Tobi_tobi200 | 13.12.2015 12:06 | erster Teil: AdwareCleaner, MBAM und JRT Hallo MKDB,
anbei die 5 Logdateien:
- AdwCleaner,
- MBAM
- JRT
- FRST
- Adittion
AdwCleaner Logfile: Code:
# AdwCleaner v5.024 - Bericht erstellt am 13/12/2015 um 10:16:08
# Aktualisiert am 07/12/2015 von Xplode
# Datenbank : 2015-12-12.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Tobias Breunig - TOBIASBREUNIG
# Gestartet von : C:\Users\Tobias Breunig\Desktop\AdwCleaner_5.024.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner Gelöscht : C:\Program Files\{522B440C-14EA-43C3-9EBF-680428FF33D9}
[-] Ordner Gelöscht : C:\Program Files (x86)\FLVM Player
[-] Ordner Gelöscht : C:\Program Files (x86)\predm
[-] Ordner Gelöscht : C:\Program Files (x86)\{824014BA-512F-4AE3-BCC3-B4F6963C87AC}
[-] Ordner Gelöscht : C:\ProgramData\DSearchLink
[-] Ordner Gelöscht : C:\ProgramData\Partner
[-] Ordner Gelöscht : C:\Users\Tobias Breunig\AppData\Local\DownloadGuide
[-] Ordner Gelöscht : C:\Users\Tobias Breunig\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfkfmocpoingmjaofpminbeglpfcadhh
[-] Ordner Gelöscht : C:\Users\Tobias Breunig\AppData\Roaming\OpenCandy
[-] Ordner Gelöscht : C:\Windows\Installer\{22E3DD8C-E217-4D49-ABE3-27FEE98D7DFC}
[-] Ordner Gelöscht : C:\Windows\Installer\{ADCB180C-5727-4772-8FB1-87FD2C2B27AB}
[!] Ordner Nicht Gelöscht : C:\Windows\Installer\{ADCB180C-5727-4772-8FB1-87FD2C2B27AB}
[-] Ordner Gelöscht : C:\Windows\Installer\{C0A022B8-F3AD-465E-A28D-76DFB319BF2B}
***** [ Dateien ] *****
[-] Datei Gelöscht : C:\Users\Tobias Breunig\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage
[-] Datei Gelöscht : C:\Users\Tobias Breunig\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gfkfmocpoingmjaofpminbeglpfcadhh_0.localstorage
[-] Datei Gelöscht : C:\Users\Tobias Breunig\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gfkfmocpoingmjaofpminbeglpfcadhh_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Tobias Breunig\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage
[-] Datei Gelöscht : C:\Users\Tobias Breunig\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Tobias Breunig\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxp_www.superfish.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Tobias Breunig\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxps_www.superfish.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Tobias Breunig\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage
[-] Datei Gelöscht : C:\Users\Tobias Breunig\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Tobias Breunig\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Tobias Breunig\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Tobias Breunig\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.movshare.net_0.localstorage
[-] Datei Gelöscht : C:\Users\Tobias Breunig\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.movshare.net_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\searchplugins\Web Search.xml
[-] Datei Gelöscht : C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\user.js
[-] Datei Gelöscht : C:\Windows\SysNative\GroupPolicy\Machine\Registry.pol
[-] Datei Gelöscht : C:\Windows\SysNative\GroupPolicy\GPT.ini
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AudioCD\shell\PlayWithiMesh
[-] Schlüssel Gelöscht : HKLM\System\CurrentControlSet\Services\Eventlog\Application\Update ResultsAlpha
[-] Schlüssel Gelöscht : HKLM\System\CurrentControlSet\Services\Eventlog\Application\Util ResultsAlpha
[-] Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{5266F68F-F6AB-488D-B1C6-BFA30EDA99AB}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{A8F29075-124C-43C4-8CFA-B664D5266B06}]
[-] Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5D637FAD-E202-48D1-8F18-5B9C459BD1E3}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE}
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}
[-] Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
[-] Schlüssel Gelöscht : HKCU\Software\APN PIP
[-] Schlüssel Gelöscht : HKCU\Software\Fabulous
[-] Schlüssel Gelöscht : HKCU\Software\mysearchdial.com
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\PIP
[-] Schlüssel Gelöscht : HKCU\Software\Softonic
[-] Schlüssel Gelöscht : HKCU\Software\SupHpUISoft
[-] Schlüssel Gelöscht : HKCU\Software\Squeaky
[-] Schlüssel Gelöscht : HKCU\Software\DownloadProtect
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\adawarebp
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Safer-Surf
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\MyBestOffersToday
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\PIP
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\webssearchesSoftware
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\AppDataLow\Software\Safer-Surf
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
***** [ Internetbrowser ] *****
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.DockingPositionDown", false);
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.SmartbarDisabled", false);
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.Visibility", false);
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.backPageCapacity", 3);
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.backPageCounter", 0);
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.backPageDay", 3);
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.backPageLastEvent", "1409563934510");
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.backPageMinInterval", 15);
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.barcodeid", "34714");
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.countryiso", "de");
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.downloadprovider", "yahoogo");
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.externalJsFiles", "{\"d\":\"[{\\\"ExcludeDomains\\\":[\\\"snap.do\\\",\\\"snapdo.com\\\",\\\".search.yahoo.com\\\\\\/yhs\\\\\\/search?hspart=lkry\\\",\\\"www.only-apart[...]
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.fromautoupdate", "false");
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.installationid", "62d71398-584c-08a1-496d-12fe4dd48376");
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.installdate", "03/09/2014");
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.iswinxp", "false");
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.keepAliveLastevent", "1409736731");
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.lastExternalJsUpdate", "1409736738889");
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.publisher", "yahoogo");
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.irmysearch.aflt", "dvd_14_13_ff");
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1QzuyCzzyD0DyEtAyBtBzztByCzytA0AyD0BtN0D0Tzu0SzztCzztN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StC0AyC0CyD0EzyyEtG0F0BtD0Bt[...]
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.irmysearch.cr", "1669333175");
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.irmysearch.instlRef", "140305_b");
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.AL", 2);
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.aflt", "dvd_14_13_ff");
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1QzuyCzzyD0DyEtAyBtBzztByCzytA0AyD0BtN0D0Tzu0SzztCzztN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StC0AyC0CyD0EzyyEtG0F0BtD0[...]
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.cr", "1669333175");
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.dfltLng", "");
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.dfltSrch", true);
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.dnsErr", true);
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.excTlbr", false);
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.hmpg", true);
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=dvd_14_13_ff&cd=2XzuyEtN2Y1L1QzuyCzzyD0DyEtAyBtBzztByCzytA0AyD0BtN0D0Tzu0SzztCzztN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEt[...]
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.id", "685D437282693A5B");
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.instlDay", "16158");
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.instlRef", "140305_b");
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=dvd_14_13_ff&cd=2XzuyEtN2Y1L1QzuyCzzyD0DyEtAyBtBzztByCzytA0AyD0BtN0D0Tzu0SzztCzztN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCy[...]
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.tlbrId", "base");
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=dvd_14_13_ff&cd=2XzuyEtN2Y1L1QzuyCzzyD0DyEtAyBtBzztByCzytA0AyD0BtN0D0Tzu0SzztCzztN1L2XzutBtFtCzztFtBtFtDtN1L1Czut[...]
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.vrsn", "1.8.29.0");
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.vrsni", "1.8.29.0");
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial_i.newTab", false);
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial_i.smplGrp", "none");
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.29.012:2:45");
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.quick_start.enable_search1", false);
[-] [C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
*************************
:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [21244 Bytes] ########## --- --- ---
[/CODE] Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlaufdatum: 13.12.2015
Suchlaufzeit: 10:28
Protokolldatei: mbam.txt
Administrator: Ja
Version: 2.2.0.1024
Malware-Datenbank: v2015.12.13.03
Rootkit-Datenbank: v2015.12.07.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Tobias Breunig
Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 363285
Abgelaufene Zeit: 24 Min., 28 Sek.
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(keine bösartigen Elemente erkannt)
Module: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 5
PUP.Optional.DownloadProtect, HKLM\SOFTWARE\CLASSES\APPID\DPBHO.DLL, In Quarantäne, [1b7c4361d7b47fb7ee2f818233d101ff],
PUP.Optional.DownloadProtect, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\DPBHO.DLL, In Quarantäne, [53449d070289a69022fb2ad91ce80ff1],
PUP.Optional.MySearchDial, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{A8F2A3D8-E842-4535-8800-D853AC7467E4}, In Quarantäne, [87101e865c2fe55112baa8fdc93a936d],
PUP.Optional.DownloadProtect, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\DPBHO.DLL, In Quarantäne, [3a5df4b0434857df8598a360c242b947],
PUP.Optional.ResultsAlpha, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\aaokmnpaoippoclepikifeegeknpopea, In Quarantäne, [c5d2a4007714c96d961a69449e65c53b],
Registrierungswerte: 2
PUP.Optional.MySearchDial, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{A8F2A3D8-E842-4535-8800-D853AC7467E4}|FaviconPath, C:\Program Files (x86)\Mysearchdial\1.8.29.0\FavIcon.ico, In Quarantäne, [87101e865c2fe55112baa8fdc93a936d]
PUP.Optional.MySearchDial, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{A8F2A3D8-E842-4535-8800-D853AC7467E4}|DisplayName, Mysearchdial, In Quarantäne, [5542baeadbb0989e7755347131d2f60a]
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Ordner: 6
PUP.Optional.FabulousDiscounts, C:\Users\Tobias Breunig\AppData\Local\fabulous_09030935, In Quarantäne, [9afd0c988803a2948b97bfe4e61cce32],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\images, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\PublisherImages, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\components, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
Dateien: 63
PUP.Optional.Bandoo.AppFlsh, C:\Users\Tobias Breunig\Downloads\iMeshSetup-r1487-w-bf.exe, In Quarantäne, [0d8aa004d0bbf244e87fbbefb24f9c64],
PUP.Optional.SofTonic, C:\Users\Tobias Breunig\Downloads\SoftonicDownloader_fuer_free-m4a-to-mp3-converter.exe, In Quarantäne, [593ebfe5315afc3a5580d25fef12d828],
PUP.Optional.SofTonic, C:\Users\Tobias Breunig\Downloads\SoftonicDownloader_fuer_winzip.exe, In Quarantäne, [7b1ce5bf701bc2747407ed3e3ec3c43c],
PUP.Optional.Downloader, C:\Users\Tobias Breunig\Downloads\WinZip 64 Bit - CHIP-Installer.exe, In Quarantäne, [6631069e0b8065d164ef1209778919e7],
PUP.Optional.Downloader, C:\Users\Tobias Breunig\Downloads\Euchler Haushaltsbuch - CHIP-Installer.exe, In Quarantäne, [f6a1aff5583369cd91c20a113dc3ba46],
PUP.Optional.Downloader, C:\Users\Tobias Breunig\Downloads\FinanzmanagerV8 - CHIP-Installer.exe, In Quarantäne, [7d1a7331dead12242231889300003cc4],
PUP.Optional.BundleInstaller, C:\Users\Tobias Breunig\Downloads\Setup.zip, In Quarantäne, [cacd277d7219b77ff18545fd966b1ee2],
PUP.Optional.APNToolBar, C:\Users\Tobias Breunig\Downloads\YTD396Setup.exe, In Quarantäne, [9bfce0c4c3c847effad59596e51c6799],
PUP.Optional.SnapDo, C:\Windows\Installer\5de508.msi, In Quarantäne, [1681bbe97219a393735557da23de24dc],
PUP.Optional.VeriStaff, C:\Windows\Installer\5de50e.msi, In Quarantäne, [5a3d7f2536557abceadab1660000718f],
PUP.Optional.FabulousDiscounts, C:\Users\Tobias Breunig\AppData\Local\fabulous_09030935\rwaxbiei.gdb, In Quarantäne, [9afd0c988803a2948b97bfe4e61cce32],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\install.rdf, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome.manifest, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\BackPageRemove.js, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\externalJS.js, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\FBImagePreview.js, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\FirefoxExtensionMain.css, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\FirefoxExtensionMain.js, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\FirefoxExtensionMain.xul, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\InternalJS.js, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\jquery-1.5.1.min.js, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\publisherDefinitions.js, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\images\down-1.png, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\images\down-2.png, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\images\down-3.png, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\images\down.png, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\images\fb.png, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\images\fblike.png, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\images\gmail.png, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\images\googleplus.png, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\images\hide-1.png, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\images\hide-2.png, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\images\hide-3.png, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\images\left.png, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\images\maximize-1.png, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\images\maximize-2.png, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\images\maximize-3.png, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\images\mgsplusvideo.png, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\images\minimize-1.png, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\images\minimize-2.png, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\images\minimize-3.png, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\images\pinit.png, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\images\right.png, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\images\searchBox.png, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\images\show-1.png, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\images\show-2.png, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\images\show-3.png, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\images\twitter.png, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\images\up-1.png, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\images\up-2.png, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\images\up-3.png, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\images\up.png, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\PublisherImages\Linkury.png, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\PublisherImages\Linkury128.png, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\PublisherImages\Linkury16.png, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\chrome\PublisherImages\Linkury_small.png, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\components\ISmartbarFireFoxRemotePlugin.xpt, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\components\SmartbarFireFoxRemotePlugin_26.dll, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\components\SmartbarFireFoxRemotePlugin_27.dll, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\components\SmartbarFireFoxRemotePlugin_28.dll, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\components\SmartbarFireFoxRemotePlugin_29.dll, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\components\SmartbarFireFoxRemotePlugin_30.dll, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
PUP.Optional.Linkury, C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376}\components\SmartbarFireFoxRemotePlugin_31.dll, In Quarantäne, [fd9a851fc5c63cfae8c6d3d891732fd1],
Physische Sektoren: 0
(keine bösartigen Elemente erkannt)
(end) Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 7 Home Premium x64
Ran by Tobias Breunig (Administrator) on 13.12.2015 at 11:26:15,55
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 79
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{016DEDBF-B61A-4032-B8FF-0A910C2BE89D} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{01D2E4F4-7EAD-4A61-BA44-96372723F98E} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{0CCB9193-5EBD-4FD7-B661-1ECDE35D30DA} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{121FBFBA-E936-4146-9F3C-828FB7DDC1C1} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{178ED5B0-2C21-4A53-A7DA-D8D3BFE31915} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{1B2EC84C-4747-4DB2-8B0F-523290E29EE2} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{1B86F164-B8F5-4A29-B202-1D5534FC27A7} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{1F2DA32A-4B7F-43BB-9EF9-50671FE2BA0B} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{1F552AFA-8C3F-4D37-AC69-5DD765C2608A} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{26990C8B-78C3-4CE2-A61F-19CA2BF55D44} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{27EF4B32-5478-4454-AD81-004E7655039C} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{2A995338-5925-4383-9DCF-AA3180E7B9AE} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{32BCA4DF-89D4-4515-8F2D-93EFFEC36E50} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{355A105D-6F10-4F10-B146-71357458BAD4} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{3CB15FB8-9F2A-4198-ABF3-3492E3963FEA} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{3DB19B8D-2BC3-4D3B-AB6F-1B8FE8EF1F4D} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{43A974B1-08B0-445D-8F57-F67B87FCA4EF} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{455527F4-DA5B-4E63-A07B-C3B6882AE68F} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{46106B23-9218-4CB6-A78B-DC8780D700A8} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{468F2A14-AD5D-42C9-BC25-66DE77FAAA93} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{49505F84-A40C-4C08-82D0-29EB65A54418} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{4D089CB5-3BB6-4C2F-A5AF-AECFD59C584A} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{55A2811C-DA02-4A5A-956F-4481634FA697} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{57366182-D73A-4FCC-8897-17ABB7AD1820} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{5AB43F9A-EA40-491E-85A0-6DAE83B73169} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{5E05986B-107C-4A6F-ACDE-34D12C0255E1} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{5FCDDCCA-EE27-4003-8EF3-D6CBF194620C} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{613C2806-6B24-420C-BC35-AA4BC18DCC0D} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{63079A1B-469C-4DF3-BDD2-BD33A65FE29B} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{637A413C-BD53-4722-B350-BAE61761A4D4} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{63C626DE-E1B5-4AF1-818B-53DEA2F4FD0E} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{66012907-BC51-4351-BD8B-9738BD497EB8} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{662533D2-0022-4BC4-B733-16A3179D913F} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{69DEC118-EA46-4B43-8AFA-C39ED7A63088} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{70F4EBE9-A58F-44C9-8A34-0F84029DA0A8} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{75528782-8330-4CE4-BDE3-BC4962470A29} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{7AFF9E2D-479E-4038-A2B6-90142277ABD5} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{7D98FB51-13B6-4DA7-A250-36370840C0C7} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{7EA76292-E618-41FB-86EF-E9017D7DE9CE} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{8A74882C-4502-4AD2-AF8A-7D40EC6C359F} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{8D7B897E-AB74-4659-8AE9-E2F9B9CDCF94} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{8DBCB38A-4701-48C3-91DC-238467307361} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{8E9CB47C-B2EA-44C4-8575-71358713FF11} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{907E522B-2964-429D-A992-E856903F43B0} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{93E8FF05-0903-4F7F-AB67-39892641ECC9} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{97342633-4076-46F9-AD52-33894CB08669} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{9AA21C16-1595-4209-9D59-758FBA536EAC} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{A065595F-069C-4330-A9E8-7A2F0C5B2DB7} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{A2492755-FAE9-4BBA-9A4B-B00D17A5C53E} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{A7AC6ACA-5838-46A0-A577-C008478A19EE} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{A971AB17-D010-45E3-89D4-72F0AF823FCA} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{A97D7C4C-510E-4506-B7E7-A15F1EED9854} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{AF3BB409-DAF8-404C-8B85-EF8264430AE0} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{B5BB0858-155C-4B43-8C10-AC064C19C526} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{BFE38B33-99C1-4184-A235-1D17F547DAC6} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{C03AC1BF-F251-4186-97A0-89AFF5EB18B3} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{C181E904-CE76-4D81-AC8A-2040E2E3CC17} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{C1B8CF54-4C47-415B-A1F8-BEAF8ACB8DA7} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{C2844BCE-F0A5-487A-9963-093C89E3A444} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{C38885D6-549B-415C-A366-46442F3BFE6C} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{C3B27712-3FA4-40A8-8D71-47F6F693970E} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{C41D710D-7BA1-45BF-A553-C5499D512CB8} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{CA4430A9-D6E4-4089-801E-8A24095EAA10} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{CC846927-49AF-485B-BBB3-E52857881D5A} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{D16996DA-AEAC-46D1-83FD-6CA9E6669A8F} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{D593BC3E-D7E8-413B-A7D7-C162EA661E1C} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{DA939FCA-391A-47D4-8A77-6C6A8523CDCB} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{DF598814-70B8-4501-B341-9BB09E1A8B9E} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{E3286F6B-46C1-4C7E-B462-74E3F8313C10} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{E882F72C-9DBD-40EA-81A2-D42BCF6A7872} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{F5E24408-1F00-4FDB-B06E-66E6BE23E363} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\{F601F711-488E-43F3-9AAE-DA12DF857463} (Empty Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.windfinder.com_0.localstorage-journal (File)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.windfinder.com_0.localstorage (File)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\nico mak computing (Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Local\update~1 (Folder)
Successfully deleted: C:\Users\Tobias Breunig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\search.lnk (Shortcut)
Successfully deleted: C:\Users\Tobias Breunig\Documents\add-in express (Folder)
Successfully deleted: C:\Windows\SysWOW64\sho9E63.tmp (File)
Registry: 2
Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_AE18B3153AFC4C44237696922922B2DB (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13.12.2015 at 11:29:33,22
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Gruß Tobi
Da der die Logfiles zu groß waren, habe ich die FRST.txt hier angefügt:
FRST Logfile: Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:12-12-2015 01
durchgeführt von Tobias Breunig (Administrator) auf TOBIASBREUNIG (13-12-2015 11:38:56)
Gestartet von C:\Users\Tobias Breunig\Desktop
Geladene Profile: Tobias Breunig (Verfügbare Profile: Tobias Breunig)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
=========== Prozesse (Nicht auf der Ausnahmeliste) ===========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Windows\System32\wlanhlpd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Rocket Division Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files (x86)\XSManager\WTGService.exe
(4G Systems GmbH & Co. KG) C:\Windows\service4g.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_20_0_0_228_ActiveX.exe
=============== Registry (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13374568 2011-12-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [589176 2011-12-20] (Alps Electric Co., Ltd.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [LoadFUJ02E3] => C:\Program Files\Fujitsu\FUJ02E3\fuj02e3.exe [76104 2012-01-17] (FUJITSU LIMITED)
HKLM\...\Run: [PSUTility] => C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [205168 2011-10-03] (FUJITSU LIMITED)
HKLM\...\Run: [LoadFujitsuQuickTouch] => C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [158024 2011-10-01] (FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [23368 2011-10-01] (FUJITSU LIMITED)
HKLM-x32\...\Run: [IndicatorUtility] => C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [48752 2010-09-30] (FUJITSU LIMITED)
HKLM-x32\...\Run: [DeskUpdateNotifier] => c:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe [102968 2013-02-26] (Fujitsu Technology Solutions)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [255208 2012-03-21] (CyberLink Corp.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [502912 2012-04-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863360 2012-04-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [124208 2014-10-22] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [starter4g] => C:\Windows\starter4g.exe
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1993335669-2350816491-440414337-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22790776 2015-11-04] (Google)
HKU\S-1-5-21-1993335669-2350816491-440414337-1000\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [912480 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-1993335669-2350816491-440414337-1000\...\Run: [EPLTarget\P0000000000000005] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATINDE.EXE [298560 2013-12-16] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1993335669-2350816491-440414337-1000\...\Run: [Dropbox Update] => C:\Users\Tobias Breunig\AppData\Local\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tobias Breunig\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tobias Breunig\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tobias Breunig\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tobias Breunig\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tobias Breunig\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tobias Breunig\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tobias Breunig\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2015-11-22]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Benachrichtigungsdienst.lnk [2015-11-22]
ShortcutTarget: Update Benachrichtigungsdienst.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2015-11-22]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk [2012-04-02]
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu\LaunchCenter\lcStarter.exe (Fujitsu Technology Solutions)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk [2012-09-13]
ShortcutTarget: newreminderdialog.lnk -> C:\Program Files\Fujitsu\FujitsuRecovery\NewReminderDialog.exe (Fujitsu Technology Solutions)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk [2012-04-02]
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu\LaunchCenter\lcStarter.exe (Fujitsu Technology Solutions)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk [2012-09-13]
ShortcutTarget: newreminderdialog.lnk -> C:\Program Files\Fujitsu\FujitsuRecovery\NewReminderDialog.exe (Fujitsu Technology Solutions)
============= Internet (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{1FD0377E-AD52-4C68-9AED-EE4550C0CA3E}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{B2068E9E-EB27-44AB-9FA6-8CD2FA3094EB}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{B663E67C-04CC-4BFE-B35D-76BEE88D031D}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{BAB03E7D-1441-4A65-A4DE-AF0C7BCFD5D6}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{E16BE87C-9A44-4086-B930-97BF390EE7C0}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
=============
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-1993335669-2350816491-440414337-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1993335669-2350816491-440414337-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1993335669-2350816491-440414337-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/?hl=de&gl=de
HKU\S-1-5-21-1993335669-2350816491-440414337-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=FTSH&bmod=FTSH;
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: PDF Architect Helper -> {691B33B0-B86E-47F3-81C7-56E4FE3B929C} -> C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll [2014-10-10] (pdfforge GmbH)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll [2014-10-10] (pdfforge GmbH)
Toolbar: HKU\S-1-5-21-1993335669-2350816491-440414337-1000 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei
Toolbar: HKU\S-1-5-21-1993335669-2350816491-440414337-1000 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei
IE Session Restore: HKU\S-1-5-21-1993335669-2350816491-440414337-1000 -> ist aktiviert.
FireFox:
========
FF ProfilePath: C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default
FF DefaultSearchUrl: hxxp://www.google.de/search?hl=de&gl=de&lr=&ie=UTF-8&oe=UTF-8&meta=lr=lang_de&q=
FF Homepage: hxxps://www.google.de
FF Keyword.URL: hxxp://www.google.de/search?hl=de&gl=de&lr=&ie=UTF-8&oe=UTF-8&meta=lr=lang_de&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-06-28] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll [2014-04-15] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameeu.dll [2012-09-23] (Nexon)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1993335669-2350816491-440414337-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Tobias Breunig\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.)
FF Plugin HKU\S-1-5-21-1993335669-2350816491-440414337-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Tobias Breunig\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.)
FF Plugin HKU\S-1-5-21-1993335669-2350816491-440414337-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Tobias Breunig\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-05-19] (Unity Technologies ApS)
FF Extension: Kein Name - C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\extensions\{62d71398-584c-08a1-496d-12fe4dd48376} [nicht gefunden]
FF Extension: Kein Name - C:\Windows\Installer\{C0A022B8-F3AD-465E-A28D-76DFB319BF2B}\{A8F29075-124C-43C4-8CFA-B664D5266B06}.xpi [nicht gefunden]
FF Extension: Avira Browser Safety - C:\Users\Tobias Breunig\AppData\Roaming\Mozilla\Firefox\Profiles\mkj9e44c.default\Extensions\abs@avira.com [2014-08-28] [ist nicht signiert]
FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2014-08-04] [ist nicht signiert]
FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2014-08-04] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_2_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension
FF Extension: PDF Architect 2 Creator - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension [2015-03-07] [ist nicht signiert]
Chrome:
=======
CHR Profile: C:\Users\Tobias Breunig\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Tobias Breunig\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (Web Store) - C:\Users\Tobias Breunig\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-10-21]
CHR Extension: (Web Store) - C:\Users\Tobias Breunig\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18]
CHR Extension: (Web Store) - C:\Users\Tobias Breunig\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnppeiljbkkeallfigddpgpciocagkoa [2015-10-31]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Tobias Breunig\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-27]
CHR HKU\S-1-5-21-1993335669-2350816491-440414337-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\TOBIAS~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-08-12]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome.LSKI26IP7ONDK5IO7K4V6QL3DY - C:\Users\Tobias Breunig\AppData\Local\Google\Chrome\Application\chrome.exe
============ Dienste (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG)
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [164656 2014-10-22] (Avira Operations GmbH & Co. KG)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [225280 2011-08-05] (DTS, Inc)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert]
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
S2 FUJ02E3Service; C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [76104 2012-01-17] (FUJITSU LIMITED)
R2 javaw64; C:\Windows\system32\wlanhlpd.exe [118784 2015-10-25] () [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239184 2014-02-15] ()
R2 MSSQL$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] ()
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [2213376 2011-12-22] (FUJITSU LIMITED) [Datei ist nicht signiert]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2014-02-08] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [107832 2014-02-08] ()
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63856 2011-10-03] (FUJITSU LIMITED)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WTGService; C:\Program Files (x86)\XSManager\WTGService.exe [329168 2010-04-12] ()
R2 XS Stick Service; C:\Windows\service4g.exe [145064 2010-04-30] (4G Systems GmbH & Co. KG)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel® Corporation)
S2 LavasoftAdAwareService11; "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.662.8718\AdAwareService.exe" [X]
================ Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2012-03-19] (Microsoft Corporation)
S3 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1369288 2015-07-29] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [271272 2015-07-29] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [747120 2015-07-29] (BitDefender)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162072 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140448 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-27] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [75472 2015-12-01] (Avira Operations GmbH & Co. KG)
S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [117888 2015-11-16] (Mobile Connector)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [21104 2009-06-24] (FUJITSU LIMITED)
R3 FUJ02B1; C:\Windows\system32\drivers\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\system32\drivers\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-13] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [8217064 2012-01-02] (Realtek Semiconductor Corp.)
S3 SMARTMouseFilterx64; C:\Windows\System32\DRIVERS\SMARTMouseFilterx64.sys [10240 2013-10-18] (SMART Technologies) [Datei ist nicht signiert]
S3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [9216 2013-10-18] (SMART Technologies) [Datei ist nicht signiert]
S3 SMARTVTabletPCx64; C:\Windows\System32\DRIVERS\SMARTVTabletPCx64.sys [22184 2013-10-18] (SMART Technologies ULC) [Datei ist nicht signiert]
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2012-12-30] (Duplex Secure Ltd.)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [452040 2015-01-22] (BitDefender S.R.L.)
S1 BdfNdisf; \??\c:\program files\lavasoft\ad-aware antivirus\firewall engine\1.6.0.0\drivers\bdfndisf6.sys [X]
S1 bdfwfpf; \??\C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 gzflt; \??\C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.98.0\gzflt.sys [X]
=============== NetSvcs (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
============== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-13 11:38 - 2015-12-13 11:38 - 00000000 ____D C:\Users\Tobias Breunig\Desktop\FRST-OlderVersion
2015-12-13 11:29 - 2015-12-13 11:29 - 00009855 _____ C:\Users\Tobias Breunig\Desktop\JRT.txt
2015-12-13 11:20 - 2015-12-13 11:20 - 01599336 _____ (Malwarebytes) C:\Users\Tobias Breunig\Desktop\JRT.exe
2015-12-13 11:16 - 2015-12-13 11:16 - 00017334 _____ C:\Users\Tobias Breunig\Desktop\mbam.txt
2015-12-13 10:37 - 2015-12-13 10:37 - 00021371 _____ C:\Users\Tobias Breunig\Desktop\AdwCleaner[C1].txt
2015-12-13 10:27 - 2015-12-13 10:59 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-13 10:26 - 2015-12-13 10:26 - 00001108 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-12-13 10:26 - 2015-12-13 10:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-13 10:26 - 2015-12-13 10:26 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-13 10:26 - 2015-12-13 10:26 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-13 10:26 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-13 10:26 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-12-13 10:26 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-12-13 10:24 - 2015-12-13 10:26 - 22908888 _____ (Malwarebytes ) C:\Users\Tobias Breunig\Desktop\mbam-setup-2.2.0.1024.exe
2015-12-13 10:13 - 2015-12-13 10:16 - 00000000 ____D C:\AdwCleaner
2015-12-13 10:09 - 2015-12-13 10:09 - 01738240 _____ C:\Users\Tobias Breunig\Desktop\AdwCleaner_5.024.exe
2015-12-09 23:10 - 2015-12-09 23:10 - 00036474 _____ C:\Users\Tobias Breunig\Desktop\Combofix.txt
2015-12-09 22:56 - 2015-12-09 22:56 - 00036474 _____ C:\ComboFix.txt
2015-12-09 22:50 - 2015-12-13 10:16 - 00000008 __RSH C:\ProgramData\ntuser.pol
2015-12-09 22:30 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2015-12-09 22:30 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2015-12-09 22:30 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-12-09 22:30 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-12-09 22:30 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-12-09 22:30 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2015-12-09 22:30 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2015-12-09 22:30 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2015-12-09 22:29 - 2015-12-09 22:56 - 00000000 ____D C:\Qoobox
2015-12-09 22:28 - 2015-12-09 22:55 - 00000000 ____D C:\Windows\erdnt
2015-12-09 22:25 - 2015-12-09 22:25 - 05640425 ____R (Swearware) C:\Users\Tobias Breunig\Desktop\ComboFix.exe
2015-12-09 21:42 - 2015-12-09 21:42 - 00001270 _____ C:\Users\Tobias Breunig\Desktop\Revo Uninstaller.lnk
2015-12-09 21:42 - 2015-12-09 21:42 - 00000000 ____D C:\Users\Tobias Breunig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2015-12-09 21:42 - 2015-12-09 21:42 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-12-09 21:41 - 2015-12-09 21:41 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Tobias Breunig\Desktop\revosetup95.exe
2015-12-09 16:25 - 2015-12-09 16:25 - 09498816 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-12-09 15:13 - 2015-11-20 19:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-09 15:13 - 2015-11-20 19:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-09 15:13 - 2015-11-20 19:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-09 15:13 - 2015-11-20 19:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-09 15:13 - 2015-11-20 19:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-09 15:13 - 2015-11-20 19:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-09 15:13 - 2015-11-20 19:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-09 15:13 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-09 15:13 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-09 15:13 - 2015-11-20 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-09 15:13 - 2015-11-20 19:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-09 15:13 - 2015-11-20 19:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-09 15:13 - 2015-11-20 19:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-09 15:13 - 2015-11-20 19:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-09 15:13 - 2015-11-20 19:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-09 15:13 - 2015-11-20 19:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-09 15:13 - 2015-11-11 22:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-09 15:13 - 2015-11-11 21:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-09 15:13 - 2015-11-11 19:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-09 15:13 - 2015-11-11 19:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-09 15:13 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-09 15:13 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-09 15:13 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-09 15:13 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-09 15:13 - 2015-11-11 16:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-09 15:13 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-09 15:13 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-09 15:13 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-09 15:13 - 2015-11-11 15:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-09 15:13 - 2015-11-10 19:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-09 15:13 - 2015-11-10 19:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-09 15:13 - 2015-11-10 19:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-09 15:13 - 2015-11-10 19:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-09 15:13 - 2015-11-10 19:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-09 15:13 - 2015-11-10 18:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-09 15:13 - 2015-11-10 01:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-09 15:13 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-09 15:13 - 2015-11-10 01:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-09 15:13 - 2015-11-10 01:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-09 15:13 - 2015-11-10 01:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-09 15:13 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-09 15:13 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-09 15:13 - 2015-11-10 01:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-09 15:13 - 2015-11-10 01:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-09 15:13 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-09 15:13 - 2015-11-10 01:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-09 15:13 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-09 15:13 - 2015-11-10 01:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-09 15:13 - 2015-11-10 00:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-09 15:13 - 2015-11-10 00:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-09 15:13 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-09 15:13 - 2015-11-10 00:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-09 15:13 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-09 15:13 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-09 15:13 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-09 15:13 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-09 15:13 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-09 15:13 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-09 15:13 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-09 15:13 - 2015-11-08 23:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-09 15:13 - 2015-11-08 23:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-09 15:13 - 2015-11-08 23:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-09 15:13 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-09 15:13 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-09 15:13 - 2015-11-08 23:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-09 15:13 - 2015-11-08 23:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-09 15:13 - 2015-11-08 23:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-09 15:13 - 2015-11-08 23:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-09 15:13 - 2015-11-08 23:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-09 15:13 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-09 15:13 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-09 15:13 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-09 15:13 - 2015-11-08 23:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-09 15:13 - 2015-11-08 23:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-09 15:13 - 2015-11-08 23:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-09 15:13 - 2015-11-08 22:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-09 15:13 - 2015-11-08 22:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-09 15:13 - 2015-11-08 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-09 15:13 - 2015-11-08 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-09 15:13 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-09 15:13 - 2015-11-08 22:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-09 15:13 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-09 15:13 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-09 15:13 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-09 15:13 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-09 15:13 - 2015-11-08 22:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-09 15:13 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-09 15:13 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-09 15:13 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-09 15:13 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-09 15:13 - 2015-11-05 20:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-09 15:13 - 2015-11-05 20:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-09 15:13 - 2015-11-05 20:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-09 15:13 - 2015-11-05 20:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-12-09 15:13 - 2015-11-05 10:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-09 15:13 - 2015-11-03 20:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-09 15:13 - 2015-11-03 19:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-09 15:13 - 2015-10-09 00:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2015-12-09 15:13 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2015-12-09 15:13 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2015-12-09 15:13 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2015-12-09 15:13 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2015-12-09 15:13 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2015-12-09 15:13 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2015-12-09 15:13 - 2015-10-09 00:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2015-12-09 15:13 - 2015-10-08 20:13 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2015-12-09 15:13 - 2015-10-08 19:52 - 00419928 _____ C:\Windows\system32\locale.nls
2015-12-09 15:12 - 2015-11-03 20:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-09 15:12 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2015-12-07 21:48 - 2015-12-13 11:38 - 00028430 _____ C:\Users\Tobias Breunig\Desktop\FRST.txt
2015-12-07 21:46 - 2015-12-07 21:48 - 00061605 _____ C:\Users\Tobias Breunig\Desktop\Addition1.txt
2015-12-06 18:16 - 2015-12-13 11:38 - 02369536 _____ (Farbar) C:\Users\Tobias Breunig\Desktop\FRST64.exe
2015-12-06 12:00 - 2015-12-06 12:00 - 00000708 _____ C:\Users\Tobias Breunig\Desktop\Ereignisse 2.txt
2015-12-06 11:50 - 2015-12-07 21:46 - 00077199 _____ C:\Users\Tobias Breunig\Desktop\FRST_1.txt
2015-12-06 11:43 - 2015-12-13 11:38 - 00000000 ____D C:\FRST
2015-12-03 12:21 - 2015-12-06 11:35 - 00002826 _____ C:\Users\Tobias Breunig\Desktop\Ereignisse.txt
2015-12-03 12:14 - 2015-12-03 12:14 - 00039682 _____ C:\Users\Tobias Breunig\Desktop\Gmer.txt
2015-12-03 11:51 - 2015-12-03 11:51 - 00380416 _____ C:\Users\Tobias Breunig\Downloads\Gmer-19357.exe
2015-12-03 11:51 - 2015-12-03 11:51 - 00380416 _____ C:\Users\Tobias Breunig\Desktop\Gmer-19357.exe
2015-12-03 11:14 - 2015-12-13 10:04 - 00005120 _____ C:\Windows\SysWOW64\pcasvc32.dll
2015-12-03 11:10 - 2015-12-03 11:10 - 00000202 _____ C:\Users\Tobias Breunig\defogger_reenable
2015-11-23 19:20 - 2015-11-23 19:20 - 10674517 _____ C:\Users\Tobias Breunig\Downloads\J1mB0_s_XVM_Config_v6.1.6.zip
2015-11-23 19:18 - 2015-11-23 19:19 - 01275187 _____ C:\Users\Tobias Breunig\Downloads\J1mB0_s_Crosshair_Mod_v1.53_-_Curse_Client.zip
2015-11-23 19:01 - 2015-11-23 19:02 - 11006768 _____ (XVM team ) C:\Users\Tobias Breunig\Downloads\xvm-6.1.6 (3).exe
2015-11-23 18:59 - 2015-11-23 19:00 - 10524242 _____ C:\Users\Tobias Breunig\Downloads\xvm-6.1.6 (1).zip
2015-11-23 18:53 - 2015-11-23 18:55 - 12692901 _____ C:\Users\Tobias Breunig\Downloads\Bones-XVM-Config-Wn8-912.zip
2015-11-23 18:42 - 2015-11-23 18:44 - 12693050 _____ C:\Users\Tobias Breunig\Downloads\Bones-XVM-Config-Wn8-HP-Panels-912 (1).zip
2015-11-23 18:42 - 2015-11-23 18:43 - 12693050 _____ C:\Users\Tobias Breunig\Downloads\Bones-XVM-Config-Wn8-HP-Panels-912.zip
2015-11-23 18:35 - 2015-11-23 18:35 - 00355062 _____ C:\Users\Tobias Breunig\Downloads\ZOOM-X30-snipe-mode.rar
2015-11-23 18:29 - 2015-11-23 19:21 - 543693983 _____ C:\Users\Tobias Breunig\Downloads\hitzones9.9.rar
2015-11-23 18:24 - 2015-11-23 18:24 - 00033917 _____ C:\Users\Tobias Breunig\Downloads\mod-cheat.rar
2015-11-23 17:34 - 2015-11-23 17:35 - 11006768 _____ (XVM team ) C:\Users\Tobias Breunig\Downloads\xvm-6.1.6 (2).exe
2015-11-23 17:33 - 2015-11-23 17:34 - 11006768 _____ (XVM team ) C:\Users\Tobias Breunig\Downloads\xvm-6.1.6 (1).exe
2015-11-23 17:02 - 2015-11-23 17:03 - 11519315 _____ C:\Users\Tobias Breunig\Downloads\Aslains_XVM_Mod_v.9.12.2.zip
2015-11-22 13:02 - 2015-11-22 13:03 - 03266034 _____ C:\Users\Tobias Breunig\Downloads\Meine ABs (3).zip
2015-11-22 12:20 - 2015-12-02 17:47 - 00000000 ____D C:\Users\Tobias Breunig\AppData\Local\WinZip
2015-11-22 12:15 - 2015-11-22 12:15 - 00002201 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2015-11-22 12:15 - 2015-11-22 12:15 - 00002195 _____ C:\Users\Public\Desktop\WinZip.lnk
2015-11-22 12:15 - 2015-11-22 12:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2015-11-22 12:15 - 2015-11-22 12:15 - 00000000 ____D C:\Program Files\WinZip
2015-11-22 12:06 - 2015-11-22 12:08 - 80034304 _____ C:\Users\Tobias Breunig\Downloads\wz200gev-64.msi
2015-11-22 11:59 - 2015-11-22 11:59 - 03266034 _____ C:\Users\Tobias Breunig\Downloads\Meine ABs (2).zip
2015-11-22 11:59 - 2015-11-22 11:59 - 03266034 _____ C:\Users\Tobias Breunig\Downloads\Meine ABs (1).zip
2015-11-22 11:12 - 2015-11-22 11:12 - 03266034 _____ C:\Users\Tobias Breunig\Downloads\Meine ABs.zip
2015-11-19 22:01 - 2015-11-19 22:01 - 00000000 ____D C:\ProgramData\BitDefender
2015-11-19 21:52 - 2015-11-19 21:52 - 00000000 ____D C:\Users\Tobias Breunig\AppData\Roaming\LavasoftStatistics
2015-11-19 21:52 - 2015-01-06 12:37 - 02084072 _____ (Bitdefender) C:\Windows\system32\bdnc.dll
2015-11-19 21:51 - 2015-11-19 21:51 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2015-11-19 21:51 - 2015-11-19 21:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-11-19 21:51 - 2015-01-06 12:47 - 01061776 _____ (BitDefender S.R.L.) C:\Windows\system32\bdsmtpp.dll
2015-11-19 21:51 - 2015-01-06 12:47 - 00209984 _____ (BitDefender) C:\Windows\system32\BdFirewallSDK.dll
2015-11-19 21:51 - 2015-01-06 12:47 - 00195016 _____ (BitDefender) C:\Windows\system32\httproxy.dll
2015-11-19 21:51 - 2015-01-06 12:47 - 00156936 _____ C:\Windows\system32\bdfwcore.dll
2015-11-19 21:51 - 2015-01-06 12:47 - 00155912 _____ (BitDefender S.R.L.) C:\Windows\system32\bdpop3p.dll
2015-11-19 21:51 - 2015-01-06 12:47 - 00122928 _____ (BitDefender) C:\Windows\system32\OEMbdpredir.dll
2015-11-19 21:51 - 2015-01-06 12:47 - 00096160 _____ (BitDefender) C:\Windows\system32\bdpredir.dll
2015-11-19 21:45 - 2015-11-19 21:45 - 00000000 ____D C:\Program Files\Common Files\Lavasoft
2015-11-19 21:43 - 2015-11-19 21:43 - 02009904 _____ C:\Users\Tobias Breunig\Downloads\Adaware_Installer_11.8.exe
2015-11-19 13:42 - 2015-11-19 14:00 - 11006768 _____ (XVM team ) C:\Users\Tobias Breunig\Downloads\xvm-6.1.6.exe
2015-11-19 12:27 - 2015-11-19 12:42 - 10524242 _____ C:\Users\Tobias Breunig\Downloads\xvm-6.1.6.zip
2015-11-16 06:48 - 2015-11-16 07:46 - 00000000 ____D C:\Users\Tobias Breunig\AppData\Roaming\XSManager
2015-11-16 06:48 - 2015-11-16 06:47 - 00133120 _____ (C-motech Co.,Ltd.) C:\Windows\system32\Drivers\cm_netamd.sys
2015-11-16 06:48 - 2015-11-16 06:47 - 00118272 _____ (C-motech Co.,Ltd.) C:\Windows\system32\Drivers\cm_seramd.sys
2015-11-16 06:48 - 2015-11-16 06:47 - 00112640 _____ (C-motech Co.,Ltd.) C:\Windows\system32\Drivers\cm_net32.sys
2015-11-16 06:48 - 2015-11-16 06:47 - 00103680 _____ (C-motech Co.,Ltd.) C:\Windows\system32\Drivers\cm_ser32.sys
2015-11-16 06:48 - 2015-11-16 06:47 - 00101056 _____ C:\Windows\system32\Drivers\dvb_nova_12mhz_b0.inp
2015-11-16 06:48 - 2015-11-16 06:47 - 00092456 _____ C:\Windows\system32\Drivers\isdbt_nova_12mhz_b0.inp
2015-11-16 06:48 - 2015-11-16 06:47 - 00079036 _____ C:\Windows\system32\Drivers\tdmb_nova_12mhz_b0.inp
2015-11-16 06:48 - 2015-11-16 06:47 - 00063648 _____ (Siano) C:\Windows\system32\Drivers\smsbda.sys
2015-11-16 06:48 - 2015-11-16 06:47 - 00000040 _____ C:\Windows\system32\Drivers\smsbda.cfg
2015-11-16 06:48 - 2010-04-30 12:56 - 00312488 ____R (4G Systems GmbH & Co. KG) C:\Windows\updater4g.exe
2015-11-16 06:48 - 2010-04-30 12:56 - 00160424 ____R (4G Systems GmbH & Co. KG) C:\Windows\starter4g.exe
2015-11-16 06:47 - 2015-11-16 06:47 - 00117888 _____ (Mobile Connector) C:\Windows\system32\Drivers\cmnsusbser.sys
2015-11-16 06:47 - 2015-11-16 06:47 - 00001939 _____ C:\ProgramData\Microsoft\Windows\Start Menu\XSManager.lnk
2015-11-16 06:47 - 2015-11-16 06:47 - 00001933 _____ C:\Users\Public\Desktop\XSManager.lnk
2015-11-16 06:47 - 2015-11-16 06:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSManager
2015-11-16 06:47 - 2015-11-16 06:47 - 00000000 ____D C:\Program Files (x86)\XSManager
========== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-13 11:21 - 2013-08-12 09:20 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-13 11:07 - 2009-07-14 05:45 - 00024400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-13 11:07 - 2009-07-14 05:45 - 00024400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-13 11:02 - 2014-05-19 19:17 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-13 11:00 - 2013-09-30 15:50 - 00000000 ____D C:\Users\Tobias Breunig\Documents\Youcam
2015-12-13 11:00 - 2012-09-19 17:03 - 00000000 ____D C:\Users\Tobias Breunig\AppData\Local\CrashDumps
2015-12-13 10:58 - 2013-08-12 09:20 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-13 10:58 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-13 10:56 - 2012-09-16 08:06 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1993335669-2350816491-440414337-1000Core.job
2015-12-13 10:52 - 2015-08-16 20:47 - 00001260 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1993335669-2350816491-440414337-1000UA.job
2015-12-11 21:52 - 2015-08-16 20:47 - 00001208 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1993335669-2350816491-440414337-1000Core.job
2015-12-10 16:32 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-12-10 16:32 - 2009-07-14 05:45 - 00443528 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-10 16:30 - 2013-03-13 15:12 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-10 16:30 - 2013-03-13 15:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-10 07:32 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-10 07:31 - 2013-03-13 15:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-10 07:30 - 2012-12-30 16:36 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-10 07:28 - 2013-07-20 08:59 - 00000000 ____D C:\Windows\system32\MRT
2015-12-10 07:18 - 2012-09-22 18:16 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-09 22:56 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-09 22:49 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2015-12-09 21:58 - 2012-09-19 17:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
2015-12-09 21:58 - 2012-09-19 17:02 - 00000000 ____D C:\Program Files (x86)\Epson Software
2015-12-09 16:25 - 2014-05-19 19:17 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-09 16:25 - 2012-09-23 08:20 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-09 16:25 - 2012-09-23 08:20 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-06 10:16 - 2013-08-12 09:20 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-06 10:16 - 2013-08-12 09:20 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-06 10:16 - 2012-09-16 08:06 - 00004144 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1993335669-2350816491-440414337-1000UA
2015-12-06 10:16 - 2012-09-16 08:06 - 00003748 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1993335669-2350816491-440414337-1000Core
2015-12-06 10:16 - 2012-09-16 08:06 - 00001156 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1993335669-2350816491-440414337-1000UA.job
2015-12-03 11:10 - 2012-09-13 11:21 - 00000000 ____D C:\Users\Tobias Breunig
2015-12-03 10:46 - 2013-08-12 09:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-12-02 17:17 - 2014-11-14 21:15 - 00000000 __SHD C:\Users\Tobias Breunig\AppData\Local\EmieBrowserModeList
2015-12-02 17:17 - 2014-09-03 10:31 - 00000000 __SHD C:\Users\Tobias Breunig\AppData\Local\EmieUserList
2015-12-02 17:17 - 2014-09-03 10:31 - 00000000 __SHD C:\Users\Tobias Breunig\AppData\Local\EmieSiteList
2015-12-01 19:04 - 2013-05-19 13:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-12-01 19:02 - 2013-05-19 13:32 - 00162072 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-12-01 19:02 - 2013-05-19 13:32 - 00140448 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-12-01 19:02 - 2013-05-19 13:32 - 00075472 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-11-22 12:20 - 2014-11-25 17:24 - 00000000 ____D C:\ProgramData\WinZip
2015-11-19 20:20 - 2012-01-06 18:54 - 00747004 _____ C:\Windows\system32\perfh007.dat
2015-11-19 20:20 - 2012-01-06 18:54 - 00168046 _____ C:\Windows\system32\perfc007.dat
2015-11-19 20:20 - 2009-07-14 06:13 - 01754558 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-16 06:49 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\ModemLogs
2015-11-15 21:16 - 2012-09-13 11:27 - 00000000 ____D C:\Windows\System32\Tasks\Fujitsu
2015-11-15 20:57 - 2012-12-01 09:17 - 00000000 ____D C:\Users\Tobias Breunig\Documents\Meine empfangenen Dateien
========== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-03-29 12:04 - 2014-03-29 12:04 - 0000045 _____ () C:\Users\Tobias Breunig\AppData\Roaming\WB.CFG
2013-09-05 11:29 - 2013-11-20 12:38 - 0003584 _____ () C:\Users\Tobias Breunig\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-31 12:11 - 2014-12-07 17:11 - 0388096 _____ () C:\Users\Tobias Breunig\AppData\Local\fcumdetl.gdb
2014-10-31 12:11 - 2015-09-17 12:50 - 0002954 _____ () C:\Users\Tobias Breunig\AppData\Local\fcumdetl.gss
2013-02-15 09:14 - 2013-02-15 09:14 - 0017408 _____ () C:\Users\Tobias Breunig\AppData\Local\WebpageIcons.db
Einige Dateien in TEMP:
===============
C:\Users\Tobias Breunig\AppData\Local\Temp\avgnt.exe
C:\Users\Tobias Breunig\AppData\Local\Temp\sqlite3.dll
============== Bamital & volsnap ==========
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-12-11 14:33
============ Ende von FRST.txt ============= --- --- --- |