FaceTheTrace | 06.02.2016 17:16 | Hier erstmal die Funde von Malwarebytes Anti-Malware Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlaufdatum: 05.02.2016
Suchlaufzeit: 05:16
Protokolldatei: 1.txt
Administrator: Ja
Version: 2.00.4.1028
Malware-Datenbank: v2015.01.21.11
Rootkit-Datenbank: v2015.01.14.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 8
CPU: x64
Dateisystem: NTFS
Benutzer: Anton PC
Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 387442
Abgelaufene Zeit: 52 Min., 4 Sek.
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(keine bösartigen Elemente erkannt)
Module: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 6
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MRT.exe, In Quarantäne, [c091aa4d86034fe7758bc7764cb89c64],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MsMpEng.exe, In Quarantäne, [90c1c3343a4fc6705fbacb7264a06e92],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\svchost.exe, In Quarantäne, [72df995e1b6ee452f247162961a330d0],
Trojan.Agent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MRT.exe, In Quarantäne, [5af7ba3ddeabf343af5183ba17ed32ce],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MsMpEng.exe, In Quarantäne, [3918ad4a6a1f6fc79584c27b986c5ca4],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\svchost.exe, In Quarantäne, [bb96ec0bbfca0a2cb980ee51729251af],
Registrierungswerte: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Dateien: 0
(keine bösartigen Elemente erkannt)
Physische Sektoren: 0
(keine bösartigen Elemente erkannt)
(end) Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlaufdatum: 05.02.2016
Suchlaufzeit: 20:17
Protokolldatei: 2.txt
Administrator: Ja
Version: 2.2.0.1024
Malware-Datenbank: v2016.02.05.07
Rootkit-Datenbank: v2016.01.20.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Anton PC
Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 443102
Abgelaufene Zeit: 1 Std., 56 Min., 13 Sek.
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(keine bösartigen Elemente erkannt)
Module: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswerte: 1
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-3703029603-77815115-2748889256-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|AutoConfigUrl, hxxp://unblockservice.com/wpad.dat?f598151b57ef01ede63fac81b8699d865637481, In Quarantäne, [2af11845ff9a979f08caeff715ed2fd1]
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Dateien: 0
(keine bösartigen Elemente erkannt)
Physische Sektoren: 0
(keine bösartigen Elemente erkannt)
(end) Hier die FRST Logs Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:27-01-2016
durchgeführt von Anton PC (Administrator) auf ANTON (06-02-2016 16:59:01)
Gestartet von C:\Users\Anton PC\Downloads
Geladene Profile: Anton PC & (Verfügbare Profile: Anton PC)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
() C:\Windows\System32\atwtusb.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\atwtusb.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Windows\System32\AtwtusbIcon.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Pear Media, LLC) C:\Program Files (x86)\Chatango\Chatango.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Ruiware LLC) C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\main.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Cortex\Cef\CefSharp.BrowserSubprocess.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.92.3.0\OverwolfHelper.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.92.3.0\OverwolfHelper64.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.92.3.0\OverwolfBrowser.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.92.3.0\OverwolfBrowser.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188552 2013-05-28] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AtwtusbIcon] => C:\WINDOWS\system32\AtwtusbIcon.exe [3593728 2012-09-10] ()
HKLM\...\Run: [SoftEther VPN Client UI Helper] => C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5207272 2015-08-26] (SoftEther VPN Project at University of Tsukuba, Japan.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-17] (Synaptics Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-10-13] (Apple Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-24] (Hewlett-Packard Company)
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [98256 2015-07-14] (Razer Inc.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [179624 2016-01-12] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3873704 2016-02-01] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\Run: [Chatango] => C:\Program Files (x86)\Chatango\Chatango.exe [356352 2008-02-05] (Pear Media, LLC)
HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\Run: [uTorrent] => C:\Users\Anton PC\AppData\Roaming\uTorrent\uTorrent.exe [1822048 2015-11-08] (BitTorrent Inc.)
HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1154112 2014-07-21] (Ruiware LLC)
HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [45296 2016-01-20] (Overwolf LTD)
HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\Run: [Power2GoExpress8] => 0
HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [787592 2016-01-08] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd)
HKU\S-1-5-21-3703029603-77815115-2748889256-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Chatango] => C:\Program Files (x86)\Chatango\Chatango.exe [356352 2008-02-05] (Pear Media, LLC)
HKU\S-1-5-21-3703029603-77815115-2748889256-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [uTorrent] => C:\Users\Anton PC\AppData\Roaming\uTorrent\uTorrent.exe [1822048 2015-11-08] (BitTorrent Inc.)
HKU\S-1-5-21-3703029603-77815115-2748889256-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1154112 2014-07-21] (Ruiware LLC)
HKU\S-1-5-21-3703029603-77815115-2748889256-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [45296 2016-01-20] (Overwolf LTD)
HKU\S-1-5-21-3703029603-77815115-2748889256-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Power2GoExpress8] => 0
HKU\S-1-5-21-3703029603-77815115-2748889256-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [787592 2016-01-08] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-3703029603-77815115-2748889256-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Anton PC\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll [2015-12-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Anton PC\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll [2015-12-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Anton PC\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll [2015-12-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Anton PC\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll [2015-12-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Anton PC\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll [2015-12-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Anton PC\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll [2015-12-12] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk [2015-08-26]
ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther VPN Project at University of Tsukuba, Japan.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{38e9d8c9-7f0d-4c68-a246-630e47bda1c4}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{c2767abb-22b6-4c78-91ae-3381eb80b539}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-3703029603-77815115-2748889256-1002\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPNOT13/4
HKU\S-1-5-21-3703029603-77815115-2748889256-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPNOT13/4
SearchScopes: HKLM -> {995F4BA9-CC4A-41A0-B361-FA996141DF9F} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {995F4BA9-CC4A-41A0-B361-FA996141DF9F} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-3703029603-77815115-2748889256-1002 -> {995F4BA9-CC4A-41A0-B361-FA996141DF9F} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3703029603-77815115-2748889256-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-3703029603-77815115-2748889256-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {995F4BA9-CC4A-41A0-B361-FA996141DF9F} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3703029603-77815115-2748889256-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Kein Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> Keine Datei
BHO-x32: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll [2013-11-29] (BitComet)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-11-29] (Oracle Corporation)
BHO-x32: Kein Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> Keine Datei
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-11-29] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-3703029603-77815115-2748889256-1002 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei
Toolbar: HKU\S-1-5-21-3703029603-77815115-2748889256-1002 -> Kein Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Keine Datei
Toolbar: HKU\S-1-5-21-3703029603-77815115-2748889256-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei
Toolbar: HKU\S-1-5-21-3703029603-77815115-2748889256-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Keine Datei
FireFox:
========
FF ProfilePath: C:\Users\Anton PC\AppData\Roaming\Mozilla\Firefox\Profiles\lmvdbcpt.default-1440448851365
FF Session Restore: -> ist aktiviert.
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-20] ()
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll [2013-04-03] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-08] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-11-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-11-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin-x32: pmang.jp/pmangdiagnostic-1 -> C:\GameOn\Common files\nppmangdiagnostic_0.dll [2015-07-21] (gameon)
FF Plugin-x32: pmang.jp/pmangsupport-1 -> C:\GameOn\Common files\nppmangsupport_0.dll [2015-07-21] (gameon)
FF Plugin HKU\S-1-5-21-3703029603-77815115-2748889256-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Anton PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-10-06] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3703029603-77815115-2748889256-1002: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin HKU\S-1-5-21-3703029603-77815115-2748889256-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Anton PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-10-06] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3703029603-77815115-2748889256-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2014-11-06]
FF Extension: 1-Click YouTube Video Downloader - C:\Users\Anton PC\AppData\Roaming\Mozilla\Firefox\Profiles\lmvdbcpt.default-1440448851365\extensions\YoutubeDownloader@PeterOlayev.com.xpi [2015-10-05]
FF Extension: Easy Translate - C:\Users\Anton PC\AppData\Roaming\Mozilla\Firefox\Profiles\lmvdbcpt.default-1440448851365\Extensions\jid1-f7dnBeTj8ElpWQ@jetpack.xpi [2016-02-05]
FF Extension: YouTube Unblocker - C:\Users\Anton PC\AppData\Roaming\Mozilla\Firefox\Profiles\lmvdbcpt.default-1440448851365\Extensions\youtubeunblocker@unblocker.yt [2015-12-03]
FF Extension: Video DownloadHelper - C:\Users\Anton PC\AppData\Roaming\Mozilla\Firefox\Profiles\lmvdbcpt.default-1440448851365\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-10-30]
FF Extension: Unity Notifier - C:\Users\Anton PC\AppData\Roaming\Mozilla\Firefox\Profiles\lmvdbcpt.default-1440448851365\Extensions\{d0c39035-e802-4a28-86d6-d695b56ad322}.xpi [2015-12-18] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\Anton PC\AppData\Roaming\Mozilla\Firefox\Profiles\lmvdbcpt.default-1440448851365\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-19]
FF Extension: mpeg4 compiler plus - C:\Users\Anton PC\AppData\Roaming\Mozilla\Firefox\Profiles\lmvdbcpt.default-1440448851365\Extensions\{e861859d-4109-4946-85af-882c7e1deb3b}.xpi [2015-11-13] [ist nicht signiert]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://google.de/"
CHR Profile: C:\Users\Anton PC\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Anton PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-24]
CHR Extension: (Google Drive) - C:\Users\Anton PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-30]
CHR Extension: (YouTube) - C:\Users\Anton PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Google-Suche) - C:\Users\Anton PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (Google Docs Offline) - C:\Users\Anton PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Anton PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-06]
CHR Extension: (Google Mail) - C:\Users\Anton PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR HKLM-x32\...\Chrome\Extension: [dhigneefebkcagnpnpbibganpmfgebnk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [604144 2016-02-01] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3881184 2016-02-01] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1048488 2016-01-12] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [561104 2016-02-01] (AVG Technologies CZ, s.r.o.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1225216 2015-09-23] ()
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (www.BitComet.com)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-06-26] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [294664 2013-06-26] (CyberLink)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [174112 2014-11-05] (EasyAntiCheat Ltd)
S2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2015-12-31] (Hi-Rez Studios) [Datei ist nicht signiert]
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-10-08] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-08] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-08] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [3191392 2014-05-15] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21007192 2014-04-30] (NVIDIA Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1009392 2016-01-20] (Overwolf LTD)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187048 2015-06-23] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [245832 2013-05-17] (Realtek Semiconductor)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [129168 2015-07-14] (Razer Inc.)
S2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [175752 2015-06-23] (Sandboxie Holdings, LLC)
R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5207272 2015-08-26] (SoftEther VPN Project at University of Tsukuba, Japan.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5613328 2015-07-29] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [598808 2013-06-06] (Wacom Technology, Corp.)
R2 WTService; C:\WINDOWS\system32\atwtusb.exe [582144 2013-11-12] () [Datei ist nicht signiert]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2016-01-05] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272304 2016-01-08] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [260528 2016-01-22] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-12-04] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [23472 2016-01-08] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [315840 2015-12-16] (AVG Technologies CZ, s.r.o.)
S3 ccpvhid; C:\Windows\System32\drivers\ccpvhid.sys [18184 2015-04-30] ()
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-09-29] (Disc Soft Ltd)
S3 hidkmdf; C:\Windows\System32\drivers\hidkmdf.sys [15624 2015-04-30] ()
S3 hxsyol; C:\WINDOWS\system32\hxsy64.sys [86352 2014-10-20] ()
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 moufiltr; C:\Windows\System32\drivers\moufiltr.sys [7680 2009-03-08] (Windows (R) Codename Longhorn DDK provider)
R3 Neo_VPN; C:\Windows\System32\drivers\Neo_VPN.sys [40704 2015-08-26] (SoftEther Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18776 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [4629744 2015-08-28] (Realtek Semiconductor Corporation )
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2015-06-12] (Razer, Inc.)
S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [190088 2015-06-23] (Sandboxie Holdings, LLC)
R1 SeLow; C:\Windows\system32\DRIVERS\SeLow_x64.sys [48896 2015-08-26] (SoftEther Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-07-17] (Synaptics Incorporated)
S3 TabletFilter; C:\Windows\System32\drivers\TabletFilter.sys [7680 2012-08-15] (Windows (R) Win 7 DDK provider)
R3 vhidmini; C:\Windows\System32\drivers\walvhid.sys [7552 2009-08-26] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-06 16:59 - 2016-02-06 16:59 - 00032594 _____ C:\Users\Anton PC\Downloads\FRST.txt
2016-02-06 16:58 - 2016-02-06 16:59 - 00000000 ____D C:\FRST
2016-02-06 16:58 - 2016-02-06 16:58 - 02370560 _____ (Farbar) C:\Users\Anton PC\Downloads\FRST64.exe
2016-02-06 16:57 - 2016-02-06 16:57 - 00001449 _____ C:\Users\Anton PC\Desktop\2.txt
2016-02-06 16:55 - 2016-02-06 16:55 - 00002150 _____ C:\Users\Anton PC\Desktop\1.txt
2016-02-06 16:55 - 2016-02-06 16:55 - 00001449 _____ C:\2.txt
2016-02-05 20:16 - 2016-02-05 20:16 - 00001178 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-02-05 05:56 - 2016-02-06 07:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-05 03:01 - 2016-02-05 03:01 - 00001016 _____ C:\Users\Public\Desktop\AVG Protection.lnk
2016-02-05 03:01 - 2016-02-05 03:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-02-05 02:58 - 2016-02-05 02:58 - 00000000 ___HD C:\$AVG
2016-02-05 02:55 - 2016-02-06 16:42 - 00000000 ____D C:\ProgramData\MFAData
2016-02-05 02:55 - 2016-02-05 02:55 - 00000000 ____D C:\Users\Anton PC\AppData\Local\MFAData
2016-02-05 02:54 - 2016-02-05 02:57 - 00000000 ____D C:\Program Files (x86)\AVG
2016-02-05 02:53 - 2016-02-05 02:54 - 00000000 ____D C:\Users\Anton PC\AppData\Local\AvgSetupLog
2016-02-05 02:41 - 2016-02-05 02:53 - 245273648 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Anton PC\Downloads\AVG_Antivirus_Free_x64_693.exe
2016-02-05 02:04 - 2016-02-05 02:21 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-02-04 04:09 - 2016-02-04 04:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore
2016-02-03 02:38 - 2016-02-03 02:38 - 00000000 ____D C:\Users\Anton PC\Desktop\gifmaterial
2016-01-30 21:33 - 2016-01-30 22:48 - 00001664 _____ C:\WINDOWS\system32\ASOROSet.bin
2016-01-30 21:33 - 2016-01-30 21:33 - 00000000 ____D C:\WINDOWS\system32\config\RCCBakup
2016-01-30 21:30 - 2016-01-30 21:30 - 00002856 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-01-30 21:30 - 2016-01-30 21:30 - 00000830 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-01-30 21:30 - 2016-01-30 21:30 - 00000000 ____D C:\Program Files\CCleaner
2016-01-30 21:29 - 2016-01-30 21:30 - 06828320 _____ (Piriform Ltd) C:\Users\Anton PC\Downloads\ccsetup_514.exe
2016-01-30 21:22 - 2015-11-25 13:01 - 00021624 _____ (solvusoft) C:\WINDOWS\system32\roboot64.exe
2016-01-30 21:21 - 2016-02-01 03:44 - 00000000 ____D C:\Users\Anton PC\AppData\Roaming\Solvusoft
2016-01-30 21:10 - 2016-01-30 23:15 - 00000000 ____D C:\WINDOWS\LastGood
2016-01-30 20:46 - 2016-01-30 20:48 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-01-28 16:45 - 2016-01-16 07:37 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-01-28 16:45 - 2016-01-16 07:36 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-28 16:45 - 2016-01-16 07:24 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-01-28 16:45 - 2016-01-16 07:23 - 08728920 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-01-28 16:45 - 2016-01-16 07:23 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-28 16:45 - 2016-01-16 07:23 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-01-28 16:45 - 2016-01-16 07:23 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-01-28 16:45 - 2016-01-16 07:23 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-01-28 16:45 - 2016-01-16 07:21 - 22572624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-01-28 16:45 - 2016-01-16 07:21 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-01-28 16:45 - 2016-01-16 07:20 - 06971752 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-01-28 16:45 - 2016-01-16 07:20 - 06600904 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-01-28 16:45 - 2016-01-16 07:20 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-28 16:45 - 2016-01-16 07:20 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-01-28 16:45 - 2016-01-16 07:20 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-01-28 16:45 - 2016-01-16 07:19 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-28 16:45 - 2016-01-16 07:19 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-01-28 16:45 - 2016-01-16 07:17 - 21125400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-01-28 16:45 - 2016-01-16 07:16 - 05238360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-01-28 16:45 - 2016-01-16 07:13 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-01-28 16:45 - 2016-01-16 07:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-01-28 16:45 - 2016-01-16 07:12 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-01-28 16:45 - 2016-01-16 07:09 - 01089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-01-28 16:45 - 2016-01-16 07:08 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-01-28 16:45 - 2016-01-16 07:08 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-01-28 16:45 - 2016-01-16 06:45 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-01-28 16:45 - 2016-01-16 06:44 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-01-28 16:45 - 2016-01-16 06:42 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-01-28 16:45 - 2016-01-16 06:40 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-01-28 16:45 - 2016-01-16 06:38 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-01-28 16:45 - 2016-01-16 06:38 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-01-28 16:45 - 2016-01-16 06:38 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-01-28 16:45 - 2016-01-16 06:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-01-28 16:45 - 2016-01-16 06:37 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-01-28 16:45 - 2016-01-16 06:37 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-01-28 16:45 - 2016-01-16 06:36 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-01-28 16:45 - 2016-01-16 06:36 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2016-01-28 16:45 - 2016-01-16 06:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-01-28 16:45 - 2016-01-16 06:36 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-01-28 16:45 - 2016-01-16 06:35 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-01-28 16:45 - 2016-01-16 06:35 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-01-28 16:45 - 2016-01-16 06:34 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-01-28 16:45 - 2016-01-16 06:34 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2016-01-28 16:45 - 2016-01-16 06:34 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-01-28 16:45 - 2016-01-16 06:33 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2016-01-28 16:45 - 2016-01-16 06:33 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-01-28 16:45 - 2016-01-16 06:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-01-28 16:45 - 2016-01-16 06:32 - 24602624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-01-28 16:45 - 2016-01-16 06:32 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-01-28 16:45 - 2016-01-16 06:31 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-01-28 16:45 - 2016-01-16 06:31 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-01-28 16:45 - 2016-01-16 06:31 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-01-28 16:45 - 2016-01-16 06:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-01-28 16:45 - 2016-01-16 06:30 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-01-28 16:45 - 2016-01-16 06:30 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-01-28 16:45 - 2016-01-16 06:30 - 01053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-01-28 16:45 - 2016-01-16 06:30 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-01-28 16:45 - 2016-01-16 06:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-01-28 16:45 - 2016-01-16 06:29 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-01-28 16:45 - 2016-01-16 06:29 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-01-28 16:45 - 2016-01-16 06:28 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-01-28 16:45 - 2016-01-16 06:28 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-01-28 16:45 - 2016-01-16 06:28 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-01-28 16:45 - 2016-01-16 06:28 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2016-01-28 16:45 - 2016-01-16 06:28 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-01-28 16:45 - 2016-01-16 06:27 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-01-28 16:45 - 2016-01-16 06:26 - 19338752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-01-28 16:45 - 2016-01-16 06:26 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-01-28 16:45 - 2016-01-16 06:26 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll
2016-01-28 16:45 - 2016-01-16 06:25 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-01-28 16:45 - 2016-01-16 06:25 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-01-28 16:45 - 2016-01-16 06:24 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-01-28 16:45 - 2016-01-16 06:24 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-01-28 16:45 - 2016-01-16 06:24 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-01-28 16:45 - 2016-01-16 06:24 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-01-28 16:45 - 2016-01-16 06:24 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-01-28 16:45 - 2016-01-16 06:23 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-01-28 16:45 - 2016-01-16 06:23 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-01-28 16:45 - 2016-01-16 06:21 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-01-28 16:45 - 2016-01-16 06:20 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-01-28 16:45 - 2016-01-16 06:20 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-01-28 16:45 - 2016-01-16 06:20 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-01-28 16:45 - 2016-01-16 06:20 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2016-01-28 16:45 - 2016-01-16 06:19 - 12126208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-01-28 16:45 - 2016-01-16 06:19 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-01-28 16:45 - 2016-01-16 06:19 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-01-28 16:45 - 2016-01-16 06:19 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-01-28 16:45 - 2016-01-16 06:18 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-28 16:45 - 2016-01-16 06:17 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-01-28 16:45 - 2016-01-16 06:16 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-01-28 16:45 - 2016-01-16 06:16 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-28 16:45 - 2016-01-16 06:15 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-01-28 16:45 - 2016-01-16 06:14 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-01-28 16:45 - 2016-01-16 06:14 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-01-28 16:45 - 2016-01-16 06:11 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-01-28 16:44 - 2016-01-16 07:36 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-28 16:44 - 2016-01-16 07:34 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-28 16:44 - 2016-01-16 07:23 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-28 16:44 - 2016-01-16 06:46 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-01-28 16:44 - 2016-01-16 06:44 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-01-28 16:44 - 2016-01-16 06:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll
2016-01-28 16:44 - 2016-01-16 06:44 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2016-01-28 16:44 - 2016-01-16 06:43 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2016-01-28 16:44 - 2016-01-16 06:42 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll
2016-01-28 16:44 - 2016-01-16 06:41 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-01-28 16:44 - 2016-01-16 06:40 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2016-01-28 16:44 - 2016-01-16 06:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2016-01-28 16:44 - 2016-01-16 06:40 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe
2016-01-28 16:44 - 2016-01-16 06:39 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2016-01-28 16:44 - 2016-01-16 06:38 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2016-01-28 16:44 - 2016-01-16 06:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-01-28 16:44 - 2016-01-16 06:36 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2016-01-28 16:44 - 2016-01-16 06:35 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll
2016-01-28 16:44 - 2016-01-16 06:34 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-01-28 16:44 - 2016-01-16 06:34 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2016-01-28 16:44 - 2016-01-16 06:32 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2016-01-28 16:44 - 2016-01-16 06:31 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe
2016-01-28 16:44 - 2016-01-16 06:30 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2016-01-28 16:44 - 2016-01-16 06:26 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-01-28 16:44 - 2016-01-16 06:26 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-01-28 16:44 - 2016-01-16 06:25 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2016-01-28 16:44 - 2016-01-16 06:19 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-01-28 16:44 - 2016-01-16 06:18 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-01-28 16:44 - 2016-01-16 06:09 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-01-24 16:18 - 2016-01-24 16:20 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-01-24 16:18 - 2016-01-24 16:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG4200 series
2016-01-24 16:17 - 2016-01-24 16:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2016-01-24 16:17 - 2016-01-24 16:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG4200 series Benutzerregistrierung
2016-01-24 16:17 - 2016-01-24 16:17 - 00000000 ____D C:\ProgramData\Canon IJ Network Tool
2016-01-24 16:17 - 2012-02-08 16:34 - 00320000 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNC_B9L.dll
2016-01-24 16:17 - 2012-01-26 10:25 - 00081664 _____ C:\WINDOWS\SysWOW64\CNC1763D.TBL
2016-01-24 16:17 - 2012-01-16 14:21 - 00103424 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNC_B9U.dll
2016-01-24 16:17 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNHMCA.dll
2016-01-24 16:16 - 2016-01-24 16:16 - 00000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2016-01-24 16:16 - 2016-01-24 16:16 - 00000000 ___HD C:\ProgramData\CanonBJ
2016-01-24 16:16 - 2016-01-24 16:16 - 00000000 ___HD C:\Program Files\CanonBJ
2016-01-24 16:00 - 2016-01-24 16:00 - 00000000 ____D C:\WINDOWS\SysWOW64\STRING
2016-01-24 15:59 - 2016-01-25 01:45 - 00000000 ____D C:\Users\Anton PC\Desktop\Neuer Ordner (3)
2016-01-24 07:16 - 2016-01-24 07:16 - 00001055 _____ C:\Users\Anton PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iPadian.lnk
2016-01-24 07:15 - 2016-01-24 07:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iPadian
2016-01-24 07:14 - 2016-01-24 07:15 - 00000000 ____D C:\Program Files (x86)\iPadian
2016-01-22 15:15 - 2016-01-22 15:15 - 00260528 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx64.sys
2016-01-21 18:08 - 2016-01-21 18:08 - 00867139 _____ C:\Users\Anton PC\Downloads\Dateiordner_Kleinübungen.zip
2016-01-21 18:05 - 2016-01-21 18:05 - 07393841 _____ C:\Users\Anton PC\Downloads\Dateiordner_Vorlesungsfolien.zip
2016-01-21 00:05 - 2016-01-21 00:05 - 00122599 _____ C:\Users\Anton PC\Documents\xsmap13th.mcr
2016-01-14 15:34 - 2016-02-06 03:37 - 00018292 _____ C:\Users\Anton PC\Documents\HLTcalcBETA1.0.xlsx
2016-01-14 08:49 - 2016-01-14 15:35 - 00009304 _____ C:\Users\Anton PC\Desktop\ninjasammy hlt.xlsx
2016-01-13 03:29 - 2016-01-05 03:37 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-13 03:29 - 2016-01-05 03:33 - 02180128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-13 03:29 - 2016-01-05 02:39 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-01-13 03:28 - 2016-01-05 03:51 - 07477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-01-13 03:28 - 2016-01-05 03:51 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-01-13 03:28 - 2016-01-05 03:51 - 01141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-01-13 03:28 - 2016-01-05 03:50 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-13 03:28 - 2016-01-05 03:48 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-01-13 03:28 - 2016-01-05 03:45 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-01-13 03:28 - 2016-01-05 03:42 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-01-13 03:28 - 2016-01-05 03:37 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-13 03:28 - 2016-01-05 03:37 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-13 03:28 - 2016-01-05 03:37 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-13 03:28 - 2016-01-05 03:37 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-01-13 03:28 - 2016-01-05 03:36 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-01-13 03:28 - 2016-01-05 03:33 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-13 03:28 - 2016-01-05 03:33 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-13 03:28 - 2016-01-05 03:33 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-01-13 03:28 - 2016-01-05 03:33 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-13 03:28 - 2016-01-05 03:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-01-13 03:28 - 2016-01-05 03:27 - 01594408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-13 03:28 - 2016-01-05 03:24 - 00796352 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-01-13 03:28 - 2016-01-05 03:23 - 01804664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-13 03:28 - 2016-01-05 03:23 - 01309376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-01-13 03:28 - 2016-01-05 03:23 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-13 03:28 - 2016-01-05 03:23 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-13 03:28 - 2016-01-05 03:21 - 01371792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-13 03:28 - 2016-01-05 03:17 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-13 03:28 - 2016-01-05 03:16 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-13 03:28 - 2016-01-05 02:57 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll
2016-01-13 03:28 - 2016-01-05 02:57 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-01-13 03:28 - 2016-01-05 02:56 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-01-13 03:28 - 2016-01-05 02:54 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-01-13 03:28 - 2016-01-05 02:53 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2016-01-13 03:28 - 2016-01-05 02:52 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-01-13 03:28 - 2016-01-05 02:51 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-01-13 03:28 - 2016-01-05 02:51 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-01-13 03:28 - 2016-01-05 02:50 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-01-13 03:28 - 2016-01-05 02:50 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-01-13 03:28 - 2016-01-05 02:49 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-01-13 03:28 - 2016-01-05 02:49 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-13 03:28 - 2016-01-05 02:49 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-01-13 03:28 - 2016-01-05 02:49 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-01-13 03:28 - 2016-01-05 02:49 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll
2016-01-13 03:28 - 2016-01-05 02:48 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-13 03:28 - 2016-01-05 02:48 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-13 03:28 - 2016-01-05 02:48 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-01-13 03:28 - 2016-01-05 02:47 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-01-13 03:28 - 2016-01-05 02:47 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-13 03:28 - 2016-01-05 02:47 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-13 03:28 - 2016-01-05 02:45 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-13 03:28 - 2016-01-05 02:45 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-01-13 03:28 - 2016-01-05 02:44 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2016-01-13 03:28 - 2016-01-05 02:43 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-01-13 03:28 - 2016-01-05 02:43 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-01-13 03:28 - 2016-01-05 02:43 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-01-13 03:28 - 2016-01-05 02:42 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-01-13 03:28 - 2016-01-05 02:41 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-13 03:28 - 2016-01-05 02:41 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-01-13 03:28 - 2016-01-05 02:40 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-13 03:28 - 2016-01-05 02:40 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-01-13 03:28 - 2016-01-05 02:39 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-13 03:28 - 2016-01-05 02:39 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-01-13 03:28 - 2016-01-05 02:39 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-13 03:28 - 2016-01-05 02:38 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-01-13 03:28 - 2016-01-05 02:36 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-01-13 03:28 - 2016-01-05 02:36 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-01-13 03:28 - 2016-01-05 02:30 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-01-13 03:28 - 2016-01-05 02:30 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-01-13 03:28 - 2016-01-05 02:29 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-01-13 03:28 - 2016-01-05 02:28 - 07826432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-01-13 03:28 - 2016-01-05 02:28 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-01-13 03:28 - 2016-01-05 02:25 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-01-11 14:09 - 2013-02-04 15:12 - 00367104 _____ (CANON INC.) C:\WINDOWS\system32\CNC_BUL.dll
2016-01-11 14:09 - 2012-11-26 12:24 - 00095744 _____ C:\WINDOWS\system32\CNC1771D.TBL
2016-01-11 14:09 - 2012-11-08 13:04 - 00282624 _____ (CANON INC.) C:\WINDOWS\system32\CNC_BUC.dll
2016-01-11 14:09 - 2012-11-08 13:03 - 00106496 _____ (CANON INC.) C:\WINDOWS\system32\CNC_BUI.dll
2016-01-11 14:08 - 2016-01-11 14:08 - 00103478 _____ C:\Users\Anton PC\Downloads\Entwurf Mietvertrag.pdf
2016-01-11 14:08 - 2016-01-11 14:08 - 00093585 _____ C:\Users\Anton PC\Downloads\schreiben an anton volkov (weiterer beteiligter).pdf
2016-01-09 16:44 - 2016-01-11 02:09 - 00000109 _____ C:\Users\Anton PC\Desktop\soulcraft rate.txt
2016-01-09 06:25 - 2016-01-15 08:27 - 00034328 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2016-01-09 06:00 - 2016-01-02 20:14 - 02660496 _____ (Sysinternals - www.sysinternals.com) C:\Users\Anton PC\Desktop\procexp.exe
2016-01-09 05:45 - 2016-01-09 05:45 - 01250844 _____ C:\Users\Anton PC\Downloads\ProcessExplorer161.zip
2016-01-08 10:46 - 2016-01-08 10:46 - 00272304 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsha.sys
2016-01-08 10:46 - 2016-01-08 10:46 - 00023472 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avguniva.sys
2016-01-08 04:07 - 2016-01-08 04:35 - 00000000 ____D C:\Program Files\Sandboxie
2016-01-08 04:07 - 2016-01-08 04:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2016-01-08 03:25 - 2016-01-08 03:25 - 00003432 _____ C:\WINDOWS\System32\Tasks\{1B7C4777-0D52-4B1A-A512-DE9C11AF4ED3}
2016-01-08 03:22 - 2016-01-08 03:53 - 00001520 _____ C:\Users\Anton PC\Desktop\Patcher - Verknüpfung.lnk
2016-01-07 15:03 - 2016-01-07 15:03 - 00021632 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgboota.sys
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-06 16:56 - 2015-01-07 23:52 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-02-06 16:47 - 2014-06-22 17:42 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-06 07:01 - 2013-12-19 18:40 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-02-06 03:13 - 2013-12-24 13:14 - 00000000 ____D C:\Program Files (x86)\Steam
2016-02-05 23:14 - 2015-01-25 14:02 - 00000000 ____D C:\Program Files (x86)\Dragon Saga
2016-02-05 23:10 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-05 20:16 - 2015-01-07 23:51 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-02-05 20:11 - 2014-06-22 17:42 - 00001126 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-05 20:09 - 2015-08-30 02:55 - 00000000 ____D C:\Users\Anton PC\AppData\Local\Overwolf
2016-02-05 20:08 - 2015-12-10 22:39 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-02-05 20:08 - 2014-06-29 00:28 - 00000000 __SHD C:\Users\Anton PC\IntelGraphicsProfiles
2016-02-05 16:42 - 2012-07-26 06:26 - 00000182 _____ C:\WINDOWS\win.ini
2016-02-05 14:53 - 2015-08-26 02:52 - 00000000 ____D C:\Program Files\SoftEther VPN Client
2016-02-05 14:52 - 2015-12-10 23:14 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-05 14:52 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Help
2016-02-05 14:51 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-02-05 06:22 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-02-05 03:02 - 2015-11-27 17:27 - 00000000 ____D C:\Users\Anton PC\AppData\Roaming\AVG
2016-02-05 03:02 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-02-05 03:02 - 2014-11-18 17:54 - 00000000 ____D C:\Users\Anton PC\AppData\Local\Avg
2016-02-05 03:00 - 2015-10-30 08:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-02-05 02:58 - 2015-11-27 17:18 - 00000000 ____D C:\ProgramData\Avg
2016-02-05 02:45 - 2015-06-25 09:45 - 00000000 ____D C:\Program Files\Common Files\AV
2016-02-05 01:09 - 2013-11-24 22:41 - 00000000 ____D C:\Users\Anton PC\AppData\Local\ElevatedDiagnostics
2016-02-04 23:53 - 2014-06-22 17:43 - 00002643 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-04 04:08 - 2014-06-22 23:10 - 00002767 _____ C:\Users\Anton PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-04 04:08 - 2013-11-10 09:19 - 00001356 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-02-03 02:38 - 2015-10-05 19:45 - 00000000 ____D C:\Users\Anton PC\dwhelper
2016-02-03 02:28 - 2013-11-14 23:11 - 00000000 ____D C:\Users\Anton PC\AppData\Roaming\vlc
2016-02-02 20:09 - 2015-12-10 22:44 - 00000000 ____D C:\Users\Anton PC
2016-02-02 17:42 - 2014-06-22 17:42 - 00004188 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-02 17:42 - 2014-06-22 17:42 - 00003956 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-01 03:45 - 2015-10-16 18:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-31 18:46 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2016-01-30 23:23 - 2014-06-28 10:14 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-30 22:49 - 2015-12-10 22:31 - 00363496 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-01-30 22:49 - 2015-10-30 07:28 - 90963968 _____ C:\WINDOWS\system32\config\SOFTWARE.bak
2016-01-30 22:49 - 2015-10-30 07:28 - 17301504 _____ C:\WINDOWS\system32\config\SYSTEM.bak
2016-01-30 22:49 - 2015-10-30 07:28 - 00028672 _____ C:\WINDOWS\system32\config\SECURITY.bak
2016-01-30 21:39 - 2015-12-10 22:39 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-01-30 21:39 - 2014-08-01 10:26 - 00000000 ____D C:\Users\Anton PC\AppData\Roaming\PhotoScape
2016-01-30 21:39 - 2014-06-20 22:30 - 00000000 ____D C:\Users\Anton PC\AppData\Roaming\uTorrent
2016-01-30 21:39 - 2014-04-18 16:55 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-01-30 21:37 - 2015-12-16 14:56 - 00000000 ____D C:\WINDOWS\Minidump
2016-01-30 21:37 - 2015-12-10 22:29 - 00000000 ___DC C:\WINDOWS\Panther
2016-01-29 19:54 - 2013-11-09 23:05 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-01-29 03:43 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-01-29 03:43 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-01-29 03:43 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-01-29 03:43 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-01-29 03:43 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-01-29 03:43 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-29 03:43 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-01-29 02:44 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-28 12:20 - 2015-02-25 11:54 - 00000000 ____D C:\Users\Anton PC\AppData\Local\Steam
2016-01-26 23:20 - 2015-08-30 02:57 - 00000000 ____D C:\Program Files (x86)\Overwolf
2016-01-24 16:19 - 2014-04-10 16:30 - 00000000 ___HD C:\ProgramData\CanonIJScan
2016-01-24 16:19 - 2014-04-08 22:42 - 00000000 ____D C:\Users\Anton PC\AppData\Roaming\Canon
2016-01-24 16:19 - 2014-04-08 22:25 - 00000000 ____D C:\Program Files (x86)\Canon
2016-01-24 16:17 - 2015-10-30 08:24 - 00000000 __RSD C:\WINDOWS\Media
2016-01-24 16:11 - 2015-12-10 22:44 - 02006668 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-24 16:11 - 2015-10-30 19:35 - 00854790 _____ C:\WINDOWS\system32\perfh007.dat
2016-01-24 16:11 - 2015-10-30 19:35 - 00188478 _____ C:\WINDOWS\system32\perfc007.dat
2016-01-15 11:56 - 2013-11-10 13:32 - 00000000 ____D C:\Users\Anton PC\AppData\Roaming\Skype
2016-01-14 22:37 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-01-13 07:04 - 2013-11-10 09:44 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-13 06:58 - 2013-11-10 09:44 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-01-10 09:12 - 2015-01-02 01:13 - 00000000 ____D C:\Users\Anton PC\Desktop\Neuer Ordner
2016-01-07 01:15 - 2015-04-26 21:11 - 00000000 ____D C:\Users\Anton PC\Downloads\12234567
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-02-15 14:38 - 2014-02-15 14:38 - 0041984 ___SH () C:\Users\Anton PC\AppData\Roaming\Thumbs.db
2013-12-30 16:53 - 2015-03-27 20:57 - 0018432 _____ () C:\Users\Anton PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-24 01:50 - 2015-11-24 01:50 - 0001496 _____ () C:\Users\Anton PC\AppData\Local\recently-used.xbel
2013-12-28 18:58 - 2015-03-28 04:33 - 0007603 _____ () C:\Users\Anton PC\AppData\Local\Resmon.ResmonCfg
Einige Dateien in TEMP:
====================
C:\Users\Anton PC\AppData\Local\Temp\avg-e83bd579-7d6b-4773-9c00-67345c3e762f.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-01-31 17:30
==================== Ende von FRST.txt ============================ |