-11] (Apple Inc.)
HKU\S-1-5-21-1553175452-9795684-1435174660-1000\...\Run: [uTorrent] => C:\Users\Windows\AppData\Roaming\uTorrent\uTorrent.exe [1693024 2015-07-23] (BitTorrent Inc.)
HKU\S-1-5-21-1553175452-9795684-1435174660-1000\...\Run: [HP Officejet 6600 (NET)] => C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1553175452-9795684-1435174660-1000\...\Run: [Steam] => C:\Program Files\Steam\Steam.exe [2895552 2015-07-24] (Valve Corporation)
HKU\S-1-5-21-1553175452-9795684-1435174660-1000\...\Run: [Web Companion] => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-1553175452-9795684-1435174660-1000\...\Run: [Dropbox Update] => C:\Users\Windows\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-25] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk [2014-03-31]
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\Users\Windows\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-06-14]
ShortcutTarget: Dropbox.lnk -> C:\Users\Windows\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Windows\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Windows\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Windows\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ATTENTION
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
ProxyEnable: [.DEFAULT] => Internet Explorer proxy ist aktiviert.
ProxyServer: [.DEFAULT] => http=127.0.0.1:51904;https=127.0.0.1:51904
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1553175452-9795684-1435174660-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=https://de.yahoo.com/?fr=vmn&type=vmn__webcompa__1_0__ya__hp_WCYID10048_swoc_campaign_150203__yaie
HKU\S-1-5-21-1553175452-9795684-1435174660-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
SearchScopes: HKLM -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2015-01-21] (Kaspersky Lab ZAO)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-06-09] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-26] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-06-09] (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2015-01-21] (Kaspersky Lab ZAO)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-26] (Oracle Corporation)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2015-01-21] (Kaspersky Lab ZAO)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{C0F4F079-DC9A-48E9-8EAB-2DBA1E100394}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{FFF909BC-0FAE-4BC4-B065-B240B9AD897C}: [DhcpNameServer] 192.168.0.1 192.168.0.2
FireFox:
========
FF ProfilePath: C:\Users\Windows\AppData\Roaming\Mozilla\Firefox\Profiles\9zlsofni.default-1432717163689
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-26] (Oracle Corporation)
FF Plugin: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-01-21] ()
FF Plugin: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-01-21] ()
FF Plugin: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-01-21] ()
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-03-28] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=17.0.11.7 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2014-07-12] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=17.0.11.7 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2014-07-12] (RealPlayer Cloud)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF user.js: detected! => C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-1553175452-9795684-1435174660-1000\FireFox\user.js [2015-05-27]
FF SearchPlugin: C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-1553175452-9795684-1435174660-1000\FireFox\searchplugins\trovi-search.xml [2014-11-08]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Windows\AppData\Roaming\Mozilla\Firefox\Profiles\9zlsofni.default-1432717163689\Extensions\ich@maltegoetz.de.xpi [2015-05-27]
FF Extension: Adblock Plus - C:\Users\Windows\AppData\Roaming\Mozilla\Firefox\Profiles\9zlsofni.default-1432717163689\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-27]
FF Extension: Firefox Helper - C:\Program Files\Mozilla Firefox\distribution\bundles\{1C554BC25C1CBAC007CB3C5224332C6F} [2015-07-11]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-01-21]
FF HKLM\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-01-21]
FF HKLM\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-01-21]
Chrome:
=======
CHR dev: Chrome dev build erkannt! <======= ATTENTION
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
==================== Dienste (All) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AVP15.0.1; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [1867448 2015-07-01] (Microsoft Corporation)
S3 DATEV Update-Service; C:\DATEV\PROGRAMM\INSTALL\DvInesASDSvc.Exe [161320 2013-08-02] (DATEV eG)
R2 Datev.Framework.RemoteServiceModel.EnablerService; C:\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe [7208 2013-09-06] (DATEV eG)
R3 Datev.Framework.RemoteServices; C:\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe [7208 2013-09-06] (DATEV eG)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2014-08-03] (Flexera Software, Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
S2 JWC; C:\Program Files\Jeppesen\JWC\JWC.exe [510512 2012-02-23] (Jeppesen)
S2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S2 RealPlayer Cloud Service; c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-07-12] (RealNetworks, Inc.)
S2 RealPlayerUpdateSvc; C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-06-26] () [Datei ist nicht signiert]
S2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2012-12-11] (VIA Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2014-01-15] (Microsoft Corporation)
==================== Drivers (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 amdide; C:\Windows\System32\DRIVERS\amdide.sys [11944 2012-12-03] (Advanced Micro Devices Inc.)
R3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [70424 2013-07-18] (Alcor Micro, Corp.)
R3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [111360 2013-08-16] (ASMedia Technology Inc)
R3 asmtxhci; C:\Windows\System32\DRIVERS\asmtxhci.sys [337152 2013-08-16] (ASMedia Technology Inc)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [189136 2013-01-14] (Kaspersky Lab UK Ltd)
S3 iaStorA; C:\Windows\system32\drivers\iaStorA.sys [489968 2013-07-02] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [24048 2013-07-02] (Intel Corporation)
S3 iaStorS; C:\Windows\system32\drivers\iaStorS.sys [583664 2013-07-02] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [143968 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [36928 2014-07-02] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [119816 2015-01-21] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [36536 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [673976 2015-03-10] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [25696 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [24672 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [25696 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [14432 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [44992 2014-06-05] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [64200 2015-01-21] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [146240 2014-07-09] (Kaspersky Lab ZAO)
S3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28312 2013-05-23] (Logitech, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\4FA65C5E.sys [98520 2015-07-29] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [13216 2009-07-16] ()
R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-14] (Ralink Technology Corp.)
R3 Serenum; C:\Windows\System32\DRIVERS\nuvserenum.sys [17920 2014-01-12] (Windows (R) Win 7 DDK provider)
R3 Serial; C:\Windows\System32\DRIVERS\nuvserial.sys [76288 2014-01-12] (Nuvoton Technology Corp.)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [320120 2014-04-27] (Duplex Secure Ltd.)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [565424 2013-12-16] (VIA Technologies, Inc.)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-07-29 22:43 - 2015-07-29 22:43 - 00000000 ____D C:\Users\Windows\Desktop\FRST-OlderVersion
2015-07-29 22:42 - 2015-07-29 22:42 - 00001335 _____ C:\Users\Windows\Desktop\JRT.txt
2015-07-29 22:34 - 2015-07-29 22:34 - 00098520 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\4FA65C5E.sys
2015-07-29 11:28 - 2015-07-29 11:29 - 01798176 _____ (Malwarebytes Corporation) C:\Users\Windows\Desktop\JRT.exe
2015-07-29 11:28 - 2015-07-29 11:28 - 00001721 _____ C:\Users\Windows\Desktop\AdwCleaner[S3].txt
2015-07-29 11:22 - 2015-07-29 11:22 - 02248704 _____ C:\Users\Windows\Downloads\AdwCleaner_4.208(1).exe
2015-07-29 11:18 - 2015-07-29 11:18 - 00008570 _____ C:\Users\Windows\Desktop\MBAM.txt
2015-07-29 10:52 - 2015-07-29 19:49 - 00098520 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-29 10:52 - 2015-07-29 10:53 - 00001056 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-07-29 10:52 - 2015-07-29 10:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-07-29 10:52 - 2015-07-29 10:53 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-07-29 10:52 - 2015-07-29 10:52 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-29 10:52 - 2015-06-18 08:41 - 00094936 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-29 10:52 - 2015-06-18 08:41 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-29 10:52 - 2015-06-18 08:41 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-29 10:51 - 2015-07-29 10:52 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Windows\Downloads\mbam-setup-2.1.6.1022.exe
2015-07-29 10:40 - 2015-07-29 10:40 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Windows\Downloads\revosetup95.exe
2015-07-29 10:40 - 2015-07-29 10:40 - 00001218 _____ C:\Users\Windows\Desktop\Revo Uninstaller.lnk
2015-07-29 10:40 - 2015-07-29 10:40 - 00000000 ____D C:\Program Files\VS Revo Group
2015-07-29 10:05 - 2015-07-25 19:51 - 00015808 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-29 10:05 - 2015-07-25 19:47 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-29 10:05 - 2015-07-25 19:47 - 00587264 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-29 10:05 - 2015-07-25 19:46 - 00924160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-29 10:05 - 2015-07-25 19:46 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-29 10:05 - 2015-07-25 19:46 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-29 10:05 - 2015-07-25 19:46 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-29 10:05 - 2015-07-25 19:40 - 00932864 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-27 16:35 - 2015-07-27 16:35 - 00070577 _____ C:\Users\Windows\Desktop\Gmer.log
2015-07-27 16:22 - 2015-07-27 16:22 - 00380416 _____ C:\Users\Windows\Desktop\Gmer-19357.exe
2015-07-27 16:19 - 2015-07-27 16:19 - 00058303 _____ C:\Users\Windows\Desktop\Addition.txt
2015-07-27 16:18 - 2015-07-29 22:44 - 00000000 ____D C:\FRST
2015-07-27 16:18 - 2015-07-29 22:43 - 00018852 _____ C:\Users\Windows\Desktop\FRST.txt
2015-07-27 16:17 - 2015-07-29 22:43 - 01673728 _____ (Farbar) C:\Users\Windows\Desktop\FRST.exe
2015-07-27 16:11 - 2015-07-27 16:11 - 00000666 _____ C:\Users\Windows\Desktop\defogger_disable.log
2015-07-27 16:11 - 2015-07-27 16:11 - 00000204 _____ C:\Users\Windows\defogger_reenable
2015-07-27 16:09 - 2015-07-27 16:09 - 00050477 _____ C:\Users\Windows\Desktop\Defogger.exe
2015-07-22 13:49 - 2015-07-22 13:49 - 00000000 ____D C:\Users\Windows\AppData\Local\CEF
2015-07-22 08:33 - 2015-07-22 08:33 - 00000000 ____D C:\Users\Windows\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-07-21 10:07 - 2015-07-21 10:07 - 02248704 _____ C:\Users\Windows\Downloads\AdwCleaner_4.208.exe
2015-07-20 19:36 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-20 19:36 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-20 19:36 - 2015-07-15 04:55 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-20 19:36 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-20 19:36 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-19 21:40 - 2015-07-19 21:40 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-07-19 21:40 - 2015-07-19 21:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-19 21:40 - 2015-07-19 21:40 - 00000000 ____D C:\Program Files\iTunes
2015-07-19 21:40 - 2015-07-19 21:40 - 00000000 ____D C:\Program Files\iPod
2015-07-15 08:58 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 08:58 - 2015-07-01 22:46 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 08:58 - 2015-07-01 22:46 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 08:58 - 2015-07-01 22:30 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 08:58 - 2015-07-01 22:30 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 08:58 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 08:58 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 08:58 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 08:58 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 08:58 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 08:58 - 2015-07-01 22:30 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 08:58 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 08:58 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 08:58 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 08:58 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 08:58 - 2015-07-01 22:30 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 08:58 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 08:58 - 2015-07-01 22:29 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 08:58 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 08:58 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 08:58 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 08:58 - 2015-07-01 21:18 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 08:58 - 2015-07-01 21:18 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 08:58 - 2015-07-01 21:18 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 08:58 - 2015-06-25 10:46 - 02383872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 08:58 - 2015-06-15 23:47 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 08:58 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 08:58 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 08:58 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 08:58 - 2015-06-15 23:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 08:58 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 08:58 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 08:58 - 2015-06-11 19:57 - 06131200 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-07-15 08:58 - 2015-06-11 19:57 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-07-15 08:58 - 2015-06-11 19:57 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-07-15 08:58 - 2015-06-11 17:20 - 00355840 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-07-15 08:57 - 2015-07-09 19:43 - 02943488 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 08:57 - 2015-07-09 19:43 - 02057216 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 08:57 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 08:57 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 08:57 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 08:57 - 2015-07-09 19:43 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 08:57 - 2015-07-09 19:43 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 08:57 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 08:57 - 2015-07-09 19:42 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 08:57 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 08:57 - 2015-07-09 19:42 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 08:57 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 08:57 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 08:57 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 08:57 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 08:57 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 08:57 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 08:57 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 08:57 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 08:57 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 08:57 - 2015-06-19 20:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 08:57 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 08:57 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 08:57 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 08:57 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 08:57 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 08:57 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 08:57 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 08:57 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 08:57 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 08:57 - 2015-06-19 20:13 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 08:57 - 2015-06-19 20:06 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 08:57 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 08:57 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 08:57 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 08:57 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 08:57 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 08:57 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 08:57 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 08:57 - 2015-06-19 19:40 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 08:57 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 08:57 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 08:57 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 08:57 - 2015-06-17 19:39 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 08:57 - 2015-06-09 21:35 - 02745856 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-15 08:57 - 2015-06-09 21:35 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-15 08:57 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 08:57 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 08:57 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 08:57 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 08:57 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-11 09:09 - 2015-07-11 17:00 - 00000000 ____D C:\Program Files\Mozilla Firefox
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-07-29 22:40 - 2015-06-25 09:27 - 00001232 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1553175452-9795684-1435174660-1000UA.job
2015-07-29 22:38 - 2014-05-10 22:37 - 00000000 ____D C:\Users\Windows\AppData\Roaming\uTorrent
2015-07-29 22:36 - 2014-03-25 16:56 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-29 21:40 - 2015-06-25 09:27 - 00001180 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1553175452-9795684-1435174660-1000Core.job
2015-07-29 20:06 - 2014-04-02 09:10 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-07-29 19:21 - 2015-01-23 21:17 - 00000000 ____D C:\Users\Windows\Documents\Kosmetikstudio
2015-07-29 17:53 - 2009-07-14 06:34 - 00028896 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-29 17:53 - 2009-07-14 06:34 - 00028896 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-29 17:46 - 2014-05-13 10:45 - 00000000 ___RD C:\Users\Windows\Dropbox
2015-07-29 17:46 - 2014-05-13 10:26 - 00000000 ____D C:\Users\Windows\AppData\Roaming\Dropbox
2015-07-29 17:44 - 2014-07-25 17:13 - 00000000 ____D C:\Program Files\Steam
2015-07-29 17:44 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-29 17:44 - 2009-07-14 06:39 - 00145191 _____ C:\Windows\setupact.log
2015-07-29 15:03 - 2014-03-25 15:33 - 01515853 _____ C:\Windows\WindowsUpdate.log
2015-07-29 14:54 - 2015-02-04 01:49 - 00000000 ____D C:\Users\Windows\Documents\Hochzeit
2015-07-29 11:31 - 2014-05-06 11:15 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-29 11:24 - 2010-11-20 23:48 - 00254320 _____ C:\Windows\PFRO.log
2015-07-29 11:23 - 2014-12-11 16:16 - 00000000 ____D C:\AdwCleaner
2015-07-29 10:48 - 2014-03-31 11:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2015-07-29 10:03 - 2010-11-20 23:01 - 01628312 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-27 16:11 - 2014-03-25 15:42 - 00000000 ____D C:\Users\Windows
2015-07-27 15:30 - 2014-05-14 09:18 - 00316416 ___SH C:\Users\Windows\Documents\Thumbs.db
2015-07-26 19:29 - 2014-07-25 17:13 - 00000000 ____D C:\Program Files\Common Files\Steam
2015-07-26 09:21 - 2015-03-08 10:25 - 00000000 ____D C:\Users\Windows\AppData\Roaming\Apple Computer
2015-07-24 09:49 - 2015-06-03 15:08 - 00000000 ____D C:\Users\Windows\Desktop\RYR
2015-07-22 08:50 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-07-22 08:46 - 2014-03-26 20:24 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2015-07-22 08:44 - 2014-03-28 11:46 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-07-21 08:36 - 2009-07-14 06:33 - 00460880 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-19 21:40 - 2015-04-20 11:13 - 00000000 ____D C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2015-07-19 21:40 - 2015-03-08 10:22 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-07-16 20:16 - 2015-04-04 16:36 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-16 10:02 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2015-07-16 08:39 - 2014-12-11 22:45 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-16 08:39 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2015-07-15 10:55 - 2014-03-25 16:45 - 00000000 ____D C:\Windows\system32\MRT
2015-07-15 10:36 - 2014-03-25 16:56 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-07-15 10:36 - 2014-03-25 16:56 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-07-15 09:00 - 2014-03-25 17:00 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-11 17:00 - 2014-03-26 22:44 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-07-03 08:49 - 2014-03-25 16:45 - 127070192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-03-30 10:11 - 2014-08-23 21:15 - 0000170 _____ () C:\Users\Windows\AppData\Roaming\WB.CFG
2014-08-03 16:48 - 2014-08-03 16:48 - 0007605 _____ () C:\Users\Windows\AppData\Local\Resmon.ResmonCfg
2014-05-12 20:08 - 2014-05-12 20:08 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-04-01 09:26 - 2014-04-01 09:31 - 0000376 _____ () C:\ProgramData\hpzinstall.log
2014-03-26 20:23 - 2014-03-27 10:38 - 0000227 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2015-01-06 16:57 - 2015-01-23 09:43 - 0000534 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
Einige Dateien in TEMP:
====================
C:\Users\Windows\AppData\Local\Temp\APNSetup.exe
C:\Users\Windows\AppData\Local\Temp\avgnt.exe
C:\Users\Windows\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgbvbx3.dll
C:\Users\Windows\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Windows\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Windows\AppData\Local\Temp\FreeYouTubeToMP3Converter.exe
C:\Users\Windows\AppData\Local\Temp\GPUpd542130291.exe
C:\Users\Windows\AppData\Local\Temp\GPUpd542270F01.exe
C:\Users\Windows\AppData\Local\Temp\GPUpd544F46731.exe
C:\Users\Windows\AppData\Local\Temp\GPUpd5450A3832.exe
C:\Users\Windows\AppData\Local\Temp\GPUpd545344EB1.exe
C:\Users\Windows\AppData\Local\Temp\GPUpd545344EC2.exe
C:\Users\Windows\AppData\Local\Temp\GPUpd545344EC3.exe
C:\Users\Windows\AppData\Local\Temp\GPUpd545344ED4.exe
C:\Users\Windows\AppData\Local\Temp\GPUpd545344EE5.exe
C:\Users\Windows\AppData\Local\Temp\GPUpd5453467F1.exe
C:\Users\Windows\AppData\Local\Temp\GPUpd545346832.exe
C:\Users\Windows\AppData\Local\Temp\GPUpd545346843.exe
C:\Users\Windows\AppData\Local\Temp\GPUpd545610221.exe
C:\Users\Windows\AppData\Local\Temp\GPUpd545610252.exe
C:\Users\Windows\AppData\Local\Temp\GPUpd546870201.exe
C:\Users\Windows\AppData\Local\Temp\GPUpd546F1D861.exe
C:\Users\Windows\AppData\Local\Temp\GPUpd548181161.exe
C:\Users\Windows\AppData\Local\Temp\h2c0vulj.4wh.exe
C:\Users\Windows\AppData\Local\Temp\ICReinstall_DownloadManagerSetup.exe
C:\Users\Windows\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Windows\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Windows\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Windows\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Windows\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Windows\AppData\Local\Temp\nsb8030.exe
C:\Users\Windows\AppData\Local\Temp\nsg9371.exe
C:\Users\Windows\AppData\Local\Temp\nsl1568.exe
C:\Users\Windows\AppData\Local\Temp\nslECF1.exe
C:\Users\Windows\AppData\Local\Temp\nslF01.exe
C:\Users\Windows\AppData\Local\Temp\nsr5065.exe
C:\Users\Windows\AppData\Local\Temp\nsr54AA.exe
C:\Users\Windows\AppData\Local\Temp\nsw7C1A.exe
C:\Users\Windows\AppData\Local\Temp\nsw8EA0.exe
C:\Users\Windows\AppData\Local\Temp\PrefJsonCpp.exe
C:\Users\Windows\AppData\Local\Temp\Quarantine.exe
C:\Users\Windows\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Windows\AppData\Local\Temp\SIntf16.dll
C:\Users\Windows\AppData\Local\Temp\SIntf32.dll
C:\Users\Windows\AppData\Local\Temp\SIntfNT.dll
C:\Users\Windows\AppData\Local\Temp\sp-downloader.exe
C:\Users\Windows\AppData\Local\Temp\speedupmypc.exe
C:\Users\Windows\AppData\Local\Temp\SpOrder.dll
C:\Users\Windows\AppData\Local\Temp\Sqlite3.dll
C:\Users\Windows\AppData\Local\Temp\stubhelper.dll
C:\Users\Windows\AppData\Local\Temp\tmd_34012560.exe
C:\Users\Windows\AppData\Local\Temp\tmp7F5D.exe
C:\Users\Windows\AppData\Local\Temp\utt14E8.tmp.exe
C:\Users\Windows\AppData\Local\Temp\vlc-2.1.3-win32.exe
C:\Users\Windows\AppData\Local\Temp\vlc-2.2.1-win32.exe
C:\Users\Windows\AppData\Local\Temp\x1e5zwux.20o.exe
C:\Users\Windows\AppData\Local\Temp\_is516D.exe
C:\Users\Windows\AppData\Local\Temp\_is69FA.exe
C:\Users\Windows\AppData\Local\Temp\_isB04C.exe
C:\Users\Windows\AppData\Local\Temp\_isE091.exe
C:\Users\Windows\AppData\Local\Temp\_isF0B4.exe
C:\Users\Windows\AppData\Local\Temp\_isF115.exe
==================== Bamital & volsnap Check =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-07-23 10:17
==================== Ende vom log ============================ |