Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Win10 - unklare Situation - Malware oder normale Probleme? (https://www.trojaner-board.de/171780-win10-unklare-situation-malware-normale-probleme.html)

verrant 04.10.2015 10:56
Win10 - unklare Situation - Malware oder normale Probleme?
 
Moin Moin.

Auf aktuellem Win 10 und insbesondere Chrome eine unklare Situation. Deshalb ausführlichere Beschreibung als sonst üblich.

Vor zwei Tagen:
In Chrome machte sich beim Start ein weiterer Tab auf. Mitteilung von AdBlock plus über das Programm der „akzeptablen Werbung“. Dort nichts weiter gemacht, keine Links angeklickt oder sonstiges. Statt dessen geschlossen und erstmal nichts weiter.

Heute:
Youtube Video in Chrome geschaut. Brach mit Fehlermeldung ab.

Wlan-Verbindung wurde ohne mein zu tun getrennt – Das WLAN Symbol war ausgegraut.
Ohne mein Zutun wurde eine neue Verbindung hergestellt.

Im noch im selben Fenster von Chrome wurde nun in einem kleinen Fenster am unteren Rand von Chrome angezeigt, das eine Verbindung zu einem Proxy hergestellt wird. Ich nutze keinen Proxy – zumindest nicht bewusst.

Und dann wurde auf eine ??ggt? Seite gewartet, auch in diesem unteren Fenster. Youtube baute sich dann Schrittweise auf. Als ob die Datenleitung sehr langsam sei und der Aufruf zum ersten passiert sei.

WLAN-Verbindung ist wieder ohne mein Zutun getrennt worden.

Neustart des Routers durch Stromkabel entfernen, 2 Min. warten und wieder anstöpseln an die Stromversorgung.WLAN-Verbindung wurde automatisch hergestellt und flüssige Videos auf Youtube in Chrome angezeigt.

Defogger ausgeführt

FRST.txt

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:03-10-2015
durchgeführt von *** (Administrator) auf *** (04-10-2015 11:19:15)
Gestartet von C:\Users\***\Downloads
Geladene Profile: *** (Verfügbare Profile: *** & .NET v4.5 & .NET v4.5 Classic)
Platform: Windows 10 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Sandboxie Holdings, LLC) D:\Program Files\Sandboxie\SbieSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(DTS) C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(DEVGURU Co., LTD.) D:\Program Files (x86)\USB Drivers\25_escape\conn\ss_conn_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\ScanToPCActivationApp.exe
(Sandboxie Holdings, LLC) D:\Program Files\Sandboxie\SbieCtrl.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation) C:\Users\***\AppData\Local\Snip\Snip.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
(VideoLAN) D:\Program Files\VideoLAN\VLC\vlc.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-03] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [WISO Mein Geld 2015 Professional .NET] => D:\Program Files (x86)\Buhl\WISO Mein Geld 2015\mg.exe [1120568 2015-07-22] (Buhl Data Service)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2620728 2015-07-22] (Malwarebytes Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36710768 2015-10-02] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [Google Update] => C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.)
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [WEB.DE Application {sync-000021}] => C:\Users\***\AppData\Local\WEB.DE Application {sync-000021}\webde_onlinespeicher.exe [781312 2015-02-18] (1&1 Mail & Media GmbH)
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [HP Photosmart Plus B210 series (NET)] => C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [SandboxieControl] => d:\Program Files\Sandboxie\SbieCtrl.exe [787592 2015-09-03] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [HP ENVY 4500 series (NET)] => C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [45056 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd)
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [55349888 2015-09-04] (Skype Technologies S.A.)
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Policies\Explorer: [NoSecurityTab] 0
ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 1] -> {02B2B772-B8A8-4DA4-9B18-42551A54A1A8} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 2] -> {0575AB16-E932-4160-8936-4DBE195BDBD7} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 3] -> {0E9EF89A-96D3-4DE6-B2F8-E9548AA5321E} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 4] -> {1A4AFFE1-B2F9-483D-B627-D9A339DBFD34} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 1] -> {02B2B772-B8A8-4DA4-9B18-42551A54A1A8} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 2] -> {0575AB16-E932-4160-8936-4DBE195BDBD7} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 3] -> {0E9EF89A-96D3-4DE6-B2F8-E9548AA5321E} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 4] -> {1A4AFFE1-B2F9-483D-B627-D9A339DBFD34} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2014-10-06]
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2014-01-20]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk [2015-02-19]
Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2015-09-06]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{1f429b3c-0def-4794-9fcd-1bd8383e754d}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{f4f984b3-14b6-4096-bca6-c6781cd9c88e}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1888364831-2858631773-2981139133-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> d:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-10-06] (LastPass)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Kein Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} ->  Keine Datei
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-10] (Oracle Corporation)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> d:\Program Files (x86)\LastPass\LPToolbar.dll [2014-10-06] (LastPass)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-10] (Oracle Corporation)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - d:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-10-06] (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - d:\Program Files (x86)\LastPass\LPToolbar.dll [2014-10-06] (LastPass)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798
FF Homepage: hxxp://www.diesiedleronline.de/de/spielen
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-22] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> d:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @lastpass.com/NPLastPass -> d:\Program Files (x86)\LastPass\nplastpass64.dll [2014-10-06] (LastPass)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> D:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> d:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> d:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> d:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-22] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> d:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-10] (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> d:\Program Files (x86)\LastPass\nplastpass.dll [2014-10-06] (LastPass)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> D:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1888364831-2858631773-2981139133-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> d:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1888364831-2858631773-2981139133-1001: @tools.google.com/Google Update;version=3 -> C:\Users\***\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-1888364831-2858631773-2981139133-1001: @tools.google.com/Google Update;version=9 -> C:\Users\***\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-1888364831-2858631773-2981139133-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\***\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
FF Extension: LastPass - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\support@lastpass.com [2015-09-26]
FF Extension: Video AdBlock for Firefox - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\{a00bef25-f21a-4539-adbb-b179b29e2b92} [2015-09-14]
FF Extension: WOT - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-07-09]
FF Extension: ProxMate - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi [2015-04-18]
FF Extension: uBlock Origin - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\uBlock0@raymondhill.net.xpi [2015-09-19]
FF Extension: NoScript - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-03-31]
FF Extension: Adblock Plus - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-03-31]
FF Extension: BetterPrivacy - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2015-03-31]
FF Extension: Kein Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-03]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.spiegel.de/","hxxp://forum.ubuntuusers.de/topic/kann-keine-programme-per-software-center-downl/","hxxp://www.happypainting.de/","hxxp://www.pentaxians.de/","hxxp://www.web.de/","hxxp://www.t-online.de/","http://www.trojaner-board.de/166488-...chtungen.html"
CHR Profile: C:\Users\***\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (NoScript Suite Lite) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahnanjpbkghcdgmlchbcfoiefnifjeni [2015-05-28]
CHR Extension: (Google Drive) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-02]
CHR Extension: (TV) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2015-05-02]
CHR Extension: (ColorZilla) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2015-09-05]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-05-02]
CHR Extension: (YouTube) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-14]
CHR Extension: (Meine IP-Adresse) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccfphbgnmmhjfalloifioeeeokjemobf [2015-05-02]
CHR Extension: (Adblock Plus) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-05-02]
CHR Extension: (TrafficLight) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfnpidifppmenkapgihekkeednfoenal [2015-05-02]
CHR Extension: (Adblock für Youtube™) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2015-09-14]
CHR Extension: (Google-Suche) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-02]
CHR Extension: (Facebook Customizer (by Adblock Plus)) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoeenbkoccjaefmmhpmlegngdjohdcm [2015-05-02]
CHR Extension: (Best Utility Apps) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnfkmehkjocihlfmcjkmdiekloihfaog [2015-05-02]
CHR Extension: (VTchromizer) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\efbjojhplkelaegfbieplglfidafgoka [2015-09-14]
CHR Extension: (Facebook Disconnect) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpepffjfmamnambagiibghpglaidiec [2015-05-02]
CHR Extension: (Google Text & Tabellen Offline) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-03]
CHR Extension: (AdBlock) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-05-02]
CHR Extension: („Pin it“-Button) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2015-09-15]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2015-05-02]
CHR Extension: (PDF Mergy) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgecghmkcdefnknohcimkoemhaofpoha [2015-05-02]
CHR Extension: (Subscriptions for YouTube™) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibcngljpkdlakkbhmbfhjabcblbcldbl [2015-05-02]
CHR Extension: (ProxMate) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifalmiidchkjjmkkbkoaibpmoeichmki [2015-06-22]
CHR Extension: (Dropbox) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2015-05-02]
CHR Extension: (Interstellar) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\kackgkhdbldcojljaeoaghlhfbbldkil [2015-05-02]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-02]
CHR Extension: (Google Maps) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-05-02]
CHR Extension: (Chrono Download Manager) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mciiogijehkdemklbdcbfkefimifhecn [2015-05-02]
CHR Extension: (Ghostery) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-05-02]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-02]
CHR Extension: (Hover Zoom) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2015-09-14]
CHR Extension: (AdBlock Pro) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2015-05-02]
CHR Extension: (QVIVO) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohdmoikcfdlgffkebhcojlghnccgngbg [2015-05-02]
CHR Extension: (Meine IP-Adresse) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhoeoiodcebkkigjiooibeccnfmmkoe [2015-05-02]
CHR Extension: (Google Mail) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-02]
CHR HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fknfdieimobmimhdkfkheeejenmdjhoe] - C:\Program Files (x86)\pandasecuritytb\chrome-newtab-search.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\***\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2015-02-15]

Opera:
=======
OPR Extension: (Ghostery) - C:\Users\***\AppData\Roaming\Opera Software\Opera Stable\Extensions\bbkekonodcdmedgffkkbgmnnekbainbg [2015-04-30]
OPR Extension: (dr34polw) - C:\Users\***\AppData\Roaming\Opera Software\Opera Stable\Extensions\cfkmglogfkpfekddlalobmhdbkjneejb [2015-08-03]
OPR Extension: (dr34polw) - C:\Users\***\AppData\Roaming\Opera Software\Opera Stable\Extensions\cgdogbijachehheddakopmfjahhgmmma [2015-08-03]
OPR Extension: (Avira Browser Safety) - C:\Users\***\AppData\Roaming\Opera Software\Opera Stable\Extensions\dalelnnofafalcmkmnhdbigbjjkloabo [2015-08-03]
OPR Extension: (weboftrust) - C:\Users\***\AppData\Roaming\Opera Software\Opera Stable\Extensions\eeokceolphhfjdfcibaiiopmekmcbedp [2015-08-03]
OPR Extension: (Cookie Jar) - C:\Users\***\AppData\Roaming\Opera Software\Opera Stable\Extensions\gapogllmojifhogcdfmommbeafllndoa [2015-08-03]
OPR Extension: (Google Analytics Opt-out (by Google)) - C:\Users\***\AppData\Roaming\Opera Software\Opera Stable\Extensions\hmffjpdmbgflojiohllanjaggdenggdo [2015-08-03]
OPR Extension: (dr34polw) - C:\Users\***\AppData\Roaming\Opera Software\Opera Stable\Extensions\ipiopppcaojnchgoepoemlbdccogeije [2015-08-03]
OPR Extension: (emmyaldor) - C:\Users\***\AppData\Roaming\Opera Software\Opera Stable\Extensions\knbfimhapmnifdchcafinkbfikmomaak [2015-09-10]
OPR Extension: (History Eraser) - C:\Users\***\AppData\Roaming\Opera Software\Opera Stable\Extensions\lfpoajlbkhlfoeeokbppmecpplmieedm [2015-08-03]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-13] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-13] (Dropbox, Inc.)
R2 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [218768 2015-06-24] (DTS)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [713016 2015-07-22] (Malwarebytes Corporation)
R2 MBAMScheduler; d:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; d:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [Datei ist nicht signiert]
R2 SbieSvc; d:\Program Files\Sandboxie\SbieSvc.exe [177800 2015-09-03] (Sandboxie Holdings, LLC)
R2 ss_conn_service; D:\Program Files (x86)\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\Unchecky_svc.exe [163576 2015-09-19] (RaMMicHaeL)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-09-09] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-09-09] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
S3 AmUHubftr; C:\Windows\System32\drivers\AmUHubftr.sys [25880 2013-12-20] (Alcor Micro, Corp.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
S3 Bulk1528; C:\Windows\System32\Drivers\Bulk1528.sys [17792 2009-10-20] (SunPlus)
S2 Ca1528av; C:\Windows\System32\Drivers\Ca1528av.sys [533760 2008-12-17] (Digital Camera)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-07-22] ()
R3 i8042HDR; C:\Windows\system32\DRIVERS\i8042HDR.sys [15920 2009-08-14] (Windows (R) Codename Longhorn DDK provider)
S3 LcUvcUpper; C:\Windows\system32\DRIVERS\LcUvcUpper.sys [34424 2015-08-27] (Microsoft Corporation)
R1 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [109272 2015-06-18] (Malwarebytes Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-10-04] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
S3 MEMSWEEP2; C:\WINDOWS\system32\15E3.tmp [6144 2009-06-18] (Sophos Plc) [Datei ist nicht signiert]
R3 netr28ux; C:\Windows\System32\drivers\netr28ux.sys [2204304 2015-07-10] (MediaTek Inc.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )
R3 SbieDrv; d:\Program Files\Sandboxie\SbieDrv.sys [191112 2015-09-03] (Sandboxie Holdings, LLC)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S1 UimBus; C:\Windows\System32\drivers\UimBus.sys [102664 2014-05-19] ()
S1 Uim_DEVIM; C:\Windows\System32\drivers\uim_devim.sys [25992 2014-05-19] ()
S1 Uim_IM; C:\Windows\System32\drivers\uim_im.sys [700296 2014-05-19] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-04 11:19 - 2015-10-04 11:19 - 00038063 _____ C:\Users\***\Downloads\FRST.txt
2015-10-04 11:18 - 2015-10-04 11:19 - 00000000 ____D C:\FRST
2015-10-04 11:18 - 2015-10-04 11:18 - 02193408 _____ (Farbar) C:\Users\***\Downloads\FRST64 (1).exe
2015-10-04 11:17 - 2015-10-04 11:18 - 02193408 _____ (Farbar) C:\Users\***\Downloads\FRST64.exe
2015-10-04 11:17 - 2015-10-04 11:17 - 00050477 _____ C:\Users\***\Downloads\Defogger.exe
2015-10-04 11:17 - 2015-10-04 11:17 - 00000468 _____ C:\Users\***\Downloads\defogger_disable.log
2015-10-04 11:17 - 2015-10-04 11:17 - 00000000 _____ C:\Users\***\defogger_reenable
2015-10-04 10:39 - 2015-10-04 10:39 - 00016148 _____ C:\WINDOWS\system32\***_***_HistoryPrediction.bin
2015-10-03 15:03 - 2015-10-03 15:03 - 00011859 _____ C:\Users\***\Desktop\Musik für Facebook.odt
2015-10-03 04:09 - 2015-10-03 13:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-03 00:00 - 2015-10-03 00:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-09-29 21:51 - 2015-09-29 22:06 - 00026260 _____ C:\Users\***\Documents\Watt nen Scheiß verhalten Guener-Susanne.odt
2015-09-27 09:24 - 2015-09-27 09:24 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Snip
2015-09-27 09:24 - 2015-09-27 09:24 - 00000000 ____D C:\Users\***\AppData\Local\Snip
2015-09-26 21:33 - 2015-09-26 21:33 - 02354343 _____ C:\Users\***\Downloads\cpu-z_1.73.zip
2015-09-19 21:18 - 2015-09-19 21:18 - 12455424 _____ (Frontier Developments ) C:\Users\***\Downloads\EliteDangerous-Client-Installer.exe
2015-09-19 21:18 - 2015-09-19 21:18 - 12455424 _____ (Frontier Developments ) C:\Users\***\Downloads\EliteDangerous-Client-Installer (1).exe
2015-09-19 20:15 - 2015-09-19 20:15 - 04944608 _____ (Advanced Micro Devices, Inc.) C:\Users\***\Downloads\autodetectutility.exe
2015-09-19 14:50 - 2015-09-19 14:50 - 00001092 _____ C:\Users\Public\Desktop\Unchecky.lnk
2015-09-19 14:50 - 2015-09-19 14:50 - 00000000 ____D C:\ProgramData\Unchecky
2015-09-19 14:50 - 2015-09-19 14:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky
2015-09-19 14:50 - 2015-09-19 14:50 - 00000000 ____D C:\Program Files (x86)\Unchecky
2015-09-19 14:49 - 2015-09-19 14:49 - 01091504 _____ (RaMMicHaeL) C:\Users\***\Downloads\unchecky_setup039.exe
2015-09-19 13:11 - 2015-10-03 22:27 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-19 13:06 - 2015-09-19 13:06 - 00002642 _____ C:\Users\Public\Desktop\Skype.lnk
2015-09-19 13:06 - 2015-09-19 13:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-19 13:05 - 2015-09-19 13:05 - 01506832 _____ (Skype Technologies S.A.) C:\Users\***\Downloads\SkypeSetup.exe
2015-09-19 12:43 - 2015-09-19 12:43 - 00001183 _____ C:\Users\Public\Desktop\Picasa 3.lnk
2015-09-19 12:26 - 2015-09-19 12:26 - 02190552 _____ C:\Users\***\Downloads\appmanagersetup_2.0_b4_292.exe
2015-09-19 12:26 - 2015-09-19 12:26 - 00000945 _____ C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileHippo App Manager.lnk
2015-09-18 19:11 - 2015-09-18 19:11 - 00003638 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2015-09-18 18:37 - 2015-09-21 18:24 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-09-18 18:33 - 2015-09-18 18:34 - 03183672 _____ (Blizzard Entertainment) C:\Users\***\Downloads\StarCraft-II-Setup-deDE.exe
2015-09-18 18:33 - 2015-09-18 18:33 - 02907704 _____ (Blizzard Entertainment) C:\Users\***\Downloads\World-of-Warcraft-Setup-deDE.exe
2015-09-18 15:09 - 2015-09-18 15:09 - 01454240 _____ C:\Users\***\Downloads\openssl-fips-2.0.10.tar.gz
2015-09-18 15:09 - 2015-09-18 15:09 - 00000000 ____D C:\Users\***\Downloads\openssl-fips-2.0.10
2015-09-17 19:58 - 2015-09-18 14:49 - 00001276 _____ C:\Users\***\Desktop\CoreTemp.ini
2015-09-15 20:32 - 2015-09-15 20:35 - 00000000 ____D C:\Users\***\Downloads\Sicherheit
2015-09-15 20:32 - 2015-09-15 20:32 - 00003111 _____ C:\Users\***\Downloads\MBAM_PUPs_Funde.txt
2015-09-14 18:55 - 2015-09-14 18:55 - 00000000 ____D C:\Users\***\AppData\Roaming\dlg
2015-09-14 18:54 - 2015-09-14 18:54 - 00001318 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2015-09-14 18:54 - 2015-09-14 18:54 - 00001146 _____ C:\Users\Public\Desktop\Free MP4 Video Converter.lnk
2015-09-14 18:54 - 2015-09-14 18:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-09-14 18:52 - 2015-09-14 18:54 - 00000000 ____D C:\Users\***\AppData\Roaming\DVDVideoSoft
2015-09-14 13:24 - 2015-09-14 13:24 - 01190104 _____ (Adobe Systems Incorporated) C:\Users\***\Downloads\flashplayer18pp_da_install.exe
2015-09-14 13:22 - 2015-10-03 22:23 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-09-14 13:22 - 2015-10-03 21:55 - 00000946 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-09-14 13:22 - 2015-09-22 20:30 - 00004086 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-09-14 13:22 - 2015-09-14 13:26 - 00003870 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-09-14 12:36 - 2015-09-14 12:36 - 00000000 ____D C:\Users\***\Downloads\tweaking.com_windows_repair_aio
2015-09-14 12:35 - 2015-09-14 12:35 - 00000117 _____ C:\Users\***\Desktop\ndrinfo_nds.m3u
2015-09-13 22:01 - 2015-09-19 12:50 - 00000000 ____D C:\Users\***\AppData\Roaming\MPC-HC
2015-09-13 22:01 - 2015-09-13 22:01 - 06781458 _____ C:\Users\***\Downloads\VID-20150913-WA0001 (1).mp4
2015-09-13 21:59 - 2015-09-13 21:59 - 00003008 _____ C:\WINDOWS\System32\Tasks\klcp_update
2015-09-13 21:59 - 2015-09-13 21:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-09-13 21:59 - 2015-08-24 20:00 - 00112128 _____ C:\WINDOWS\SysWOW64\ff_vfw.dll
2015-09-13 21:59 - 2015-06-22 15:25 - 00254976 _____ C:\WINDOWS\system32\xvidvfw.dll
2015-09-13 21:59 - 2015-06-22 15:25 - 00240128 _____ C:\WINDOWS\SysWOW64\xvidvfw.dll
2015-09-13 21:59 - 2015-06-22 15:24 - 00729088 _____ C:\WINDOWS\system32\xvidcore.dll
2015-09-13 21:59 - 2015-02-28 17:22 - 03571200 _____ (x264vfw project) C:\WINDOWS\system32\x264vfw64.dll
2015-09-13 21:59 - 2015-02-28 17:21 - 03591680 _____ (x264vfw project) C:\WINDOWS\SysWOW64\x264vfw.dll
2015-09-13 21:59 - 2012-07-21 12:55 - 00180736 _____ (fccHandler) C:\WINDOWS\system32\ac3acm.acm
2015-09-13 21:59 - 2012-07-21 12:54 - 00122880 _____ (fccHandler) C:\WINDOWS\SysWOW64\ac3acm.acm
2015-09-13 21:59 - 2011-12-07 19:37 - 00148992 _____ ( ) C:\WINDOWS\system32\lagarith.dll
2015-09-13 21:59 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\WINDOWS\SysWOW64\lagarith.dll
2015-09-13 21:58 - 2015-09-13 21:59 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2015-09-13 21:47 - 2015-09-13 21:57 - 41563740 _____ ( ) C:\Users\***\Downloads\K-Lite_Codec_Pack_1140_Mega.exe
2015-09-13 11:37 - 2015-09-13 11:37 - 00000798 _____ C:\Users\***\Documents\Fixlist.txt
2015-09-12 22:28 - 2015-09-12 22:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2015-09-12 22:27 - 2015-09-12 22:28 - 05176416 _____ (Sandboxie Holdings, LLC) C:\Users\***\Downloads\SandboxieInstall64-502.exe
2015-09-12 18:43 - 2015-09-12 18:43 - 00005850 _____ C:\Users\***\Downloads\Malware 1x PUP am 30.07.15.txt
2015-09-12 18:42 - 2015-09-12 18:42 - 00004039 _____ C:\Users\***\Downloads\Malware 2x PUP am 1.8.15.txt
2015-09-12 17:17 - 2015-09-12 18:24 - 00380416 _____ C:\Users\***\Downloads\Gmer-19357.exe
2015-09-12 14:35 - 2015-09-12 14:35 - 00001380 _____ C:\Users\***\Downloads\a2scan_150912-134822.txt
2015-09-10 20:13 - 2015-09-10 20:13 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-09-10 20:13 - 2015-09-10 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-10 20:07 - 2015-09-10 19:32 - 00000030 _____ C:\AVScanner.ini
2015-09-09 17:09 - 2015-09-09 17:09 - 00003284 _____ C:\WINDOWS\System32\Tasks\{70F4BB8E-DF69-4214-A82D-13742A7694BD}
2015-09-09 10:53 - 2015-09-09 10:53 - 00000020 ___SH C:\Users\.NET v4.5\ntuser.ini
2015-09-09 10:53 - 2015-09-09 10:53 - 00000020 ___SH C:\Users\.NET v4.5 Classic\ntuser.ini
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\Vorlagen
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\Startmenü
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\Netzwerkumgebung
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\Lokale Einstellungen
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\Eigene Dateien
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\Druckumgebung
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\Documents\Eigene Musik
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\Documents\Eigene Bilder
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\AppData\Local\Verlauf
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\AppData\Local\Anwendungsdaten
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\Anwendungsdaten
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\Vorlagen
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\Startmenü
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\Netzwerkumgebung
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\Lokale Einstellungen
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\Eigene Dateien
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\Druckumgebung
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\Documents\Eigene Musik
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\Documents\Eigene Bilder
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\AppData\Local\Verlauf
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\AppData\Local\Anwendungsdaten
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\Anwendungsdaten
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 ____D C:\Users\.NET v4.5 Classic
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 ____D C:\Users\.NET v4.5
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 ____D C:\inetpub
2015-09-09 10:53 - 2015-08-13 12:55 - 00000000 ___RD C:\Users\.NET v4.5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-09 10:53 - 2015-08-13 12:55 - 00000000 ___RD C:\Users\.NET v4.5 Classic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-09 10:53 - 2015-07-30 21:07 - 00000000 ____D C:\Users\.NET v4.5\AppData\Roaming\ATI
2015-09-09 10:53 - 2015-07-30 21:07 - 00000000 ____D C:\Users\.NET v4.5\AppData\Local\Microsoft Help
2015-09-09 10:53 - 2015-07-30 21:07 - 00000000 ____D C:\Users\.NET v4.5\AppData\Local\ATI
2015-09-09 10:53 - 2015-07-30 21:07 - 00000000 ____D C:\Users\.NET v4.5 Classic\AppData\Roaming\ATI
2015-09-09 10:53 - 2015-07-30 21:07 - 00000000 ____D C:\Users\.NET v4.5 Classic\AppData\Local\Microsoft Help
2015-09-09 10:53 - 2015-07-30 21:07 - 00000000 ____D C:\Users\.NET v4.5 Classic\AppData\Local\ATI
2015-09-09 10:53 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\.NET v4.5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-09-09 10:53 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\.NET v4.5 Classic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-09-09 10:53 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\.NET v4.5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-09-09 10:53 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\.NET v4.5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-09-09 10:53 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\.NET v4.5 Classic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-09-09 10:53 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\.NET v4.5 Classic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-09-09 10:53 - 2015-07-10 13:04 - 00000000 ____D C:\Users\.NET v4.5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-09 10:53 - 2015-07-10 13:04 - 00000000 ____D C:\Users\.NET v4.5 Classic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-09 10:30 - 2015-09-09 10:30 - 00313004 _____ C:\Users\***\Documents\cc_20150909_103017.reg
2015-09-09 10:27 - 2015-09-09 10:27 - 00002852 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-09-09 10:27 - 2015-09-09 10:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-09-09 10:27 - 2015-09-09 10:27 - 00000000 ____D C:\Program Files\CCleaner
2015-09-09 08:34 - 2015-09-09 08:34 - 00001682 _____ C:\Users\***\Desktop\Notepad++.lnk
2015-09-08 23:48 - 2015-09-09 13:12 - 00000000 ____D C:\Users\***\AppData\Roaming\Notepad++
2015-09-08 23:48 - 2015-09-08 23:48 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-09-08 23:48 - 2015-09-08 23:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-09-08 23:40 - 2015-09-08 23:40 - 00000000 ____D C:\Users\***\AppData\Roaming\Sun
2015-09-08 23:40 - 2015-09-08 23:40 - 00000000 ____D C:\Users\***\.oracle_jre_usage
2015-09-08 23:13 - 2015-09-10 20:13 - 00000000 ____D C:\ProgramData\Oracle
2015-09-08 22:58 - 2015-09-02 03:20 - 00077400 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-09-08 22:58 - 2015-09-02 02:25 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-09-08 22:58 - 2015-09-02 02:25 - 01382912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-09-08 22:58 - 2015-08-27 08:36 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-08 22:58 - 2015-08-27 08:32 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-09-08 22:58 - 2015-08-27 08:04 - 21874688 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-09-08 22:58 - 2015-08-27 07:59 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-08 22:58 - 2015-08-27 07:55 - 24594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-08 22:58 - 2015-08-27 07:54 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-09-08 22:58 - 2015-08-27 07:54 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-08 22:58 - 2015-08-27 07:51 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-08 22:58 - 2015-08-27 07:51 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-08 22:58 - 2015-08-27 07:49 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-08 22:58 - 2015-08-27 07:47 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-08 22:58 - 2015-08-27 07:43 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-08 22:58 - 2015-08-27 07:43 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-08 22:58 - 2015-08-27 07:42 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-08 22:58 - 2015-08-27 07:42 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-09-08 22:58 - 2015-08-27 07:42 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2015-09-08 22:58 - 2015-08-27 07:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-08 22:58 - 2015-08-27 07:39 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-08 22:58 - 2015-08-27 07:23 - 19324416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-08 22:58 - 2015-08-27 07:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-08 22:58 - 2015-08-27 07:16 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-09-08 22:58 - 2015-08-27 07:16 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-08 22:58 - 2015-08-27 07:16 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-08 22:58 - 2015-08-27 07:12 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-08 22:58 - 2015-08-27 07:12 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-08 22:58 - 2015-08-27 07:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-08 22:58 - 2015-08-27 07:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-08 22:58 - 2015-08-27 07:09 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-08 22:58 - 2015-08-27 07:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-06 22:30 - 2015-09-06 22:30 - 00003236 _____ C:\WINDOWS\System32\Tasks\{B4166901-0BCE-4DB5-9228-DF2E0E6A54F0}
2015-09-06 22:25 - 2015-09-06 22:25 - 00000000 ____D C:\ProgramData\McAfee
2015-09-06 22:20 - 2015-09-07 22:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-09-06 22:01 - 2015-09-10 21:22 - 00000000 ____D C:\Users\***\AppData\Roaming\FileZilla
2015-09-06 22:01 - 2015-09-09 22:23 - 00000775 _____ C:\Users\***\Desktop\FileZilla Client.lnk
2015-09-06 22:01 - 2015-09-06 22:01 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-09-06 21:09 - 2015-09-06 21:09 - 00001219 _____ C:\Users\Public\Desktop\LibreOffice 5.0.lnk
2015-09-06 21:09 - 2015-09-06 21:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.0
2015-09-06 21:08 - 2015-09-06 21:09 - 00000000 ____D C:\Program Files (x86)\LibreOffice 5
2015-09-06 21:01 - 2015-09-10 19:58 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TYPO3 4.7.7
2015-09-06 18:25 - 2015-09-06 18:25 - 00000000 ____D C:\Users\***\AppData\Local\Microsoft_Corporation
2015-09-06 16:32 - 2015-09-06 16:32 - 00000000 ____D C:\Users\***\Documents\OneNote-Notizbücher
2015-09-06 13:02 - 2015-09-06 13:09 - 00000463 ____H C:\Users\***\Documents\.picasa.ini

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-04 11:17 - 2015-08-30 11:34 - 00466898 _____ C:\Users\***\AppData\Local\Snip.txt
2015-10-04 11:17 - 2015-07-30 21:05 - 00000000 ____D C:\Users\***
2015-10-04 11:02 - 2015-08-30 11:34 - 00000000 ____D C:\Users\***\Documents\My Snips
2015-10-04 10:55 - 2015-06-13 15:45 - 00001226 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2015-10-04 10:54 - 2015-05-02 11:27 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-04 10:50 - 2015-05-23 17:16 - 00003132 _____ C:\WINDOWS\Sandboxie.ini
2015-10-04 10:42 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-04 10:42 - 2014-10-26 16:05 - 00004154 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{687F2EEC-A316-484A-B958-97FEC835D3B2}
2015-10-04 10:40 - 2015-06-13 15:47 - 00000000 ___RD C:\Users\***\Dropbox
2015-10-04 10:40 - 2015-06-13 15:45 - 00000000 ____D C:\Users\***\AppData\Local\Dropbox
2015-10-04 10:40 - 2015-03-24 18:45 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-10-04 10:40 - 2014-03-16 13:40 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1888364831-2858631773-2981139133-1001UA.job
2015-10-04 10:39 - 2015-06-13 15:45 - 00001222 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2015-10-04 10:39 - 2015-05-02 11:27 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-03 22:28 - 2014-05-07 19:37 - 00000000 ____D C:\Users\***\AppData\Roaming\vlc
2015-10-03 21:10 - 2015-07-31 23:06 - 00000146 _____ C:\Users\***\Desktop\Sound - Verknüpfung.lnk
2015-10-03 18:40 - 2014-03-16 13:40 - 00001078 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1888364831-2858631773-2981139133-1001Core.job
2015-10-03 13:22 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-03 13:19 - 2014-07-02 17:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-03 10:34 - 2015-05-28 15:05 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2015-10-03 00:00 - 2015-06-13 15:45 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-10-01 18:59 - 2015-09-01 17:36 - 00003962 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1438604478
2015-10-01 18:59 - 2015-08-03 14:21 - 00001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-10-01 18:59 - 2015-04-30 19:34 - 00000000 ____D C:\Program Files (x86)\Opera
2015-10-01 16:14 - 2015-07-30 19:11 - 00000000 ____D C:\Users\***\Documents\WISO Mein Geld
2015-09-30 21:59 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-27 09:24 - 2015-08-30 11:34 - 00000000 ____D C:\Users\***\AppData\Local\Package Cache
2015-09-26 21:53 - 2015-05-02 11:27 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-25 14:52 - 2015-07-30 21:13 - 00006364 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-25 14:52 - 2015-07-10 18:34 - 01007202 _____ C:\WINDOWS\system32\perfh007.dat
2015-09-25 14:52 - 2015-07-10 18:34 - 00229714 _____ C:\WINDOWS\system32\perfc007.dat
2015-09-22 18:23 - 2014-01-20 23:03 - 00000000 ____D C:\Users\***\AppData\LocalLow\LastPass
2015-09-21 22:06 - 2014-04-04 17:44 - 00000000 ____D C:\Users\***\AppData\Local\Battle.net
2015-09-20 13:50 - 2014-12-03 18:33 - 00000000 ____D C:\Users\***\Desktop\Spiele
2015-09-20 12:51 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-19 22:19 - 2015-08-03 21:46 - 00000509 _____ C:\Users\***\Desktop\Programme und Features - Verknüpfung.lnk
2015-09-19 14:44 - 2014-01-20 22:56 - 00000000 ____D C:\Users\***\AppData\Roaming\Skype
2015-09-19 13:06 - 2014-08-13 18:27 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-09-19 13:06 - 2014-01-20 22:56 - 00000000 ____D C:\ProgramData\Skype
2015-09-19 12:52 - 2015-03-24 19:05 - 00000000 ____D C:\Users\***\Desktop\Sicherheit
2015-09-19 12:50 - 2015-08-01 12:44 - 00000000 ____D C:\WINDOWS\Minidump
2015-09-19 12:39 - 2015-07-10 11:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-09-18 20:46 - 2015-07-30 19:10 - 00000000 ____D C:\Users\***\Documents\Thai Chi - Yang Stile
2015-09-18 19:11 - 2015-03-27 21:20 - 00001326 _____ C:\DelFix.txt
2015-09-18 18:49 - 2014-04-04 16:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2015-09-18 18:38 - 2014-04-04 16:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2015-09-17 15:48 - 2015-05-02 11:27 - 00004194 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-17 15:48 - 2015-05-02 11:27 - 00003962 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-16 18:35 - 2014-03-16 13:40 - 00004244 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1888364831-2858631773-2981139133-1001UA
2015-09-16 18:35 - 2014-03-16 13:40 - 00003868 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1888364831-2858631773-2981139133-1001Core
2015-09-16 18:02 - 2014-01-20 21:44 - 00000000 ____D C:\Users\***\AppData\Local\Packages
2015-09-16 18:00 - 2015-07-30 21:15 - 00002390 _____ C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-09-16 18:00 - 2015-07-30 21:13 - 00000000 ___RD C:\Users\***\OneDrive
2015-09-15 18:12 - 2015-07-10 13:06 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-09-15 18:12 - 2015-07-10 13:06 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-14 18:52 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\restore
2015-09-14 13:26 - 2014-10-17 21:33 - 00000000 ____D C:\Users\***\AppData\Local\Adobe
2015-09-12 12:49 - 2014-01-20 22:19 - 00000000 ____D C:\Users\***\AppData\Local\Google
2015-09-10 20:13 - 2014-10-16 20:18 - 00000000 ____D C:\Program Files (x86)\Java
2015-09-10 18:47 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-09-10 16:09 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-09-09 11:04 - 2015-07-10 14:20 - 00409488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-09 10:53 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-09-09 10:53 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-09-09 10:53 - 2015-07-10 13:01 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-09-09 10:53 - 2015-07-10 13:01 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-09-09 10:53 - 2015-07-10 13:01 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-09-09 10:53 - 2015-07-10 13:01 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-09-09 10:53 - 2015-07-10 13:01 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-09-09 10:53 - 2015-07-10 13:01 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-09-09 10:53 - 2015-07-10 13:00 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-09-09 10:53 - 2015-07-10 13:00 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-09-09 10:53 - 2015-07-10 13:00 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-09-09 10:53 - 2015-07-10 13:00 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-09-09 10:53 - 2015-07-10 13:00 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-09-09 10:53 - 2015-07-10 13:00 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-09-09 10:53 - 2015-07-10 12:59 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\simptcp.dll
2015-09-09 10:33 - 2015-05-19 18:01 - 00000000 ____D C:\Users\***\AppData\Roaming\Media Player Classic
2015-09-09 10:33 - 2015-02-14 17:51 - 00000000 ____D C:\Users\***\AppData\Local\CrashDumps
2015-09-09 10:33 - 2014-06-30 14:40 - 00000000 ____D C:\Program Files (x86)\Steam
2015-09-08 23:06 - 2015-07-10 18:44 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-08 23:06 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-09-08 23:04 - 2014-05-10 14:38 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-08 23:03 - 2013-08-22 15:25 - 00000203 _____ C:\WINDOWS\win.ini
2015-09-08 23:02 - 2014-01-20 22:10 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-06 17:07 - 2015-07-30 19:10 - 00000000 ____D C:\Users\***\Documents\Rou

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-01-20 23:03 - 2014-10-06 18:29 - 13024768 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2015-07-30 19:04 - 2015-07-30 19:05 - 0000467 _____ () C:\Users\***\AppData\Roaming\burnaware.ini
2015-07-30 22:44 - 2015-07-30 22:44 - 0000078 _____ () C:\Users\***\AppData\Roaming\mainhst.zgh
2014-10-04 14:43 - 2014-10-04 14:43 - 0001285 _____ () C:\Users\***\AppData\Local\recently-used.xbel
2015-05-01 21:58 - 2015-05-01 21:58 - 0007595 _____ () C:\Users\***\AppData\Local\Resmon.ResmonCfg
2015-08-30 11:34 - 2015-10-04 11:17 - 0466898 _____ () C:\Users\***\AppData\Local\Snip.txt
2015-02-14 11:57 - 2015-02-14 11:57 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-07-30 21:04 - 2015-07-30 21:04 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-11-06 16:41 - 2014-11-28 14:36 - 0000215 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\***\fbchathistory.dat


Einige Dateien in TEMP:
====================
C:\Users\***\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjk2dpv.dll
C:\Users\***\AppData\Local\Temp\SandboxieInstall.exe
C:\Users\***\AppData\Local\Temp\sfamcc00001.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-10-03 11:19

==================== Ende von FRST.txt ============================

...

verrant 04.10.2015 10:57
...


FRST.addition

Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:03-10-2015
durchgeführt von *** (2015-10-04 11:19:57)
Gestartet von C:\Users\***\Downloads
Windows 10 Pro (X64) (2015-07-30 19:13:22)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1888364831-2858631773-2981139133-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1888364831-2858631773-2981139133-503 - Limited - Disabled)
Gast (S-1-5-21-1888364831-2858631773-2981139133-501 - Limited - Disabled)
*** (S-1-5-21-1888364831-2858631773-2981139133-1001 - Administrator - Enabled) => C:\Users\***

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

„Der Herr der Ringe Online™“ v1301.0055.0535.4025 (HKLM-x32\...\12bbe590-c890-11d9-9669-0800200c9a66_is1) (Version: 1301.0055.0535.4025 - Turbine, Inc.)
7-Zip 9.20 (HKLM-x32\...\{23170F69-40C1-2701-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
7-Zip 9.36 beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Flash Player 19 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7.1 64-bit (HKLM\...\{BC86B82C-8C0E-4408-9AC1-6B0F2D636963}) (Version: 5.7.1 - Adobe Systems Incorporated)
Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version:  - Ensemble Studios)
Alcor Micro Generic Hub Filter Driver (HKLM-x32\...\AmUHubftr) (Version: 2.0.11.0 - Alcor Micro Corp.)
Alcor Micro Generic Hub Filter Driver (x32 Version: 2.0.11.0 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader Driver  (x32 Version: 20.26.3317.04170 - Alcor Micro Corp.) Hidden
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BurnAware Free 8.3 (HKLM-x32\...\BurnAware Free_is1) (Version:  - Burnaware)
CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Double Action: Boogaloo (HKLM-x32\...\Steam App 317360) (Version:  - Double Action Factory)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.10.7 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.33 - Dropbox, Inc.) Hidden
DxO Optics Pro 7 (HKLM\...\{64579E10-6249-4BB1-B1D1-8EF55042DB45}) (Version: 7.5.5 - DxO Labs)
Elite Dangerous Launcher version 0.4.2854.0 (HKLM-x32\...\{696F8871-C91D-4CB1-825D-36BE18065575}_is1) (Version: 0.4.2854.0 - Frontier Developments)
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version:  - FileHippo.com)
FileZilla Client 3.13.1 (HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\FileZilla Client) (Version: 3.13.1 - Tim Kosse)
Free MP4 Video Converter version 5.0.63.913 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.63.913 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
Google Photos Backup (HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Google Photos Backup) (Version: 1.1.0.248 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HP ENVY 4500 series - Grundlegende Software für das Gerät (HKLM\...\{5C519C69-AC39-40D0-9FF3-1F3FEE4640B2}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP ENVY 4500 series Hilfe (HKLM-x32\...\{6767CCD2-B939-4542-BF08-015B5496D4EC}) (Version: 30.0.0 - Hewlett Packard)
HP Photosmart Plus B210 series - Grundlegende Software für das Gerät (HKLM\...\{1686185A-3D85-428D-8786-ACB403B9D420}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart Plus B210 series Hilfe (HKLM-x32\...\{7F5FDEA1-D0AC-4D80-9D95-59775FCCFA40}) (Version: 140.0.54.54 - Hewlett Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
Inkscape 0.48.5 (HKLM-x32\...\Inkscape) (Version: 0.48.5 - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
K-Lite Mega Codec Pack 11.4.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.4.0 - )
LastPass (Nur deinstallieren) (HKLM-x32\...\LastPass) (Version:  - LastPass)
LibreOffice 5.0.1.2 (HKLM-x32\...\{927AE35D-72BC-437D-BAC7-EE47D03DEE54}) (Version: 5.0.1.2 - The Document Foundation)
LOTRO Plugin Compendium (HKLM-x32\...\{3BF7818D-2482-4676-A237-915A11A97847}) (Version: 1.0.3 - Lunarwater)
Malwarebytes Anti-Exploit version 1.07.1.1015 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.07.1.1015 - Malwarebytes)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 41.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.1 (x86 de)) (Version: 41.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.1.5750 - Mozilla)
Mozilla Thunderbird 38.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.2.0 (x86 de)) (Version: 38.2.0 - Mozilla)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.3 - Notepad++ Team)
Opera Stable 32.0.1948.69 (HKLM-x32\...\Opera 32.0.1948.69) (Version: 32.0.1948.69 - Opera Software)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.313.1 - Tracker Software Products Ltd)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
Planetary Annihilation (HKLM-x32\...\Steam App 233250) (Version:  - Uber Entertainment)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.336 - Qualcomm Atheros Communications)
Ralink RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.35.0 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.37.1119.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15022.8 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15022.8 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Sandboxie 5.02 (64-bit) (HKLM\...\Sandboxie) (Version: 5.02 - Sandboxie Holdings, LLC)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Ski Challenge 15 (HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\sc15-GAMETWIST_MAIN) (Version:  - )
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.10 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.10.101 - Skype Technologies S.A.)
Snip (HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\{c1820c62-8dd5-42f3-a3cb-cc5c3f59fc3c}) (Version: 0.1.4981.0 - Microsoft Corporation)
Snip (x32 Version: 0.1.4981.0 - Microsoft) Hidden
SPCA1528 PC Driver (HKLM-x32\...\{570C2A84-A145-4DF0-AE9D-012584DF09DC}) (Version: 2.2.4.0 - )
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Studie zur Verbesserung von HP ENVY 4500 series (HKLM\...\{3590B83E-FCEB-43E2-9F3D-2917825547D0}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.51a - Ghisler Software GmbH)
Turbo Lister 2 (HKLM-x32\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)
Unchecky v0.3.9 (HKLM-x32\...\Unchecky) (Version: 0.3.9 - RaMMicHaeL)
Unity Web Player (HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WEB.DE Club SmartFax (HKLM-x32\...\WEB.DE Club SmartFax) (Version: 2.00.235 - 1&1 Mail & Media GmbH)
WEB.DE Online-Speicher 1.11.4174.0 (HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\WEB.DE Application {sync-000021}) (Version: 1.11.4174.0 - 1&1 Mail & Media GmbH)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
WISO Mein Geld 2015 Professional .NET (HKLM-x32\...\WISO Mein Geld 2015 Professional .NET) (Version:  - Buhl Data Service GmbH)
WISO Mein Geld 2015 Professional .NET (x32 Version: 20.0.0.0 - Buhl Data Service GmbH) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1888364831-2858631773-2981139133-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\***\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1888364831-2858631773-2981139133-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\***\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1888364831-2858631773-2981139133-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\***\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)

==================== Wiederherstellungspunkte =========================

18-09-2015 19:11:16 Ende der Bereinigung
19-09-2015 21:18:58 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
23-09-2015 18:52:49 Windows Update
29-09-2015 19:45:34 Windows Update

==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2015-09-20 12:51 - 00002022 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1      localhost
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com

Da befinden sich 5 zusätzliche Einträge.


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {011B42D3-DFDF-4C79-BC17-EF6717F44986} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1888364831-2858631773-2981139133-1001UA => C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {13896B67-0FCD-42C2-A928-DC02BAFFFCAD} - System32\Tasks\{6644215F-D573-4448-B8E2-12B972183707} => pcalua.exe -a "C:\Program Files (x86)\pandasecuritytb\uninstall.exe"
Task: {187B46F7-A8B8-4F63-94EF-393FD2B00E9E} - System32\Tasks\{70F927D6-EBE1-457D-A298-444941E8E902} => pcalua.exe -a "C:\Users\***\Desktop\Galaxy S3 - Mini\SAMSUNG_USB_Driver_for_Mobile_Phones.exe" -d "C:\Users\***\Desktop\Galaxy S3 - Mini"
Task: {19123DE3-4CE2-47EB-951C-000B9086A899} - System32\Tasks\HPCustParticipation HP ENVY 4500 series => C:\Program Files\HP\HP ENVY 4500 series\Bin\HPCustPartic.exe [2014-07-21] (Hewlett-Packard Development Company, LP)
Task: {1D2E8BE4-15AF-45C9-B1BB-8AE269980BD5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-20] (Piriform Ltd)
Task: {20CEB925-62C3-4BE2-AC72-232D8EEEC4C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-02] (Google Inc.)
Task: {262C2D0D-990C-4A39-8A1A-7FCECDA34A8D} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {2ECDE3D1-17B5-4C78-83A3-961EBC1858CD} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_185_pepper.exe [2015-09-22] (Adobe Systems Incorporated)
Task: {2F19BF84-ECD9-489B-B717-18E7D00AD177} - System32\Tasks\Microsoft_Hardware_Launch_rundll32_exe => Rundll32.exe url.dll,OpenURL e:\e67415113b809610ca462725cd5d34\ipoint\Setup64\Files\1031\Deu.rtf
Task: {30F520F0-ECDE-4773-8DF4-791D3E820289} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-13] (Dropbox, Inc.)
Task: {3AF644C2-3E4D-4A96-8523-77213AB94E38} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1888364831-2858631773-2981139133-1001Core => C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {53F8794E-726C-4A97-9BB8-347ECDC5CB94} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {5A73AB7F-ABDA-4DEA-ACE4-066E9E744A0C} - System32\Tasks\{A8A0A7FB-B363-4CBD-91B8-947FA6EA8EAA} => pcalua.exe -a C:\Users\***\Downloads\k30v106.EXE -d C:\Users\***\Downloads
Task: {5B46D580-7A03-4856-88F2-8E578DABC387} - System32\Tasks\Opera scheduled Autoupdate 1438604478 => C:\Program Files (x86)\Opera\launcher.exe [2015-09-25] (Opera Software)
Task: {5CA66246-B533-4AEA-B177-6BCFE89315EF} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [2015-08-11] (Microsoft Corporation)
Task: {9ABF69B7-6E21-4FBE-A448-CFD73E6FC963} - System32\Tasks\{B4166901-0BCE-4DB5-9228-DF2E0E6A54F0} => pcalua.exe -a E:\TYPO3_4.7.7\typo3start.exe -d e:\TYPO3_4.7.7
Task: {AADE5BB0-9229-466A-87CF-F451459353E9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-02] (Google Inc.)
Task: {DA1D5CFE-6ADC-4AF7-A259-7629F07FAB22} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {E18984A1-5A1E-490A-A44F-ABD5DCC69332} - System32\Tasks\{70F4BB8E-DF69-4214-A82D-13742A7694BD} => pcalua.exe -a E:\typo3-winstall-6.0.0rc2\typo3start.exe -d E:\typo3-winstall-6.0.0rc2
Task: {E50A83C6-22D9-46C6-8EDE-F7B65D25B88E} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-22] (Adobe Systems Incorporated)
Task: {E52C04F3-0641-4907-8F29-A02D3A7352F6} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-13] (Dropbox, Inc.)
Task: {F6FDE532-F25A-40C7-AAAF-B33AF91282B9} - System32\Tasks\{2B43B2A3-A783-4ECE-BEF2-BEE44272E399} => pcalua.exe -a "C:\Users\***\Desktop\Galaxy3 Mini - Android Update\SAMSUNG_USB_Driver (1)\SAMSUNG_USB_Driver_for_Mobile_Phones.exe" -d "C:\Users\***\Desktop\Galaxy3 Mini - Android Update\SAMSUNG_USB_Driver (1)"
Task: {FE45DD55-A6EC-4F57-9056-FF15EECC96A7} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-08-24] ()

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_185_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1888364831-2858631773-2981139133-1001Core.job => C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1888364831-2858631773-2981139133-1001UA.job => C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-07-30 21:59 - 2015-07-30 21:59 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-19 17:08 - 2015-08-11 11:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-08-28 21:14 - 2015-08-18 09:56 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-28 21:14 - 2015-08-18 09:56 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-07-10 12:59 - 2015-07-10 12:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-08-13 12:45 - 2015-08-03 03:11 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 13:00 - 2015-07-10 18:43 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-19 17:08 - 2015-08-11 10:58 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-13 12:45 - 2015-08-03 03:09 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 13:00 - 2015-07-10 18:43 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00121363 _____ () D:\Program Files\VideoLAN\VLC\libvlc.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 02524691 _____ () D:\Program Files\VideoLAN\VLC\libvlccore.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00713235 _____ () D:\Program Files\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00031251 _____ () D:\Program Files\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00034323 _____ () D:\Program Files\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00070163 _____ () D:\Program Files\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 02376211 _____ () D:\Program Files\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00106515 _____ () D:\Program Files\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00263699 _____ () D:\Program Files\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00080915 _____ () D:\Program Files\VideoLAN\VLC\plugins\access\libaccess_vdr_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00051219 _____ () D:\Program Files\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00063507 _____ () D:\Program Files\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00608275 _____ () D:\Program Files\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 01022995 _____ () D:\Program Files\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00125459 _____ () D:\Program Files\VideoLAN\VLC\plugins\access\libzip_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00043539 _____ () D:\Program Files\VideoLAN\VLC\plugins\access\libstream_filter_rar_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00017427 _____ () D:\Program Files\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00140307 _____ () D:\Program Files\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 02218003 _____ () D:\Program Files\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00318995 _____ () D:\Program Files\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 01470995 _____ () D:\Program Files\VideoLAN\VLC\plugins\misc\libxml_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00058387 _____ () D:\Program Files\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00043027 _____ () D:\Program Files\VideoLAN\VLC\plugins\control\libglobalhotkeys_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00190995 _____ () D:\Program Files\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00091667 _____ () D:\Program Files\VideoLAN\VLC\plugins\demux\libavi_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00071187 _____ () D:\Program Files\VideoLAN\VLC\plugins\demux\libasf_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00081939 _____ () D:\Program Files\VideoLAN\VLC\plugins\demux\libflacsys_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00028179 _____ () D:\Program Files\VideoLAN\VLC\plugins\demux\libes_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 12501523 _____ () D:\Program Files\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00085523 _____ () D:\Program Files\VideoLAN\VLC\plugins\demux\libmpc_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00018963 _____ () D:\Program Files\VideoLAN\VLC\plugins\demux\libtta_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00025619 _____ () D:\Program Files\VideoLAN\VLC\plugins\demux\libnuv_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00024595 _____ () D:\Program Files\VideoLAN\VLC\plugins\demux\libwav_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 01261075 _____ () D:\Program Files\VideoLAN\VLC\plugins\demux\libsid_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00126483 _____ () D:\Program Files\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00152595 _____ () D:\Program Files\VideoLAN\VLC\plugins\demux\libogg_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 01739283 _____ () D:\Program Files\VideoLAN\VLC\plugins\demux\libmkv_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00017939 _____ () D:\Program Files\VideoLAN\VLC\plugins\demux\libdirac_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00928787 _____ () D:\Program Files\VideoLAN\VLC\plugins\access\liblive555_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00023571 _____ () D:\Program Files\VideoLAN\VLC\plugins\demux\libsmf_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00021011 _____ () D:\Program Files\VideoLAN\VLC\plugins\demux\libpva_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00017939 _____ () D:\Program Files\VideoLAN\VLC\plugins\demux\libxa_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00018963 _____ () D:\Program Files\VideoLAN\VLC\plugins\demux\libaiff_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00021011 _____ () D:\Program Files\VideoLAN\VLC\plugins\demux\libvoc_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00017939 _____ () D:\Program Files\VideoLAN\VLC\plugins\demux\libau_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00039955 _____ () D:\Program Files\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00123923 _____ () D:\Program Files\VideoLAN\VLC\plugins\access\libaccess_http_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00330771 _____ () D:\Program Files\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00019475 _____ () D:\Program Files\VideoLAN\VLC\plugins\codec\librawvideo_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00192019 _____ () D:\Program Files\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00833555 _____ () D:\Program Files\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00019475 _____ () D:\Program Files\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00025619 _____ () D:\Program Files\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00024595 _____ () D:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_flac_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00035859 _____ () D:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_dirac_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00024083 _____ () D:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mlp_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00071699 _____ () D:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4audio_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00042003 _____ () D:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_vc1_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00021523 _____ () D:\Program Files\VideoLAN\VLC\plugins\codec\libsvcdsub_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00023059 _____ () D:\Program Files\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00029715 _____ () D:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4video_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00028691 _____ () D:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpegvideo_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00021523 _____ () D:\Program Files\VideoLAN\VLC\plugins\codec\libcvdsub_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00085523 _____ () D:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_h264_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00022035 _____ () D:\Program Files\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00341011 _____ () D:\Program Files\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00021523 _____ () D:\Program Files\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 01505811 _____ () D:\Program Files\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00023059 _____ () D:\Program Files\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00417811 _____ () D:\Program Files\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00230931 _____ () D:\Program Files\VideoLAN\VLC\plugins\codec\libflac_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00029715 _____ () D:\Program Files\VideoLAN\VLC\plugins\codec\libg711_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 01745427 _____ () D:\Program Files\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00017427 _____ () D:\Program Files\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00023059 _____ () D:\Program Files\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00139795 _____ () D:\Program Files\VideoLAN\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00186387 _____ () D:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00081939 _____ () D:\Program Files\VideoLAN\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 01506835 _____ () D:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00025619 _____ () D:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00016915 _____ () D:\Program Files\VideoLAN\VLC\plugins\audio_filter\liba52tospdif_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00017939 _____ () D:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdtstospdif_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00017939 _____ () D:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00017427 _____ () D:\Program Files\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00018963 _____ () D:\Program Files\VideoLAN\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00029715 _____ () D:\Program Files\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll
2015-02-19 21:34 - 2014-01-10 18:21 - 00082944 ____R () C:\Program Files (x86)\Ralink\Common\ndisflt.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-10-01 15:10 - 2015-10-02 01:07 - 00166416 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2015-10-04 10:40 - 2015-10-04 10:40 - 00071168 _____ () c:\users\***\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjk2dpv.dll
2015-06-13 15:46 - 2015-09-24 01:07 - 00012800 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll
2015-06-13 15:46 - 2015-09-24 01:07 - 00779776 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-30 12:28 - 2015-09-24 01:07 - 00056320 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-13 15:46 - 2015-09-24 01:07 - 00012288 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll
2015-08-24 15:58 - 2015-08-24 15:58 - 00039384 _____ () e:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2015-09-26 21:53 - 2015-09-24 04:34 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libglesv2.dll
2015-09-26 21:53 - 2015-09-24 04:34 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libegl.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\***\SkyDrive:ms-properties

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\***\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\imgp0918-1.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\StartupFolder: => "Install LastPass IE RunOnce.lnk"
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "StartCCC"
HKLM\...\StartupApproved\Run: => "IntelliPoint"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "KeePass 2 PreLoad"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "ThrustTSR"
HKLM\...\StartupApproved\Run32: => "WISO Mein Geld 2015 Professional .NET"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\StartupApproved\StartupFolder: => "WISO Mein Steuer-Sparbuch heute.lnk"
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\StartupApproved\Run: => "Google+ Auto Backup"
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\StartupApproved\Run: => "Ubuntu One Icon"
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\StartupApproved\Run: => "Ubuntu One"
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\StartupApproved\Run: => "WEB.DE Application {sync-000021}"
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{6F73C257-5BFD-4E2A-8FE4-2E56473412D8}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{496BF1E2-2E42-4F42-8903-4EF82BC7F59A}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{D544697E-988C-4887-88E5-0575D7EFE2A1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{41DBCFAE-C169-43D6-A4EB-95A324649911}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{043C7667-FAA6-48A2-8481-BF1BBD92B5CF}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{15DCE531-C554-493A-8C97-A4C1BD8620DF}] => (Allow) LPort=5357
FirewallRules: [{D4F35366-C0FC-46B5-B8CB-C58C62ADC9AB}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\DeviceSetup.exe
FirewallRules: [UDP Query User{FDBEA3A4-5B6A-4A48-BB4B-16D2C151F6C3}C:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe] => (Block) C:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe
FirewallRules: [TCP Query User{767917D7-DC42-4B63-B01E-44195DA16C3C}C:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe] => (Block) C:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe
FirewallRules: [UDP Query User{3D1DE240-0821-41A5-B028-7F55E3D43906}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{4D23AC9C-24EF-4146-B952-3A1065E63EC7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{390EC187-5C6C-4A45-8FEA-AAEA00AF3977}C:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe
FirewallRules: [TCP Query User{71C511BF-12BB-4651-9031-6688F51B8BF9}C:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe
FirewallRules: [UDP Query User{E00CD392-19D4-434B-A05F-84142498B2F2}C:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicatorcom.exe
FirewallRules: [TCP Query User{8E4C68F3-525B-491B-9D9A-273394BFC787}C:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicatorcom.exe
FirewallRules: [{BE376B36-920A-4902-82BE-6CF699D14293}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7C6A2AAD-7F73-44E4-8E0C-F996237331A9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{E6EE7A41-8A78-4ABD-80E9-3FA2D53AF160}D:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe] => (Allow) D:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe
FirewallRules: [TCP Query User{EDCDA70B-DF1A-48F3-BD4E-B9F2853EDF8E}D:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe] => (Allow) D:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe
FirewallRules: [{2AA1DFD6-312E-4DD9-B109-C20E0ECCA36A}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{F0D2E862-1A47-4408-AF35-5F27AAC4DC22}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{D6281D2C-5F85-4386-B9A0-A660F06C8B76}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{52C4A13B-C420-49DA-8CA1-97373B940B41}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{2D215BD9-891E-4FA9-8DC3-65A0D9668FF4}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BE9AE20E-9FF2-43C6-B1D5-B9D9F47469F4}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{3C7AE69E-2733-4B32-86AE-9547DC1ADB4C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{00AF6728-F0B0-4052-AE5F-8B3077E3FC0C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{E9776974-2E0F-4969-B950-57713F7A2550}D:\totalcmd\totalcmd.exe] => (Allow) D:\totalcmd\totalcmd.exe
FirewallRules: [UDP Query User{3FA17935-22AA-43DF-ABD1-9632AF5A250B}D:\totalcmd\totalcmd.exe] => (Allow) D:\totalcmd\totalcmd.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{CE4E737F-DCCC-4BD7-940B-DBF2B672B9E0}] => (Allow) D:\StarCraft II\StarCraft II.exe
FirewallRules: [{CB382714-0FD4-48CA-A995-2DDAAB363B85}] => (Allow) D:\StarCraft II\StarCraft II.exe
FirewallRules: [TCP Query User{4AB795BA-85E7-41DA-85AA-E8F56C4D42F4}D:\starcraft ii\versions\base32283\sc2.exe] => (Allow) D:\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [UDP Query User{36E79DCE-9C3A-4162-A404-CD67E58A2569}D:\starcraft ii\versions\base32283\sc2.exe] => (Allow) D:\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [{53135717-B90E-4F49-A156-A35126A71E38}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FE9EFC19-47D5-44E6-9720-EA0B0049B250}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{2E27A0A6-C79E-4F67-B840-CFFD33BDEE69}D:\diablo iii\diablo iii.exe] => (Allow) D:\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{08325EA3-3DD0-4F44-AFE0-F315AF99F63C}D:\diablo iii\diablo iii.exe] => (Allow) D:\diablo iii\diablo iii.exe
FirewallRules: [{8F096CF4-30C3-4917-AD95-DDEC539D87FD}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{872170B4-6DDA-4D44-855E-C591261BC7C1}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [TCP Query User{13A54796-89CB-400F-8129-4EEBAD8B2692}D:\program files (x86)\steam\steamapps\common\double action\hl2.exe] => (Block) D:\program files (x86)\steam\steamapps\common\double action\hl2.exe
FirewallRules: [UDP Query User{A470C0A7-CAF7-4CCD-A73B-550C1D879E36}D:\program files (x86)\steam\steamapps\common\double action\hl2.exe] => (Block) D:\program files (x86)\steam\steamapps\common\double action\hl2.exe
FirewallRules: [{7CE71413-0B35-4219-971D-96AE626485C8}] => (Allow) E:\SteamLibrary\steamapps\common\Planetary Annihilation\bin_x64\pa.exe
FirewallRules: [{860D1978-EB5D-4AD2-B6DB-88D053015AD5}] => (Allow) E:\SteamLibrary\steamapps\common\Planetary Annihilation\bin_x64\pa.exe
FirewallRules: [{42C82421-A858-4779-8895-F525BBAA6C49}] => (Allow) E:\SteamLibrary\steamapps\common\Planetary Annihilation\bin_x86\PA.exe
FirewallRules: [{4EC1FA41-7B6C-4113-9AA1-E82DE7B7D0F4}] => (Allow) E:\SteamLibrary\steamapps\common\Planetary Annihilation\bin_x86\PA.exe
FirewallRules: [{E1055487-900B-4C2D-9B60-3590D0B3EA35}] => (Allow) E:\SteamLibrary\steamapps\common\Planetary Annihilation\bin_x86\crashupload.exe
FirewallRules: [{E46BABAA-94A5-434B-836A-27E266D55E55}] => (Allow) E:\SteamLibrary\steamapps\common\Planetary Annihilation\bin_x86\crashupload.exe
FirewallRules: [{3B2DF300-BD02-4B62-BCF7-D75831668843}] => (Allow) E:\SteamLibrary\steamapps\common\Planetary Annihilation\bin_x86\host\CoherentUI_Host.exe
FirewallRules: [{6C1B5BB1-2E5C-4757-A74C-80DBDFD430B1}] => (Allow) E:\SteamLibrary\steamapps\common\Planetary Annihilation\bin_x86\host\CoherentUI_Host.exe
FirewallRules: [{F141E833-E3A4-4E7A-9D88-89CABE5CBDD9}] => (Allow) E:\SteamLibrary\steamapps\common\Planetary Annihilation\bin_x64\crashupload.exe
FirewallRules: [{1C999A06-DE64-44E4-9984-9E42562FD3EB}] => (Allow) E:\SteamLibrary\steamapps\common\Planetary Annihilation\bin_x64\crashupload.exe
FirewallRules: [{D520DED5-10D4-4F36-858D-EFA2EA71EA16}] => (Allow) E:\SteamLibrary\steamapps\common\Planetary Annihilation\bin_x64\host\CoherentUI_Host.exe
FirewallRules: [{27EA5BAC-3732-46E9-8E4F-989C01807143}] => (Allow) E:\SteamLibrary\steamapps\common\Planetary Annihilation\bin_x64\host\CoherentUI_Host.exe
FirewallRules: [{BFBC4891-B88B-4C4B-BFAE-AA464DB2CBA1}] => (Allow) E:\SteamLibrary\steamapps\common\Planetary Annihilation\bin_x64\server.exe
FirewallRules: [{593D9A12-E886-46C4-A47E-2A7341AFF49C}] => (Allow) E:\SteamLibrary\steamapps\common\Planetary Annihilation\bin_x64\server.exe
FirewallRules: [{F8188474-51BB-4531-93AD-435CA1C11C61}] => (Allow) E:\SteamLibrary\steamapps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{AC3EA1DB-4362-4347-B104-552DDD34E240}] => (Allow) E:\SteamLibrary\steamapps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{5AE7F061-2EB3-4A38-97DD-D7D6EAC9BFF4}] => (Allow) E:\SteamLibrary\steamapps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{4DFB5633-3AFC-41E6-8E20-DAB3121EF036}] => (Allow) E:\SteamLibrary\steamapps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{1294D732-ED42-43CA-A61F-EEC21EC12BD5}] => (Allow) E:\SteamLibrary\steamapps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{40145B37-F456-451E-9D67-DA63C30C3A62}] => (Allow) E:\SteamLibrary\steamapps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{216D1E5E-CF82-4869-8385-AA93417D7A21}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{2B0F1C72-CE10-43B4-8578-96FEBA4509F1}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (10/03/2015 10:29:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: OPQIWUER)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (10/03/2015 10:28:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10240.16430, Zeitstempel: 0x55c59f92
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000034efb
ID des fehlerhaften Prozesses: 0x6fa4
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5

Error: (10/03/2015 07:57:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10240.16430, Zeitstempel: 0x55c59f92
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000034efb
ID des fehlerhaften Prozesses: 0x52a4
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5

Error: (10/03/2015 03:11:48 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (4612) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.

Error: (10/03/2015 03:11:48 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (4612) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.

Error: (10/03/2015 03:11:38 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (4612) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.

Error: (10/03/2015 03:11:38 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (4612) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.

Error: (10/03/2015 03:11:27 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (4612) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.

Error: (10/03/2015 03:11:27 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (4612) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.

Error: (10/03/2015 03:11:17 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (4612) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.


Systemfehler:
=============
Error: (10/03/2015 10:29:12 PM) (Source: DCOM) (EventID: 10010) (User: OPQIWUER)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca

Error: (10/03/2015 10:29:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_Session3" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/03/2015 10:29:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _Session3" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/03/2015 10:29:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_Session3" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/03/2015 10:29:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session3" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/03/2015 06:24:44 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}

Error: (10/03/2015 12:14:59 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (10/02/2015 05:58:40 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}

Error: (10/02/2015 03:39:42 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (10/01/2015 10:07:31 PM) (Source: DCOM) (EventID: 10010) (User: OPQIWUER)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca


CodeIntegrity:
===================================
  Date: 2015-09-26 21:34:30.379
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-09-26 21:34:30.338
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-09-21 18:58:42.424
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-09-20 10:34:18.880
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-09-19 13:14:55.155
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-09-18 15:23:07.432
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-09-18 15:10:41.757
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-09-18 15:10:41.747
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-09-18 15:10:39.444
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-09-18 15:10:39.291
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i5-2500 CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 41%
Installierter physikalischer RAM: 8159.15 MB
Verfügbarer physikalischer RAM: 4813.31 MB
Summe virtueller Speicher: 9439.15 MB
Verfügbarer virtueller Speicher: 5300.81 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:74.79 GB) (Free:16.39 GB) NTFS
Drive d: (Win) (Fixed) (Total:270.45 GB) (Free:58.98 GB) NTFS
Drive e: (Elements) (Fixed) (Total:465.64 GB) (Free:270.53 GB) FAT32
Drive h: () (Fixed) (Total:0.49 GB) (Free:0.39 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 000AB2A8)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: BDD4B8D6)
Partition 1: (Not Active) - (Size=270.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=195.3 GB) - (Type=83)

========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: 8D399BC0)
Partition 1: (Active) - (Size=465.8 GB) - (Type=0C)

==================== Ende von Addition.txt ============================
Keine weiteren aktuellen Logfiles erstellt.

Erster Start von Gmer führte zu einem Freeze mit lautem durchgehenden Brummton.

Neustart mit Installation von Updates – die ich nicht mitbekommen hatte. Zunächst mit einer Anzeige 100% und dann ansteigenden Prozentwerte.

Anschließender Neustart mit Gmer führte wieder zum Freeze mit Brummton.

Soweit alles unklar.

LG
verrant
P.S. Tastaturanschläge hier im Editor auch stark verzögert.

schrauber 04.10.2015 13:51
hi,

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

verrant 04.10.2015 16:12
Hi Schrauber.

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 04.10.2015
Suchlaufzeit: 15:43
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.10.04.02
Rootkit-Datenbank: v2015.10.02.01
Lizenz: Premium-Version
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Aktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Kay

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 476474
Abgelaufene Zeit: 4 Min., 52 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Deaktiviert
Rootkits: Deaktiviert
Heuristik: Deaktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

Code:
# AdwCleaner v5.010 - Bericht erstellt am 04/10/2015 um 16:51:49
# Aktualisiert am 04/10/2015 von Xplode
# Datenbank : 2015-10-04.3 [Server]
# Betriebssystem : Windows 10 Pro  (x64)
# Benutzername : *** - ***
# Gestartet von : C:\Users\***\Downloads\AdwCleaner_5.010.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ Verknüpfungen ] *****


***** [ Geplante Tasks ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{363F46BE-27B4-4C8D-99E7-B1E049B84376}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{525F116F-04AD-40A2-AE2F-A0C4E1AFEF98}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{90A9B7D2-3794-45EA-9E23-140E3938D2D9}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9852A670-F845-491B-9BE6-EBD841B8A613}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{ACE4747B-35BD-4E97-9DD7-1D4245B0695C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CE77C59C-CFD2-429F-868C-8B04D23F94CA}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F544E0F5-CA3C-47EA-A64D-35FCF1602396}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02AFA80F-4BEE-41FD-8572-214B58A9EF90}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{525F116F-04AD-40A2-AE2F-A0C4E1AFEF98}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{9852A670-F845-491B-9BE6-EBD841B8A613}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{ACE4747B-35BD-4E97-9DD7-1D4245B0695C}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CE77C59C-CFD2-429F-868C-8B04D23F94CA}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{F544E0F5-CA3C-47EA-A64D-35FCF1602396}

***** [ Internetbrowser ] *****

[-] [C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : feed.helperbar.com
[-] [C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : softonic
[-] [C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : ixquick.com
[-] [C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : ixquick.com____
[-] [C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : suchmaschine
[-] [C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : ixquick.com___
[-] [C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : search the web
[-] [C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : search.conduit.com
[-] [C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : ixquick.com__
[-] [C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : search.yahoo.com
[-] [C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : fmlgoencnlndpglbocajlimaikjohmab

*************************

:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3276 Bytes] ##########


Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.2 (09.14.2015:1)
OS: Windows 10 Pro x64
Ran by *** on 04.10.2015 at 16:59:08,97
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Kay\Appdata\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic

[C:\Users\Kay\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Kay\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
gpdjojdkbbmdfjfahjcgigfpmkopogic

[C:\Users\Kay\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Kay\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
  fmlgoencnlndpglbocajlimaikjohmab,
  gpdjojdkbbmdfjfahjcgigfpmkopogic
]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04.10.2015 at 17:02:25,01
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:03-10-2015
durchgeführt von *** (Administrator) auf *** (04-10-2015 17:05:07)
Gestartet von C:\Users\***\Downloads
Geladene Profile: *** (Verfügbare Profile: *** & .NET v4.5 & .NET v4.5 Classic)
Platform: Windows 10 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-03] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [WISO Mein Geld 2015 Professional .NET] => D:\Program Files (x86)\Buhl\WISO Mein Geld 2015\mg.exe [1120568 2015-07-22] (Buhl Data Service)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2620728 2015-07-22] (Malwarebytes Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36710768 2015-10-02] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [Google Update] => C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.)
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [WEB.DE Application {sync-000021}] => C:\Users\***\AppData\Local\WEB.DE Application {sync-000021}\webde_onlinespeicher.exe [781312 2015-02-18] (1&1 Mail & Media GmbH)
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [HP Photosmart Plus B210 series (NET)] => C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [SandboxieControl] => d:\Program Files\Sandboxie\SbieCtrl.exe [787592 2015-09-03] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [HP ENVY 4500 series (NET)] => C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [45056 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd)
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [55349888 2015-09-04] (Skype Technologies S.A.)
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Policies\Explorer: [NoSecurityTab] 0
ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 1] -> {02B2B772-B8A8-4DA4-9B18-42551A54A1A8} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 2] -> {0575AB16-E932-4160-8936-4DBE195BDBD7} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 3] -> {0E9EF89A-96D3-4DE6-B2F8-E9548AA5321E} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 4] -> {1A4AFFE1-B2F9-483D-B627-D9A339DBFD34} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 1] -> {02B2B772-B8A8-4DA4-9B18-42551A54A1A8} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 2] -> {0575AB16-E932-4160-8936-4DBE195BDBD7} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 3] -> {0E9EF89A-96D3-4DE6-B2F8-E9548AA5321E} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 4] -> {1A4AFFE1-B2F9-483D-B627-D9A339DBFD34} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2014-10-06]
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2014-01-20]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk [2015-02-19]
Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2015-09-06]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{1f429b3c-0def-4794-9fcd-1bd8383e754d}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{f4f984b3-14b6-4096-bca6-c6781cd9c88e}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1888364831-2858631773-2981139133-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> d:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-10-06] (LastPass)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Kein Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} ->  Keine Datei
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-10] (Oracle Corporation)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> d:\Program Files (x86)\LastPass\LPToolbar.dll [2014-10-06] (LastPass)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-10] (Oracle Corporation)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - d:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-10-06] (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - d:\Program Files (x86)\LastPass\LPToolbar.dll [2014-10-06] (LastPass)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798
FF Homepage: hxxp://www.diesiedleronline.de/de/spielen
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-22] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> d:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @lastpass.com/NPLastPass -> d:\Program Files (x86)\LastPass\nplastpass64.dll [2014-10-06] (LastPass)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> D:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> d:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> d:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> d:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-22] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> d:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-10] (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> d:\Program Files (x86)\LastPass\nplastpass.dll [2014-10-06] (LastPass)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> D:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1888364831-2858631773-2981139133-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> d:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1888364831-2858631773-2981139133-1001: @tools.google.com/Google Update;version=3 -> C:\Users\***\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-1888364831-2858631773-2981139133-1001: @tools.google.com/Google Update;version=9 -> C:\Users\***\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-1888364831-2858631773-2981139133-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\***\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
FF Extension: LastPass - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\support@lastpass.com [2015-09-26]
FF Extension: Video AdBlock for Firefox - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\{a00bef25-f21a-4539-adbb-b179b29e2b92} [2015-09-14]
FF Extension: WOT - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-07-09]
FF Extension: ProxMate - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi [2015-04-18]
FF Extension: uBlock Origin - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\uBlock0@raymondhill.net.xpi [2015-09-19]
FF Extension: NoScript - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-03-31]
FF Extension: Adblock Plus - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-03-31]
FF Extension: BetterPrivacy - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2015-03-31]
FF Extension: Kein Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-03]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.spiegel.de/","hxxp://forum.ubuntuusers.de/topic/kann-keine-programme-per-software-center-downl/","hxxp://www.happypainting.de/","hxxp://www.pentaxians.de/","hxxp://www.web.de/","hxxp://www.t-online.de/","http://www.trojaner-board.de/166488-...chtungen.html"
CHR Profile: C:\Users\***\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (NoScript Suite Lite) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahnanjpbkghcdgmlchbcfoiefnifjeni [2015-05-28]
CHR Extension: (Google Drive) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-02]
CHR Extension: (TV) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2015-05-02]
CHR Extension: (ColorZilla) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2015-09-05]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-05-02]
CHR Extension: (YouTube) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-14]
CHR Extension: (Meine IP-Adresse) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccfphbgnmmhjfalloifioeeeokjemobf [2015-05-02]
CHR Extension: (Adblock Plus) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-05-02]
CHR Extension: (TrafficLight) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfnpidifppmenkapgihekkeednfoenal [2015-05-02]
CHR Extension: (Adblock für Youtube™) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2015-09-14]
CHR Extension: (Google-Suche) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-02]
CHR Extension: (Facebook Customizer (by Adblock Plus)) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoeenbkoccjaefmmhpmlegngdjohdcm [2015-05-02]
CHR Extension: (Best Utility Apps) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnfkmehkjocihlfmcjkmdiekloihfaog [2015-05-02]
CHR Extension: (VTchromizer) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\efbjojhplkelaegfbieplglfidafgoka [2015-09-14]
CHR Extension: (Facebook Disconnect) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpepffjfmamnambagiibghpglaidiec [2015-05-02]
CHR Extension: (Google Text & Tabellen Offline) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-03]
CHR Extension: (AdBlock) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-05-02]
CHR Extension: („Pin it“-Button) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2015-10-04]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2015-05-02]
CHR Extension: (PDF Mergy) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgecghmkcdefnknohcimkoemhaofpoha [2015-05-02]
CHR Extension: (Subscriptions for YouTube™) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibcngljpkdlakkbhmbfhjabcblbcldbl [2015-05-02]
CHR Extension: (ProxMate) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifalmiidchkjjmkkbkoaibpmoeichmki [2015-06-22]
CHR Extension: (Dropbox) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2015-05-02]
CHR Extension: (Interstellar) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\kackgkhdbldcojljaeoaghlhfbbldkil [2015-05-02]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-02]
CHR Extension: (Google Maps) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-05-02]
CHR Extension: (Chrono Download Manager) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mciiogijehkdemklbdcbfkefimifhecn [2015-05-02]
CHR Extension: (Ghostery) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-05-02]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-02]
CHR Extension: (Hover Zoom) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2015-09-14]
CHR Extension: (AdBlock Pro) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2015-05-02]
CHR Extension: (QVIVO) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohdmoikcfdlgffkebhcojlghnccgngbg [2015-05-02]
CHR Extension: (Meine IP-Adresse) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhoeoiodcebkkigjiooibeccnfmmkoe [2015-05-02]
CHR Extension: (Google Mail) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-02]
CHR HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fknfdieimobmimhdkfkheeejenmdjhoe] - C:\Program Files (x86)\pandasecuritytb\chrome-newtab-search.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\***\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2015-02-15]

Opera:
=======
OPR Extension: (Ghostery) - C:\Users\***\AppData\Roaming\Opera Software\Opera Stable\Extensions\bbkekonodcdmedgffkkbgmnnekbainbg [2015-04-30]
OPR Extension: (dr34polw) - C:\Users\***\AppData\Roaming\Opera Software\Opera Stable\Extensions\cfkmglogfkpfekddlalobmhdbkjneejb [2015-08-03]
OPR Extension: (dr34polw) - C:\Users\***\AppData\Roaming\Opera Software\Opera Stable\Extensions\cgdogbijachehheddakopmfjahhgmmma [2015-08-03]
OPR Extension: (Avira Browser Safety) - C:\Users\***\AppData\Roaming\Opera Software\Opera Stable\Extensions\dalelnnofafalcmkmnhdbigbjjkloabo [2015-08-03]
OPR Extension: (weboftrust) - C:\Users\***\AppData\Roaming\Opera Software\Opera Stable\Extensions\eeokceolphhfjdfcibaiiopmekmcbedp [2015-08-03]
OPR Extension: (Cookie Jar) - C:\Users\***\AppData\Roaming\Opera Software\Opera Stable\Extensions\gapogllmojifhogcdfmommbeafllndoa [2015-08-03]
OPR Extension: (Google Analytics Opt-out (by Google)) - C:\Users\***\AppData\Roaming\Opera Software\Opera Stable\Extensions\hmffjpdmbgflojiohllanjaggdenggdo [2015-08-03]
OPR Extension: (dr34polw) - C:\Users\***\AppData\Roaming\Opera Software\Opera Stable\Extensions\ipiopppcaojnchgoepoemlbdccogeije [2015-08-03]
OPR Extension: (emmyaldor) - C:\Users\***\AppData\Roaming\Opera Software\Opera Stable\Extensions\knbfimhapmnifdchcafinkbfikmomaak [2015-09-10]
OPR Extension: (History Eraser) - C:\Users\***\AppData\Roaming\Opera Software\Opera Stable\Extensions\lfpoajlbkhlfoeeokbppmecpplmieedm [2015-08-03]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-13] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-13] (Dropbox, Inc.)
S2 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [218768 2015-06-24] (DTS)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
S2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [713016 2015-07-22] (Malwarebytes Corporation)
R2 MBAMScheduler; d:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; d:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [Datei ist nicht signiert]
S2 SbieSvc; d:\Program Files\Sandboxie\SbieSvc.exe [177800 2015-09-03] (Sandboxie Holdings, LLC)
S2 ss_conn_service; D:\Program Files (x86)\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
S2 Unchecky; C:\Program Files (x86)\Unchecky\bin\Unchecky_svc.exe [163576 2015-09-19] (RaMMicHaeL)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-09-09] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-09-09] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
S3 AmUHubftr; C:\Windows\System32\drivers\AmUHubftr.sys [25880 2013-12-20] (Alcor Micro, Corp.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
S3 Bulk1528; C:\Windows\System32\Drivers\Bulk1528.sys [17792 2009-10-20] (SunPlus)
S2 Ca1528av; C:\Windows\System32\Drivers\Ca1528av.sys [533760 2008-12-17] (Digital Camera)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-07-22] ()
R3 i8042HDR; C:\Windows\system32\DRIVERS\i8042HDR.sys [15920 2009-08-14] (Windows (R) Codename Longhorn DDK provider)
S3 LcUvcUpper; C:\Windows\system32\DRIVERS\LcUvcUpper.sys [34424 2015-08-27] (Microsoft Corporation)
R1 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [109272 2015-06-18] (Malwarebytes Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-10-04] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
S3 MEMSWEEP2; C:\WINDOWS\system32\15E3.tmp [6144 2009-06-18] (Sophos Plc) [Datei ist nicht signiert]
R3 netr28ux; C:\Windows\System32\drivers\netr28ux.sys [2204304 2015-07-10] (MediaTek Inc.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )
R3 SbieDrv; d:\Program Files\Sandboxie\SbieDrv.sys [191112 2015-09-03] (Sandboxie Holdings, LLC)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S1 UimBus; C:\Windows\System32\drivers\UimBus.sys [102664 2014-05-19] ()
S1 Uim_DEVIM; C:\Windows\System32\drivers\uim_devim.sys [25992 2014-05-19] ()
S1 Uim_IM; C:\Windows\System32\drivers\uim_im.sys [700296 2014-05-19] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-04 17:02 - 2015-10-04 17:02 - 00001411 _____ C:\Users\***\Desktop\JRT.txt
2015-10-04 16:58 - 2015-10-04 16:58 - 01798976 _____ (Malwarebytes) C:\Users\***\Downloads\JRT.exe
2015-10-04 16:53 - 2015-10-04 16:53 - 00016148 _____ C:\WINDOWS\system32\***_***_HistoryPrediction.bin
2015-10-04 16:44 - 2015-10-04 16:57 - 00000000 ____D C:\AdwCleaner
2015-10-04 16:41 - 2015-10-04 16:41 - 01681408 _____ C:\Users\***\Downloads\AdwCleaner_5.010.exe
2015-10-04 11:23 - 2015-10-04 11:23 - 00000824 _____ C:\WINDOWS\PFRO.log
2015-10-04 11:19 - 2015-10-04 17:05 - 00035779 _____ C:\Users\***\Downloads\FRST.txt
2015-10-04 11:19 - 2015-10-04 11:57 - 00059865 _____ C:\Users\***\Downloads\Addition.txt
2015-10-04 11:18 - 2015-10-04 17:05 - 00000000 ____D C:\FRST
2015-10-04 11:17 - 2015-10-04 11:18 - 02193408 _____ (Farbar) C:\Users\***\Downloads\FRST64.exe
2015-10-04 11:17 - 2015-10-04 11:17 - 00050477 _____ C:\Users\***\Downloads\Defogger.exe
2015-10-04 11:17 - 2015-10-04 11:17 - 00000468 _____ C:\Users\***\Downloads\defogger_disable.log
2015-10-04 11:17 - 2015-10-04 11:17 - 00000000 _____ C:\Users\***\defogger_reenable
2015-10-03 15:03 - 2015-10-03 15:03 - 00011859 _____ C:\Users\***\Desktop\Musik für Facebook.odt
2015-10-03 04:09 - 2015-10-04 11:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-03 00:00 - 2015-10-03 00:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-09-30 21:56 - 2015-09-25 02:35 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-09-30 21:56 - 2015-09-25 02:34 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-09-30 21:56 - 2015-09-25 02:13 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-09-30 21:56 - 2015-09-25 01:34 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-09-30 21:56 - 2015-09-25 01:34 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-09-30 21:56 - 2015-09-25 01:24 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-09-30 21:56 - 2015-09-25 01:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-09-30 21:56 - 2015-09-25 01:23 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-09-30 21:56 - 2015-09-25 01:17 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-09-30 21:56 - 2015-09-25 01:08 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-09-30 21:56 - 2015-09-25 01:07 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-09-30 21:56 - 2015-09-25 01:06 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-09-30 21:56 - 2015-09-25 01:05 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-09-30 21:56 - 2015-09-25 01:01 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-09-30 21:56 - 2015-09-25 01:01 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-09-30 21:56 - 2015-09-25 01:00 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-09-30 21:56 - 2015-09-25 01:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-09-30 21:56 - 2015-09-25 01:00 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-09-30 21:56 - 2015-09-25 01:00 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-09-30 21:56 - 2015-09-25 00:53 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-09-30 21:56 - 2015-09-25 00:43 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-09-30 21:56 - 2015-09-25 00:43 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-09-30 21:56 - 2015-09-25 00:42 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-09-30 21:56 - 2015-09-25 00:25 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-09-30 21:56 - 2015-09-25 00:25 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-09-30 21:56 - 2015-09-25 00:25 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-09-30 21:56 - 2015-09-25 00:25 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-09-30 21:56 - 2015-09-25 00:25 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-09-30 21:56 - 2015-09-25 00:24 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-09-30 21:56 - 2015-09-25 00:19 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-09-30 21:56 - 2015-09-19 07:14 - 00102304 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2015-09-30 21:56 - 2015-09-17 08:50 - 02464216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-09-30 21:56 - 2015-09-17 08:50 - 01563392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-09-30 21:56 - 2015-09-17 08:50 - 00099664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-09-30 21:56 - 2015-09-17 08:50 - 00088384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-09-30 21:56 - 2015-09-17 08:49 - 08020816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-09-30 21:56 - 2015-09-17 08:49 - 06487248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-09-30 21:56 - 2015-09-17 08:49 - 01563472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-09-30 21:56 - 2015-09-17 08:49 - 00894256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2015-09-30 21:56 - 2015-09-17 08:49 - 00553808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2015-09-30 21:56 - 2015-09-17 08:49 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-09-30 21:56 - 2015-09-17 08:48 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2015-09-30 21:56 - 2015-09-17 08:48 - 02494712 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-30 21:56 - 2015-09-17 08:48 - 02432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-09-30 21:56 - 2015-09-17 08:48 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2015-09-30 21:56 - 2015-09-17 08:48 - 01983824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-09-30 21:56 - 2015-09-17 08:48 - 00809352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-09-30 21:56 - 2015-09-17 08:48 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-09-30 21:56 - 2015-09-17 08:48 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-09-30 21:56 - 2015-09-17 08:48 - 00555768 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-09-30 21:56 - 2015-09-17 08:48 - 00537080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-09-30 21:56 - 2015-09-17 08:48 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-09-30 21:56 - 2015-09-17 08:48 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-09-30 21:56 - 2015-09-17 08:48 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-09-30 21:56 - 2015-09-17 08:48 - 00406864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-09-30 21:56 - 2015-09-17 08:48 - 00395088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-09-30 21:56 - 2015-09-17 08:48 - 00332624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2015-09-30 21:56 - 2015-09-17 08:48 - 00278352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-09-30 21:56 - 2015-09-17 08:48 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-09-30 21:56 - 2015-09-17 08:47 - 01397088 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-09-30 21:56 - 2015-09-17 08:44 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-09-30 21:56 - 2015-09-17 08:43 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-09-30 21:56 - 2015-09-17 08:39 - 00081488 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-09-30 21:56 - 2015-09-17 08:37 - 01295712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2015-09-30 21:56 - 2015-09-17 08:37 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-09-30 21:56 - 2015-09-17 08:28 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-09-30 21:56 - 2015-09-17 08:28 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-09-30 21:56 - 2015-09-17 08:28 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-09-30 21:56 - 2015-09-17 08:28 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2015-09-30 21:56 - 2015-09-17 08:28 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-09-30 21:56 - 2015-09-17 08:28 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-09-30 21:56 - 2015-09-17 08:27 - 01766952 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-09-30 21:56 - 2015-09-17 08:27 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-09-30 21:56 - 2015-09-17 08:26 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2015-09-30 21:56 - 2015-09-17 08:26 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2015-09-30 21:56 - 2015-09-17 08:26 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-09-30 21:56 - 2015-09-17 08:26 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-09-30 21:56 - 2015-09-17 08:26 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-09-30 21:56 - 2015-09-17 08:26 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-09-30 21:56 - 2015-09-17 08:25 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-09-30 21:56 - 2015-09-17 08:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-09-30 21:56 - 2015-09-17 08:20 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-09-30 21:56 - 2015-09-17 08:12 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-09-30 21:56 - 2015-09-17 08:11 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-09-30 21:56 - 2015-09-17 08:10 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2015-09-30 21:56 - 2015-09-17 08:09 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-09-30 21:56 - 2015-09-17 08:09 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-09-30 21:56 - 2015-09-17 08:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-09-30 21:56 - 2015-09-17 08:08 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-09-30 21:56 - 2015-09-17 08:08 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-09-30 21:56 - 2015-09-17 08:07 - 21875712 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-09-30 21:56 - 2015-09-17 08:06 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-09-30 21:56 - 2015-09-17 08:06 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-09-30 21:56 - 2015-09-17 08:06 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-09-30 21:56 - 2015-09-17 08:05 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-09-30 21:56 - 2015-09-17 08:05 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-09-30 21:56 - 2015-09-17 08:04 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-09-30 21:56 - 2015-09-17 08:04 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-09-30 21:56 - 2015-09-17 08:04 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2015-09-30 21:56 - 2015-09-17 08:03 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2015-09-30 21:56 - 2015-09-17 08:03 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-09-30 21:56 - 2015-09-17 08:03 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2015-09-30 21:56 - 2015-09-17 08:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2015-09-30 21:56 - 2015-09-17 08:02 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-09-30 21:56 - 2015-09-17 08:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-09-30 21:56 - 2015-09-17 08:00 - 24595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-30 21:56 - 2015-09-17 08:00 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-09-30 21:56 - 2015-09-17 08:00 - 02417664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-09-30 21:56 - 2015-09-17 08:00 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-09-30 21:56 - 2015-09-17 08:00 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2015-09-30 21:56 - 2015-09-17 07:58 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-09-30 21:56 - 2015-09-17 07:57 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-09-30 21:56 - 2015-09-17 07:57 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-09-30 21:56 - 2015-09-17 07:57 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-09-30 21:56 - 2015-09-17 07:57 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-09-30 21:56 - 2015-09-17 07:56 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-09-30 21:56 - 2015-09-17 07:56 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-09-30 21:56 - 2015-09-17 07:55 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-09-30 21:56 - 2015-09-17 07:55 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-09-30 21:56 - 2015-09-17 07:55 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2015-09-30 21:56 - 2015-09-17 07:55 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-09-30 21:56 - 2015-09-17 07:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2015-09-30 21:56 - 2015-09-17 07:55 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2015-09-30 21:56 - 2015-09-17 07:55 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2015-09-30 21:56 - 2015-09-17 07:55 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-09-30 21:56 - 2015-09-17 07:55 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-09-30 21:56 - 2015-09-17 07:54 - 03781120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-09-30 21:56 - 2015-09-17 07:54 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-09-30 21:56 - 2015-09-17 07:53 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-09-30 21:56 - 2015-09-17 07:52 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-09-30 21:56 - 2015-09-17 07:52 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2015-09-30 21:56 - 2015-09-17 07:52 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-09-30 21:56 - 2015-09-17 07:52 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2015-09-30 21:56 - 2015-09-17 07:52 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-09-30 21:56 - 2015-09-17 07:52 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-09-30 21:56 - 2015-09-17 07:52 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-09-30 21:56 - 2015-09-17 07:52 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-09-30 21:56 - 2015-09-17 07:52 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-09-30 21:56 - 2015-09-17 07:52 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-09-30 21:56 - 2015-09-17 07:51 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-09-30 21:56 - 2015-09-17 07:51 - 02660864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-09-30 21:56 - 2015-09-17 07:51 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-09-30 21:56 - 2015-09-17 07:51 - 01203712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-09-30 21:56 - 2015-09-17 07:51 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-09-30 21:56 - 2015-09-17 07:51 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-09-30 21:56 - 2015-09-17 07:51 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2015-09-30 21:56 - 2015-09-17 07:50 - 00929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-09-30 21:56 - 2015-09-17 07:50 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-09-30 21:56 - 2015-09-17 07:50 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2015-09-30 21:56 - 2015-09-17 07:50 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-09-30 21:56 - 2015-09-17 07:50 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeWiFi.dll
2015-09-30 21:56 - 2015-09-17 07:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2015-09-30 21:56 - 2015-09-17 07:49 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-09-30 21:56 - 2015-09-17 07:49 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-09-30 21:56 - 2015-09-17 07:49 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-09-30 21:56 - 2015-09-17 07:49 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-09-30 21:56 - 2015-09-17 07:49 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll
2015-09-30 21:56 - 2015-09-17 07:49 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-09-30 21:56 - 2015-09-17 07:49 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-09-30 21:56 - 2015-09-17 07:49 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll
2015-09-30 21:56 - 2015-09-17 07:49 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeIP.dll
2015-09-30 21:56 - 2015-09-17 07:49 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-09-30 21:56 - 2015-09-17 07:49 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2015-09-30 21:56 - 2015-09-17 07:48 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-09-30 21:56 - 2015-09-17 07:48 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-09-30 21:56 - 2015-09-17 07:48 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-09-30 21:56 - 2015-09-17 07:48 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-09-30 21:56 - 2015-09-17 07:48 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2015-09-30 21:56 - 2015-09-17 07:48 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-09-30 21:56 - 2015-09-17 07:47 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-09-30 21:56 - 2015-09-17 07:47 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2015-09-30 21:56 - 2015-09-17 07:47 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-09-30 21:56 - 2015-09-17 07:47 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-09-30 21:56 - 2015-09-17 07:46 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-09-30 21:56 - 2015-09-17 07:46 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-09-30 21:56 - 2015-09-17 07:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-09-30 21:56 - 2015-09-17 07:46 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-09-30 21:56 - 2015-09-17 07:46 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-09-30 21:56 - 2015-09-17 07:46 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2015-09-30 21:56 - 2015-09-17 07:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2015-09-30 21:56 - 2015-09-17 07:45 - 19325440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-30 21:56 - 2015-09-17 07:45 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-09-30 21:56 - 2015-09-17 07:45 - 01331200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-09-30 21:56 - 2015-09-17 07:45 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-09-30 21:56 - 2015-09-17 07:45 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-09-30 21:56 - 2015-09-17 07:45 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-09-30 21:56 - 2015-09-17 07:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2015-09-30 21:56 - 2015-09-17 07:44 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-09-30 21:56 - 2015-09-17 07:44 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-09-30 21:56 - 2015-09-17 07:44 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2015-09-30 21:56 - 2015-09-17 07:44 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-09-30 21:56 - 2015-09-17 07:43 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-09-30 21:56 - 2015-09-17 07:43 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-09-30 21:56 - 2015-09-17 07:43 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-09-30 21:56 - 2015-09-17 07:43 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-09-30 21:56 - 2015-09-17 07:42 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-09-30 21:56 - 2015-09-17 07:41 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-09-30 21:56 - 2015-09-17 07:40 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-09-30 21:56 - 2015-09-17 07:40 - 01918464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-09-30 21:56 - 2015-09-17 07:40 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-09-30 21:56 - 2015-09-17 07:39 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-09-30 21:56 - 2015-09-17 07:38 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2015-09-30 21:56 - 2015-09-17 07:37 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-09-30 21:56 - 2015-09-17 07:37 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-09-30 21:56 - 2015-09-17 07:36 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2015-09-30 21:56 - 2015-09-17 07:35 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-09-30 21:56 - 2015-09-17 07:35 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-09-30 21:56 - 2015-09-17 07:35 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-09-30 21:56 - 2015-09-17 07:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-09-30 21:56 - 2015-09-17 07:34 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-09-30 21:56 - 2015-09-17 07:33 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-09-30 21:56 - 2015-09-17 07:32 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-09-30 21:56 - 2015-09-17 07:32 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-09-30 21:56 - 2015-09-17 07:32 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-09-30 21:56 - 2015-09-17 07:32 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-09-30 21:56 - 2015-09-17 07:31 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-09-30 21:56 - 2015-09-17 07:31 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2015-09-30 21:56 - 2015-09-17 07:30 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-09-30 21:56 - 2015-09-17 07:29 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-09-30 21:56 - 2015-09-17 07:29 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-09-30 21:56 - 2015-09-17 07:29 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-09-30 21:56 - 2015-09-17 07:29 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-09-30 21:56 - 2015-09-17 07:28 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-09-30 21:56 - 2015-09-17 07:26 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-09-30 21:56 - 2015-09-17 07:16 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-09-30 21:56 - 2015-09-13 04:05 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-09-30 21:56 - 2015-09-13 03:41 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-09-30 21:55 - 2015-09-17 08:03 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-09-30 21:55 - 2015-09-17 07:56 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-09-30 21:55 - 2015-09-17 07:54 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-30 21:55 - 2015-09-17 07:50 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeCell.dll
2015-09-30 21:55 - 2015-09-17 07:46 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll
2015-09-30 21:55 - 2015-09-17 07:39 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-29 21:51 - 2015-09-29 22:06 - 00026260 _____ C:\Users\***\Documents\Watt nen Scheiß verhalten Guener-Susanne.odt
2015-09-27 09:24 - 2015-09-27 09:24 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Snip
2015-09-27 09:24 - 2015-09-27 09:24 - 00000000 ____D C:\Users\***\AppData\Local\Snip
2015-09-26 21:33 - 2015-09-26 21:33 - 02354343 _____ C:\Users\***\Downloads\cpu-z_1.73.zip
2015-09-19 21:18 - 2015-09-19 21:18 - 12455424 _____ (Frontier Developments ) C:\Users\***\Downloads\EliteDangerous-Client-Installer.exe
2015-09-19 21:18 - 2015-09-19 21:18 - 12455424 _____ (Frontier Developments ) C:\Users\***\Downloads\EliteDangerous-Client-Installer (1).exe
2015-09-19 20:15 - 2015-09-19 20:15 - 04944608 _____ (Advanced Micro Devices, Inc.) C:\Users\***\Downloads\autodetectutility.exe
2015-09-19 14:50 - 2015-09-19 14:50 - 00001092 _____ C:\Users\Public\Desktop\Unchecky.lnk
2015-09-19 14:50 - 2015-09-19 14:50 - 00000000 ____D C:\ProgramData\Unchecky
2015-09-19 14:50 - 2015-09-19 14:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky
2015-09-19 14:50 - 2015-09-19 14:50 - 00000000 ____D C:\Program Files (x86)\Unchecky
2015-09-19 14:49 - 2015-09-19 14:49 - 01091504 _____ (RaMMicHaeL) C:\Users\***\Downloads\unchecky_setup039.exe
2015-09-19 13:11 - 2015-10-04 16:53 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-19 13:06 - 2015-09-19 13:06 - 00002642 _____ C:\Users\Public\Desktop\Skype.lnk
2015-09-19 13:06 - 2015-09-19 13:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-19 13:05 - 2015-09-19 13:05 - 01506832 _____ (Skype Technologies S.A.) C:\Users\***\Downloads\SkypeSetup.exe
2015-09-19 12:43 - 2015-09-19 12:43 - 00001183 _____ C:\Users\Public\Desktop\Picasa 3.lnk
2015-09-19 12:26 - 2015-09-19 12:26 - 02190552 _____ C:\Users\***\Downloads\appmanagersetup_2.0_b4_292.exe
2015-09-19 12:26 - 2015-09-19 12:26 - 00000945 _____ C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileHippo App Manager.lnk
2015-09-18 19:11 - 2015-09-18 19:11 - 00003638 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2015-09-18 18:37 - 2015-09-21 18:24 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-09-18 18:33 - 2015-09-18 18:34 - 03183672 _____ (Blizzard Entertainment) C:\Users\***\Downloads\StarCraft-II-Setup-deDE.exe
2015-09-18 18:33 - 2015-09-18 18:33 - 02907704 _____ (Blizzard Entertainment) C:\Users\***\Downloads\World-of-Warcraft-Setup-deDE.exe
2015-09-18 15:09 - 2015-09-18 15:09 - 01454240 _____ C:\Users\***\Downloads\openssl-fips-2.0.10.tar.gz
2015-09-18 15:09 - 2015-09-18 15:09 - 00000000 ____D C:\Users\***\Downloads\openssl-fips-2.0.10
2015-09-17 19:58 - 2015-09-18 14:49 - 00001276 _____ C:\Users\***\Desktop\CoreTemp.ini
2015-09-15 20:32 - 2015-09-15 20:35 - 00000000 ____D C:\Users\***\Downloads\Sicherheit
2015-09-15 20:32 - 2015-09-15 20:32 - 00003111 _____ C:\Users\***\Downloads\MBAM_PUPs_Funde.txt
2015-09-14 18:55 - 2015-09-14 18:55 - 00000000 ____D C:\Users\***\AppData\Roaming\dlg
2015-09-14 18:54 - 2015-09-14 18:54 - 00001318 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2015-09-14 18:54 - 2015-09-14 18:54 - 00001146 _____ C:\Users\Public\Desktop\Free MP4 Video Converter.lnk
2015-09-14 18:54 - 2015-09-14 18:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-09-14 18:52 - 2015-09-14 18:54 - 00000000 ____D C:\Users\***\AppData\Roaming\DVDVideoSoft
2015-09-14 13:24 - 2015-09-14 13:24 - 01190104 _____ (Adobe Systems Incorporated) C:\Users\***\Downloads\flashplayer18pp_da_install.exe
2015-09-14 13:22 - 2015-10-04 16:23 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-09-14 13:22 - 2015-10-03 21:55 - 00000946 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-09-14 13:22 - 2015-09-22 20:30 - 00004086 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-09-14 13:22 - 2015-09-14 13:26 - 00003870 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-09-14 12:36 - 2015-09-14 12:36 - 00000000 ____D C:\Users\***\Downloads\tweaking.com_windows_repair_aio
2015-09-14 12:35 - 2015-09-14 12:35 - 00000117 _____ C:\Users\***\Desktop\ndrinfo_nds.m3u
2015-09-13 22:01 - 2015-09-19 12:50 - 00000000 ____D C:\Users\***\AppData\Roaming\MPC-HC
2015-09-13 22:01 - 2015-09-13 22:01 - 06781458 _____ C:\Users\***\Downloads\VID-20150913-WA0001 (1).mp4
2015-09-13 21:59 - 2015-09-13 21:59 - 00003008 _____ C:\WINDOWS\System32\Tasks\klcp_update
2015-09-13 21:59 - 2015-09-13 21:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-09-13 21:59 - 2015-08-24 20:00 - 00112128 _____ C:\WINDOWS\SysWOW64\ff_vfw.dll
2015-09-13 21:59 - 2015-06-22 15:25 - 00254976 _____ C:\WINDOWS\system32\xvidvfw.dll
2015-09-13 21:59 - 2015-06-22 15:25 - 00240128 _____ C:\WINDOWS\SysWOW64\xvidvfw.dll
2015-09-13 21:59 - 2015-06-22 15:24 - 00729088 _____ C:\WINDOWS\system32\xvidcore.dll
2015-09-13 21:59 - 2015-02-28 17:22 - 03571200 _____ (x264vfw project) C:\WINDOWS\system32\x264vfw64.dll
2015-09-13 21:59 - 2015-02-28 17:21 - 03591680 _____ (x264vfw project) C:\WINDOWS\SysWOW64\x264vfw.dll
2015-09-13 21:59 - 2012-07-21 12:55 - 00180736 _____ (fccHandler) C:\WINDOWS\system32\ac3acm.acm
2015-09-13 21:59 - 2012-07-21 12:54 - 00122880 _____ (fccHandler) C:\WINDOWS\SysWOW64\ac3acm.acm
2015-09-13 21:59 - 2011-12-07 19:37 - 00148992 _____ ( ) C:\WINDOWS\system32\lagarith.dll
2015-09-13 21:59 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\WINDOWS\SysWOW64\lagarith.dll
2015-09-13 21:58 - 2015-09-13 21:59 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2015-09-13 21:47 - 2015-09-13 21:57 - 41563740 _____ ( ) C:\Users\***\Downloads\K-Lite_Codec_Pack_1140_Mega.exe
2015-09-13 11:37 - 2015-09-13 11:37 - 00000798 _____ C:\Users\***\Documents\Fixlist.txt
2015-09-12 22:28 - 2015-09-12 22:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2015-09-12 22:27 - 2015-09-12 22:28 - 05176416 _____ (Sandboxie Holdings, LLC) C:\Users\***\Downloads\SandboxieInstall64-502.exe
2015-09-12 18:43 - 2015-09-12 18:43 - 00005850 _____ C:\Users\***\Downloads\Malware 1x PUP am 30.07.15.txt
2015-09-12 18:42 - 2015-09-12 18:42 - 00004039 _____ C:\Users\***\Downloads\Malware 2x PUP am 1.8.15.txt
2015-09-12 17:17 - 2015-09-12 18:24 - 00380416 _____ C:\Users\***\Downloads\Gmer-19357.exe
2015-09-12 14:35 - 2015-09-12 14:35 - 00001380 _____ C:\Users\***\Downloads\a2scan_150912-134822.txt
2015-09-10 20:13 - 2015-09-10 20:13 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-09-10 20:13 - 2015-09-10 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-10 20:07 - 2015-09-10 19:32 - 00000030 _____ C:\AVScanner.ini
2015-09-09 17:09 - 2015-09-09 17:09 - 00003284 _____ C:\WINDOWS\System32\Tasks\{70F4BB8E-DF69-4214-A82D-13742A7694BD}
2015-09-09 10:53 - 2015-09-09 10:53 - 00000020 ___SH C:\Users\.NET v4.5\ntuser.ini
2015-09-09 10:53 - 2015-09-09 10:53 - 00000020 ___SH C:\Users\.NET v4.5 Classic\ntuser.ini
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\Vorlagen
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\Startmenü
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\Netzwerkumgebung
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\Lokale Einstellungen
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\Eigene Dateien
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\Druckumgebung
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\Documents\Eigene Musik
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\Documents\Eigene Bilder
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\AppData\Local\Verlauf
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\AppData\Local\Anwendungsdaten
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\Anwendungsdaten
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\Vorlagen
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\Startmenü
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\Netzwerkumgebung
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\Lokale Einstellungen
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\Eigene Dateien
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\Druckumgebung
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\Documents\Eigene Musik
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\Documents\Eigene Bilder
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\AppData\Local\Verlauf
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\AppData\Local\Anwendungsdaten
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\Anwendungsdaten
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 ____D C:\Users\.NET v4.5 Classic
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 ____D C:\Users\.NET v4.5
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 ____D C:\inetpub
2015-09-09 10:53 - 2015-08-13 12:55 - 00000000 ___RD C:\Users\.NET v4.5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-09 10:53 - 2015-08-13 12:55 - 00000000 ___RD C:\Users\.NET v4.5 Classic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-09 10:53 - 2015-07-30 21:07 - 00000000 ____D C:\Users\.NET v4.5\AppData\Roaming\ATI
2015-09-09 10:53 - 2015-07-30 21:07 - 00000000 ____D C:\Users\.NET v4.5\AppData\Local\Microsoft Help
2015-09-09 10:53 - 2015-07-30 21:07 - 00000000 ____D C:\Users\.NET v4.5\AppData\Local\ATI
2015-09-09 10:53 - 2015-07-30 21:07 - 00000000 ____D C:\Users\.NET v4.5 Classic\AppData\Roaming\ATI
2015-09-09 10:53 - 2015-07-30 21:07 - 00000000 ____D C:\Users\.NET v4.5 Classic\AppData\Local\Microsoft Help
2015-09-09 10:53 - 2015-07-30 21:07 - 00000000 ____D C:\Users\.NET v4.5 Classic\AppData\Local\ATI
2015-09-09 10:53 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\.NET v4.5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-09-09 10:53 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\.NET v4.5 Classic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-09-09 10:53 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\.NET v4.5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-09-09 10:53 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\.NET v4.5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-09-09 10:53 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\.NET v4.5 Classic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-09-09 10:53 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\.NET v4.5 Classic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-09-09 10:53 - 2015-07-10 13:04 - 00000000 ____D C:\Users\.NET v4.5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-09 10:53 - 2015-07-10 13:04 - 00000000 ____D C:\Users\.NET v4.5 Classic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-09 10:30 - 2015-09-09 10:30 - 00313004 _____ C:\Users\***\Documents\cc_20150909_103017.reg
2015-09-09 10:27 - 2015-09-09 10:27 - 00002852 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-09-09 10:27 - 2015-09-09 10:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-09-09 10:27 - 2015-09-09 10:27 - 00000000 ____D C:\Program Files\CCleaner
2015-09-09 08:34 - 2015-09-09 08:34 - 00001682 _____ C:\Users\***\Desktop\Notepad++.lnk
2015-09-08 23:48 - 2015-09-09 13:12 - 00000000 ____D C:\Users\***\AppData\Roaming\Notepad++
2015-09-08 23:48 - 2015-09-08 23:48 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-09-08 23:48 - 2015-09-08 23:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-09-08 23:40 - 2015-09-08 23:40 - 00000000 ____D C:\Users\***\AppData\Roaming\Sun
2015-09-08 23:40 - 2015-09-08 23:40 - 00000000 ____D C:\Users\***\.oracle_jre_usage
2015-09-08 23:13 - 2015-09-10 20:13 - 00000000 ____D C:\ProgramData\Oracle
2015-09-08 22:58 - 2015-08-27 08:36 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-08 22:58 - 2015-08-27 08:32 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-09-08 22:58 - 2015-08-27 07:59 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-08 22:58 - 2015-08-27 07:54 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-09-08 22:58 - 2015-08-27 07:54 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-08 22:58 - 2015-08-27 07:51 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-08 22:58 - 2015-08-27 07:51 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-08 22:58 - 2015-08-27 07:49 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-08 22:58 - 2015-08-27 07:47 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-08 22:58 - 2015-08-27 07:43 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-08 22:58 - 2015-08-27 07:43 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-08 22:58 - 2015-08-27 07:42 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-08 22:58 - 2015-08-27 07:42 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2015-09-08 22:58 - 2015-08-27 07:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-08 22:58 - 2015-08-27 07:39 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-08 22:58 - 2015-08-27 07:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-08 22:58 - 2015-08-27 07:16 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-08 22:58 - 2015-08-27 07:16 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-08 22:58 - 2015-08-27 07:12 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-08 22:58 - 2015-08-27 07:12 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-08 22:58 - 2015-08-27 07:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-08 22:58 - 2015-08-27 07:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-08 22:58 - 2015-08-27 07:09 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-08 22:58 - 2015-08-27 07:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-06 22:30 - 2015-09-06 22:30 - 00003236 _____ C:\WINDOWS\System32\Tasks\{B4166901-0BCE-4DB5-9228-DF2E0E6A54F0}
2015-09-06 22:25 - 2015-09-06 22:25 - 00000000 ____D C:\ProgramData\McAfee
2015-09-06 22:20 - 2015-09-07 22:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-09-06 22:01 - 2015-09-10 21:22 - 00000000 ____D C:\Users\***\AppData\Roaming\FileZilla
2015-09-06 22:01 - 2015-09-09 22:23 - 00000775 _____ C:\Users\***\Desktop\FileZilla Client.lnk
2015-09-06 22:01 - 2015-09-06 22:01 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-09-06 21:09 - 2015-09-06 21:09 - 00001219 _____ C:\Users\Public\Desktop\LibreOffice 5.0.lnk
2015-09-06 21:09 - 2015-09-06 21:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.0
2015-09-06 21:08 - 2015-09-06 21:09 - 00000000 ____D C:\Program Files (x86)\LibreOffice 5
2015-09-06 21:01 - 2015-09-10 19:58 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TYPO3 4.7.7
2015-09-06 18:25 - 2015-09-06 18:25 - 00000000 ____D C:\Users\***\AppData\Local\Microsoft_Corporation
2015-09-06 16:32 - 2015-09-06 16:32 - 00000000 ____D C:\Users\***\Documents\OneNote-Notizbücher
2015-09-06 13:02 - 2015-09-06 13:09 - 00000463 ____H C:\Users\***\Documents\.picasa.ini

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-04 17:03 - 2015-03-24 18:45 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-10-04 16:57 - 2015-07-30 21:13 - 00006364 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-04 16:57 - 2015-07-10 18:34 - 01050828 _____ C:\WINDOWS\system32\perfh007.dat
2015-10-04 16:57 - 2015-07-10 18:34 - 00243268 _____ C:\WINDOWS\system32\perfc007.dat
2015-10-04 16:57 - 2014-10-26 16:05 - 00004154 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{687F2EEC-A316-484A-B958-97FEC835D3B2}
2015-10-04 16:55 - 2015-06-13 15:45 - 00001226 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2015-10-04 16:53 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-04 16:53 - 2015-06-13 15:47 - 00000000 ___RD C:\Users\***\Dropbox
2015-10-04 16:53 - 2015-06-13 15:45 - 00001222 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2015-10-04 16:53 - 2015-06-13 15:45 - 00000000 ____D C:\Users\***\AppData\Local\Dropbox
2015-10-04 16:53 - 2015-05-02 11:27 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-04 16:52 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-04 16:52 - 2015-07-10 11:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-10-04 16:40 - 2014-03-16 13:40 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1888364831-2858631773-2981139133-1001UA.job
2015-10-04 15:53 - 2015-05-02 11:27 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-04 15:39 - 2014-05-07 19:37 - 00000000 ____D C:\Users\***\AppData\Roaming\vlc
2015-10-04 14:08 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-10-04 13:54 - 2015-05-23 17:16 - 00003132 _____ C:\WINDOWS\Sandboxie.ini
2015-10-04 13:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-04 12:48 - 2015-07-30 21:05 - 00000000 ____D C:\Users\***
2015-10-04 12:09 - 2015-05-28 15:05 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2015-10-04 11:24 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-04 11:24 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-04 11:24 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-04 11:24 - 2015-07-10 13:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-04 11:24 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-04 11:24 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-04 11:24 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-04 11:24 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-04 11:23 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-10-04 11:23 - 2014-07-02 17:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-04 11:17 - 2015-08-30 11:34 - 00466898 _____ C:\Users\***\AppData\Local\Snip.txt
2015-10-04 11:02 - 2015-08-30 11:34 - 00000000 ____D C:\Users\***\Documents\My Snips
2015-10-03 21:10 - 2015-07-31 23:06 - 00000146 _____ C:\Users\***\Desktop\Sound - Verknüpfung.lnk
2015-10-03 18:40 - 2014-03-16 13:40 - 00001078 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1888364831-2858631773-2981139133-1001Core.job
2015-10-03 00:00 - 2015-06-13 15:45 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-10-01 18:59 - 2015-09-01 17:36 - 00003962 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1438604478
2015-10-01 18:59 - 2015-08-03 14:21 - 00001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-10-01 18:59 - 2015-04-30 19:34 - 00000000 ____D C:\Program Files (x86)\Opera
2015-10-01 16:14 - 2015-07-30 19:11 - 00000000 ____D C:\Users\***\Documents\WISO Mein Geld
2015-09-30 21:59 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-27 09:24 - 2015-08-30 11:34 - 00000000 ____D C:\Users\***\AppData\Local\Package Cache
2015-09-26 21:53 - 2015-05-02 11:27 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-22 18:23 - 2014-01-20 23:03 - 00000000 ____D C:\Users\***\AppData\LocalLow\LastPass
2015-09-21 22:06 - 2014-04-04 17:44 - 00000000 ____D C:\Users\***\AppData\Local\Battle.net
2015-09-20 13:50 - 2014-12-03 18:33 - 00000000 ____D C:\Users\***\Desktop\Spiele
2015-09-19 22:19 - 2015-08-03 21:46 - 00000509 _____ C:\Users\***\Desktop\Programme und Features - Verknüpfung.lnk
2015-09-19 14:44 - 2014-01-20 22:56 - 00000000 ____D C:\Users\***\AppData\Roaming\Skype
2015-09-19 13:06 - 2014-08-13 18:27 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-09-19 13:06 - 2014-01-20 22:56 - 00000000 ____D C:\ProgramData\Skype
2015-09-19 12:52 - 2015-03-24 19:05 - 00000000 ____D C:\Users\***\Desktop\Sicherheit
2015-09-19 12:50 - 2015-08-01 12:44 - 00000000 ____D C:\WINDOWS\Minidump
2015-09-18 20:46 - 2015-07-30 19:10 - 00000000 ____D C:\Users\***\Documents\Thai Chi - Yang Stile
2015-09-18 19:11 - 2015-03-27 21:20 - 00001326 _____ C:\DelFix.txt
2015-09-18 18:49 - 2014-04-04 16:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2015-09-18 18:38 - 2014-04-04 16:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2015-09-17 15:48 - 2015-05-02 11:27 - 00004194 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-17 15:48 - 2015-05-02 11:27 - 00003962 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-16 18:35 - 2014-03-16 13:40 - 00004244 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1888364831-2858631773-2981139133-1001UA
2015-09-16 18:35 - 2014-03-16 13:40 - 00003868 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1888364831-2858631773-2981139133-1001Core
2015-09-16 18:02 - 2014-01-20 21:44 - 00000000 ____D C:\Users\***\AppData\Local\Packages
2015-09-16 18:00 - 2015-07-30 21:15 - 00002390 _____ C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-09-16 18:00 - 2015-07-30 21:13 - 00000000 ___RD C:\Users\***\OneDrive
2015-09-15 18:12 - 2015-07-10 13:06 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-09-15 18:12 - 2015-07-10 13:06 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-14 18:52 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\restore
2015-09-14 13:26 - 2014-10-17 21:33 - 00000000 ____D C:\Users\***\AppData\Local\Adobe
2015-09-12 12:49 - 2014-01-20 22:19 - 00000000 ____D C:\Users\***\AppData\Local\Google
2015-09-10 20:13 - 2014-10-16 20:18 - 00000000 ____D C:\Program Files (x86)\Java
2015-09-10 18:47 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-09-09 11:04 - 2015-07-10 14:20 - 00409488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-09 10:53 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-09-09 10:53 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-09-09 10:53 - 2015-07-10 13:01 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-09-09 10:53 - 2015-07-10 13:01 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-09-09 10:53 - 2015-07-10 13:01 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-09-09 10:53 - 2015-07-10 13:01 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-09-09 10:53 - 2015-07-10 13:01 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-09-09 10:53 - 2015-07-10 13:01 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-09-09 10:53 - 2015-07-10 13:00 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-09-09 10:53 - 2015-07-10 13:00 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-09-09 10:53 - 2015-07-10 13:00 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-09-09 10:53 - 2015-07-10 13:00 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-09-09 10:53 - 2015-07-10 13:00 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-09-09 10:53 - 2015-07-10 13:00 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-09-09 10:53 - 2015-07-10 12:59 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\simptcp.dll
2015-09-09 10:33 - 2015-05-19 18:01 - 00000000 ____D C:\Users\***\AppData\Roaming\Media Player Classic
2015-09-09 10:33 - 2015-02-14 17:51 - 00000000 ____D C:\Users\***\AppData\Local\CrashDumps
2015-09-09 10:33 - 2014-06-30 14:40 - 00000000 ____D C:\Program Files (x86)\Steam
2015-09-08 23:06 - 2015-07-10 18:44 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-08 23:04 - 2014-05-10 14:38 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-08 23:03 - 2013-08-22 15:25 - 00000203 _____ C:\WINDOWS\win.ini
2015-09-08 23:02 - 2014-01-20 22:10 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-06 17:07 - 2015-07-30 19:10 - 00000000 ____D C:\Users\***\Documents\Rou

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-01-20 23:03 - 2014-10-06 18:29 - 13024768 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2015-07-30 19:04 - 2015-07-30 19:05 - 0000467 _____ () C:\Users\***\AppData\Roaming\burnaware.ini
2015-07-30 22:44 - 2015-07-30 22:44 - 0000078 _____ () C:\Users\***\AppData\Roaming\mainhst.zgh
2014-10-04 14:43 - 2014-10-04 14:43 - 0001285 _____ () C:\Users\***\AppData\Local\recently-used.xbel
2015-05-01 21:58 - 2015-05-01 21:58 - 0007595 _____ () C:\Users\***\AppData\Local\Resmon.ResmonCfg
2015-08-30 11:34 - 2015-10-04 11:17 - 0466898 _____ () C:\Users\***\AppData\Local\Snip.txt
2015-02-14 11:57 - 2015-02-14 11:57 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-07-30 21:04 - 2015-07-30 21:04 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-11-06 16:41 - 2014-11-28 14:36 - 0000215 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\***\fbchathistory.dat


Einige Dateien in TEMP:
====================
C:\Users\***\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcurznx.dll
C:\Users\***\AppData\Local\Temp\SandboxieInstall.exe
C:\Users\***\AppData\Local\Temp\sfamcc00001.dll
C:\Users\***\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


ACHTUNG: ==> Auf den BCD konnte nicht zugegriffen werden.


LastRegBack: 2015-10-03 11:19

==================== Ende von FRST.txt ============================


Gruß
verrant

schrauber 05.10.2015 14:07

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

verrant 05.10.2015 19:29
Hi.

Beim Starten von Win folgende Meldung erhalten:

Dienststeuerungs-Manager
C.\windows\System32\sc.exe
start SbieSvc

Mit Nein geschlossen.


Bei Eset versehentlich die Firewall angelassen.
Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=b47cf353d8c9b5448c2e18d233f51d00
# end=init
# utc_time=2015-10-05 05:26:40
# local_time=2015-10-05 07:26:40 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Init
Update Download
Update Finalize
Updated modules version: 26087
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=b47cf353d8c9b5448c2e18d233f51d00
# end=updated
# utc_time=2015-10-05 05:39:37
# local_time=2015-10-05 07:39:37 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=b47cf353d8c9b5448c2e18d233f51d00
# engine=26087
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-10-05 05:55:27
# local_time=2015-10-05 07:55:27 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 2501 7541739 0 0
# scanned=134459
# found=4
# cleaned=0
# scan_time=949
sh=FF0CCDED7814B1A4F3C2AAB2272B387191150C37 ft=1 fh=6692b796646ecaae vn="Variante von Win32/InstallCore.ACL evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Unchecky\uninstall.exe"
sh=DEDA67FEA6190A4DFF58FD8902FCA09F88C1AAA1 ft=1 fh=37d3d023fa0756e7 vn="Variante von Win32/InstallCore.ACL evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Unchecky\bin\collector.dll"
sh=DA2A8E1E90B87824517E911AAC53139F7B35E65D ft=1 fh=cb45b508b48a450e vn="Win32/InstallCore.ACL evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Unchecky\bin\icuid.dll"
sh=682DFC5EDEA2AA656C2BE4543AC803719C2F2380 ft=1 fh=29b27b8c4470cb2b vn="Variante von Win32/InstallCore.ACL evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Kay\Downloads\unchecky_setup039.exe"

Code:
Results of screen317's Security Check version 1.008 
  x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
Windows Defender 
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Java 8 Update 60 
 Mozilla Firefox (41.0.1)
 Mozilla Thunderbird (38.2.0)
 Google Chrome (45.0.2454.101)
 Google Chrome (45.0.2454.99)
````````Process Check: objlist.exe by Laurent```````` 
 Windows Defender MSMpEng.exe
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbam.exe 
 Malwarebytes Anti-Malware mbamscheduler.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:04-10-2015
durchgeführt von *** (Administrator) auf ***(05-10-2015 20:20:12)
Gestartet von C:\Users\***\Downloads
Geladene Profile: *** (Verfügbare Profile: *** & .NET v4.5 & .NET v4.5 Classic)
Platform: Windows 10 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\ScanToPCActivationApp.exe
(Sandboxie Holdings, LLC) D:\Program Files\Sandboxie\SbieCtrl.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation) C:\Windows\Speech\Common\sapisvr.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(VideoLAN) D:\Program Files\VideoLAN\VLC\vlc.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1001.16470.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1509.14010.0_x64__8wekyb3d8bbwe\Calculator.exe
() C:\Users\***\Downloads\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPNetworkCommunicator.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-03] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [WISO Mein Geld 2015 Professional .NET] => D:\Program Files (x86)\Buhl\WISO Mein Geld 2015\mg.exe [1120568 2015-07-22] (Buhl Data Service)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2620728 2015-07-22] (Malwarebytes Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36710768 2015-10-02] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [Google Update] => C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.)
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [WEB.DE Application {sync-000021}] => C:\Users\***\AppData\Local\WEB.DE Application {sync-000021}\webde_onlinespeicher.exe [781312 2015-02-18] (1&1 Mail & Media GmbH)
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [HP Photosmart Plus B210 series (NET)] => C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [SandboxieControl] => d:\Program Files\Sandboxie\SbieCtrl.exe [787592 2015-09-03] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [HP ENVY 4500 series (NET)] => C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [45056 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd)
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [55349888 2015-09-04] (Skype Technologies S.A.)
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Policies\Explorer: [NoSecurityTab] 0
ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 1] -> {02B2B772-B8A8-4DA4-9B18-42551A54A1A8} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 2] -> {0575AB16-E932-4160-8936-4DBE195BDBD7} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 3] -> {0E9EF89A-96D3-4DE6-B2F8-E9548AA5321E} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 4] -> {1A4AFFE1-B2F9-483D-B627-D9A339DBFD34} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 1] -> {02B2B772-B8A8-4DA4-9B18-42551A54A1A8} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 2] -> {0575AB16-E932-4160-8936-4DBE195BDBD7} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 3] -> {0E9EF89A-96D3-4DE6-B2F8-E9548AA5321E} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 4] -> {1A4AFFE1-B2F9-483D-B627-D9A339DBFD34} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2014-10-06]
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2014-01-20]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk [2015-02-19]
Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2015-09-06]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{1f429b3c-0def-4794-9fcd-1bd8383e754d}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{f4f984b3-14b6-4096-bca6-c6781cd9c88e}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1888364831-2858631773-2981139133-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> d:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-10-06] (LastPass)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Kein Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} ->  Keine Datei
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-10] (Oracle Corporation)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> d:\Program Files (x86)\LastPass\LPToolbar.dll [2014-10-06] (LastPass)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-10] (Oracle Corporation)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - d:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-10-06] (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - d:\Program Files (x86)\LastPass\LPToolbar.dll [2014-10-06] (LastPass)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798
FF Homepage: hxxp://www.diesiedleronline.de/de/spielen
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-22] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> d:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @lastpass.com/NPLastPass -> d:\Program Files (x86)\LastPass\nplastpass64.dll [2014-10-06] (LastPass)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> D:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> d:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> d:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> d:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-22] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> d:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-10] (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> d:\Program Files (x86)\LastPass\nplastpass.dll [2014-10-06] (LastPass)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> D:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1888364831-2858631773-2981139133-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> d:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1888364831-2858631773-2981139133-1001: @tools.google.com/Google Update;version=3 -> C:\Users\***\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-1888364831-2858631773-2981139133-1001: @tools.google.com/Google Update;version=9 -> C:\Users\***\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-1888364831-2858631773-2981139133-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\***\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
FF Extension: LastPass - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\support@lastpass.com [2015-09-26]
FF Extension: Video AdBlock for Firefox - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\{a00bef25-f21a-4539-adbb-b179b29e2b92} [2015-09-14]
FF Extension: WOT - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-07-09]
FF Extension: ProxMate - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi [2015-04-18]
FF Extension: uBlock Origin - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\uBlock0@raymondhill.net.xpi [2015-09-19]
FF Extension: NoScript - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-03-31]
FF Extension: Adblock Plus - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-03-31]
FF Extension: BetterPrivacy - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2015-03-31]
FF Extension: Kein Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-03]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.spiegel.de/","hxxp://forum.ubuntuusers.de/topic/kann-keine-programme-per-software-center-downl/","hxxp://www.happypainting.de/","hxxp://www.pentaxians.de/","hxxp://www.web.de/","hxxp://www.t-online.de/","http://www.trojaner-board.de/166488-...chtungen.html"
CHR Profile: C:\Users\***\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (NoScript Suite Lite) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahnanjpbkghcdgmlchbcfoiefnifjeni [2015-05-28]
CHR Extension: (Google Drive) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-02]
CHR Extension: (TV) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2015-05-02]
CHR Extension: (ColorZilla) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2015-09-05]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-05-02]
CHR Extension: (YouTube) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-14]
CHR Extension: (Meine IP-Adresse) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccfphbgnmmhjfalloifioeeeokjemobf [2015-05-02]
CHR Extension: (Adblock Plus) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-05-02]
CHR Extension: (TrafficLight) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfnpidifppmenkapgihekkeednfoenal [2015-05-02]
CHR Extension: (Adblock für Youtube™) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2015-09-14]
CHR Extension: (Google-Suche) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-02]
CHR Extension: (Facebook Customizer (by Adblock Plus)) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoeenbkoccjaefmmhpmlegngdjohdcm [2015-05-02]
CHR Extension: (Best Utility Apps) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnfkmehkjocihlfmcjkmdiekloihfaog [2015-05-02]
CHR Extension: (VTchromizer) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\efbjojhplkelaegfbieplglfidafgoka [2015-09-14]
CHR Extension: (Facebook Disconnect) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpepffjfmamnambagiibghpglaidiec [2015-05-02]
CHR Extension: (Google Text & Tabellen Offline) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-03]
CHR Extension: (AdBlock) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-05-02]
CHR Extension: („Pin it“-Button) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2015-10-04]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2015-05-02]
CHR Extension: (PDF Mergy) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgecghmkcdefnknohcimkoemhaofpoha [2015-05-02]
CHR Extension: (Subscriptions for YouTube™) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibcngljpkdlakkbhmbfhjabcblbcldbl [2015-05-02]
CHR Extension: (ProxMate) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifalmiidchkjjmkkbkoaibpmoeichmki [2015-06-22]
CHR Extension: (Dropbox) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2015-05-02]
CHR Extension: (Interstellar) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\kackgkhdbldcojljaeoaghlhfbbldkil [2015-05-02]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-02]
CHR Extension: (Google Maps) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-05-02]
CHR Extension: (Chrono Download Manager) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mciiogijehkdemklbdcbfkefimifhecn [2015-05-02]
CHR Extension: (Ghostery) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-05-02]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-02]
CHR Extension: (Hover Zoom) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2015-09-14]
CHR Extension: (AdBlock Pro) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2015-05-02]
CHR Extension: (QVIVO) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohdmoikcfdlgffkebhcojlghnccgngbg [2015-05-02]
CHR Extension: (Meine IP-Adresse) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhoeoiodcebkkigjiooibeccnfmmkoe [2015-05-02]
CHR Extension: (Google Mail) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-02]
CHR HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fknfdieimobmimhdkfkheeejenmdjhoe] - C:\Program Files (x86)\pandasecuritytb\chrome-newtab-search.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\***\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2015-02-15]

Opera:
=======
OPR Extension: (Ghostery) - C:\Users\***\AppData\Roaming\Opera Software\Opera Stable\Extensions\bbkekonodcdmedgffkkbgmnnekbainbg [2015-04-30]
OPR Extension: (dr34polw) - C:\Users\***\AppData\Roaming\Opera Software\Opera Stable\Extensions\cfkmglogfkpfekddlalobmhdbkjneejb [2015-08-03]
OPR Extension: (dr34polw) - C:\Users\***\AppData\Roaming\Opera Software\Opera Stable\Extensions\cgdogbijachehheddakopmfjahhgmmma [2015-08-03]
OPR Extension: (Avira Browser Safety) - C:\Users\***\AppData\Roaming\Opera Software\Opera Stable\Extensions\dalelnnofafalcmkmnhdbigbjjkloabo [2015-08-03]
OPR Extension: (weboftrust) - C:\Users\***\AppData\Roaming\Opera Software\Opera Stable\Extensions\eeokceolphhfjdfcibaiiopmekmcbedp [2015-08-03]
OPR Extension: (Cookie Jar) - C:\Users\***\AppData\Roaming\Opera Software\Opera Stable\Extensions\gapogllmojifhogcdfmommbeafllndoa [2015-08-03]
OPR Extension: (Google Analytics Opt-out (by Google)) - C:\Users\***\AppData\Roaming\Opera Software\Opera Stable\Extensions\hmffjpdmbgflojiohllanjaggdenggdo [2015-08-03]
OPR Extension: (dr34polw) - C:\Users\***\AppData\Roaming\Opera Software\Opera Stable\Extensions\ipiopppcaojnchgoepoemlbdccogeije [2015-08-03]
OPR Extension: (emmyaldor) - C:\Users\***\AppData\Roaming\Opera Software\Opera Stable\Extensions\knbfimhapmnifdchcafinkbfikmomaak [2015-09-10]
OPR Extension: (History Eraser) - C:\Users\***\AppData\Roaming\Opera Software\Opera Stable\Extensions\lfpoajlbkhlfoeeokbppmecpplmieedm [2015-08-03]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-13] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-13] (Dropbox, Inc.)
S2 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [218768 2015-06-24] (DTS)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
S2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [713016 2015-07-22] (Malwarebytes Corporation)
R4 MBAMScheduler; d:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; d:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [Datei ist nicht signiert]
S2 SbieSvc; d:\Program Files\Sandboxie\SbieSvc.exe [177800 2015-09-03] (Sandboxie Holdings, LLC)
S2 ss_conn_service; D:\Program Files (x86)\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
S2 Unchecky; C:\Program Files (x86)\Unchecky\bin\Unchecky_svc.exe [163576 2015-09-19] (RaMMicHaeL)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-09-09] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-09-09] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
S3 AmUHubftr; C:\Windows\System32\drivers\AmUHubftr.sys [25880 2013-12-20] (Alcor Micro, Corp.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
S3 Bulk1528; C:\Windows\System32\Drivers\Bulk1528.sys [17792 2009-10-20] (SunPlus)
S2 Ca1528av; C:\Windows\System32\Drivers\Ca1528av.sys [533760 2008-12-17] (Digital Camera)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-07-22] ()
R3 i8042HDR; C:\Windows\system32\DRIVERS\i8042HDR.sys [15920 2009-08-14] (Windows (R) Codename Longhorn DDK provider)
S3 LcUvcUpper; C:\Windows\system32\DRIVERS\LcUvcUpper.sys [34424 2015-08-27] (Microsoft Corporation)
R1 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [109272 2015-06-18] (Malwarebytes Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-10-05] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
S3 MEMSWEEP2; C:\WINDOWS\system32\15E3.tmp [6144 2009-06-18] (Sophos Plc) [Datei ist nicht signiert]
R3 netr28ux; C:\Windows\System32\drivers\netr28ux.sys [2204304 2015-07-10] (MediaTek Inc.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )
R3 SbieDrv; d:\Program Files\Sandboxie\SbieDrv.sys [191112 2015-09-03] (Sandboxie Holdings, LLC)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S1 UimBus; C:\Windows\System32\drivers\UimBus.sys [102664 2014-05-19] ()
S1 Uim_DEVIM; C:\Windows\System32\drivers\uim_devim.sys [25992 2014-05-19] ()
S1 Uim_IM; C:\Windows\System32\drivers\uim_im.sys [700296 2014-05-19] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-05 20:20 - 2015-10-05 20:20 - 00000000 ____D C:\Users\***\Downloads\FRST-OlderVersion
2015-10-05 20:17 - 2015-10-05 20:17 - 00852704 _____ C:\Users\***\Downloads\SecurityCheck.exe
2015-10-05 20:16 - 2015-10-05 20:16 - 00019901 _____ C:\Users\***\Downloads\Unbenannt 1.odt
2015-10-05 20:10 - 2015-10-05 20:10 - 00016148 _____ C:\WINDOWS\system32\OPQIWUER_***_HistoryPrediction.bin
2015-10-05 19:26 - 2015-10-05 19:26 - 00000000 ____D C:\Program Files (x86)\ESET
2015-10-05 19:24 - 2015-10-05 19:26 - 02870984 _____ (ESET) C:\Users\***\Downloads\esetsmartinstaller_deu.exe
2015-10-04 17:07 - 2015-10-04 17:07 - 00001188 _____ C:\Users\***\Downloads\mbam.txt
2015-10-04 17:02 - 2015-10-04 17:02 - 00001411 _____ C:\Users\***\Desktop\JRT.txt
2015-10-04 16:58 - 2015-10-04 16:58 - 01798976 _____ (Malwarebytes) C:\Users\***\Downloads\JRT.exe
2015-10-04 16:44 - 2015-10-04 17:09 - 00000000 ____D C:\AdwCleaner
2015-10-04 16:41 - 2015-10-04 16:41 - 01681408 _____ C:\Users\***\Downloads\AdwCleaner_5.010.exe
2015-10-04 11:23 - 2015-10-04 11:23 - 00000824 _____ C:\WINDOWS\PFRO.log
2015-10-04 11:19 - 2015-10-05 20:20 - 00037035 _____ C:\Users\***\Downloads\FRST.txt
2015-10-04 11:19 - 2015-10-04 11:57 - 00059865 _____ C:\Users\***\Downloads\Addition.txt
2015-10-04 11:18 - 2015-10-05 20:20 - 00000000 ____D C:\FRST
2015-10-04 11:17 - 2015-10-05 20:20 - 02193920 _____ (Farbar) C:\Users\***\Downloads\FRST64.exe
2015-10-04 11:17 - 2015-10-04 11:17 - 00050477 _____ C:\Users\***\Downloads\Defogger.exe
2015-10-04 11:17 - 2015-10-04 11:17 - 00000468 _____ C:\Users\***\Downloads\defogger_disable.log
2015-10-04 11:17 - 2015-10-04 11:17 - 00000000 _____ C:\Users\***\defogger_reenable
2015-10-03 15:03 - 2015-10-03 15:03 - 00011859 _____ C:\Users\***\Desktop\Musik für Facebook.odt
2015-10-03 04:09 - 2015-10-04 11:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-03 00:00 - 2015-10-03 00:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-09-30 21:56 - 2015-09-25 02:35 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-09-30 21:56 - 2015-09-25 02:34 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-09-30 21:56 - 2015-09-25 02:13 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-09-30 21:56 - 2015-09-25 01:34 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-09-30 21:56 - 2015-09-25 01:34 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-09-30 21:56 - 2015-09-25 01:24 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-09-30 21:56 - 2015-09-25 01:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-09-30 21:56 - 2015-09-25 01:23 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-09-30 21:56 - 2015-09-25 01:17 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-09-30 21:56 - 2015-09-25 01:08 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-09-30 21:56 - 2015-09-25 01:07 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-09-30 21:56 - 2015-09-25 01:06 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-09-30 21:56 - 2015-09-25 01:05 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-09-30 21:56 - 2015-09-25 01:01 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-09-30 21:56 - 2015-09-25 01:01 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-09-30 21:56 - 2015-09-25 01:00 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-09-30 21:56 - 2015-09-25 01:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-09-30 21:56 - 2015-09-25 01:00 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-09-30 21:56 - 2015-09-25 01:00 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-09-30 21:56 - 2015-09-25 00:53 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-09-30 21:56 - 2015-09-25 00:43 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-09-30 21:56 - 2015-09-25 00:43 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-09-30 21:56 - 2015-09-25 00:42 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-09-30 21:56 - 2015-09-25 00:25 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-09-30 21:56 - 2015-09-25 00:25 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-09-30 21:56 - 2015-09-25 00:25 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-09-30 21:56 - 2015-09-25 00:25 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-09-30 21:56 - 2015-09-25 00:25 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-09-30 21:56 - 2015-09-25 00:24 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-09-30 21:56 - 2015-09-25 00:19 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-09-30 21:56 - 2015-09-19 07:14 - 00102304 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2015-09-30 21:56 - 2015-09-17 08:50 - 02464216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-09-30 21:56 - 2015-09-17 08:50 - 01563392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-09-30 21:56 - 2015-09-17 08:50 - 00099664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-09-30 21:56 - 2015-09-17 08:50 - 00088384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-09-30 21:56 - 2015-09-17 08:49 - 08020816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-09-30 21:56 - 2015-09-17 08:49 - 06487248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-09-30 21:56 - 2015-09-17 08:49 - 01563472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-09-30 21:56 - 2015-09-17 08:49 - 00894256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2015-09-30 21:56 - 2015-09-17 08:49 - 00553808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2015-09-30 21:56 - 2015-09-17 08:49 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-09-30 21:56 - 2015-09-17 08:48 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2015-09-30 21:56 - 2015-09-17 08:48 - 02494712 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-30 21:56 - 2015-09-17 08:48 - 02432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-09-30 21:56 - 2015-09-17 08:48 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2015-09-30 21:56 - 2015-09-17 08:48 - 01983824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-09-30 21:56 - 2015-09-17 08:48 - 00809352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-09-30 21:56 - 2015-09-17 08:48 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-09-30 21:56 - 2015-09-17 08:48 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-09-30 21:56 - 2015-09-17 08:48 - 00555768 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-09-30 21:56 - 2015-09-17 08:48 - 00537080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-09-30 21:56 - 2015-09-17 08:48 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-09-30 21:56 - 2015-09-17 08:48 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-09-30 21:56 - 2015-09-17 08:48 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-09-30 21:56 - 2015-09-17 08:48 - 00406864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-09-30 21:56 - 2015-09-17 08:48 - 00395088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-09-30 21:56 - 2015-09-17 08:48 - 00332624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2015-09-30 21:56 - 2015-09-17 08:48 - 00278352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-09-30 21:56 - 2015-09-17 08:48 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-09-30 21:56 - 2015-09-17 08:47 - 01397088 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-09-30 21:56 - 2015-09-17 08:44 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-09-30 21:56 - 2015-09-17 08:43 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-09-30 21:56 - 2015-09-17 08:39 - 00081488 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-09-30 21:56 - 2015-09-17 08:37 - 01295712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2015-09-30 21:56 - 2015-09-17 08:37 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-09-30 21:56 - 2015-09-17 08:28 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-09-30 21:56 - 2015-09-17 08:28 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-09-30 21:56 - 2015-09-17 08:28 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-09-30 21:56 - 2015-09-17 08:28 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2015-09-30 21:56 - 2015-09-17 08:28 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-09-30 21:56 - 2015-09-17 08:28 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-09-30 21:56 - 2015-09-17 08:27 - 01766952 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-09-30 21:56 - 2015-09-17 08:27 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-09-30 21:56 - 2015-09-17 08:26 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2015-09-30 21:56 - 2015-09-17 08:26 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2015-09-30 21:56 - 2015-09-17 08:26 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-09-30 21:56 - 2015-09-17 08:26 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-09-30 21:56 - 2015-09-17 08:26 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-09-30 21:56 - 2015-09-17 08:26 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-09-30 21:56 - 2015-09-17 08:25 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-09-30 21:56 - 2015-09-17 08:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-09-30 21:56 - 2015-09-17 08:20 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-09-30 21:56 - 2015-09-17 08:12 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-09-30 21:56 - 2015-09-17 08:11 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-09-30 21:56 - 2015-09-17 08:10 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2015-09-30 21:56 - 2015-09-17 08:09 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-09-30 21:56 - 2015-09-17 08:09 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-09-30 21:56 - 2015-09-17 08:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-09-30 21:56 - 2015-09-17 08:08 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-09-30 21:56 - 2015-09-17 08:08 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-09-30 21:56 - 2015-09-17 08:07 - 21875712 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-09-30 21:56 - 2015-09-17 08:06 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-09-30 21:56 - 2015-09-17 08:06 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-09-30 21:56 - 2015-09-17 08:06 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-09-30 21:56 - 2015-09-17 08:05 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-09-30 21:56 - 2015-09-17 08:05 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-09-30 21:56 - 2015-09-17 08:04 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-09-30 21:56 - 2015-09-17 08:04 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-09-30 21:56 - 2015-09-17 08:04 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2015-09-30 21:56 - 2015-09-17 08:03 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2015-09-30 21:56 - 2015-09-17 08:03 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-09-30 21:56 - 2015-09-17 08:03 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2015-09-30 21:56 - 2015-09-17 08:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2015-09-30 21:56 - 2015-09-17 08:02 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-09-30 21:56 - 2015-09-17 08:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-09-30 21:56 - 2015-09-17 08:00 - 24595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-30 21:56 - 2015-09-17 08:00 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-09-30 21:56 - 2015-09-17 08:00 - 02417664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-09-30 21:56 - 2015-09-17 08:00 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-09-30 21:56 - 2015-09-17 08:00 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2015-09-30 21:56 - 2015-09-17 07:58 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-09-30 21:56 - 2015-09-17 07:57 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-09-30 21:56 - 2015-09-17 07:57 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-09-30 21:56 - 2015-09-17 07:57 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-09-30 21:56 - 2015-09-17 07:57 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-09-30 21:56 - 2015-09-17 07:56 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-09-30 21:56 - 2015-09-17 07:56 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-09-30 21:56 - 2015-09-17 07:55 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-09-30 21:56 - 2015-09-17 07:55 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-09-30 21:56 - 2015-09-17 07:55 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2015-09-30 21:56 - 2015-09-17 07:55 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-09-30 21:56 - 2015-09-17 07:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2015-09-30 21:56 - 2015-09-17 07:55 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2015-09-30 21:56 - 2015-09-17 07:55 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2015-09-30 21:56 - 2015-09-17 07:55 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-09-30 21:56 - 2015-09-17 07:55 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-09-30 21:56 - 2015-09-17 07:54 - 03781120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-09-30 21:56 - 2015-09-17 07:54 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-09-30 21:56 - 2015-09-17 07:53 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-09-30 21:56 - 2015-09-17 07:52 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-09-30 21:56 - 2015-09-17 07:52 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2015-09-30 21:56 - 2015-09-17 07:52 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-09-30 21:56 - 2015-09-17 07:52 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2015-09-30 21:56 - 2015-09-17 07:52 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-09-30 21:56 - 2015-09-17 07:52 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-09-30 21:56 - 2015-09-17 07:52 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-09-30 21:56 - 2015-09-17 07:52 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-09-30 21:56 - 2015-09-17 07:52 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-09-30 21:56 - 2015-09-17 07:52 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-09-30 21:56 - 2015-09-17 07:51 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-09-30 21:56 - 2015-09-17 07:51 - 02660864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-09-30 21:56 - 2015-09-17 07:51 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-09-30 21:56 - 2015-09-17 07:51 - 01203712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-09-30 21:56 - 2015-09-17 07:51 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-09-30 21:56 - 2015-09-17 07:51 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-09-30 21:56 - 2015-09-17 07:51 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2015-09-30 21:56 - 2015-09-17 07:50 - 00929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-09-30 21:56 - 2015-09-17 07:50 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-09-30 21:56 - 2015-09-17 07:50 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2015-09-30 21:56 - 2015-09-17 07:50 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-09-30 21:56 - 2015-09-17 07:50 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeWiFi.dll
2015-09-30 21:56 - 2015-09-17 07:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2015-09-30 21:56 - 2015-09-17 07:49 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-09-30 21:56 - 2015-09-17 07:49 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-09-30 21:56 - 2015-09-17 07:49 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-09-30 21:56 - 2015-09-17 07:49 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-09-30 21:56 - 2015-09-17 07:49 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll
2015-09-30 21:56 - 2015-09-17 07:49 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-09-30 21:56 - 2015-09-17 07:49 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-09-30 21:56 - 2015-09-17 07:49 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll
2015-09-30 21:56 - 2015-09-17 07:49 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeIP.dll
2015-09-30 21:56 - 2015-09-17 07:49 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-09-30 21:56 - 2015-09-17 07:49 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2015-09-30 21:56 - 2015-09-17 07:48 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-09-30 21:56 - 2015-09-17 07:48 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-09-30 21:56 - 2015-09-17 07:48 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-09-30 21:56 - 2015-09-17 07:48 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-09-30 21:56 - 2015-09-17 07:48 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2015-09-30 21:56 - 2015-09-17 07:48 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-09-30 21:56 - 2015-09-17 07:47 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-09-30 21:56 - 2015-09-17 07:47 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2015-09-30 21:56 - 2015-09-17 07:47 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-09-30 21:56 - 2015-09-17 07:47 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-09-30 21:56 - 2015-09-17 07:46 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-09-30 21:56 - 2015-09-17 07:46 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-09-30 21:56 - 2015-09-17 07:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-09-30 21:56 - 2015-09-17 07:46 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-09-30 21:56 - 2015-09-17 07:46 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-09-30 21:56 - 2015-09-17 07:46 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2015-09-30 21:56 - 2015-09-17 07:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2015-09-30 21:56 - 2015-09-17 07:45 - 19325440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-30 21:56 - 2015-09-17 07:45 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-09-30 21:56 - 2015-09-17 07:45 - 01331200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-09-30 21:56 - 2015-09-17 07:45 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-09-30 21:56 - 2015-09-17 07:45 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-09-30 21:56 - 2015-09-17 07:45 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-09-30 21:56 - 2015-09-17 07:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2015-09-30 21:56 - 2015-09-17 07:44 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-09-30 21:56 - 2015-09-17 07:44 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-09-30 21:56 - 2015-09-17 07:44 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2015-09-30 21:56 - 2015-09-17 07:44 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-09-30 21:56 - 2015-09-17 07:43 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-09-30 21:56 - 2015-09-17 07:43 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-09-30 21:56 - 2015-09-17 07:43 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-09-30 21:56 - 2015-09-17 07:43 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-09-30 21:56 - 2015-09-17 07:42 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-09-30 21:56 - 2015-09-17 07:41 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-09-30 21:56 - 2015-09-17 07:40 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-09-30 21:56 - 2015-09-17 07:40 - 01918464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-09-30 21:56 - 2015-09-17 07:40 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-09-30 21:56 - 2015-09-17 07:39 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-09-30 21:56 - 2015-09-17 07:38 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2015-09-30 21:56 - 2015-09-17 07:37 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-09-30 21:56 - 2015-09-17 07:37 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-09-30 21:56 - 2015-09-17 07:36 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2015-09-30 21:56 - 2015-09-17 07:35 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-09-30 21:56 - 2015-09-17 07:35 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-09-30 21:56 - 2015-09-17 07:35 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-09-30 21:56 - 2015-09-17 07:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-09-30 21:56 - 2015-09-17 07:34 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-09-30 21:56 - 2015-09-17 07:33 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-09-30 21:56 - 2015-09-17 07:32 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-09-30 21:56 - 2015-09-17 07:32 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-09-30 21:56 - 2015-09-17 07:32 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-09-30 21:56 - 2015-09-17 07:32 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-09-30 21:56 - 2015-09-17 07:31 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-09-30 21:56 - 2015-09-17 07:31 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2015-09-30 21:56 - 2015-09-17 07:30 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-09-30 21:56 - 2015-09-17 07:29 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-09-30 21:56 - 2015-09-17 07:29 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-09-30 21:56 - 2015-09-17 07:29 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-09-30 21:56 - 2015-09-17 07:29 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-09-30 21:56 - 2015-09-17 07:28 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-09-30 21:56 - 2015-09-17 07:26 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-09-30 21:56 - 2015-09-17 07:16 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-09-30 21:56 - 2015-09-13 04:05 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-09-30 21:56 - 2015-09-13 03:41 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-09-30 21:55 - 2015-09-17 08:03 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-09-30 21:55 - 2015-09-17 07:56 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-09-30 21:55 - 2015-09-17 07:54 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-30 21:55 - 2015-09-17 07:50 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeCell.dll
2015-09-30 21:55 - 2015-09-17 07:46 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll
2015-09-30 21:55 - 2015-09-17 07:39 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-29 21:51 - 2015-09-29 22:06 - 00026260 _____ C:\Users\***\Documents\Watt nen Scheiß verhalten Guener-Susanne.odt
2015-09-27 09:24 - 2015-09-27 09:24 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Snip
2015-09-27 09:24 - 2015-09-27 09:24 - 00000000 ____D C:\Users\***\AppData\Local\Snip
2015-09-26 21:33 - 2015-09-26 21:33 - 02354343 _____ C:\Users\***\Downloads\cpu-z_1.73.zip
2015-09-19 21:18 - 2015-09-19 21:18 - 12455424 _____ (Frontier Developments ) C:\Users\***\Downloads\EliteDangerous-Client-Installer.exe
2015-09-19 21:18 - 2015-09-19 21:18 - 12455424 _____ (Frontier Developments ) C:\Users\***\Downloads\EliteDangerous-Client-Installer (1).exe
2015-09-19 20:15 - 2015-09-19 20:15 - 04944608 _____ (Advanced Micro Devices, Inc.) C:\Users\***\Downloads\autodetectutility.exe
2015-09-19 14:50 - 2015-09-19 14:50 - 00001092 _____ C:\Users\Public\Desktop\Unchecky.lnk
2015-09-19 14:50 - 2015-09-19 14:50 - 00000000 ____D C:\ProgramData\Unchecky
2015-09-19 14:50 - 2015-09-19 14:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky
2015-09-19 14:50 - 2015-09-19 14:50 - 00000000 ____D C:\Program Files (x86)\Unchecky
2015-09-19 14:49 - 2015-09-19 14:49 - 01091504 _____ (RaMMicHaeL) C:\Users\***\Downloads\unchecky_setup039.exe
2015-09-19 13:11 - 2015-10-05 20:17 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-19 13:06 - 2015-09-19 13:06 - 00002642 _____ C:\Users\Public\Desktop\Skype.lnk
2015-09-19 13:06 - 2015-09-19 13:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-19 13:05 - 2015-09-19 13:05 - 01506832 _____ (Skype Technologies S.A.) C:\Users\***\Downloads\SkypeSetup.exe
2015-09-19 12:43 - 2015-09-19 12:43 - 00001183 _____ C:\Users\Public\Desktop\Picasa 3.lnk
2015-09-19 12:26 - 2015-09-19 12:26 - 02190552 _____ C:\Users\***\Downloads\appmanagersetup_2.0_b4_292.exe
2015-09-19 12:26 - 2015-09-19 12:26 - 00000945 _____ C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileHippo App Manager.lnk
2015-09-18 19:11 - 2015-09-18 19:11 - 00003638 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2015-09-18 18:37 - 2015-09-21 18:24 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-09-18 18:33 - 2015-09-18 18:34 - 03183672 _____ (Blizzard Entertainment) C:\Users\***\Downloads\StarCraft-II-Setup-deDE.exe
2015-09-18 18:33 - 2015-09-18 18:33 - 02907704 _____ (Blizzard Entertainment) C:\Users\***\Downloads\World-of-Warcraft-Setup-deDE.exe
2015-09-18 15:09 - 2015-09-18 15:09 - 01454240 _____ C:\Users\***\Downloads\openssl-fips-2.0.10.tar.gz
2015-09-18 15:09 - 2015-09-18 15:09 - 00000000 ____D C:\Users\***\Downloads\openssl-fips-2.0.10
2015-09-17 19:58 - 2015-09-18 14:49 - 00001276 _____ C:\Users\***\Desktop\CoreTemp.ini
2015-09-15 20:32 - 2015-09-15 20:35 - 00000000 ____D C:\Users\***\Downloads\Sicherheit
2015-09-15 20:32 - 2015-09-15 20:32 - 00003111 _____ C:\Users\***\Downloads\MBAM_PUPs_Funde.txt
2015-09-14 18:55 - 2015-09-14 18:55 - 00000000 ____D C:\Users\***\AppData\Roaming\dlg
2015-09-14 18:54 - 2015-09-14 18:54 - 00001318 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2015-09-14 18:54 - 2015-09-14 18:54 - 00001146 _____ C:\Users\Public\Desktop\Free MP4 Video Converter.lnk
2015-09-14 18:54 - 2015-09-14 18:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-09-14 18:52 - 2015-09-14 18:54 - 00000000 ____D C:\Users\***\AppData\Roaming\DVDVideoSoft
2015-09-14 13:24 - 2015-09-14 13:24 - 01190104 _____ (Adobe Systems Incorporated) C:\Users\***\Downloads\flashplayer18pp_da_install.exe
2015-09-14 13:22 - 2015-10-05 19:23 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-09-14 13:22 - 2015-10-03 21:55 - 00000946 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-09-14 13:22 - 2015-09-22 20:30 - 00004086 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-09-14 13:22 - 2015-09-14 13:26 - 00003870 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-09-14 12:36 - 2015-09-14 12:36 - 00000000 ____D C:\Users\***\Downloads\tweaking.com_windows_repair_aio
2015-09-14 12:35 - 2015-09-14 12:35 - 00000117 _____ C:\Users\***\Desktop\ndrinfo_nds.m3u
2015-09-13 22:01 - 2015-10-04 17:18 - 00000000 ____D C:\Users\***\AppData\Roaming\MPC-HC
2015-09-13 22:01 - 2015-09-13 22:01 - 06781458 _____ C:\Users\***\Downloads\VID-20150913-WA0001 (1).mp4
2015-09-13 21:59 - 2015-09-13 21:59 - 00003008 _____ C:\WINDOWS\System32\Tasks\klcp_update
2015-09-13 21:59 - 2015-09-13 21:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-09-13 21:59 - 2015-08-24 20:00 - 00112128 _____ C:\WINDOWS\SysWOW64\ff_vfw.dll
2015-09-13 21:59 - 2015-06-22 15:25 - 00254976 _____ C:\WINDOWS\system32\xvidvfw.dll
2015-09-13 21:59 - 2015-06-22 15:25 - 00240128 _____ C:\WINDOWS\SysWOW64\xvidvfw.dll
2015-09-13 21:59 - 2015-06-22 15:24 - 00729088 _____ C:\WINDOWS\system32\xvidcore.dll
2015-09-13 21:59 - 2015-02-28 17:22 - 03571200 _____ (x264vfw project) C:\WINDOWS\system32\x264vfw64.dll
2015-09-13 21:59 - 2015-02-28 17:21 - 03591680 _____ (x264vfw project) C:\WINDOWS\SysWOW64\x264vfw.dll
2015-09-13 21:59 - 2012-07-21 12:55 - 00180736 _____ (fccHandler) C:\WINDOWS\system32\ac3acm.acm
2015-09-13 21:59 - 2012-07-21 12:54 - 00122880 _____ (fccHandler) C:\WINDOWS\SysWOW64\ac3acm.acm
2015-09-13 21:59 - 2011-12-07 19:37 - 00148992 _____ ( ) C:\WINDOWS\system32\lagarith.dll
2015-09-13 21:59 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\WINDOWS\SysWOW64\lagarith.dll
2015-09-13 21:58 - 2015-09-13 21:59 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2015-09-13 21:47 - 2015-09-13 21:57 - 41563740 _____ ( ) C:\Users\***\Downloads\K-Lite_Codec_Pack_1140_Mega.exe
2015-09-13 11:37 - 2015-09-13 11:37 - 00000798 _____ C:\Users\***\Documents\Fixlist.txt
2015-09-12 22:28 - 2015-09-12 22:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2015-09-12 22:27 - 2015-09-12 22:28 - 05176416 _____ (Sandboxie Holdings, LLC) C:\Users\***\Downloads\SandboxieInstall64-502.exe
2015-09-12 18:43 - 2015-09-12 18:43 - 00005850 _____ C:\Users\***\Downloads\Malware 1x PUP am 30.07.15.txt
2015-09-12 18:42 - 2015-09-12 18:42 - 00004039 _____ C:\Users\***\Downloads\Malware 2x PUP am 1.8.15.txt
2015-09-12 17:17 - 2015-09-12 18:24 - 00380416 _____ C:\Users\***\Downloads\Gmer-19357.exe
2015-09-12 14:35 - 2015-09-12 14:35 - 00001380 _____ C:\Users\***\Downloads\a2scan_150912-134822.txt
2015-09-10 20:13 - 2015-09-10 20:13 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-09-10 20:13 - 2015-09-10 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-10 20:07 - 2015-09-10 19:32 - 00000030 _____ C:\AVScanner.ini
2015-09-09 17:09 - 2015-09-09 17:09 - 00003284 _____ C:\WINDOWS\System32\Tasks\{70F4BB8E-DF69-4214-A82D-13742A7694BD}
2015-09-09 10:53 - 2015-09-09 10:53 - 00000020 ___SH C:\Users\.NET v4.5\ntuser.ini
2015-09-09 10:53 - 2015-09-09 10:53 - 00000020 ___SH C:\Users\.NET v4.5 Classic\ntuser.ini
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\Vorlagen
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\Startmenü
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\Netzwerkumgebung
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\Lokale Einstellungen
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\Eigene Dateien
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\Druckumgebung
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\Documents\Eigene Musik
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\Documents\Eigene Bilder
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\AppData\Local\Verlauf
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\AppData\Local\Anwendungsdaten
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\Anwendungsdaten
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\Vorlagen
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\Startmenü
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\Netzwerkumgebung
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\Lokale Einstellungen
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\Eigene Dateien
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\Druckumgebung
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\Documents\Eigene Musik
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\Documents\Eigene Bilder
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\AppData\Local\Verlauf
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\AppData\Local\Anwendungsdaten
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\Anwendungsdaten
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 ____D C:\Users\.NET v4.5 Classic
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 ____D C:\Users\.NET v4.5
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 ____D C:\inetpub
2015-09-09 10:53 - 2015-08-13 12:55 - 00000000 ___RD C:\Users\.NET v4.5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-09 10:53 - 2015-08-13 12:55 - 00000000 ___RD C:\Users\.NET v4.5 Classic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-09 10:53 - 2015-07-30 21:07 - 00000000 ____D C:\Users\.NET v4.5\AppData\Roaming\ATI
2015-09-09 10:53 - 2015-07-30 21:07 - 00000000 ____D C:\Users\.NET v4.5\AppData\Local\Microsoft Help
2015-09-09 10:53 - 2015-07-30 21:07 - 00000000 ____D C:\Users\.NET v4.5\AppData\Local\ATI
2015-09-09 10:53 - 2015-07-30 21:07 - 00000000 ____D C:\Users\.NET v4.5 Classic\AppData\Roaming\ATI
2015-09-09 10:53 - 2015-07-30 21:07 - 00000000 ____D C:\Users\.NET v4.5 Classic\AppData\Local\Microsoft Help
2015-09-09 10:53 - 2015-07-30 21:07 - 00000000 ____D C:\Users\.NET v4.5 Classic\AppData\Local\ATI
2015-09-09 10:53 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\.NET v4.5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-09-09 10:53 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\.NET v4.5 Classic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-09-09 10:53 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\.NET v4.5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-09-09 10:53 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\.NET v4.5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-09-09 10:53 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\.NET v4.5 Classic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-09-09 10:53 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\.NET v4.5 Classic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-09-09 10:53 - 2015-07-10 13:04 - 00000000 ____D C:\Users\.NET v4.5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-09 10:53 - 2015-07-10 13:04 - 00000000 ____D C:\Users\.NET v4.5 Classic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-09 10:30 - 2015-09-09 10:30 - 00313004 _____ C:\Users\***\Documents\cc_20150909_103017.reg
2015-09-09 10:27 - 2015-09-09 10:27 - 00002852 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-09-09 10:27 - 2015-09-09 10:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-09-09 10:27 - 2015-09-09 10:27 - 00000000 ____D C:\Program Files\CCleaner
2015-09-09 08:34 - 2015-09-09 08:34 - 00001682 _____ C:\Users\***\Desktop\Notepad++.lnk
2015-09-08 23:48 - 2015-09-09 13:12 - 00000000 ____D C:\Users\***\AppData\Roaming\Notepad++
2015-09-08 23:48 - 2015-09-08 23:48 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-09-08 23:48 - 2015-09-08 23:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-09-08 23:40 - 2015-09-08 23:40 - 00000000 ____D C:\Users\***\AppData\Roaming\Sun
2015-09-08 23:40 - 2015-09-08 23:40 - 00000000 ____D C:\Users\***\.oracle_jre_usage
2015-09-08 23:13 - 2015-09-10 20:13 - 00000000 ____D C:\ProgramData\Oracle
2015-09-08 22:58 - 2015-08-27 08:36 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-08 22:58 - 2015-08-27 08:32 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-09-08 22:58 - 2015-08-27 07:59 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-08 22:58 - 2015-08-27 07:54 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-09-08 22:58 - 2015-08-27 07:54 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-08 22:58 - 2015-08-27 07:51 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-08 22:58 - 2015-08-27 07:51 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-08 22:58 - 2015-08-27 07:49 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-08 22:58 - 2015-08-27 07:47 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-08 22:58 - 2015-08-27 07:43 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-08 22:58 - 2015-08-27 07:43 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-08 22:58 - 2015-08-27 07:42 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-08 22:58 - 2015-08-27 07:42 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2015-09-08 22:58 - 2015-08-27 07:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-08 22:58 - 2015-08-27 07:39 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-08 22:58 - 2015-08-27 07:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-08 22:58 - 2015-08-27 07:16 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-08 22:58 - 2015-08-27 07:16 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-08 22:58 - 2015-08-27 07:12 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-08 22:58 - 2015-08-27 07:12 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-08 22:58 - 2015-08-27 07:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-08 22:58 - 2015-08-27 07:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-08 22:58 - 2015-08-27 07:09 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-08 22:58 - 2015-08-27 07:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-06 22:30 - 2015-09-06 22:30 - 00003236 _____ C:\WINDOWS\System32\Tasks\{B4166901-0BCE-4DB5-9228-DF2E0E6A54F0}
2015-09-06 22:25 - 2015-09-06 22:25 - 00000000 ____D C:\ProgramData\McAfee
2015-09-06 22:20 - 2015-09-07 22:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-09-06 22:01 - 2015-09-10 21:22 - 00000000 ____D C:\Users\***\AppData\Roaming\FileZilla
2015-09-06 22:01 - 2015-09-09 22:23 - 00000775 _____ C:\Users\***\Desktop\FileZilla Client.lnk
2015-09-06 22:01 - 2015-09-06 22:01 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-09-06 21:09 - 2015-09-06 21:09 - 00001219 _____ C:\Users\Public\Desktop\LibreOffice 5.0.lnk
2015-09-06 21:09 - 2015-09-06 21:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.0
2015-09-06 21:08 - 2015-09-06 21:09 - 00000000 ____D C:\Program Files (x86)\LibreOffice 5
2015-09-06 21:01 - 2015-09-10 19:58 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TYPO3 4.7.7
2015-09-06 18:25 - 2015-09-06 18:25 - 00000000 ____D C:\Users\***\AppData\Local\Microsoft_Corporation
2015-09-06 16:32 - 2015-09-06 16:32 - 00000000 ____D C:\Users\***\Documents\OneNote-Notizbücher
2015-09-06 13:02 - 2015-09-06 13:09 - 00000463 ____H C:\Users\***\Documents\.picasa.ini

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-05 20:04 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-05 19:55 - 2015-06-13 15:45 - 00001226 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2015-10-05 19:55 - 2015-06-13 15:45 - 00001222 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2015-10-05 19:53 - 2015-05-02 11:27 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-05 19:40 - 2014-03-16 13:40 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1888364831-2858631773-2981139133-1001UA.job
2015-10-05 19:32 - 2015-03-24 18:45 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-10-05 19:06 - 2015-06-13 15:47 - 00000000 ___RD C:\Users\***\Dropbox
2015-10-05 19:06 - 2015-06-13 15:45 - 00000000 ____D C:\Users\***\AppData\Local\Dropbox
2015-10-05 19:05 - 2014-10-26 16:05 - 00004154 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{687F2EEC-A316-484A-B958-97FEC835D3B2}
2015-10-05 19:04 - 2015-05-02 11:27 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-04 22:04 - 2015-07-30 21:13 - 00006364 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-04 22:04 - 2015-07-10 18:34 - 01065370 _____ C:\WINDOWS\system32\perfh007.dat
2015-10-04 22:04 - 2015-07-10 18:34 - 00247786 _____ C:\WINDOWS\system32\perfc007.dat
2015-10-04 21:40 - 2014-05-07 19:37 - 00000000 ____D C:\Users\***\AppData\Roaming\vlc
2015-10-04 18:40 - 2014-03-16 13:40 - 00001078 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1888364831-2858631773-2981139133-1001Core.job
2015-10-04 17:14 - 2015-03-12 15:20 - 00000000 ____D C:\Users\***\AppData\Roaming\dvdcss
2015-10-04 16:53 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-04 16:52 - 2015-07-10 11:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-10-04 14:08 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-10-04 13:54 - 2015-05-23 17:16 - 00003132 _____ C:\WINDOWS\Sandboxie.ini
2015-10-04 13:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-04 12:48 - 2015-07-30 21:05 - 00000000 ____D C:\Users\***
2015-10-04 12:09 - 2015-05-28 15:05 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2015-10-04 11:24 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-04 11:24 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-04 11:24 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-04 11:24 - 2015-07-10 13:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-04 11:24 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-04 11:24 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-04 11:24 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-04 11:24 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-04 11:23 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-10-04 11:23 - 2014-07-02 17:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-04 11:17 - 2015-08-30 11:34 - 00466898 _____ C:\Users\***\AppData\Local\Snip.txt
2015-10-04 11:02 - 2015-08-30 11:34 - 00000000 ____D C:\Users\***\Documents\My Snips
2015-10-03 21:10 - 2015-07-31 23:06 - 00000146 _____ C:\Users\***\Desktop\Sound - Verknüpfung.lnk
2015-10-03 00:00 - 2015-06-13 15:45 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-10-01 18:59 - 2015-09-01 17:36 - 00003962 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1438604478
2015-10-01 18:59 - 2015-08-03 14:21 - 00001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-10-01 18:59 - 2015-04-30 19:34 - 00000000 ____D C:\Program Files (x86)\Opera
2015-10-01 16:14 - 2015-07-30 19:11 - 00000000 ____D C:\Users\***\Documents\WISO Mein Geld
2015-09-30 21:59 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-27 09:24 - 2015-08-30 11:34 - 00000000 ____D C:\Users\***\AppData\Local\Package Cache
2015-09-26 21:53 - 2015-05-02 11:27 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-22 18:23 - 2014-01-20 23:03 - 00000000 ____D C:\Users\***\AppData\LocalLow\LastPass
2015-09-21 22:06 - 2014-04-04 17:44 - 00000000 ____D C:\Users\***\AppData\Local\Battle.net
2015-09-20 13:50 - 2014-12-03 18:33 - 00000000 ____D C:\Users\***\Desktop\Spiele
2015-09-19 22:19 - 2015-08-03 21:46 - 00000509 _____ C:\Users\***\Desktop\Programme und Features - Verknüpfung.lnk
2015-09-19 14:44 - 2014-01-20 22:56 - 00000000 ____D C:\Users\***\AppData\Roaming\Skype
2015-09-19 13:06 - 2014-08-13 18:27 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-09-19 13:06 - 2014-01-20 22:56 - 00000000 ____D C:\ProgramData\Skype
2015-09-19 12:52 - 2015-03-24 19:05 - 00000000 ____D C:\Users\***\Desktop\Sicherheit
2015-09-19 12:50 - 2015-08-01 12:44 - 00000000 ____D C:\WINDOWS\Minidump
2015-09-18 20:46 - 2015-07-30 19:10 - 00000000 ____D C:\Users\***\Documents\Thai Chi - Yang Stile
2015-09-18 19:11 - 2015-03-27 21:20 - 00001326 _____ C:\DelFix.txt
2015-09-18 18:49 - 2014-04-04 16:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2015-09-18 18:38 - 2014-04-04 16:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2015-09-17 15:48 - 2015-05-02 11:27 - 00004194 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-17 15:48 - 2015-05-02 11:27 - 00003962 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-16 18:35 - 2014-03-16 13:40 - 00004244 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1888364831-2858631773-2981139133-1001UA
2015-09-16 18:35 - 2014-03-16 13:40 - 00003868 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1888364831-2858631773-2981139133-1001Core
2015-09-16 18:02 - 2014-01-20 21:44 - 00000000 ____D C:\Users\***\AppData\Local\Packages
2015-09-16 18:00 - 2015-07-30 21:15 - 00002390 _____ C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-09-16 18:00 - 2015-07-30 21:13 - 00000000 ___RD C:\Users\***\OneDrive
2015-09-15 18:12 - 2015-07-10 13:06 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-09-15 18:12 - 2015-07-10 13:06 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-14 18:52 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\restore
2015-09-14 13:26 - 2014-10-17 21:33 - 00000000 ____D C:\Users\***\AppData\Local\Adobe
2015-09-12 12:49 - 2014-01-20 22:19 - 00000000 ____D C:\Users\***\AppData\Local\Google
2015-09-10 20:13 - 2014-10-16 20:18 - 00000000 ____D C:\Program Files (x86)\Java
2015-09-10 18:47 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-09-09 11:04 - 2015-07-10 14:20 - 00409488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-09 10:53 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-09-09 10:53 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-09-09 10:53 - 2015-07-10 13:01 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-09-09 10:53 - 2015-07-10 13:01 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-09-09 10:53 - 2015-07-10 13:01 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-09-09 10:53 - 2015-07-10 13:01 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-09-09 10:53 - 2015-07-10 13:01 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-09-09 10:53 - 2015-07-10 13:01 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-09-09 10:53 - 2015-07-10 13:00 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-09-09 10:53 - 2015-07-10 13:00 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-09-09 10:53 - 2015-07-10 13:00 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-09-09 10:53 - 2015-07-10 13:00 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-09-09 10:53 - 2015-07-10 13:00 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-09-09 10:53 - 2015-07-10 13:00 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-09-09 10:53 - 2015-07-10 12:59 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\simptcp.dll
2015-09-09 10:33 - 2015-05-19 18:01 - 00000000 ____D C:\Users\***\AppData\Roaming\Media Player Classic
2015-09-09 10:33 - 2015-02-14 17:51 - 00000000 ____D C:\Users\***\AppData\Local\CrashDumps
2015-09-09 10:33 - 2014-06-30 14:40 - 00000000 ____D C:\Program Files (x86)\Steam
2015-09-08 23:06 - 2015-07-10 18:44 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-08 23:04 - 2014-05-10 14:38 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-08 23:03 - 2013-08-22 15:25 - 00000203 _____ C:\WINDOWS\win.ini
2015-09-08 23:02 - 2014-01-20 22:10 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-06 17:07 - 2015-07-30 19:10 - 00000000 ____D C:\Users\***\Documents\Rou

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-01-20 23:03 - 2014-10-06 18:29 - 13024768 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2015-07-30 19:04 - 2015-07-30 19:05 - 0000467 _____ () C:\Users\***\AppData\Roaming\burnaware.ini
2015-07-30 22:44 - 2015-07-30 22:44 - 0000078 _____ () C:\Users\***\AppData\Roaming\mainhst.zgh
2014-10-04 14:43 - 2014-10-04 14:43 - 0001285 _____ () C:\Users\***\AppData\Local\recently-used.xbel
2015-05-01 21:58 - 2015-05-01 21:58 - 0007595 _____ () C:\Users\***\AppData\Local\Resmon.ResmonCfg
2015-08-30 11:34 - 2015-10-04 11:17 - 0466898 _____ () C:\Users\***\AppData\Local\Snip.txt
2015-02-14 11:57 - 2015-02-14 11:57 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-07-30 21:04 - 2015-07-30 21:04 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-11-06 16:41 - 2014-11-28 14:36 - 0000215 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\***\fbchathistory.dat


Einige Dateien in TEMP:
====================
C:\Users\***\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp8idyfs.dll
C:\Users\***\AppData\Local\Temp\SandboxieInstall.exe
C:\Users\***\AppData\Local\Temp\sfamcc00001.dll
C:\Users\***\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


ACHTUNG: ==> Auf den BCD konnte nicht zugegriffen werden.


LastRegBack: 2015-10-03 11:19

==================== Ende von FRST.txt ============================

Und nachdem ich den Security Check aufgerufen hatte, blitzte zwei mal eine Meldung auf, das eine>cmd< nicht ausgeführt werden.

Gruß
verrant

verrant 05.10.2015 19:32
Hi.

Beim Starten von Win folgende Meldung erhalten:

Dienststeuerungs-Manager
C.\windows\System32\sc.exe
start SbieSvc

Mit Nein geschlossen.


Bei Eset versehentlich die Firewall angelassen.
Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=b47cf353d8c9b5448c2e18d233f51d00
# end=init
# utc_time=2015-10-05 05:26:40
# local_time=2015-10-05 07:26:40 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Init
Update Download
Update Finalize
Updated modules version: 26087
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=b47cf353d8c9b5448c2e18d233f51d00
# end=updated
# utc_time=2015-10-05 05:39:37
# local_time=2015-10-05 07:39:37 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=b47cf353d8c9b5448c2e18d233f51d00
# engine=26087
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-10-05 05:55:27
# local_time=2015-10-05 07:55:27 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 2501 7541739 0 0
# scanned=134459
# found=4
# cleaned=0
# scan_time=949
sh=FF0CCDED7814B1A4F3C2AAB2272B387191150C37 ft=1 fh=6692b796646ecaae vn="Variante von Win32/InstallCore.ACL evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Unchecky\uninstall.exe"
sh=DEDA67FEA6190A4DFF58FD8902FCA09F88C1AAA1 ft=1 fh=37d3d023fa0756e7 vn="Variante von Win32/InstallCore.ACL evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Unchecky\bin\collector.dll"
sh=DA2A8E1E90B87824517E911AAC53139F7B35E65D ft=1 fh=cb45b508b48a450e vn="Win32/InstallCore.ACL evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Unchecky\bin\icuid.dll"
sh=682DFC5EDEA2AA656C2BE4543AC803719C2F2380 ft=1 fh=29b27b8c4470cb2b vn="Variante von Win32/InstallCore.ACL evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Kay\Downloads\unchecky_setup039.exe"

Code:
Results of screen317's Security Check version 1.008 
  x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
Windows Defender 
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Java 8 Update 60 
 Mozilla Firefox (41.0.1)
 Mozilla Thunderbird (38.2.0)
 Google Chrome (45.0.2454.101)
 Google Chrome (45.0.2454.99)
````````Process Check: objlist.exe by Laurent```````` 
 Windows Defender MSMpEng.exe
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbam.exe 
 Malwarebytes Anti-Malware mbamscheduler.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:04-10-2015
durchgeführt von *** (Administrator) auf ***(05-10-2015 20:20:12)
Gestartet von C:\Users\***\Downloads
Geladene Profile: *** (Verfügbare Profile: *** & .NET v4.5 & .NET v4.5 Classic)
Platform: Windows 10 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\ScanToPCActivationApp.exe
(Sandboxie Holdings, LLC) D:\Program Files\Sandboxie\SbieCtrl.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation) C:\Windows\Speech\Common\sapisvr.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(VideoLAN) D:\Program Files\VideoLAN\VLC\vlc.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1001.16470.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1509.14010.0_x64__8wekyb3d8bbwe\Calculator.exe
() C:\Users\***\Downloads\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPNetworkCommunicator.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-03] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [WISO Mein Geld 2015 Professional .NET] => D:\Program Files (x86)\Buhl\WISO Mein Geld 2015\mg.exe [1120568 2015-07-22] (Buhl Data Service)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2620728 2015-07-22] (Malwarebytes Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36710768 2015-10-02] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [Google Update] => C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.)
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [WEB.DE Application {sync-000021}] => C:\Users\***\AppData\Local\WEB.DE Application {sync-000021}\webde_onlinespeicher.exe [781312 2015-02-18] (1&1 Mail & Media GmbH)
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [HP Photosmart Plus B210 series (NET)] => C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [SandboxieControl] => d:\Program Files\Sandboxie\SbieCtrl.exe [787592 2015-09-03] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [HP ENVY 4500 series (NET)] => C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [45056 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd)
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [55349888 2015-09-04] (Skype Technologies S.A.)
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Policies\Explorer: [NoSecurityTab] 0
ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 1] -> {02B2B772-B8A8-4DA4-9B18-42551A54A1A8} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 2] -> {0575AB16-E932-4160-8936-4DBE195BDBD7} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 3] -> {0E9EF89A-96D3-4DE6-B2F8-E9548AA5321E} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 4] -> {1A4AFFE1-B2F9-483D-B627-D9A339DBFD34} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 1] -> {02B2B772-B8A8-4DA4-9B18-42551A54A1A8} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 2] -> {0575AB16-E932-4160-8936-4DBE195BDBD7} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 3] -> {0E9EF89A-96D3-4DE6-B2F8-E9548AA5321E} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 4] -> {1A4AFFE1-B2F9-483D-B627-D9A339DBFD34} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2014-10-06]
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2014-01-20]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk [2015-02-19]
Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2015-09-06]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{1f429b3c-0def-4794-9fcd-1bd8383e754d}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{f4f984b3-14b6-4096-bca6-c6781cd9c88e}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1888364831-2858631773-2981139133-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> d:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-10-06] (LastPass)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Kein Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} ->  Keine Datei
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-10] (Oracle Corporation)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> d:\Program Files (x86)\LastPass\LPToolbar.dll [2014-10-06] (LastPass)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-10] (Oracle Corporation)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - d:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-10-06] (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - d:\Program Files (x86)\LastPass\LPToolbar.dll [2014-10-06] (LastPass)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798
FF Homepage: hxxp://www.diesiedleronline.de/de/spielen
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-22] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> d:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @lastpass.com/NPLastPass -> d:\Program Files (x86)\LastPass\nplastpass64.dll [2014-10-06] (LastPass)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> D:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> d:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> d:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> d:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-22] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> d:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-10] (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> d:\Program Files (x86)\LastPass\nplastpass.dll [2014-10-06] (LastPass)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> D:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1888364831-2858631773-2981139133-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> d:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1888364831-2858631773-2981139133-1001: @tools.google.com/Google Update;version=3 -> C:\Users\***\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-1888364831-2858631773-2981139133-1001: @tools.google.com/Google Update;version=9 -> C:\Users\***\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-1888364831-2858631773-2981139133-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\***\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
FF Extension: LastPass - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\support@lastpass.com [2015-09-26]
FF Extension: Video AdBlock for Firefox - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\{a00bef25-f21a-4539-adbb-b179b29e2b92} [2015-09-14]
FF Extension: WOT - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-07-09]
FF Extension: ProxMate - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi [2015-04-18]
FF Extension: uBlock Origin - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\uBlock0@raymondhill.net.xpi [2015-09-19]
FF Extension: NoScript - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-03-31]
FF Extension: Adblock Plus - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-03-31]
FF Extension: BetterPrivacy - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2015-03-31]
FF Extension: Kein Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-03]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.spiegel.de/","hxxp://forum.ubuntuusers.de/topic/kann-keine-programme-per-software-center-downl/","hxxp://www.happypainting.de/","hxxp://www.pentaxians.de/","hxxp://www.web.de/","hxxp://www.t-online.de/","http://www.trojaner-board.de/166488-...chtungen.html"
CHR Profile: C:\Users\***\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (NoScript Suite Lite) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahnanjpbkghcdgmlchbcfoiefnifjeni [2015-05-28]
CHR Extension: (Google Drive) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-02]
CHR Extension: (TV) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2015-05-02]
CHR Extension: (ColorZilla) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2015-09-05]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-05-02]
CHR Extension: (YouTube) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-14]
CHR Extension: (Meine IP-Adresse) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccfphbgnmmhjfalloifioeeeokjemobf [2015-05-02]
CHR Extension: (Adblock Plus) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-05-02]
CHR Extension: (TrafficLight) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfnpidifppmenkapgihekkeednfoenal [2015-05-02]
CHR Extension: (Adblock für Youtube™) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2015-09-14]
CHR Extension: (Google-Suche) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-02]
CHR Extension: (Facebook Customizer (by Adblock Plus)) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoeenbkoccjaefmmhpmlegngdjohdcm [2015-05-02]
CHR Extension: (Best Utility Apps) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnfkmehkjocihlfmcjkmdiekloihfaog [2015-05-02]
CHR Extension: (VTchromizer) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\efbjojhplkelaegfbieplglfidafgoka [2015-09-14]
CHR Extension: (Facebook Disconnect) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpepffjfmamnambagiibghpglaidiec [2015-05-02]
CHR Extension: (Google Text & Tabellen Offline) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-03]
CHR Extension: (AdBlock) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-05-02]
CHR Extension: („Pin it“-Button) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2015-10-04]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2015-05-02]
CHR Extension: (PDF Mergy) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgecghmkcdefnknohcimkoemhaofpoha [2015-05-02]
CHR Extension: (Subscriptions for YouTube™) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibcngljpkdlakkbhmbfhjabcblbcldbl [2015-05-02]
CHR Extension: (ProxMate) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifalmiidchkjjmkkbkoaibpmoeichmki [2015-06-22]
CHR Extension: (Dropbox) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2015-05-02]
CHR Extension: (Interstellar) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\kackgkhdbldcojljaeoaghlhfbbldkil [2015-05-02]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-02]
CHR Extension: (Google Maps) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-05-02]
CHR Extension: (Chrono Download Manager) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mciiogijehkdemklbdcbfkefimifhecn [2015-05-02]
CHR Extension: (Ghostery) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-05-02]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-02]
CHR Extension: (Hover Zoom) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2015-09-14]
CHR Extension: (AdBlock Pro) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2015-05-02]
CHR Extension: (QVIVO) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohdmoikcfdlgffkebhcojlghnccgngbg [2015-05-02]
CHR Extension: (Meine IP-Adresse) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhoeoiodcebkkigjiooibeccnfmmkoe [2015-05-02]
CHR Extension: (Google Mail) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-02]
CHR HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fknfdieimobmimhdkfkheeejenmdjhoe] - C:\Program Files (x86)\pandasecuritytb\chrome-newtab-search.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\***\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2015-02-15]

Opera:
=======
OPR Extension: (Ghostery) - C:\Users\***\AppData\Roaming\Opera Software\Opera Stable\Extensions\bbkekonodcdmedgffkkbgmnnekbainbg [2015-04-30]
OPR Extension: (dr34polw) - C:\Users\***\AppData\Roaming\Opera Software\Opera Stable\Extensions\cfkmglogfkpfekddlalobmhdbkjneejb [2015-08-03]
OPR Extension: (dr34polw) - C:\Users\***\AppData\Roaming\Opera Software\Opera Stable\Extensions\cgdogbijachehheddakopmfjahhgmmma [2015-08-03]
OPR Extension: (Avira Browser Safety) - C:\Users\***\AppData\Roaming\Opera Software\Opera Stable\Extensions\dalelnnofafalcmkmnhdbigbjjkloabo [2015-08-03]
OPR Extension: (weboftrust) - C:\Users\***\AppData\Roaming\Opera Software\Opera Stable\Extensions\eeokceolphhfjdfcibaiiopmekmcbedp [2015-08-03]
OPR Extension: (Cookie Jar) - C:\Users\***\AppData\Roaming\Opera Software\Opera Stable\Extensions\gapogllmojifhogcdfmommbeafllndoa [2015-08-03]
OPR Extension: (Google Analytics Opt-out (by Google)) - C:\Users\***\AppData\Roaming\Opera Software\Opera Stable\Extensions\hmffjpdmbgflojiohllanjaggdenggdo [2015-08-03]
OPR Extension: (dr34polw) - C:\Users\***\AppData\Roaming\Opera Software\Opera Stable\Extensions\ipiopppcaojnchgoepoemlbdccogeije [2015-08-03]
OPR Extension: (emmyaldor) - C:\Users\***\AppData\Roaming\Opera Software\Opera Stable\Extensions\knbfimhapmnifdchcafinkbfikmomaak [2015-09-10]
OPR Extension: (History Eraser) - C:\Users\***\AppData\Roaming\Opera Software\Opera Stable\Extensions\lfpoajlbkhlfoeeokbppmecpplmieedm [2015-08-03]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-13] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-13] (Dropbox, Inc.)
S2 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [218768 2015-06-24] (DTS)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
S2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [713016 2015-07-22] (Malwarebytes Corporation)
R4 MBAMScheduler; d:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; d:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [Datei ist nicht signiert]
S2 SbieSvc; d:\Program Files\Sandboxie\SbieSvc.exe [177800 2015-09-03] (Sandboxie Holdings, LLC)
S2 ss_conn_service; D:\Program Files (x86)\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
S2 Unchecky; C:\Program Files (x86)\Unchecky\bin\Unchecky_svc.exe [163576 2015-09-19] (RaMMicHaeL)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-09-09] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-09-09] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
S3 AmUHubftr; C:\Windows\System32\drivers\AmUHubftr.sys [25880 2013-12-20] (Alcor Micro, Corp.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
S3 Bulk1528; C:\Windows\System32\Drivers\Bulk1528.sys [17792 2009-10-20] (SunPlus)
S2 Ca1528av; C:\Windows\System32\Drivers\Ca1528av.sys [533760 2008-12-17] (Digital Camera)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-07-22] ()
R3 i8042HDR; C:\Windows\system32\DRIVERS\i8042HDR.sys [15920 2009-08-14] (Windows (R) Codename Longhorn DDK provider)
S3 LcUvcUpper; C:\Windows\system32\DRIVERS\LcUvcUpper.sys [34424 2015-08-27] (Microsoft Corporation)
R1 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [109272 2015-06-18] (Malwarebytes Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-10-05] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
S3 MEMSWEEP2; C:\WINDOWS\system32\15E3.tmp [6144 2009-06-18] (Sophos Plc) [Datei ist nicht signiert]
R3 netr28ux; C:\Windows\System32\drivers\netr28ux.sys [2204304 2015-07-10] (MediaTek Inc.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )
R3 SbieDrv; d:\Program Files\Sandboxie\SbieDrv.sys [191112 2015-09-03] (Sandboxie Holdings, LLC)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S1 UimBus; C:\Windows\System32\drivers\UimBus.sys [102664 2014-05-19] ()
S1 Uim_DEVIM; C:\Windows\System32\drivers\uim_devim.sys [25992 2014-05-19] ()
S1 Uim_IM; C:\Windows\System32\drivers\uim_im.sys [700296 2014-05-19] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-05 20:20 - 2015-10-05 20:20 - 00000000 ____D C:\Users\***\Downloads\FRST-OlderVersion
2015-10-05 20:17 - 2015-10-05 20:17 - 00852704 _____ C:\Users\***\Downloads\SecurityCheck.exe
2015-10-05 20:16 - 2015-10-05 20:16 - 00019901 _____ C:\Users\***\Downloads\Unbenannt 1.odt
2015-10-05 20:10 - 2015-10-05 20:10 - 00016148 _____ C:\WINDOWS\system32\OPQIWUER_***_HistoryPrediction.bin
2015-10-05 19:26 - 2015-10-05 19:26 - 00000000 ____D C:\Program Files (x86)\ESET
2015-10-05 19:24 - 2015-10-05 19:26 - 02870984 _____ (ESET) C:\Users\***\Downloads\esetsmartinstaller_deu.exe
2015-10-04 17:07 - 2015-10-04 17:07 - 00001188 _____ C:\Users\***\Downloads\mbam.txt
2015-10-04 17:02 - 2015-10-04 17:02 - 00001411 _____ C:\Users\***\Desktop\JRT.txt
2015-10-04 16:58 - 2015-10-04 16:58 - 01798976 _____ (Malwarebytes) C:\Users\***\Downloads\JRT.exe
2015-10-04 16:44 - 2015-10-04 17:09 - 00000000 ____D C:\AdwCleaner
2015-10-04 16:41 - 2015-10-04 16:41 - 01681408 _____ C:\Users\***\Downloads\AdwCleaner_5.010.exe
2015-10-04 11:23 - 2015-10-04 11:23 - 00000824 _____ C:\WINDOWS\PFRO.log
2015-10-04 11:19 - 2015-10-05 20:20 - 00037035 _____ C:\Users\***\Downloads\FRST.txt
2015-10-04 11:19 - 2015-10-04 11:57 - 00059865 _____ C:\Users\***\Downloads\Addition.txt
2015-10-04 11:18 - 2015-10-05 20:20 - 00000000 ____D C:\FRST
2015-10-04 11:17 - 2015-10-05 20:20 - 02193920 _____ (Farbar) C:\Users\***\Downloads\FRST64.exe
2015-10-04 11:17 - 2015-10-04 11:17 - 00050477 _____ C:\Users\***\Downloads\Defogger.exe
2015-10-04 11:17 - 2015-10-04 11:17 - 00000468 _____ C:\Users\***\Downloads\defogger_disable.log
2015-10-04 11:17 - 2015-10-04 11:17 - 00000000 _____ C:\Users\***\defogger_reenable
2015-10-03 15:03 - 2015-10-03 15:03 - 00011859 _____ C:\Users\***\Desktop\Musik für Facebook.odt
2015-10-03 04:09 - 2015-10-04 11:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-03 00:00 - 2015-10-03 00:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-09-30 21:56 - 2015-09-25 02:35 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-09-30 21:56 - 2015-09-25 02:34 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-09-30 21:56 - 2015-09-25 02:13 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-09-30 21:56 - 2015-09-25 01:34 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-09-30 21:56 - 2015-09-25 01:34 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-09-30 21:56 - 2015-09-25 01:24 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-09-30 21:56 - 2015-09-25 01:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-09-30 21:56 - 2015-09-25 01:23 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-09-30 21:56 - 2015-09-25 01:17 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-09-30 21:56 - 2015-09-25 01:08 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-09-30 21:56 - 2015-09-25 01:07 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-09-30 21:56 - 2015-09-25 01:06 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-09-30 21:56 - 2015-09-25 01:05 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-09-30 21:56 - 2015-09-25 01:01 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-09-30 21:56 - 2015-09-25 01:01 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-09-30 21:56 - 2015-09-25 01:00 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-09-30 21:56 - 2015-09-25 01:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-09-30 21:56 - 2015-09-25 01:00 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-09-30 21:56 - 2015-09-25 01:00 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-09-30 21:56 - 2015-09-25 00:53 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-09-30 21:56 - 2015-09-25 00:43 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-09-30 21:56 - 2015-09-25 00:43 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-09-30 21:56 - 2015-09-25 00:42 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-09-30 21:56 - 2015-09-25 00:25 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-09-30 21:56 - 2015-09-25 00:25 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-09-30 21:56 - 2015-09-25 00:25 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-09-30 21:56 - 2015-09-25 00:25 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-09-30 21:56 - 2015-09-25 00:25 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-09-30 21:56 - 2015-09-25 00:24 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-09-30 21:56 - 2015-09-25 00:19 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-09-30 21:56 - 2015-09-19 07:14 - 00102304 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2015-09-30 21:56 - 2015-09-17 08:50 - 02464216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-09-30 21:56 - 2015-09-17 08:50 - 01563392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-09-30 21:56 - 2015-09-17 08:50 - 00099664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-09-30 21:56 - 2015-09-17 08:50 - 00088384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-09-30 21:56 - 2015-09-17 08:49 - 08020816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-09-30 21:56 - 2015-09-17 08:49 - 06487248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-09-30 21:56 - 2015-09-17 08:49 - 01563472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-09-30 21:56 - 2015-09-17 08:49 - 00894256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2015-09-30 21:56 - 2015-09-17 08:49 - 00553808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2015-09-30 21:56 - 2015-09-17 08:49 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-09-30 21:56 - 2015-09-17 08:48 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2015-09-30 21:56 - 2015-09-17 08:48 - 02494712 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-30 21:56 - 2015-09-17 08:48 - 02432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-09-30 21:56 - 2015-09-17 08:48 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2015-09-30 21:56 - 2015-09-17 08:48 - 01983824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-09-30 21:56 - 2015-09-17 08:48 - 00809352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-09-30 21:56 - 2015-09-17 08:48 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-09-30 21:56 - 2015-09-17 08:48 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-09-30 21:56 - 2015-09-17 08:48 - 00555768 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-09-30 21:56 - 2015-09-17 08:48 - 00537080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-09-30 21:56 - 2015-09-17 08:48 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-09-30 21:56 - 2015-09-17 08:48 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-09-30 21:56 - 2015-09-17 08:48 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-09-30 21:56 - 2015-09-17 08:48 - 00406864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-09-30 21:56 - 2015-09-17 08:48 - 00395088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-09-30 21:56 - 2015-09-17 08:48 - 00332624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2015-09-30 21:56 - 2015-09-17 08:48 - 00278352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-09-30 21:56 - 2015-09-17 08:48 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-09-30 21:56 - 2015-09-17 08:47 - 01397088 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-09-30 21:56 - 2015-09-17 08:44 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-09-30 21:56 - 2015-09-17 08:43 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-09-30 21:56 - 2015-09-17 08:39 - 00081488 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-09-30 21:56 - 2015-09-17 08:37 - 01295712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2015-09-30 21:56 - 2015-09-17 08:37 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-09-30 21:56 - 2015-09-17 08:28 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-09-30 21:56 - 2015-09-17 08:28 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-09-30 21:56 - 2015-09-17 08:28 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-09-30 21:56 - 2015-09-17 08:28 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2015-09-30 21:56 - 2015-09-17 08:28 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-09-30 21:56 - 2015-09-17 08:28 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-09-30 21:56 - 2015-09-17 08:27 - 01766952 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-09-30 21:56 - 2015-09-17 08:27 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-09-30 21:56 - 2015-09-17 08:26 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2015-09-30 21:56 - 2015-09-17 08:26 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2015-09-30 21:56 - 2015-09-17 08:26 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-09-30 21:56 - 2015-09-17 08:26 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-09-30 21:56 - 2015-09-17 08:26 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-09-30 21:56 - 2015-09-17 08:26 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-09-30 21:56 - 2015-09-17 08:25 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-09-30 21:56 - 2015-09-17 08:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-09-30 21:56 - 2015-09-17 08:20 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-09-30 21:56 - 2015-09-17 08:12 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-09-30 21:56 - 2015-09-17 08:11 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-09-30 21:56 - 2015-09-17 08:10 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2015-09-30 21:56 - 2015-09-17 08:09 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-09-30 21:56 - 2015-09-17 08:09 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-09-30 21:56 - 2015-09-17 08:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-09-30 21:56 - 2015-09-17 08:08 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-09-30 21:56 - 2015-09-17 08:08 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-09-30 21:56 - 2015-09-17 08:07 - 21875712 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-09-30 21:56 - 2015-09-17 08:06 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-09-30 21:56 - 2015-09-17 08:06 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-09-30 21:56 - 2015-09-17 08:06 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-09-30 21:56 - 2015-09-17 08:05 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-09-30 21:56 - 2015-09-17 08:05 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-09-30 21:56 - 2015-09-17 08:04 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-09-30 21:56 - 2015-09-17 08:04 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-09-30 21:56 - 2015-09-17 08:04 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2015-09-30 21:56 - 2015-09-17 08:03 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2015-09-30 21:56 - 2015-09-17 08:03 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-09-30 21:56 - 2015-09-17 08:03 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2015-09-30 21:56 - 2015-09-17 08:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2015-09-30 21:56 - 2015-09-17 08:02 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-09-30 21:56 - 2015-09-17 08:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-09-30 21:56 - 2015-09-17 08:00 - 24595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-30 21:56 - 2015-09-17 08:00 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-09-30 21:56 - 2015-09-17 08:00 - 02417664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-09-30 21:56 - 2015-09-17 08:00 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-09-30 21:56 - 2015-09-17 08:00 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2015-09-30 21:56 - 2015-09-17 07:58 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-09-30 21:56 - 2015-09-17 07:57 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-09-30 21:56 - 2015-09-17 07:57 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-09-30 21:56 - 2015-09-17 07:57 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-09-30 21:56 - 2015-09-17 07:57 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-09-30 21:56 - 2015-09-17 07:56 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-09-30 21:56 - 2015-09-17 07:56 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-09-30 21:56 - 2015-09-17 07:55 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-09-30 21:56 - 2015-09-17 07:55 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-09-30 21:56 - 2015-09-17 07:55 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2015-09-30 21:56 - 2015-09-17 07:55 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-09-30 21:56 - 2015-09-17 07:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2015-09-30 21:56 - 2015-09-17 07:55 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2015-09-30 21:56 - 2015-09-17 07:55 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2015-09-30 21:56 - 2015-09-17 07:55 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-09-30 21:56 - 2015-09-17 07:55 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-09-30 21:56 - 2015-09-17 07:54 - 03781120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-09-30 21:56 - 2015-09-17 07:54 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-09-30 21:56 - 2015-09-17 07:53 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-09-30 21:56 - 2015-09-17 07:52 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-09-30 21:56 - 2015-09-17 07:52 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2015-09-30 21:56 - 2015-09-17 07:52 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-09-30 21:56 - 2015-09-17 07:52 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2015-09-30 21:56 - 2015-09-17 07:52 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-09-30 21:56 - 2015-09-17 07:52 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-09-30 21:56 - 2015-09-17 07:52 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-09-30 21:56 - 2015-09-17 07:52 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-09-30 21:56 - 2015-09-17 07:52 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-09-30 21:56 - 2015-09-17 07:52 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-09-30 21:56 - 2015-09-17 07:51 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-09-30 21:56 - 2015-09-17 07:51 - 02660864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-09-30 21:56 - 2015-09-17 07:51 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-09-30 21:56 - 2015-09-17 07:51 - 01203712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-09-30 21:56 - 2015-09-17 07:51 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-09-30 21:56 - 2015-09-17 07:51 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-09-30 21:56 - 2015-09-17 07:51 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2015-09-30 21:56 - 2015-09-17 07:50 - 00929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-09-30 21:56 - 2015-09-17 07:50 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-09-30 21:56 - 2015-09-17 07:50 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2015-09-30 21:56 - 2015-09-17 07:50 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-09-30 21:56 - 2015-09-17 07:50 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeWiFi.dll
2015-09-30 21:56 - 2015-09-17 07:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2015-09-30 21:56 - 2015-09-17 07:49 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-09-30 21:56 - 2015-09-17 07:49 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-09-30 21:56 - 2015-09-17 07:49 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-09-30 21:56 - 2015-09-17 07:49 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-09-30 21:56 - 2015-09-17 07:49 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll
2015-09-30 21:56 - 2015-09-17 07:49 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-09-30 21:56 - 2015-09-17 07:49 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-09-30 21:56 - 2015-09-17 07:49 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll
2015-09-30 21:56 - 2015-09-17 07:49 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeIP.dll
2015-09-30 21:56 - 2015-09-17 07:49 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-09-30 21:56 - 2015-09-17 07:49 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2015-09-30 21:56 - 2015-09-17 07:48 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-09-30 21:56 - 2015-09-17 07:48 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-09-30 21:56 - 2015-09-17 07:48 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-09-30 21:56 - 2015-09-17 07:48 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-09-30 21:56 - 2015-09-17 07:48 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2015-09-30 21:56 - 2015-09-17 07:48 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-09-30 21:56 - 2015-09-17 07:47 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-09-30 21:56 - 2015-09-17 07:47 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2015-09-30 21:56 - 2015-09-17 07:47 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-09-30 21:56 - 2015-09-17 07:47 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-09-30 21:56 - 2015-09-17 07:46 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-09-30 21:56 - 2015-09-17 07:46 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-09-30 21:56 - 2015-09-17 07:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-09-30 21:56 - 2015-09-17 07:46 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-09-30 21:56 - 2015-09-17 07:46 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-09-30 21:56 - 2015-09-17 07:46 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2015-09-30 21:56 - 2015-09-17 07:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2015-09-30 21:56 - 2015-09-17 07:45 - 19325440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-30 21:56 - 2015-09-17 07:45 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-09-30 21:56 - 2015-09-17 07:45 - 01331200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-09-30 21:56 - 2015-09-17 07:45 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-09-30 21:56 - 2015-09-17 07:45 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-09-30 21:56 - 2015-09-17 07:45 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-09-30 21:56 - 2015-09-17 07:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2015-09-30 21:56 - 2015-09-17 07:44 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-09-30 21:56 - 2015-09-17 07:44 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-09-30 21:56 - 2015-09-17 07:44 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2015-09-30 21:56 - 2015-09-17 07:44 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-09-30 21:56 - 2015-09-17 07:43 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-09-30 21:56 - 2015-09-17 07:43 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-09-30 21:56 - 2015-09-17 07:43 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-09-30 21:56 - 2015-09-17 07:43 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-09-30 21:56 - 2015-09-17 07:42 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-09-30 21:56 - 2015-09-17 07:41 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-09-30 21:56 - 2015-09-17 07:40 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-09-30 21:56 - 2015-09-17 07:40 - 01918464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-09-30 21:56 - 2015-09-17 07:40 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-09-30 21:56 - 2015-09-17 07:39 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-09-30 21:56 - 2015-09-17 07:38 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2015-09-30 21:56 - 2015-09-17 07:37 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-09-30 21:56 - 2015-09-17 07:37 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-09-30 21:56 - 2015-09-17 07:36 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2015-09-30 21:56 - 2015-09-17 07:35 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-09-30 21:56 - 2015-09-17 07:35 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-09-30 21:56 - 2015-09-17 07:35 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-09-30 21:56 - 2015-09-17 07:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-09-30 21:56 - 2015-09-17 07:34 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-09-30 21:56 - 2015-09-17 07:33 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-09-30 21:56 - 2015-09-17 07:32 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-09-30 21:56 - 2015-09-17 07:32 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-09-30 21:56 - 2015-09-17 07:32 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-09-30 21:56 - 2015-09-17 07:32 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-09-30 21:56 - 2015-09-17 07:31 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-09-30 21:56 - 2015-09-17 07:31 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2015-09-30 21:56 - 2015-09-17 07:30 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-09-30 21:56 - 2015-09-17 07:29 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-09-30 21:56 - 2015-09-17 07:29 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-09-30 21:56 - 2015-09-17 07:29 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-09-30 21:56 - 2015-09-17 07:29 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-09-30 21:56 - 2015-09-17 07:28 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-09-30 21:56 - 2015-09-17 07:26 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-09-30 21:56 - 2015-09-17 07:16 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-09-30 21:56 - 2015-09-13 04:05 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-09-30 21:56 - 2015-09-13 03:41 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-09-30 21:55 - 2015-09-17 08:03 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-09-30 21:55 - 2015-09-17 07:56 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-09-30 21:55 - 2015-09-17 07:54 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-30 21:55 - 2015-09-17 07:50 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeCell.dll
2015-09-30 21:55 - 2015-09-17 07:46 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll
2015-09-30 21:55 - 2015-09-17 07:39 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-29 21:51 - 2015-09-29 22:06 - 00026260 _____ C:\Users\***\Documents\Watt nen Scheiß verhalten Guener-Susanne.odt
2015-09-27 09:24 - 2015-09-27 09:24 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Snip
2015-09-27 09:24 - 2015-09-27 09:24 - 00000000 ____D C:\Users\***\AppData\Local\Snip
2015-09-26 21:33 - 2015-09-26 21:33 - 02354343 _____ C:\Users\***\Downloads\cpu-z_1.73.zip
2015-09-19 21:18 - 2015-09-19 21:18 - 12455424 _____ (Frontier Developments ) C:\Users\***\Downloads\EliteDangerous-Client-Installer.exe
2015-09-19 21:18 - 2015-09-19 21:18 - 12455424 _____ (Frontier Developments ) C:\Users\***\Downloads\EliteDangerous-Client-Installer (1).exe
2015-09-19 20:15 - 2015-09-19 20:15 - 04944608 _____ (Advanced Micro Devices, Inc.) C:\Users\***\Downloads\autodetectutility.exe
2015-09-19 14:50 - 2015-09-19 14:50 - 00001092 _____ C:\Users\Public\Desktop\Unchecky.lnk
2015-09-19 14:50 - 2015-09-19 14:50 - 00000000 ____D C:\ProgramData\Unchecky
2015-09-19 14:50 - 2015-09-19 14:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky
2015-09-19 14:50 - 2015-09-19 14:50 - 00000000 ____D C:\Program Files (x86)\Unchecky
2015-09-19 14:49 - 2015-09-19 14:49 - 01091504 _____ (RaMMicHaeL) C:\Users\***\Downloads\unchecky_setup039.exe
2015-09-19 13:11 - 2015-10-05 20:17 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-19 13:06 - 2015-09-19 13:06 - 00002642 _____ C:\Users\Public\Desktop\Skype.lnk
2015-09-19 13:06 - 2015-09-19 13:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-19 13:05 - 2015-09-19 13:05 - 01506832 _____ (Skype Technologies S.A.) C:\Users\***\Downloads\SkypeSetup.exe
2015-09-19 12:43 - 2015-09-19 12:43 - 00001183 _____ C:\Users\Public\Desktop\Picasa 3.lnk
2015-09-19 12:26 - 2015-09-19 12:26 - 02190552 _____ C:\Users\***\Downloads\appmanagersetup_2.0_b4_292.exe
2015-09-19 12:26 - 2015-09-19 12:26 - 00000945 _____ C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileHippo App Manager.lnk
2015-09-18 19:11 - 2015-09-18 19:11 - 00003638 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2015-09-18 18:37 - 2015-09-21 18:24 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-09-18 18:33 - 2015-09-18 18:34 - 03183672 _____ (Blizzard Entertainment) C:\Users\***\Downloads\StarCraft-II-Setup-deDE.exe
2015-09-18 18:33 - 2015-09-18 18:33 - 02907704 _____ (Blizzard Entertainment) C:\Users\***\Downloads\World-of-Warcraft-Setup-deDE.exe
2015-09-18 15:09 - 2015-09-18 15:09 - 01454240 _____ C:\Users\***\Downloads\openssl-fips-2.0.10.tar.gz
2015-09-18 15:09 - 2015-09-18 15:09 - 00000000 ____D C:\Users\***\Downloads\openssl-fips-2.0.10
2015-09-17 19:58 - 2015-09-18 14:49 - 00001276 _____ C:\Users\***\Desktop\CoreTemp.ini
2015-09-15 20:32 - 2015-09-15 20:35 - 00000000 ____D C:\Users\***\Downloads\Sicherheit
2015-09-15 20:32 - 2015-09-15 20:32 - 00003111 _____ C:\Users\***\Downloads\MBAM_PUPs_Funde.txt
2015-09-14 18:55 - 2015-09-14 18:55 - 00000000 ____D C:\Users\***\AppData\Roaming\dlg
2015-09-14 18:54 - 2015-09-14 18:54 - 00001318 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2015-09-14 18:54 - 2015-09-14 18:54 - 00001146 _____ C:\Users\Public\Desktop\Free MP4 Video Converter.lnk
2015-09-14 18:54 - 2015-09-14 18:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-09-14 18:52 - 2015-09-14 18:54 - 00000000 ____D C:\Users\***\AppData\Roaming\DVDVideoSoft
2015-09-14 13:24 - 2015-09-14 13:24 - 01190104 _____ (Adobe Systems Incorporated) C:\Users\***\Downloads\flashplayer18pp_da_install.exe
2015-09-14 13:22 - 2015-10-05 19:23 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-09-14 13:22 - 2015-10-03 21:55 - 00000946 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-09-14 13:22 - 2015-09-22 20:30 - 00004086 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-09-14 13:22 - 2015-09-14 13:26 - 00003870 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-09-14 12:36 - 2015-09-14 12:36 - 00000000 ____D C:\Users\***\Downloads\tweaking.com_windows_repair_aio
2015-09-14 12:35 - 2015-09-14 12:35 - 00000117 _____ C:\Users\***\Desktop\ndrinfo_nds.m3u
2015-09-13 22:01 - 2015-10-04 17:18 - 00000000 ____D C:\Users\***\AppData\Roaming\MPC-HC
2015-09-13 22:01 - 2015-09-13 22:01 - 06781458 _____ C:\Users\***\Downloads\VID-20150913-WA0001 (1).mp4
2015-09-13 21:59 - 2015-09-13 21:59 - 00003008 _____ C:\WINDOWS\System32\Tasks\klcp_update
2015-09-13 21:59 - 2015-09-13 21:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-09-13 21:59 - 2015-08-24 20:00 - 00112128 _____ C:\WINDOWS\SysWOW64\ff_vfw.dll
2015-09-13 21:59 - 2015-06-22 15:25 - 00254976 _____ C:\WINDOWS\system32\xvidvfw.dll
2015-09-13 21:59 - 2015-06-22 15:25 - 00240128 _____ C:\WINDOWS\SysWOW64\xvidvfw.dll
2015-09-13 21:59 - 2015-06-22 15:24 - 00729088 _____ C:\WINDOWS\system32\xvidcore.dll
2015-09-13 21:59 - 2015-02-28 17:22 - 03571200 _____ (x264vfw project) C:\WINDOWS\system32\x264vfw64.dll
2015-09-13 21:59 - 2015-02-28 17:21 - 03591680 _____ (x264vfw project) C:\WINDOWS\SysWOW64\x264vfw.dll
2015-09-13 21:59 - 2012-07-21 12:55 - 00180736 _____ (fccHandler) C:\WINDOWS\system32\ac3acm.acm
2015-09-13 21:59 - 2012-07-21 12:54 - 00122880 _____ (fccHandler) C:\WINDOWS\SysWOW64\ac3acm.acm
2015-09-13 21:59 - 2011-12-07 19:37 - 00148992 _____ ( ) C:\WINDOWS\system32\lagarith.dll
2015-09-13 21:59 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\WINDOWS\SysWOW64\lagarith.dll
2015-09-13 21:58 - 2015-09-13 21:59 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2015-09-13 21:47 - 2015-09-13 21:57 - 41563740 _____ ( ) C:\Users\***\Downloads\K-Lite_Codec_Pack_1140_Mega.exe
2015-09-13 11:37 - 2015-09-13 11:37 - 00000798 _____ C:\Users\***\Documents\Fixlist.txt
2015-09-12 22:28 - 2015-09-12 22:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2015-09-12 22:27 - 2015-09-12 22:28 - 05176416 _____ (Sandboxie Holdings, LLC) C:\Users\***\Downloads\SandboxieInstall64-502.exe
2015-09-12 18:43 - 2015-09-12 18:43 - 00005850 _____ C:\Users\***\Downloads\Malware 1x PUP am 30.07.15.txt
2015-09-12 18:42 - 2015-09-12 18:42 - 00004039 _____ C:\Users\***\Downloads\Malware 2x PUP am 1.8.15.txt
2015-09-12 17:17 - 2015-09-12 18:24 - 00380416 _____ C:\Users\***\Downloads\Gmer-19357.exe
2015-09-12 14:35 - 2015-09-12 14:35 - 00001380 _____ C:\Users\***\Downloads\a2scan_150912-134822.txt
2015-09-10 20:13 - 2015-09-10 20:13 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-09-10 20:13 - 2015-09-10 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-10 20:07 - 2015-09-10 19:32 - 00000030 _____ C:\AVScanner.ini
2015-09-09 17:09 - 2015-09-09 17:09 - 00003284 _____ C:\WINDOWS\System32\Tasks\{70F4BB8E-DF69-4214-A82D-13742A7694BD}
2015-09-09 10:53 - 2015-09-09 10:53 - 00000020 ___SH C:\Users\.NET v4.5\ntuser.ini
2015-09-09 10:53 - 2015-09-09 10:53 - 00000020 ___SH C:\Users\.NET v4.5 Classic\ntuser.ini
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\Vorlagen
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\Startmenü
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\Netzwerkumgebung
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\Lokale Einstellungen
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\Eigene Dateien
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\Druckumgebung
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\Documents\Eigene Musik
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\Documents\Eigene Bilder
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\AppData\Local\Verlauf
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\AppData\Local\Anwendungsdaten
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5\Anwendungsdaten
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\Vorlagen
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\Startmenü
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\Netzwerkumgebung
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\Lokale Einstellungen
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\Eigene Dateien
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\Druckumgebung
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\Documents\Eigene Musik
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\Documents\Eigene Bilder
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\AppData\Local\Verlauf
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\AppData\Local\Anwendungsdaten
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 _SHDL C:\Users\.NET v4.5 Classic\Anwendungsdaten
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 ____D C:\Users\.NET v4.5 Classic
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 ____D C:\Users\.NET v4.5
2015-09-09 10:53 - 2015-09-09 10:53 - 00000000 ____D C:\inetpub
2015-09-09 10:53 - 2015-08-13 12:55 - 00000000 ___RD C:\Users\.NET v4.5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-09 10:53 - 2015-08-13 12:55 - 00000000 ___RD C:\Users\.NET v4.5 Classic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-09 10:53 - 2015-07-30 21:07 - 00000000 ____D C:\Users\.NET v4.5\AppData\Roaming\ATI
2015-09-09 10:53 - 2015-07-30 21:07 - 00000000 ____D C:\Users\.NET v4.5\AppData\Local\Microsoft Help
2015-09-09 10:53 - 2015-07-30 21:07 - 00000000 ____D C:\Users\.NET v4.5\AppData\Local\ATI
2015-09-09 10:53 - 2015-07-30 21:07 - 00000000 ____D C:\Users\.NET v4.5 Classic\AppData\Roaming\ATI
2015-09-09 10:53 - 2015-07-30 21:07 - 00000000 ____D C:\Users\.NET v4.5 Classic\AppData\Local\Microsoft Help
2015-09-09 10:53 - 2015-07-30 21:07 - 00000000 ____D C:\Users\.NET v4.5 Classic\AppData\Local\ATI
2015-09-09 10:53 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\.NET v4.5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-09-09 10:53 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\.NET v4.5 Classic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-09-09 10:53 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\.NET v4.5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-09-09 10:53 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\.NET v4.5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-09-09 10:53 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\.NET v4.5 Classic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-09-09 10:53 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\.NET v4.5 Classic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-09-09 10:53 - 2015-07-10 13:04 - 00000000 ____D C:\Users\.NET v4.5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-09 10:53 - 2015-07-10 13:04 - 00000000 ____D C:\Users\.NET v4.5 Classic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-09 10:30 - 2015-09-09 10:30 - 00313004 _____ C:\Users\***\Documents\cc_20150909_103017.reg
2015-09-09 10:27 - 2015-09-09 10:27 - 00002852 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-09-09 10:27 - 2015-09-09 10:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-09-09 10:27 - 2015-09-09 10:27 - 00000000 ____D C:\Program Files\CCleaner
2015-09-09 08:34 - 2015-09-09 08:34 - 00001682 _____ C:\Users\***\Desktop\Notepad++.lnk
2015-09-08 23:48 - 2015-09-09 13:12 - 00000000 ____D C:\Users\***\AppData\Roaming\Notepad++
2015-09-08 23:48 - 2015-09-08 23:48 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-09-08 23:48 - 2015-09-08 23:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-09-08 23:40 - 2015-09-08 23:40 - 00000000 ____D C:\Users\***\AppData\Roaming\Sun
2015-09-08 23:40 - 2015-09-08 23:40 - 00000000 ____D C:\Users\***\.oracle_jre_usage
2015-09-08 23:13 - 2015-09-10 20:13 - 00000000 ____D C:\ProgramData\Oracle
2015-09-08 22:58 - 2015-08-27 08:36 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-08 22:58 - 2015-08-27 08:32 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-09-08 22:58 - 2015-08-27 07:59 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-08 22:58 - 2015-08-27 07:54 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-09-08 22:58 - 2015-08-27 07:54 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-08 22:58 - 2015-08-27 07:51 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-08 22:58 - 2015-08-27 07:51 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-08 22:58 - 2015-08-27 07:49 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-08 22:58 - 2015-08-27 07:47 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-08 22:58 - 2015-08-27 07:43 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-08 22:58 - 2015-08-27 07:43 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-08 22:58 - 2015-08-27 07:42 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-08 22:58 - 2015-08-27 07:42 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2015-09-08 22:58 - 2015-08-27 07:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-08 22:58 - 2015-08-27 07:39 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-08 22:58 - 2015-08-27 07:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-08 22:58 - 2015-08-27 07:16 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-08 22:58 - 2015-08-27 07:16 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-08 22:58 - 2015-08-27 07:12 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-08 22:58 - 2015-08-27 07:12 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-08 22:58 - 2015-08-27 07:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-08 22:58 - 2015-08-27 07:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-08 22:58 - 2015-08-27 07:09 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-08 22:58 - 2015-08-27 07:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-06 22:30 - 2015-09-06 22:30 - 00003236 _____ C:\WINDOWS\System32\Tasks\{B4166901-0BCE-4DB5-9228-DF2E0E6A54F0}
2015-09-06 22:25 - 2015-09-06 22:25 - 00000000 ____D C:\ProgramData\McAfee
2015-09-06 22:20 - 2015-09-07 22:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-09-06 22:01 - 2015-09-10 21:22 - 00000000 ____D C:\Users\***\AppData\Roaming\FileZilla
2015-09-06 22:01 - 2015-09-09 22:23 - 00000775 _____ C:\Users\***\Desktop\FileZilla Client.lnk
2015-09-06 22:01 - 2015-09-06 22:01 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-09-06 21:09 - 2015-09-06 21:09 - 00001219 _____ C:\Users\Public\Desktop\LibreOffice 5.0.lnk
2015-09-06 21:09 - 2015-09-06 21:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.0
2015-09-06 21:08 - 2015-09-06 21:09 - 00000000 ____D C:\Program Files (x86)\LibreOffice 5
2015-09-06 21:01 - 2015-09-10 19:58 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TYPO3 4.7.7
2015-09-06 18:25 - 2015-09-06 18:25 - 00000000 ____D C:\Users\***\AppData\Local\Microsoft_Corporation
2015-09-06 16:32 - 2015-09-06 16:32 - 00000000 ____D C:\Users\***\Documents\OneNote-Notizbücher
2015-09-06 13:02 - 2015-09-06 13:09 - 00000463 ____H C:\Users\***\Documents\.picasa.ini

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-05 20:04 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-05 19:55 - 2015-06-13 15:45 - 00001226 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2015-10-05 19:55 - 2015-06-13 15:45 - 00001222 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2015-10-05 19:53 - 2015-05-02 11:27 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-05 19:40 - 2014-03-16 13:40 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1888364831-2858631773-2981139133-1001UA.job
2015-10-05 19:32 - 2015-03-24 18:45 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-10-05 19:06 - 2015-06-13 15:47 - 00000000 ___RD C:\Users\***\Dropbox
2015-10-05 19:06 - 2015-06-13 15:45 - 00000000 ____D C:\Users\***\AppData\Local\Dropbox
2015-10-05 19:05 - 2014-10-26 16:05 - 00004154 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{687F2EEC-A316-484A-B958-97FEC835D3B2}
2015-10-05 19:04 - 2015-05-02 11:27 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-04 22:04 - 2015-07-30 21:13 - 00006364 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-04 22:04 - 2015-07-10 18:34 - 01065370 _____ C:\WINDOWS\system32\perfh007.dat
2015-10-04 22:04 - 2015-07-10 18:34 - 00247786 _____ C:\WINDOWS\system32\perfc007.dat
2015-10-04 21:40 - 2014-05-07 19:37 - 00000000 ____D C:\Users\***\AppData\Roaming\vlc
2015-10-04 18:40 - 2014-03-16 13:40 - 00001078 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1888364831-2858631773-2981139133-1001Core.job
2015-10-04 17:14 - 2015-03-12 15:20 - 00000000 ____D C:\Users\***\AppData\Roaming\dvdcss
2015-10-04 16:53 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-04 16:52 - 2015-07-10 11:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-10-04 14:08 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-10-04 13:54 - 2015-05-23 17:16 - 00003132 _____ C:\WINDOWS\Sandboxie.ini
2015-10-04 13:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-04 12:48 - 2015-07-30 21:05 - 00000000 ____D C:\Users\***
2015-10-04 12:09 - 2015-05-28 15:05 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2015-10-04 11:24 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-04 11:24 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-04 11:24 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-04 11:24 - 2015-07-10 13:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-04 11:24 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-04 11:24 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-04 11:24 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-04 11:24 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-04 11:23 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-10-04 11:23 - 2014-07-02 17:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-04 11:17 - 2015-08-30 11:34 - 00466898 _____ C:\Users\***\AppData\Local\Snip.txt
2015-10-04 11:02 - 2015-08-30 11:34 - 00000000 ____D C:\Users\***\Documents\My Snips
2015-10-03 21:10 - 2015-07-31 23:06 - 00000146 _____ C:\Users\***\Desktop\Sound - Verknüpfung.lnk
2015-10-03 00:00 - 2015-06-13 15:45 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-10-01 18:59 - 2015-09-01 17:36 - 00003962 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1438604478
2015-10-01 18:59 - 2015-08-03 14:21 - 00001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-10-01 18:59 - 2015-04-30 19:34 - 00000000 ____D C:\Program Files (x86)\Opera
2015-10-01 16:14 - 2015-07-30 19:11 - 00000000 ____D C:\Users\***\Documents\WISO Mein Geld
2015-09-30 21:59 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-27 09:24 - 2015-08-30 11:34 - 00000000 ____D C:\Users\***\AppData\Local\Package Cache
2015-09-26 21:53 - 2015-05-02 11:27 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-22 18:23 - 2014-01-20 23:03 - 00000000 ____D C:\Users\***\AppData\LocalLow\LastPass
2015-09-21 22:06 - 2014-04-04 17:44 - 00000000 ____D C:\Users\***\AppData\Local\Battle.net
2015-09-20 13:50 - 2014-12-03 18:33 - 00000000 ____D C:\Users\***\Desktop\Spiele
2015-09-19 22:19 - 2015-08-03 21:46 - 00000509 _____ C:\Users\***\Desktop\Programme und Features - Verknüpfung.lnk
2015-09-19 14:44 - 2014-01-20 22:56 - 00000000 ____D C:\Users\***\AppData\Roaming\Skype
2015-09-19 13:06 - 2014-08-13 18:27 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-09-19 13:06 - 2014-01-20 22:56 - 00000000 ____D C:\ProgramData\Skype
2015-09-19 12:52 - 2015-03-24 19:05 - 00000000 ____D C:\Users\***\Desktop\Sicherheit
2015-09-19 12:50 - 2015-08-01 12:44 - 00000000 ____D C:\WINDOWS\Minidump
2015-09-18 20:46 - 2015-07-30 19:10 - 00000000 ____D C:\Users\***\Documents\Thai Chi - Yang Stile
2015-09-18 19:11 - 2015-03-27 21:20 - 00001326 _____ C:\DelFix.txt
2015-09-18 18:49 - 2014-04-04 16:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2015-09-18 18:38 - 2014-04-04 16:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2015-09-17 15:48 - 2015-05-02 11:27 - 00004194 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-17 15:48 - 2015-05-02 11:27 - 00003962 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-16 18:35 - 2014-03-16 13:40 - 00004244 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1888364831-2858631773-2981139133-1001UA
2015-09-16 18:35 - 2014-03-16 13:40 - 00003868 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1888364831-2858631773-2981139133-1001Core
2015-09-16 18:02 - 2014-01-20 21:44 - 00000000 ____D C:\Users\***\AppData\Local\Packages
2015-09-16 18:00 - 2015-07-30 21:15 - 00002390 _____ C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-09-16 18:00 - 2015-07-30 21:13 - 00000000 ___RD C:\Users\***\OneDrive
2015-09-15 18:12 - 2015-07-10 13:06 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-09-15 18:12 - 2015-07-10 13:06 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-14 18:52 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\restore
2015-09-14 13:26 - 2014-10-17 21:33 - 00000000 ____D C:\Users\***\AppData\Local\Adobe
2015-09-12 12:49 - 2014-01-20 22:19 - 00000000 ____D C:\Users\***\AppData\Local\Google
2015-09-10 20:13 - 2014-10-16 20:18 - 00000000 ____D C:\Program Files (x86)\Java
2015-09-10 18:47 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-09-09 11:04 - 2015-07-10 14:20 - 00409488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-09 10:53 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-09-09 10:53 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-09-09 10:53 - 2015-07-10 13:01 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-09-09 10:53 - 2015-07-10 13:01 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-09-09 10:53 - 2015-07-10 13:01 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-09-09 10:53 - 2015-07-10 13:01 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-09-09 10:53 - 2015-07-10 13:01 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-09-09 10:53 - 2015-07-10 13:01 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-09-09 10:53 - 2015-07-10 13:00 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-09-09 10:53 - 2015-07-10 13:00 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-09-09 10:53 - 2015-07-10 13:00 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-09-09 10:53 - 2015-07-10 13:00 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-09-09 10:53 - 2015-07-10 13:00 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-09-09 10:53 - 2015-07-10 13:00 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-09-09 10:53 - 2015-07-10 12:59 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\simptcp.dll
2015-09-09 10:33 - 2015-05-19 18:01 - 00000000 ____D C:\Users\***\AppData\Roaming\Media Player Classic
2015-09-09 10:33 - 2015-02-14 17:51 - 00000000 ____D C:\Users\***\AppData\Local\CrashDumps
2015-09-09 10:33 - 2014-06-30 14:40 - 00000000 ____D C:\Program Files (x86)\Steam
2015-09-08 23:06 - 2015-07-10 18:44 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-08 23:04 - 2014-05-10 14:38 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-08 23:03 - 2013-08-22 15:25 - 00000203 _____ C:\WINDOWS\win.ini
2015-09-08 23:02 - 2014-01-20 22:10 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-06 17:07 - 2015-07-30 19:10 - 00000000 ____D C:\Users\***\Documents\Rou

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-01-20 23:03 - 2014-10-06 18:29 - 13024768 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2015-07-30 19:04 - 2015-07-30 19:05 - 0000467 _____ () C:\Users\***\AppData\Roaming\burnaware.ini
2015-07-30 22:44 - 2015-07-30 22:44 - 0000078 _____ () C:\Users\***\AppData\Roaming\mainhst.zgh
2014-10-04 14:43 - 2014-10-04 14:43 - 0001285 _____ () C:\Users\***\AppData\Local\recently-used.xbel
2015-05-01 21:58 - 2015-05-01 21:58 - 0007595 _____ () C:\Users\***\AppData\Local\Resmon.ResmonCfg
2015-08-30 11:34 - 2015-10-04 11:17 - 0466898 _____ () C:\Users\***\AppData\Local\Snip.txt
2015-02-14 11:57 - 2015-02-14 11:57 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-07-30 21:04 - 2015-07-30 21:04 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-11-06 16:41 - 2014-11-28 14:36 - 0000215 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\***\fbchathistory.dat


Einige Dateien in TEMP:
====================
C:\Users\***\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp8idyfs.dll
C:\Users\***\AppData\Local\Temp\SandboxieInstall.exe
C:\Users\***\AppData\Local\Temp\sfamcc00001.dll
C:\Users\***\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


ACHTUNG: ==> Auf den BCD konnte nicht zugegriffen werden.


LastRegBack: 2015-10-03 11:19

==================== Ende von FRST.txt ============================

Und nachdem ich den Security Check aufgerufen hatte, blitzte zwei mal eine Meldung auf, das eine>cmd< nicht ausgeführt werden kann.

Gruß
verrant

schrauber 06.10.2015 17:09
Die Meldung kam von Sandboxie, kommt die nach erneutem Reboot nochmal?

verrant 06.10.2015 17:40
Ja.

Die Meldung wiederholt sich bei jedem Neustart.

BG
verrant

schrauber 07.10.2015 17:50
Sandboxie neu installieren.

verrant 08.10.2015 13:56
Moin.

Sandboxie neu installiert. Keine Fehlermeldung mehr.

Gruß
verrant

schrauber 09.10.2015 09:31
sonst noch Probleme? :)

verrant 11.10.2015 21:34
Wollte gerade Danke, Nein schreiben.

Da kam ein Bluescreen - Bad Pool Header.


BlueScreenView zeigt im oberen Fenster:

Code:
101115-11046-01.dmp        11.10.2015 11:47:26        BAD_POOL_HEADER        0x00000019        00000000`00000020        ffffe001`89937970        ffffe001`89937990        00000000`04020029        tcpip.sys        tcpip.sys+81351                                        x64        ntoskrnl.exe+14e240                                        C:\WINDOWS\Minidump\101115-11046-01.dmp        4        15        10240        281.832        11.10.2015 11:48:18

BlueScreenView zeigt im unteren Fenster:

Code:
ntoskrnl.exe        ntoskrnl.exe+273fe8        fffff802`3fa03000        fffff802`40255000        0x00852000        0x55fa569b        17.09.2015 07:58:51                                               
tcpip.sys        tcpip.sys+81351        fffff800`f7300000        fffff800`f755f000        0x0025f000        0x55fa5310        17.09.2015 07:43:44                                               
hal.dll                fffff802`40255000        fffff802`402c6000        0x00071000        0x55a86499        17.07.2015 04:12:41                                               
kd.dll                fffff802`3e20b000        fffff802`3e216000        0x0000b000        0x559f388f        10.07.2015 05:14:23                                               
mcupdate_GenuineIntel.dll                fffff800`f64e0000        fffff800`f656d000        0x0008d000        0x559f389c        10.07.2015 05:14:36                                               
werkernel.sys                fffff800`f6570000        fffff800`f6580000        0x00010000        0x559f390f        10.07.2015 05:16:31                                               
CLFS.SYS                fffff800`f6580000        fffff800`f65e4000        0x00064000        0x559f3840        10.07.2015 05:13:04                                               
tm.sys                fffff800`f5600000        fffff800`f5623000        0x00023000        0x559f3834        10.07.2015 05:12:52                                               
PSHED.dll                fffff800`f5630000        fffff800`f5647000        0x00017000        0x559f3839        10.07.2015 05:12:57        Betriebssystem Microsoft® Windows®        Plattformspezifischer Hardwarefehlertreiber        10.0.10240.16384 (th1.150709-1700)        Microsoft Corporation        C:\WINDOWS\system32\PSHED.dll       
BOOTVID.dll                fffff800`f5650000        fffff800`f565b000        0x0000b000        0x559f3834        10.07.2015 05:12:52        Microsoft® Windows® Operating System        VGA Boot Driver        10.0.10240.16384 (th1.150709-1700)        Microsoft Corporation        C:\WINDOWS\system32\BOOTVID.dll       
cmimcext.sys                fffff800`f5660000        fffff800`f566e000        0x0000e000        0x559f3834        10.07.2015 05:12:52                                               
ntosext.sys                fffff800`f5670000        fffff800`f567c000        0x0000c000        0x559f3834        10.07.2015 05:12:52                                               
CI.dll                fffff800`f5680000        fffff800`f5719000        0x00099000        0x55d55f27        20.08.2015 07:01:27                                               
msrpc.sys                fffff800`f5720000        fffff800`f577c000        0x0005c000        0x559f388f        10.07.2015 05:14:23                                               
FLTMGR.SYS                fffff800`f5780000        fffff800`f57e2000        0x00062000        0x559f383f        10.07.2015 05:13:03                                               
ksecdd.sys                fffff800`f57f0000        fffff800`f5817000        0x00027000        0x559f388b        10.07.2015 05:14:19                                               
clipsp.sys                fffff800`f5820000        fffff800`f58bc000        0x0009c000        0x559f39a5        10.07.2015 05:19:01                                               
Wdf01000.sys                fffff800`f58c0000        fffff800`f599c000        0x000dc000        0x55fa52b2        17.09.2015 07:42:10                                               
WDFLDR.SYS                fffff800`f59a0000        fffff800`f59b3000        0x00013000        0x559f3835        10.07.2015 05:12:53                                               
acpiex.sys                fffff800`f59c0000        fffff800`f59e3000        0x00023000        0x559f38ba        10.07.2015 05:15:06                                               
WppRecorder.sys                fffff800`f59f0000        fffff800`f59fd000        0x0000d000        0x559f3835        10.07.2015 05:12:53                                               
cng.sys                fffff800`f5a00000        fffff800`f5a98000        0x00098000        0x55a866c4        17.07.2015 04:21:56                                               
ACPI.sys                fffff800`f5aa0000        fffff800`f5b30000        0x00090000        0x55af1117        22.07.2015 05:42:15                                               
WMILIB.SYS                fffff800`f5b30000        fffff800`f5b3c000        0x0000c000        0x559f3834        10.07.2015 05:12:52                                               
WindowsTrustedRT.sys                fffff800`f5b50000        fffff800`f5b6f000        0x0001f000        0x559f386c        10.07.2015 05:13:48                                               
WindowsTrustedRTProxy.sys                fffff800`f5b70000        fffff800`f5b7b000        0x0000b000        0x559f386b        10.07.2015 05:13:47                                               
pcw.sys                fffff800`f5b80000        fffff800`f5b92000        0x00012000        0x559f3834        10.07.2015 05:12:52                                               
msisadrv.sys                fffff800`f5ba0000        fffff800`f5bab000        0x0000b000        0x559f3a0d        10.07.2015 05:20:45                                               
pci.sys                fffff800`f5bb0000        fffff800`f5c05000        0x00055000        0x55a5ba1c        15.07.2015 03:40:44                                               
vdrvroot.sys                fffff800`f5c10000        fffff800`f5c1f000        0x0000f000        0x559f394b        10.07.2015 05:17:31                                               
pdc.sys                fffff800`f5c20000        fffff800`f5c3e000        0x0001e000        0x55fa528d        17.09.2015 07:41:33                                               
CEA.sys                fffff800`f5c40000        fffff800`f5c59000        0x00019000        0x559f38a5        10.07.2015 05:14:45                                               
partmgr.sys                fffff800`f5c60000        fffff7ff`f5c82000        0xffffffff00022000        0x559f383b        10.07.2015 05:12:59                                               
spaceport.sys                fffff800`f5c90000        fffff800`f5d08000        0x00078000        0x559f3a28        10.07.2015 05:21:12                                               
volmgr.sys                fffff800`f5d10000        fffff800`f5d28000        0x00018000        0x559f383c        10.07.2015 05:13:00                                               
volmgrx.sys                fffff800`f5d30000        fffff800`f5d8e000        0x0005e000        0x559f3840        10.07.2015 05:13:04                                               
mountmgr.sys                fffff800`f5d90000        fffff800`f5dad000        0x0001d000        0x55c02a2d        04.08.2015 04:57:49                                               
storahci.sys                fffff800`f5db0000        fffff800`f5dd5000        0x00025000        0x559f3a43        10.07.2015 05:21:39                                               
storport.sys                fffff800`f5de0000        fffff800`f5e51000        0x00071000        0x55c9baf6        11.08.2015 11:05:58                                               
EhStorClass.sys                fffff800`f5e60000        fffff800`f5e7c000        0x0001c000        0x559f3b69        10.07.2015 05:26:33                                               
fileinfo.sys                fffff800`f5e80000        fffff800`f5e99000        0x00019000        0x559f38b1        10.07.2015 05:14:57                                               
Wof.sys                fffff800`f5ea0000        fffff800`f5ed8000        0x00038000        0x55c2c2d7        06.08.2015 04:13:43                                               
WdFilter.sys                fffff800`f5ee0000        fffff800`f5f2b000        0x0004b000        0x559f39a9        10.07.2015 05:19:05                                               
NTFS.sys                fffff800`f5f30000        fffff800`f6140000        0x00210000        0x55b99edf        30.07.2015 05:49:51                                               
Fs_Rec.sys                fffff800`f6140000        fffff800`f614d000        0x0000d000        0x559f3834        10.07.2015 05:12:52                                               
ndis.sys                fffff800`f6150000        fffff800`f6276000        0x00126000        0x55fa52f8        17.09.2015 07:43:20                                               
NETIO.SYS                fffff800`f6280000        fffff800`f62f6000        0x00076000        0x559f3890        10.07.2015 05:14:24                                               
ksecpkg.sys                fffff800`f6300000        fffff800`f632d000        0x0002d000        0x559f3994        10.07.2015 05:18:44                                               
fwpkclnt.sys                fffff800`f7560000        fffff800`f75c6000        0x00066000        0x55fa52e3        17.09.2015 07:42:59                                               
wfplwfs.sys                fffff800`f75d0000        fffff800`f75fa000        0x0002a000        0x559f3ab4        10.07.2015 05:23:32                                               
btath_bus.sys                fffff800`f6600000        fffff800`f660d000        0x0000d000        0x52dd30a5        20.01.2014 16:20:21                                               
fvevol.sys                fffff800`f6610000        fffff800`f66af000        0x0009f000        0x559f38b9        10.07.2015 05:15:05                                               
volsnap.sys                fffff800`f66b0000        fffff800`f6710000        0x00060000        0x559f383d        10.07.2015 05:13:01                                               
rdyboost.sys                fffff800`f6710000        fffff800`f6754000        0x00044000        0x55c2c2e2        06.08.2015 04:13:54                                               
mup.sys                fffff800`f6760000        fffff800`f6783000        0x00023000        0x559f38ba        10.07.2015 05:15:06                                               
disk.sys                fffff800`f67a0000        fffff800`f67be000        0x0001e000        0x559f383b        10.07.2015 05:12:59                                               
CLASSPNP.SYS                fffff800`f67c0000        fffff800`f6820000        0x00060000        0x559f383f        10.07.2015 05:13:03                                               
crashdmp.sys                fffff800`f6840000        fffff800`f6859000        0x00019000        0x559f3a17        10.07.2015 05:20:55                                               
cdrom.sys                fffff800`f6920000        fffff800`f6951000        0x00031000        0x559f383c        10.07.2015 05:13:00                                               
filecrypt.sys                fffff800`f6960000        fffff800`f697c000        0x0001c000        0x559f3897        10.07.2015 05:14:31                                               
tbs.sys                fffff800`f6980000        fffff800`f698c000        0x0000c000        0x559f38b3        10.07.2015 05:14:59                                               
mbamchameleon.sys                fffff800`f6990000        fffff800`f69ae000        0x0001e000        0x554cf757        08.05.2015 19:50:15                                               
Null.SYS                fffff800`f69b0000        fffff800`f69ba000        0x0000a000        0x00000000                                                       
Beep.SYS                fffff800`f69c0000        fffff800`f69ca000        0x0000a000        0x559f3a0a        10.07.2015 05:20:42                                               
BasicDisplay.sys                fffff800`f69d0000        fffff800`f69e4000        0x00014000        0x559f390c        10.07.2015 05:16:28                                               
watchdog.sys                fffff800`f69f0000        fffff800`f6a05000        0x00015000        0x559f390b        10.07.2015 05:16:27                                               
dxgkrnl.sys                fffff800`f6a10000        fffff800`f6bf9000        0x001e9000        0x55fa5392        17.09.2015 07:45:54                                               
BasicRender.sys                fffff800`f6c00000        fffff800`f6c12000        0x00012000        0x559f3911        10.07.2015 05:16:33                                               
Npfs.SYS                fffff800`f6c20000        fffff800`f6c38000        0x00018000        0x559f3835        10.07.2015 05:12:53                                               
Msfs.SYS                fffff800`f6c40000        fffff800`f6c4f000        0x0000f000        0x559f3835        10.07.2015 05:12:53                                               
tdx.sys                fffff800`f6c50000        fffff800`f6c71000        0x00021000        0x559f3889        10.07.2015 05:14:17                                               
TDI.SYS                fffff800`f6c80000        fffff800`f6c8f000        0x0000f000        0x559f3888        10.07.2015 05:14:16                                               
netbt.sys                fffff800`f6c90000        fffff800`f6cd9000        0x00049000        0x559f3890        10.07.2015 05:14:24                                               
afd.sys                fffff800`f6ce0000        fffff800`f6d72000        0x00092000        0x559f389a        10.07.2015 05:14:34                                               
vwififlt.sys                fffff800`f6d80000        fffff800`f6d99000        0x00019000        0x559f3a71        10.07.2015 05:22:25                                               
pacer.sys                fffff800`f6da0000        fffff800`f6dcb000        0x0002b000        0x559f3a80        10.07.2015 05:22:40                                               
netbios.sys                fffff800`f6dd0000        fffff800`f6de2000        0x00012000        0x559f3a77        10.07.2015 05:22:31                                               
rdbss.sys                fffff800`f6df0000        fffff800`f6e62000        0x00072000        0x559f3b6d        10.07.2015 05:26:37                                               
csc.sys                fffff800`f6e70000        fffff800`f6efc000        0x0008c000        0x559f3b6a        10.07.2015 05:26:34                                               
UimFIO.SYS                fffff800`f6fb0000        fffff800`f7035a00        0x00085a00        0x536ca082        09.05.2014 11:31:46                                               
nsiproxy.sys                fffff800`f7070000        fffff800`f7080000        0x00010000        0x559f3893        10.07.2015 05:14:27                                               
npsvctrig.sys                fffff800`f7080000        fffff800`f708d000        0x0000d000        0x559f3897        10.07.2015 05:14:31                                               
mssmbios.sys                fffff800`f7090000        fffff800`f70a0000        0x00010000        0x559f3891        10.07.2015 05:14:25                                               
gpuenergydrv.sys                fffff800`f70a0000        fffff800`f70aa000        0x0000a000        0x559f3bb5        10.07.2015 05:27:49                                               
mbae64.sys                fffff800`f70b0000        fffff800`f70bd780        0x0000d780        0x540df503        08.09.2014 20:27:15                                               
dfsc.sys                fffff800`f70c0000        fffff800`f70e9000        0x00029000        0x559f3b62        10.07.2015 05:26:26                                               
ahcache.sys                fffff800`f7110000        fffff800`f714b000        0x0003b000        0x559f3b67        10.07.2015 05:26:31                                               
CompositeBus.sys                fffff800`f7150000        fffff800`f7161000        0x00011000        0x559f3a0b        10.07.2015 05:20:43                                               
serscan.sys                fffff800`f7170000        fffff800`f717b000        0x0000b000        0x559f3979        10.07.2015 05:18:17                                               
ksthunk.sys                fffff800`f7180000        fffff800`f718e000        0x0000e000        0x559f3da3        10.07.2015 05:36:03                                               
ks.sys                fffff800`f7190000        fffff800`f71f6000        0x00066000        0x559f3a18        10.07.2015 05:20:56                                               
kdnic.sys                fffff800`f7200000        fffff800`f720d000        0x0000d000        0x559f3a31        10.07.2015 05:21:21                                               
umbus.sys                fffff800`f7210000        fffff800`f7225000        0x00015000        0x559f3a19        10.07.2015 05:20:57                                               
atikmpag.sys                fffff800`f7230000        fffff800`f72d9000        0x000a9000        0x55d7d41c        22.08.2015 03:45:00                                               
atikmdag.sys                fffff800`f92f0000        fffff800`fa7ff000        0x0150f000        0x55d7d9fb        22.08.2015 04:10:03                                               
HDAudBus.sys                fffff800`f8e10000        fffff800`f8e2b000        0x0001b000        0x559f3a57        10.07.2015 05:21:59                                               
portcls.sys                fffff800`f8e30000        fffff800`f8e86000        0x00056000        0x55fa54a9        17.09.2015 07:50:33                                               
drmk.sys                fffff800`f8e90000        fffff800`f8eb1000        0x00021000        0x559f3a3e        10.07.2015 05:21:34                                               
TeeDriverx64.sys                fffff800`f8ec0000        fffff800`f8edc000        0x0001c000        0x51d31e10        02.07.2013 20:38:08                                               
usbehci.sys                fffff800`f8ee0000        fffff800`f8efc000        0x0001c000        0x559f3b76        10.07.2015 05:26:46                                               
USBPORT.SYS                fffff800`f8f00000        fffff800`f8f76000        0x00076000        0x559f3a42        10.07.2015 05:21:38                                               
USBXHCI.SYS                fffff800`f8f80000        fffff800`f8fe0000        0x00060000        0x55d2d74f        18.08.2015 08:57:19                                               
ucx01000.sys                fffff800`f8fe0000        fffff800`f9018000        0x00038000        0x559f3a57        10.07.2015 05:21:59                                               
rt640x64.sys                fffff800`f9020000        fffff800`f90b3000        0x00093000        0x551c01f7        01.04.2015 16:34:31                                               
1394ohci.sys                fffff800`f90c0000        fffff800`f9100000        0x00040000        0x559f3a32        10.07.2015 05:21:22                                               
i8042prt.sys                fffff800`f9100000        fffff800`f9122000        0x00022000        0x559f3a14        10.07.2015 05:20:52                                               
i8042HDR.sys                fffff800`f9130000        fffff800`f9138000        0x00008000        0x456170c5        20.11.2006 11:09:25                                               
kbdclass.sys                fffff800`f9140000        fffff800`f9153000        0x00013000        0x559f3a15        10.07.2015 05:20:53                                               
serial.sys                fffff800`f9160000        fffff800`f917b000        0x0001b000        0x559f3a12        10.07.2015 05:20:50                                               
serenum.sys                fffff800`f9180000        fffff800`f918f000        0x0000f000        0x559f3a0a        10.07.2015 05:20:42                                               
intelppm.sys                fffff800`f9190000        fffff800`f91b9000        0x00029000        0x559f383b        10.07.2015 05:12:59                                               
wmiacpi.sys                fffff800`f91c0000        fffff800`f91cc000        0x0000c000        0x559f38b8        10.07.2015 05:15:04                                               
NdisVirtualBus.sys                fffff800`f91d0000        fffff800`f91dd000        0x0000d000        0x559f3a7a        10.07.2015 05:22:34                                               
swenum.sys                fffff800`f91e0000        fffff800`f91ec000        0x0000c000        0x559f3a0b        10.07.2015 05:20:43                                               
rdpbus.sys                fffff800`f91f0000        fffff800`f91fe000        0x0000e000        0x559f3b03        10.07.2015 05:24:51                                               
fastfat.SYS                fffff800`f9200000        fffff800`f9255000        0x00055000        0x55fa52e6        17.09.2015 07:43:02                                               
usbhub.sys                fffff800`f9260000        fffff800`f92df000        0x0007f000        0x55b1a34e        24.07.2015 04:30:38                                               
USBD.SYS                fffff800`f92e0000        fffff800`f92ee000        0x0000e000        0x559f3a12        10.07.2015 05:20:50                                               
UsbHub3.sys                fffff800`f6f00000        fffff800`f6f84000        0x00084000        0x55fa54a9        17.09.2015 07:50:33                                               
AtihdWT6.sys                fffff800`f6f90000        fffff800`f6fae000        0x0001e000        0x5563caaf        26.05.2015 03:21:51                                               
RTKVHD64.sys                fffff800`f7e70000        fffff800`f82f2000        0x00482000        0x55800089        16.06.2015 12:55:05                                               
netr28ux.sys                fffff800`f85f0000        fffff800`f8812000        0x00222000        0x53912405        06.06.2014 04:14:29                                               
vwifibus.sys                fffff800`f8820000        fffff800`f882e000        0x0000e000        0x559f3a7a        10.07.2015 05:22:34                                               
usbccgp.sys                fffff800`f8830000        fffff800`f885b000        0x0002b000        0x559f3a15        10.07.2015 05:20:53                                               
hidusb.sys                fffff800`f8860000        fffff800`f8871000        0x00011000        0x559f3a1c        10.07.2015 05:21:00                                               
HIDCLASS.SYS                fffff800`f8880000        fffff800`f88ad000        0x0002d000        0x559f3a21        10.07.2015 05:21:05                                               
HIDPARSE.SYS                fffff800`f88b0000        fffff800`f88c1000        0x00011000        0x559f3a18        10.07.2015 05:20:56                                               
btfilter.sys                fffff800`f88d0000        fffff800`f8977000        0x000a7000        0x5359d020        25.04.2014 05:01:52                                               
BTHUSB.sys                fffff800`f8980000        fffff800`f899c000        0x0001c000        0x559f3b68        10.07.2015 05:26:32                                               
bthport.sys                fffff800`f8400000        fffff800`f84ea000        0x000ea000        0x55fa54a3        17.09.2015 07:50:27                                               
usbaudio.sys                fffff800`f84f0000        fffff800`f8516000        0x00026000        0x559f3a46        10.07.2015 05:21:42                                               
mouhid.sys                fffff800`f8520000        fffff800`f852f000        0x0000f000        0x559f3a14        10.07.2015 05:20:52                                               
point64.sys                fffff800`f8530000        fffff800`f8540000        0x00010000        0x4dd37e38        18.05.2011 10:07:20                                               
mouclass.sys                fffff800`f8540000        fffff800`f8552000        0x00012000        0x559f3a11        10.07.2015 05:20:49                                               
dump_diskdump.sys                fffff800`f8570000        fffff800`f857f000        0x0000f000        0x559f3a0e        10.07.2015 05:20:46                                               
dump_storahci.sys                fffff800`f85b0000        fffff800`f85d5000        0x00025000        0x559f3a43        10.07.2015 05:21:39                                               
dump_dumpfve.sys                fffff800`f89c0000        fffff800`f89da000        0x0001a000        0x559f3891        10.07.2015 05:14:25                                               
win32k.sys                fffff960`f3460000        fffff960`f3483000        0x00023000        0x00000000                                                       
win32kfull.sys                fffff960`f2600000        fffff960`f2981000        0x00381000        0x00000000                                                       
win32kbase.sys                fffff960`f2990000        fffff960`f2aef000        0x0015f000        0x00000000                                                       
BthEnum.sys                fffff800`f89e0000        fffff800`f8a00000        0x00020000        0x559f3a4f        10.07.2015 05:21:51                                               
bthpan.sys                fffff800`f8300000        fffff800`f8325000        0x00025000        0x559f3a7b        10.07.2015 05:22:35                                               
rfcomm.sys                fffff800`f8330000        fffff800`f835f000        0x0002f000        0x559f3a3e        10.07.2015 05:21:34                                               
dxgmms1.sys                fffff800`f8360000        fffff800`f83c5000        0x00065000        0x55fa55ae        17.09.2015 07:54:54                                               
monitor.sys                fffff800`f85e0000        fffff800`f85f0000        0x00010000        0x559f3900        10.07.2015 05:16:16                                               
dxgmms2.sys                fffff800`f6860000        fffff800`f68e0000        0x00080000        0x55fa55af        17.09.2015 07:54:55                                               
TSDDD.dll                fffff960`f2b00000        fffff960`f2b0a000        0x0000a000        0x00000000                                                       
ATMFD.DLL                fffff960`f2b50000        fffff960`f2bb0000        0x00060000        0x00000000                Adobe Type Manager        Windows NT OpenType/Type 1 Font Driver        5.1 Build 246        Adobe Systems Incorporated        C:\WINDOWS\system32\ATMFD.DLL       
storqosflt.sys                fffff800`f83d0000        fffff800`f83e5000        0x00015000        0x559f394b        10.07.2015 05:17:31                                               
luafv.sys                fffff800`f7e00000        fffff800`f7e26000        0x00026000        0x559f389a        10.07.2015 05:14:34                                               
rspndr.sys                fffff800`f7e30000        fffff800`f7e4a000        0x0001a000        0x559f3a95        10.07.2015 05:23:01                                               
lltdio.sys                fffff800`f7e50000        fffff800`f7e66000        0x00016000        0x559f3a99        10.07.2015 05:23:05                                               
mslldp.sys                fffff800`f68e0000        fffff800`f68fa000        0x0001a000        0x559f3aa6        10.07.2015 05:23:18                                               
ndisuio.sys                fffff800`f6900000        fffff800`f6916000        0x00016000        0x559f3a7e        10.07.2015 05:22:38                                               
nwifi.sys                fffff800`f6330000        fffff800`f63b8000        0x00088000        0x559f3a99        10.07.2015 05:23:05                                               
HTTP.sys                fffff800`f63c0000        fffff800`f64be000        0x000fe000        0x559f3899        10.07.2015 05:14:33                                               
WudfPf.sys                fffff800`f7040000        fffff800`f705e000        0x0001e000        0x559f383d        10.07.2015 05:13:01                                               
bowser.sys                fffff800`fb000000        fffff800`fb022000        0x00022000        0x559f38b5        10.07.2015 05:15:01                                               
mrxsmb.sys                fffff800`fb030000        fffff800`fb0a0000        0x00070000        0x559f3b91        10.07.2015 05:27:13                                               
mrxsmb20.sys                fffff800`fb0a0000        fffff800`fb0de000        0x0003e000        0x559f3bab        10.07.2015 05:27:39                                               
mpsdrv.sys                fffff800`fb0e0000        fffff800`fb0f9000        0x00019000        0x559f3a95        10.07.2015 05:23:01                                               
srvnet.sys                fffff800`fb1b0000        fffff800`fb1f2000        0x00042000        0x559f38dd        10.07.2015 05:15:41                                               
srv2.sys                fffff800`fa800000        fffff800`fa8ac000        0x000ac000        0x559f3b73        10.07.2015 05:26:43                                               
mmcss.sys                fffff800`fa8b0000        fffff800`fa8c4000        0x00014000        0x559f383c        10.07.2015 05:13:00                                               
mbam.sys                fffff800`fa8d0000        fffff800`fa8da000        0x0000a000        0x540754e1        03.09.2014 19:50:25                                               
Ndu.sys                fffff800`fa8e0000        fffff800`fa906000        0x00026000        0x559f3a77        10.07.2015 05:22:31                                               
mrxsmb10.sys                fffff800`fa910000        fffff800`fa95e000        0x0004e000        0x559f3bac        10.07.2015 05:27:40                                               
peauth.sys                fffff800`fa960000        fffff800`faa20000        0x000c0000        0x559f399e        10.07.2015 05:18:54                                               
vwifimp.sys                fffff800`faa20000        fffff800`faa31000        0x00011000        0x559f3a6e        10.07.2015 05:22:22                                               
speedfan.sys                fffff800`faa40000        fffff800`faa4a000        0x0000a000        0x50df59b7        29.12.2012 22:59:35        SpeedFan        SpeedFan x64 Driver        X2.03.11        Almico Software        C:\WINDOWS\system32\speedfan.sys       
srv.sys                fffff800`faa50000        fffff800`faadc000        0x0008c000        0x559f3b71        10.07.2015 05:26:41                                               
tcpipreg.sys                fffff800`faae0000        fffff800`faaf4000        0x00014000        0x559f3a70        10.07.2015 05:22:24                                               
WdNisDrv.sys                fffff800`fab00000        fffff800`fab22000        0x00022000        0x559f39ab        10.07.2015 05:19:07                                               
condrv.sys                fffff800`fab30000        fffff800`fab41000        0x00011000        0x559f3835        10.07.2015 05:12:53                                               
tunnel.sys                fffff800`fab50000        fffff800`fab7f000        0x0002f000        0x55b99df2        30.07.2015 05:45:54                                               
rdpvideominiport.sys                fffff800`fabd0000        fffff800`fabdd000        0x0000d000        0x559f3868        10.07.2015 05:13:44                                               
SbieDrv.sys                fffff800`facc0000        fffff800`facf3000        0x00033000        0x56005598        21.09.2015 21:08:08                                               
cdd.dll                fffff960`f2cf0000        fffff960`f2d2c000        0x0003c000        0x00000000                                                       
MBAMSwissArmy.sys                fffff800`fac30000        fffff800`fac51000        0x00021000        0x552c190f        13.04.2015 21:29:19                                               
mwac.sys                fffff800`fac60000        fffff800`fac73000        0x00013000        0x53a0f444        18.06.2014 04:07:00

Gruß
verrant

Nachtrag:

Und nun, so gegen 17:30 h. Internetflackern.

Also, unter 60 Sec. unterbrochen, unter 30 Sec. Wieder verbindung. An, Aus. Insgesamt ca 7 – 10 Min. Dann ging scheinbar wieder alles normal. Nur LastPass forderte das Masterpasswort.

Und während ich diesen Text hier im Antwortenfenster schreibe, geht das Inet ganz raus. Das Icon in der Taskleiste ist ausgegraut. Die Anzeige im Netzwerkcenter zeigt alle Balken der WiFi-Verbindung auf grün. Und auch automatisch Verbinden ist angehakt und die Option Trennen ist sichtbar.

Also diesen Text in einem Editor begonnen. Und siehe da. Die Verbindung baut sich selbständig wieder auf.

Gruß
verrant

Nachtrag 2:

Als ich diesen Nachtrag sende will, erscheint als erstes: Diese Site kann nicht aufgerufen werden, es besteht keine Verbingung mit dem INet.

Mit Chrome-Funktion zurück auf die Site mit dem Antwortenfeld zurückgekommen und erneut abgeschickt. Nun hat es geklappt.

22:30 h

KLCP Update Check (Screenshot liegt vor.): Box auf Desktop, mit 2 Button zum Download normal installer (11.5.0)

Prozess im Taskmanager nicht vorhanden. Darum über "Kreuz" in oberer re. Ecke geschlossen.

Gruß
verrant

schrauber 12.10.2015 17:46
Bitte Windows Repair laufen lassen:
Windows reparieren - so geht's - Anleitungen

verrant 12.10.2015 19:52
Hallo Schrauber. Gemacht.

LG
verrant


Alle Zeitangaben in WEZ +1. Es ist jetzt 12:58 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19