Benkenobi | 27.02.2016 12:14 | GMX-Account verschickt selbstständig Mails an Kontakte des Adressbuches sowie an Kontakte, die NICHT im Email-Adressbuch sind! Hallo liebes "Trojaner-Board.de"-Team; danke für Eure kostenlose Hilfe!!
Seit einigen Tagen verschickt mein GMX-Account eigenständig Nachrichten an Adressbuchkontakte und auch an Kontakte, die ich nicht im Adressbuch habe!!! (Fb,WhatsApp,...???)
Inhalt der Nachrichten ist:
"Hello!
New message, pease read hxxp://sereneplast.com/wild.php
***Mein Name***" Wichtige Info: Ich nutze GMX sowohl über die Homepage (gmx.net) von 2 Geräten aus ([Notebook= 1. FRST] + [Stand-PC= 2.FRST+Panda-Logfile]), als auch über mein Smartphone (GMX-App)...
Ich habe keine Ahnung, wie ich vorgehen soll!
Bitte um eure Hilfe :)
Danke vielmals!!!
FRST-Ergebnis Notebook Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:24-02-2016
durchgeführt von Benedikt (Administrator) auf NOTEBOOK (27-02-2016 11:46:48)
Gestartet von C:\Users\Benedikt\Downloads
Geladene Profile: Benedikt (Verfügbare Profile: Benedikt)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantDisplayService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(mquadr.at software engineering and consulting GmbH, web: www.mquadr.at, mail: office@mquadr.at) C:\Program Files (x86)\3InternetManager\3InternetManager.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe
() C:\Windows\SysWOW64\UMonit64.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Windows\System32\MRT.exe
(Microsoft Corporation) C:\Windows\System32\MRT.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.201.11370.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\14071AppMachine.Timber_3.1.5.0_x64__tr01v63sm0crm\TinderWin.UWP.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [111488 2014-09-15] (Intel Corporation)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [920280 2015-04-17] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [1080992 2014-05-15] (ASUSTek Computer Inc.)
HKU\S-1-5-21-3481499257-3068839652-1372755572-1001\...\RunOnce: [Uninstall C:\Users\Benedikt\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Benedikt\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
HKU\S-1-5-21-3481499257-3068839652-1372755572-1001\...\RunOnce: [Uninstall C:\Users\Benedikt\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Benedikt\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1"
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-01-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-01-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-01-22] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-12-24]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe (McAfee, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\..\Interfaces\{45c8af02-22a8-40a9-b968-2c9501bc0905}: [NameServer] 213.94.78.17 213.94.78.16
Tcpip\..\Interfaces\{56c3f028-1d4b-439f-9e30-e306595c8293}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{e9f2172e-35a7-4fcf-b5b8-785fe6c4f527}: [NameServer] 213.94.78.17 213.94.78.16
Internet Explorer:
==================
HKU\S-1-5-21-3481499257-3068839652-1372755572-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://at.search.yahoo.com/?type=435371&fr=spigot-yhp-ie
HKU\S-1-5-21-3481499257-3068839652-1372755572-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-3481499257-3068839652-1372755572-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://asus13.msn.com/?pc=ASJB
SearchScopes: HKU\S-1-5-21-3481499257-3068839652-1372755572-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3481499257-3068839652-1372755572-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3481499257-3068839652-1372755572-1001 -> {D504C739-CAF2-4C7A-9DD9-05900F5D96A0} URL = hxxps://at.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=435371&p={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-12-15] (Microsoft Corporation)
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\WINDOWS\system32\mscoree.dll [2015-10-30] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-01-22] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-12-15] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-01-22] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\0tg1pcio.default
FF SelectedSearchEngine: Yahoo!
FF Homepage: www.google.at
FF Keyword.URL: hxxps://at.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=435371&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-10] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-09] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-09] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-02-08] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\0tg1pcio.default\searchplugins\yahoo_ff.xml [2016-01-26]
FF Extension: Adblock Plus - C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\0tg1pcio.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2787512 2015-12-22] (Microsoft Corporation)
R2 DptfParticipantDisplayService; C:\WINDOWS\System32\DptfParticipantDisplayService.exe [141944 2014-09-15] (Intel Corporation)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [115656 2014-09-15] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116680 2014-09-15] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [148160 2014-09-15] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [124904 2014-09-15] (Intel Corporation)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-10-28] ()
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [121304 2014-08-07] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-27] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-09] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [200168 2013-12-04] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-09] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [289256 2015-12-02] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [97680 2015-07-28] (ASUS Corporation)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-10-30] (Microsoft Corporation)
S3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [36864 2015-10-30] (Microsoft Corporation)
S3 DptfDevDisplay; C:\Windows\System32\drivers\DptfDevDisplay.sys [70752 2014-09-15] (Intel Corporation)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [145640 2014-09-15] (Intel Corporation)
S3 DptfDevFan; C:\Windows\System32\drivers\DptfDevFan.sys [50640 2014-09-15] (Intel Corporation)
S3 DptfDevGen; C:\Windows\System32\drivers\DptfDevGen.sys [78504 2014-09-15] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [116752 2014-09-15] (Intel Corporation)
S3 DptfDevPower; C:\Windows\System32\drivers\DptfDevPower.sys [71808 2014-09-15] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [290256 2014-09-15] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [495320 2014-09-15] (Intel Corporation)
S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [107208 2014-01-17] (GenesysLogic)
S3 huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [246272 2013-06-29] (Huawei Technologies Co., Ltd.)
R3 hwusb_cdcacm; C:\Windows\system32\DRIVERS\ew_cdcacm.sys [121728 2013-10-23] (Huawei Technologies Co., Ltd.)
R3 hwusb_wwanecm; C:\Windows\System32\drivers\ew_wwanecm.sys [376448 2013-11-01] (Huawei Technologies Co., Ltd.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [263952 2015-07-14] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-13] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-13] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-13] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-13] ()
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-09] (Intel Corporation)
S3 mtkmbim; C:\Windows\system32\DRIVERS\mtkmbim7_x64.sys [209920 2012-12-14] (MBB)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3485696 2015-10-30] (Intel Corporation)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 wdf_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [82944 2012-12-13] (MBB)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-27 11:46 - 2016-02-27 11:47 - 00017826 _____ C:\Users\Benedikt\Downloads\FRST.txt
2016-02-27 11:46 - 2016-02-27 11:46 - 02371072 _____ (Farbar) C:\Users\Benedikt\Downloads\FRST64.exe
2016-02-27 11:46 - 2016-02-27 11:46 - 00000000 ____D C:\FRST
2016-02-15 14:18 - 2016-02-15 14:18 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-02-15 14:18 - 2016-02-15 14:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-02-13 14:19 - 2016-02-13 17:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-12 10:43 - 2016-02-12 10:43 - 00022800 _____ C:\Users\Benedikt\Downloads\Grundriss D1 33m2.pdf
2016-02-10 20:50 - 2016-02-10 20:50 - 00361085 _____ C:\Users\Benedikt\Desktop\Gut gegen Nordwind Ticket 2.pdf
2016-02-10 20:49 - 2016-02-10 20:49 - 00361067 _____ C:\Users\Benedikt\Desktop\Gut gegen Nordwind Ticket 1.pdf
2016-02-10 16:34 - 2016-02-10 16:34 - 00263970 _____ C:\Users\Benedikt\Downloads\Folder_Vertragspartner_2015.pdf
2016-02-10 16:00 - 2016-02-10 16:00 - 00340867 _____ C:\Users\Benedikt\Downloads\Informationsbroschuere_Unfall_2015.pdf
2016-02-10 15:15 - 2016-02-10 22:02 - 00000000 ____D C:\Users\Benedikt\Desktop\Laufende Versicherungen
2016-02-10 14:53 - 2016-02-12 21:06 - 00000000 ____D C:\Users\Benedikt\Desktop\Dokumente für die Anstellung in Vorarlberg
2016-02-05 16:03 - 2016-02-05 16:03 - 00000000 ___HD C:\OneDriveTemp
2016-01-28 13:26 - 2016-02-27 11:09 - 00004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{99FC3452-8FE4-4418-8CFE-402BD7A9F452}
2016-01-28 02:20 - 2016-01-28 02:20 - 00717388 _____ C:\WINDOWS\Minidump\012816-6296-01.dmp
2016-01-28 02:20 - 2016-01-28 02:20 - 00000000 ____D C:\WINDOWS\Minidump
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-27 11:09 - 2015-10-30 19:35 - 00784192 _____ C:\WINDOWS\system32\perfh007.dat
2016-02-27 11:09 - 2015-10-30 19:35 - 00158488 _____ C:\WINDOWS\system32\perfc007.dat
2016-02-27 11:09 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-02-27 11:09 - 2015-08-06 15:00 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-27 11:07 - 2015-02-10 15:11 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-02-27 11:05 - 2015-02-01 14:17 - 00000094 _____ C:\Users\Benedikt\AppData\Roaming\sp_data.sys
2016-02-25 00:37 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-23 13:09 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-22 15:16 - 2015-07-18 18:10 - 00000000 ____D C:\Users\Benedikt\AppData\Roaming\Skype
2016-02-21 14:21 - 2016-01-10 22:15 - 00000000 ____D C:\Windows.old
2016-02-15 15:56 - 2015-02-01 14:17 - 00000000 ____D C:\Users\Benedikt\AppData\Local\Packages
2016-02-15 14:18 - 2015-07-18 18:10 - 00000000 ____D C:\Users\Benedikt\AppData\Local\Skype
2016-02-15 14:18 - 2015-07-18 18:09 - 00000000 ____D C:\ProgramData\Skype
2016-02-13 17:18 - 2015-10-12 16:34 - 00000000 ____D C:\ProgramData\tmp
2016-02-13 17:15 - 2015-02-01 14:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-10 00:16 - 2015-03-15 21:29 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-10 00:15 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-02-10 00:15 - 2015-03-15 21:29 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-05 16:03 - 2015-02-01 14:23 - 00000000 __RDO C:\Users\Benedikt\OneDrive
2016-02-05 15:48 - 2015-08-06 16:02 - 00002398 _____ C:\Users\Benedikt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-02-05 14:01 - 2015-02-08 14:10 - 00000000 ____D C:\Users\Benedikt\Documents\Karriere
2016-02-03 20:01 - 2015-10-30 08:26 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-02-03 20:01 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-28 12:57 - 2015-08-07 23:54 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2016-01-28 12:56 - 2016-01-10 22:20 - 00000000 ____D C:\Users\Benedikt
2016-01-28 12:56 - 2016-01-10 22:18 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-01-28 12:56 - 2015-02-01 14:17 - 00000000 __SHD C:\Users\Benedikt\IntelGraphicsProfiles
2016-01-28 02:20 - 2016-01-10 22:25 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-28 02:17 - 2015-05-22 03:24 - 00000000 ____D C:\Users\Benedikt\AppData\Roaming\uTorrent
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-02-01 14:17 - 2016-02-27 11:05 - 0000094 _____ () C:\Users\Benedikt\AppData\Roaming\sp_data.sys
2014-05-15 16:58 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-05-15 16:58 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-05-15 16:58 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
Einige Dateien in TEMP:
====================
C:\Users\Benedikt\AppData\Local\Temp\offer-2D0EB7EB-F90A-434B-B260-C4B0BD2CEF18.exe
C:\Users\Benedikt\AppData\Local\Temp\offer-FFDEF875-9141-4EBF-8559-23AD11C347BC.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-02-10 11:28
==================== Ende von FRST.txt ============================
FRST_Ergebnis Stand-PC Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:24-02-2016
durchgeführt von Ben (Administrator) auf BEN-PC (27-02-2016 12:21:57)
Gestartet von J:\
Geladene Profile: Ben (Verfügbare Profile: Ben)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\loggingserver.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\system\HsMgr64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(CMedia) C:\Program Files\ASUS Xonar D1 Audio\Customapp\AsusAudioCenter.exe
() C:\Program Files\ASUS Xonar D1 Audio\Customapp\MXmon.exe
() C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Akamai Technologies, Inc.) C:\Users\Ben\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Akamai Technologies, Inc.) C:\Users\Ben\AppData\Local\Akamai\netsession_win.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Apple Inc.) C:\Program Files\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11474024 2010-10-05] (Realtek Semiconductor)
HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.cpl,CMICtrlWnd
HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-05-05] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [281088 2008-05-05] ()
HKLM\...\Run: [IntelliType Pro] => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1464944 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2076272 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [3521424 2012-05-04] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313248 2012-07-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2662424 2014-10-06] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [54520 2015-10-22] (Panda Security, S.L.)
HKLM\...\Winlogon: [Userinit] C:\Windows\SysWOW64\userinit.exe,
HKU\S-1-5-21-2716085258-967733617-559326010-1000\...\Run: [Google Update] => C:\Users\Ben\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-07] (Google Inc.)
HKU\S-1-5-21-2716085258-967733617-559326010-1000\...\Run: [KiesHelper] => C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe [955792 2012-05-04] (Samsung)
HKU\S-1-5-21-2716085258-967733617-559326010-1000\...\Run: [KiesPDLR] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21392 2012-05-04] ()
HKU\S-1-5-21-2716085258-967733617-559326010-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-03-08] (AMD)
HKU\S-1-5-21-2716085258-967733617-559326010-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Ben\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2716085258-967733617-559326010-1000\...\Run: [GalaxyClient] => C:\Games\GalaxyClient\GalaxyClient.exe /launchViaAutoStart
HKU\S-1-5-21-2716085258-967733617-559326010-1000\...\Run: [Dropbox Update] => C:\Users\Ben\AppData\Local\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-23] (Dropbox, Inc.)
HKU\S-1-5-21-2716085258-967733617-559326010-1000\...\MountPoints2: {cecf4499-ad7e-11e1-bf40-002215ab262a} - J:\Startme.exe
HKU\S-1-5-21-2716085258-967733617-559326010-1000\...\MountPoints2: {d37daeaf-dc5f-11e0-bd44-806e6f6e6963} - D:\AutoRun.exe
HKU\S-1-5-21-2716085258-967733617-559326010-1000\...\MountPoints2: {f72e12aa-59f8-11e3-b7eb-002215ab262a} - J:\Autorun.exe
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ben\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ben\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ben\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ben\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ben\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ben\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ben\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2013-07-02]
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()
Startup: C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2013-05-09]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicyScripts-x32: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
ProxyEnable: [.DEFAULT] => Proxy ist aktiviert.
ProxyServer: [.DEFAULT] => http=127.0.0.1:50456;https=127.0.0.1:50456
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{B1746085-C6EF-47B6-85F2-DE84A3ED9E92}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp&ts=1415545959&from=amt&uid=WDCXWD20EARX-00PASB0_WD-WCAZA847027570275
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp&ts=1415545959&from=amt&uid=WDCXWD20EARX-00PASB0_WD-WCAZA847027570275
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1415545959&from=amt&uid=WDCXWD20EARX-00PASB0_WD-WCAZA847027570275&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1415545959&from=amt&uid=WDCXWD20EARX-00PASB0_WD-WCAZA847027570275&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1415545959&from=amt&uid=WDCXWD20EARX-00PASB0_WD-WCAZA847027570275
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1415545959&from=amt&uid=WDCXWD20EARX-00PASB0_WD-WCAZA847027570275
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1415545959&from=amt&uid=WDCXWD20EARX-00PASB0_WD-WCAZA847027570275&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1415545959&from=amt&uid=WDCXWD20EARX-00PASB0_WD-WCAZA847027570275&q={searchTerms}
HKU\S-1-5-21-2716085258-967733617-559326010-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp&ts=1415545959&from=amt&uid=WDCXWD20EARX-00PASB0_WD-WCAZA847027570275
HKU\S-1-5-21-2716085258-967733617-559326010-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1415545959&from=amt&uid=WDCXWD20EARX-00PASB0_WD-WCAZA847027570275
URLSearchHook: HKU\S-1-5-21-2716085258-967733617-559326010-1000 - (Kein Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - Keine Datei
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1415545959&from=amt&uid=WDCXWD20EARX-00PASB0_WD-WCAZA847027570275&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1415545959&from=amt&uid=WDCXWD20EARX-00PASB0_WD-WCAZA847027570275&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1415545959&from=amt&uid=WDCXWD20EARX-00PASB0_WD-WCAZA847027570275&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1415545959&from=amt&uid=WDCXWD20EARX-00PASB0_WD-WCAZA847027570275&q={searchTerms}
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3279141&CUI=UN45848927823476813
SearchScopes: HKU\S-1-5-21-2716085258-967733617-559326010-1000 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3279141&CUI=UN45848927823476813
SearchScopes: HKU\S-1-5-21-2716085258-967733617-559326010-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1415545959&from=amt&uid=WDCXWD20EARX-00PASB0_WD-WCAZA847027570275&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2716085258-967733617-559326010-1000 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3279141&CUI=UN45848927823476813
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\3.2.0\ViProtocol.dll [2014-08-30] (AVG Secure Search)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.mystartsearch.com/?type=sc&ts=1415545959&from=amt&uid=WDCXWD20EARX-00PASB0_WD-WCAZA847027570275
FireFox:
========
FF ProfilePath: C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\hq510na4.default-1415547060606
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\3.2.0\\npsitesafety.dll [Keine Datei]
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @esn/esnlaunch,version=1.116.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll [Keine Datei]
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll [Keine Datei]
FF Plugin-x32: @gametap.com/npdd,version=1.0 -> C:\Program Files (x86)\Downloader\npdd.dll [2010-02-19] (Metaboli)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-04-04] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2716085258-967733617-559326010-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Ben\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2716085258-967733617-559326010-1000: @talk.google.com/O1DPlugin -> C:\Users\Ben\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2716085258-967733617-559326010-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Ben\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-2716085258-967733617-559326010-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Ben\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-2716085258-967733617-559326010-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Ben\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-06] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2716085258-967733617-559326010-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-12-04] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-02-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Ben\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Ben\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mystartsearch.xml [2014-11-09]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2014-10-06]
FF Extension: Image Search Options - C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\hq510na4.default-1415547060606\extensions\{4a313247-8330-4a81-948e-b79936516f78}.xpi [2015-09-09]
FF Extension: British English Dictionary - C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\hq510na4.default-1415547060606\Extensions\en-GB@dictionaries.addons.mozilla.org [2015-12-20] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\hq510na4.default-1415547060606\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-23]
FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2016-02-12] [ist nicht signiert]
FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2016-02-12] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-02-21] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\z8cixtga.default\extensions\faststartff@gmail.com => nicht gefunden
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => nicht gefunden
Chrome:
=======
CHR Profile: C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-24]
CHR Extension: (Google Search) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-24]
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2012-10-12]
CHR Extension: (Virtual Keyboard) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2012-10-12]
CHR Extension: (uTorrentBar_DE) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc [2012-10-12] [UpdateUrl: hxxp://autoupdate.chromewebtb.conduit-services.com/?productId=CT2851647&extensionData=<extension_data>] <==== ACHTUNG
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2012-10-12]
CHR Extension: (WhiteSmoke B) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\oelbclnhkbhlhikfmpmbakbgeonbjjnp [2013-08-24] [UpdateUrl: hxxp://autoupdate.chromewebtb.conduit-services.com/sb/?productId=CT3279141&extensionData=\u003Cextension_data\u003E] <==== ACHTUNG
CHR Extension: (Gmail) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-24]
CHR Extension: (Anti-Banner) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2012-10-12]
CHR HKU\S-1-5-21-2716085258-967733617-559326010-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Ben\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx [2012-10-23]
CHR HKU\S-1-5-21-2716085258-967733617-559326010-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [oelbclnhkbhlhikfmpmbakbgeonbjjnp] - C:\Users\Ben\AppData\Local\CRE\oelbclnhkbhlhikfmpmbakbgeonbjjnp.crx [2013-02-14]
CHR HKLM-x32\...\Chrome\Extension: [leocdeigfnkaojcapikdjcdbedcjmffc] - C:\Users\Ben\AppData\Local\Temp\crxC62F.tmp <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKLM-x32\...\Chrome\Extension: [oelbclnhkbhlhikfmpmbakbgeonbjjnp] - C:\Users\Ben\AppData\Local\CRE\oelbclnhkbhlhikfmpmbakbgeonbjjnp.crx [2013-02-14]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeActiveFileMonitor12.0; C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-25] (Adobe Systems Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7220792 2016-01-29] (GOG.com)
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [164864 2012-05-02] (HP) [Datei ist nicht signiert]
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142072 2015-10-18] (Panda Security, S.L.)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [Datei ist nicht signiert]
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [73464 2015-10-28] (Panda Security, S.L.)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [Datei ist nicht signiert]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-11-23] ()
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-10-22] (Panda Security, S.L.)
R2 vToolbarUpdater3.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe [1843736 2014-08-30] (AVG Secure Search)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 GalaxyClientService; "C:\Games\GalaxyClient\GalaxyClientService.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [312480 2012-04-02] ()
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-30] (AVG Technologies)
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [1358336 2008-06-23] (C-Media Inc)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [270912 2011-10-22] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 FFUsbAudio; C:\Windows\System32\DRIVERS\ffusbaudio.sys [53080 2011-10-31] (Focusrite Audio Engineering Ltd.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43168 2012-04-02] ()
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [94456 2015-07-09] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [201976 2015-07-09] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [110840 2015-07-09] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [110840 2015-07-09] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [57648 2015-05-20] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [103160 2015-07-09] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [73464 2015-08-31] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [124152 2015-07-09] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [300280 2015-07-09] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [170232 2015-07-09] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [113400 2015-07-09] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [257784 2015-07-09] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [106232 2015-07-09] (Panda Security, S.L.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [164088 2015-07-19] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121592 2015-07-19] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [197880 2015-07-19] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [124152 2015-07-19] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [134392 2015-07-19] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107768 2015-07-19] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [61712 2015-05-22] (Panda Security, S.L.)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation)
S2 SVKP; C:\Windows\SysWOW64\SVKP.sys [2368 2012-07-13] (AntiCracking) [Datei ist nicht signiert]
R3 synusb64; C:\Windows\System32\DRIVERS\synusb64.sys [30352 2011-12-14] (Steinberg Media Technologies GmbH)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [52736 2012-07-09] (Apple, Inc.) [Datei ist nicht signiert]
U4 secdrv; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-27 12:21 - 2016-02-27 12:21 - 00000000 ____D C:\FRST
2016-02-27 10:37 - 2016-02-27 10:37 - 00000000 ____D C:\Users\Ben\Documents\Bands
2016-02-27 10:28 - 2016-02-27 10:28 - 00000000 ____D C:\Users\Ben\Documents\Versicherungen
2016-02-26 20:43 - 2016-02-26 20:44 - 00000000 ____D C:\Windows\LastGood
2016-02-25 00:39 - 2016-02-25 00:50 - 00000000 ____D C:\Users\Ben\Downloads\IBM SPSS Statistics v23 x64
2016-02-23 23:13 - 2016-02-24 01:03 - 00000000 ____D C:\Users\Ben\Downloads\Top Gun (Deluxe Edition) 2005 [Music From & Inspired By The Motion Picture] 2014 MP3
2016-02-23 23:12 - 2016-02-24 01:12 - 00000000 ____D C:\Users\Ben\Downloads\Jerry Lee Lewis - The Definitive Collection (2005) [320] vtwin88cube
2016-02-22 13:45 - 2016-02-22 13:54 - 00000000 ____D C:\ProgramData\firebird
2016-02-22 13:44 - 2016-02-22 13:44 - 79336865 _____ (Fairware24 ) C:\Users\Ben\Downloads\tarifrechnersetupoesterreich.exe
2016-02-22 13:44 - 2016-02-22 13:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Janitos
2016-02-22 13:44 - 2016-02-22 13:44 - 00000000 ____D C:\ProgramData\JanitosTarifrechner
2016-02-22 13:44 - 2016-02-22 13:44 - 00000000 ____D C:\Program Files (x86)\Fairware24
2016-02-20 15:17 - 2016-02-20 15:17 - 00000000 ____D C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-02-18 20:26 - 2016-02-22 14:08 - 00013881 _____ C:\Users\Ben\Desktop\Finanzübersicht.xlsx
2016-02-12 11:31 - 2016-02-18 17:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-10 11:07 - 2016-02-06 11:48 - 25839104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-10 11:07 - 2016-02-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-02-10 11:07 - 2016-02-06 11:24 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-10 11:07 - 2016-02-06 11:11 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-02-10 11:07 - 2016-02-06 11:10 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-02-10 11:07 - 2016-02-06 11:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-02-10 11:07 - 2016-02-06 10:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-02-10 11:07 - 2016-02-06 10:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-02-10 11:07 - 2016-02-06 10:38 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-02-10 11:07 - 2016-02-06 10:37 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-02-10 11:07 - 2016-02-06 10:32 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-10 11:07 - 2016-02-06 10:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-02-10 11:07 - 2016-02-06 10:09 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-10 11:07 - 2016-02-06 09:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-02-10 11:07 - 2016-01-22 21:31 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-02-10 11:07 - 2016-01-22 21:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-02-10 11:07 - 2016-01-22 07:56 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-02-10 11:07 - 2016-01-22 07:41 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-02-10 11:07 - 2016-01-22 07:40 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-10 11:07 - 2016-01-22 07:40 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-02-10 11:07 - 2016-01-22 07:40 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-02-10 11:07 - 2016-01-22 07:40 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-02-10 11:07 - 2016-01-22 07:33 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-02-10 11:07 - 2016-01-22 07:32 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-02-10 11:07 - 2016-01-22 07:29 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-10 11:07 - 2016-01-22 07:27 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-10 11:07 - 2016-01-22 07:27 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-02-10 11:07 - 2016-01-22 07:27 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-02-10 11:07 - 2016-01-22 07:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-10 11:07 - 2016-01-22 07:17 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-02-10 11:07 - 2016-01-22 07:09 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-10 11:07 - 2016-01-22 07:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-02-10 11:07 - 2016-01-22 07:05 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-02-10 11:07 - 2016-01-22 07:04 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-02-10 11:07 - 2016-01-22 07:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-02-10 11:07 - 2016-01-22 07:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-02-10 11:07 - 2016-01-22 07:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-02-10 11:07 - 2016-01-22 07:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-02-10 11:07 - 2016-01-22 07:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-02-10 11:07 - 2016-01-22 07:00 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-02-10 11:07 - 2016-01-22 07:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-02-10 11:07 - 2016-01-22 06:55 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-02-10 11:07 - 2016-01-22 06:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-02-10 11:07 - 2016-01-22 06:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-02-10 11:07 - 2016-01-22 06:51 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-02-10 11:07 - 2016-01-22 06:50 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-02-10 11:07 - 2016-01-22 06:48 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-02-10 11:07 - 2016-01-22 06:47 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-10 11:07 - 2016-01-22 06:46 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-10 11:07 - 2016-01-22 06:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-02-10 11:07 - 2016-01-22 06:43 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-02-10 11:07 - 2016-01-22 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-02-10 11:07 - 2016-01-22 06:38 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-02-10 11:07 - 2016-01-22 06:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-02-10 11:07 - 2016-01-22 06:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-02-10 11:07 - 2016-01-22 06:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-02-10 11:07 - 2016-01-22 06:34 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-02-10 11:07 - 2016-01-22 06:33 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-02-10 11:07 - 2016-01-22 06:31 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-10 11:07 - 2016-01-22 06:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-02-10 11:07 - 2016-01-22 06:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-02-10 11:07 - 2016-01-22 06:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-02-10 11:07 - 2016-01-22 06:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-02-10 11:07 - 2016-01-22 06:08 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-02-10 11:07 - 2016-01-22 06:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-02-10 11:07 - 2016-01-22 06:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-02-10 11:07 - 2016-01-16 20:06 - 00025024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-02-10 11:07 - 2016-01-16 19:54 - 01162240 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-02-10 11:07 - 2016-01-11 15:08 - 01362944 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-02-10 11:07 - 2016-01-11 15:08 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-02-10 11:07 - 2016-01-11 15:08 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-02-10 11:07 - 2016-01-11 15:08 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-02-10 11:07 - 2016-01-11 15:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-02-10 11:07 - 2016-01-06 20:02 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-02-10 11:07 - 2016-01-06 20:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-02-10 11:07 - 2016-01-06 19:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-02-10 11:06 - 2016-01-22 07:27 - 05573056 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-10 11:06 - 2016-01-22 07:27 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-02-10 11:06 - 2016-01-22 07:27 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-02-10 11:06 - 2016-01-22 07:24 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-10 11:06 - 2016-01-22 07:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-02-10 11:06 - 2016-01-22 07:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-02-10 11:06 - 2016-01-22 07:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-02-10 11:06 - 2016-01-22 07:20 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-02-10 11:06 - 2016-01-22 07:20 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-02-10 11:06 - 2016-01-22 07:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-02-10 11:06 - 2016-01-22 07:20 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-02-10 11:06 - 2016-01-22 07:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-02-10 11:06 - 2016-01-22 07:20 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-02-10 11:06 - 2016-01-22 07:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-02-10 11:06 - 2016-01-22 07:19 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-02-10 11:06 - 2016-01-22 07:19 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-02-10 11:06 - 2016-01-22 07:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-02-10 11:06 - 2016-01-22 07:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-02-10 11:06 - 2016-01-22 07:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-10 11:06 - 2016-01-22 07:18 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-02-10 11:06 - 2016-01-22 07:17 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-10 11:06 - 2016-01-22 07:17 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-02-10 11:06 - 2016-01-22 07:17 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-10 11:06 - 2016-01-22 07:16 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-10 11:06 - 2016-01-22 07:15 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-02-10 11:06 - 2016-01-22 07:15 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-10 11:06 - 2016-01-22 07:15 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-10 11:06 - 2016-01-22 07:13 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-02-10 11:06 - 2016-01-22 07:13 - 03938752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-02-10 11:06 - 2016-01-22 07:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-02-10 11:06 - 2016-01-22 07:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-02-10 11:06 - 2016-01-22 07:13 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-02-10 11:06 - 2016-01-22 07:12 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-02-10 11:06 - 2016-01-22 07:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 07:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 07:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 07:09 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-02-10 11:06 - 2016-01-22 07:06 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-02-10 11:06 - 2016-01-22 07:06 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-02-10 11:06 - 2016-01-22 07:06 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-02-10 11:06 - 2016-01-22 07:06 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-02-10 11:06 - 2016-01-22 07:06 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-02-10 11:06 - 2016-01-22 07:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-02-10 11:06 - 2016-01-22 07:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-02-10 11:06 - 2016-01-22 07:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-02-10 11:06 - 2016-01-22 07:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-02-10 11:06 - 2016-01-22 07:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-02-10 11:06 - 2016-01-22 07:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-02-10 11:06 - 2016-01-22 07:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-02-10 11:06 - 2016-01-22 07:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-02-10 11:06 - 2016-01-22 07:02 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-02-10 11:06 - 2016-01-22 07:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-02-10 11:06 - 2016-01-22 07:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-02-10 11:06 - 2016-01-22 07:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-02-10 11:06 - 2016-01-22 06:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-02-10 11:06 - 2016-01-22 06:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-02-10 11:06 - 2016-01-22 06:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 06:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 11:06 - 2016-01-22 06:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-02-10 11:06 - 2016-01-22 06:07 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-02-10 11:06 - 2016-01-22 06:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-02-10 11:06 - 2016-01-22 06:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-02-10 11:06 - 2016-01-22 05:59 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-02-10 11:06 - 2016-01-22 05:58 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-02-10 11:06 - 2016-01-22 05:58 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-02-10 11:06 - 2016-01-22 05:57 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-02-10 11:06 - 2016-01-22 05:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-02-10 11:06 - 2016-01-22 05:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-02-10 11:06 - 2016-01-22 05:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-02-10 11:06 - 2016-01-16 20:01 - 02085888 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-02-10 11:06 - 2016-01-16 19:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-02-10 11:06 - 2016-01-11 20:05 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-02-10 11:06 - 2016-01-11 20:05 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-02-10 11:06 - 2016-01-11 20:05 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-02-10 11:06 - 2016-01-11 19:52 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-02-10 11:06 - 2016-01-11 19:47 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-02-10 11:06 - 2016-01-11 19:26 - 02610176 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-02-10 11:06 - 2016-01-11 19:24 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-02-10 11:06 - 2016-01-11 19:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-02-10 11:06 - 2016-01-11 19:23 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-02-10 11:06 - 2016-01-11 19:23 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-02-10 11:06 - 2016-01-11 19:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-02-10 11:06 - 2016-01-11 19:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-02-10 11:06 - 2016-01-11 19:14 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-02-10 11:06 - 2016-01-11 19:14 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-02-10 11:06 - 2016-01-11 19:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-02-10 11:06 - 2016-01-11 19:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-02-10 11:06 - 2016-01-07 18:53 - 03211776 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-10 11:06 - 2016-01-07 18:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-10 11:05 - 2016-01-22 07:19 - 14179840 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-02-10 11:05 - 2016-01-22 07:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-02-10 11:05 - 2016-01-22 07:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-02-10 11:05 - 2016-01-22 07:15 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-02-10 11:05 - 2016-01-22 07:12 - 01940992 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-02-10 11:05 - 2016-01-22 07:12 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-02-10 11:05 - 2016-01-22 07:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-02-10 11:05 - 2016-01-22 07:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 11:05 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 11:05 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-10 11:05 - 2016-01-22 07:05 - 12877824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-02-10 11:05 - 2016-01-22 07:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-02-10 11:05 - 2016-01-22 07:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-02-10 11:05 - 2016-01-22 07:00 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-02-10 11:05 - 2016-01-22 06:59 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-02-10 11:05 - 2016-01-22 06:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-02-10 11:05 - 2016-01-22 06:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-02-10 11:05 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 11:05 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-02-10 11:05 - 2016-01-22 06:19 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-02-10 11:05 - 2016-01-22 06:12 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-02-10 11:05 - 2016-01-22 05:53 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-02-10 11:05 - 2016-01-22 05:53 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-02-10 11:05 - 2016-01-22 05:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-02-10 11:05 - 2016-01-22 05:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-02-10 11:05 - 2016-01-22 05:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 11:05 - 2016-01-22 05:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 11:05 - 2016-01-22 05:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-02-09 18:40 - 2015-05-22 09:45 - 00061712 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2016-02-05 16:02 - 2016-02-05 16:02 - 00056831 _____ C:\Users\Ben\Desktop\A-Trust Signaturvertrag 1287349.pdf
2016-01-30 15:55 - 2016-01-30 15:55 - 00000000 ____D C:\Users\Ben\AppData\Roaming\Watch Dogs
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-27 12:18 - 2015-10-23 12:13 - 00001216 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2716085258-967733617-559326010-1000UA.job
2016-02-27 11:50 - 2012-09-17 10:30 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-27 11:44 - 2011-11-11 14:32 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2716085258-967733617-559326010-1000UA.job
2016-02-27 11:43 - 2012-05-10 19:55 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-27 11:04 - 2011-10-21 13:02 - 00000000 ____D C:\Users\Ben\Documents\Jobs
2016-02-27 11:03 - 2014-07-16 19:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
2016-02-27 11:03 - 2012-05-22 15:42 - 00000000 ____D C:\Games
2016-02-27 11:01 - 2014-10-30 22:05 - 00000000 ____D C:\ProgramData\Package Cache
2016-02-27 10:39 - 2016-01-21 23:25 - 00000000 ____D C:\Users\Ben\AppData\Local\TechSmith
2016-02-27 10:39 - 2016-01-21 23:24 - 00000000 ____D C:\ProgramData\TechSmith
2016-02-27 10:37 - 2012-04-18 15:10 - 00000000 ____D C:\Users\Ben\Documents\Steinberg
2016-02-27 10:36 - 2013-05-15 19:37 - 00000000 ____D C:\Users\Ben\Documents\EndNote
2016-02-27 10:36 - 2012-10-21 20:04 - 00000000 ____D C:\Users\Ben\Documents\Finale-Dateien
2016-02-27 10:35 - 2011-11-24 20:43 - 00000000 ____D C:\Users\Ben\Desktop\My Games
2016-02-27 10:32 - 2016-01-22 10:01 - 00000000 ____D C:\Users\Ben\AppData\Local\CrashDumps
2016-02-27 10:08 - 2011-09-25 21:10 - 00000000 ____D C:\Users\Ben\AppData\Local\Adobe
2016-02-26 20:51 - 2009-07-14 05:45 - 00029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-26 20:51 - 2009-07-14 05:45 - 00029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-26 20:44 - 2012-05-10 19:55 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-26 20:43 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-25 00:53 - 2011-10-13 15:07 - 00000000 ____D C:\Users\Ben\AppData\Roaming\uTorrent
2016-02-25 00:40 - 2015-07-21 21:27 - 00000000 ____D C:\Users\Ben\Desktop\Lenny
2016-02-24 16:01 - 2011-10-01 17:12 - 00000000 ____D C:\Users\Ben\AppData\Roaming\vlc
2016-02-24 14:10 - 2015-10-23 12:13 - 00001164 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2716085258-967733617-559326010-1000Core.job
2016-02-24 12:43 - 2011-11-11 14:32 - 00001060 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2716085258-967733617-559326010-1000Core.job
2016-02-21 18:11 - 2012-10-31 10:50 - 00000000 ____D C:\Users\Ben\AppData\Roaming\Skype
2016-02-20 15:17 - 2011-10-30 12:12 - 00000000 ____D C:\Users\Ben\AppData\Roaming\Dropbox
2016-02-19 21:54 - 2012-10-12 22:29 - 00002204 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-19 21:54 - 2011-11-11 14:33 - 00002377 _____ C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-18 18:29 - 2011-09-11 13:45 - 00000000 ____D C:\Users\Ben\AppData\Local\Microsoft Help
2016-02-18 17:05 - 2012-04-25 13:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-16 16:51 - 2011-04-12 08:43 - 00699432 _____ C:\Windows\system32\perfh007.dat
2016-02-16 16:51 - 2011-04-12 08:43 - 00149572 _____ C:\Windows\system32\perfc007.dat
2016-02-16 16:51 - 2009-07-14 06:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-16 16:51 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-02-12 22:45 - 2011-09-18 11:26 - 00000000 ____D C:\Users\Ben\AppData\Roaming\TS3Client
2016-02-11 19:49 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-02-10 20:50 - 2012-09-17 10:30 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-10 20:50 - 2012-09-17 10:30 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-02-10 20:50 - 2011-09-11 12:53 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-10 20:21 - 2015-10-12 21:31 - 00003568 _____ C:\Windows\System32\Tasks\TinyTakeUpgrade
2016-02-10 20:14 - 2009-07-14 05:45 - 00503416 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-10 20:11 - 2014-12-10 23:00 - 00000000 ____D C:\Windows\system32\appraiser
2016-02-10 20:11 - 2014-05-06 22:48 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-02-10 20:11 - 2011-04-12 08:55 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 16:14 - 2013-08-16 02:01 - 00000000 ____D C:\Windows\system32\MRT
2016-02-10 16:06 - 2011-09-12 18:52 - 146614896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-09 23:05 - 2011-10-30 12:48 - 00000000 ___RD C:\Users\Ben\Dropbox
2016-02-02 12:38 - 2012-05-10 19:55 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-02 12:38 - 2012-05-10 19:55 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-02 12:38 - 2011-11-11 14:32 - 00004078 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2716085258-967733617-559326010-1000UA
2016-02-02 12:38 - 2011-11-11 14:32 - 00003682 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2716085258-967733617-559326010-1000Core
2016-01-30 22:21 - 2014-07-31 16:44 - 00000000 ____D C:\ProgramData\Orbit
2016-01-30 15:55 - 2016-01-15 17:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2016-01-29 11:07 - 2015-05-21 12:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2016-01-28 23:32 - 2012-10-12 22:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2012-05-10 22:15 - 2015-10-12 21:26 - 0011264 _____ () C:\Users\Ben\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2008-02-05 12:28 - 2008-02-05 12:28 - 0000051 _____ () C:\Users\Ben\AppData\Local\setup.txt
2011-10-26 19:37 - 2011-10-26 19:37 - 0017408 _____ () C:\Users\Ben\AppData\Local\WebpageIcons.db
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Ben\PhotoshopElements_12_LS25.exe
C:\Users\Ben\PremiereElements_12_LS26_win64.exe
Einige Dateien in TEMP:
====================
C:\Users\Ben\AppData\Local\Temp\12-10_vista_win7_win8_64_dd_ccc_whql_net4.exe
C:\Users\Ben\AppData\Local\Temp\12-1_vista_win7_64_dd_ccc.exe
C:\Users\Ben\AppData\Local\Temp\41nohh3x344.jpg.exe
C:\Users\Ben\AppData\Local\Temp\7za.exe
C:\Users\Ben\AppData\Local\Temp\aacdec.exe
C:\Users\Ben\AppData\Local\Temp\ABP_InstallChecker.exe
C:\Users\Ben\AppData\Local\Temp\ABP_TB0001.exe
C:\Users\Ben\AppData\Local\Temp\Bass.dll
C:\Users\Ben\AppData\Local\Temp\Bass.Net.dll
C:\Users\Ben\AppData\Local\Temp\binkw32.dll
C:\Users\Ben\AppData\Local\Temp\bundlesweetimsetup.exe
C:\Users\Ben\AppData\Local\Temp\CH.dll
C:\Users\Ben\AppData\Local\Temp\CNC4LauncherUpdate.exe
C:\Users\Ben\AppData\Local\Temp\d2l_Install.exe
C:\Users\Ben\AppData\Local\Temp\DownloadSetup_94Zvk.exe
C:\Users\Ben\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Ben\AppData\Local\Temp\drm_dyndata_7270014.dll
C:\Users\Ben\AppData\Local\Temp\drm_dyndata_7330014.dll
C:\Users\Ben\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgeeud6.dll
C:\Users\Ben\AppData\Local\Temp\DWPUpgradeInstaller.exe
C:\Users\Ben\AppData\Local\Temp\EBU1768.exe
C:\Users\Ben\AppData\Local\Temp\EBU1FC2.DLL
C:\Users\Ben\AppData\Local\Temp\ESET-activation.exe
C:\Users\Ben\AppData\Local\Temp\installerdll1074534.dll
C:\Users\Ben\AppData\Local\Temp\installerdll1333761.dll
C:\Users\Ben\AppData\Local\Temp\installerdll1656777.dll
C:\Users\Ben\AppData\Local\Temp\installerdll708150.dll
C:\Users\Ben\AppData\Local\Temp\installerdll718790.dll
C:\Users\Ben\AppData\Local\Temp\installerdll9768720.dll
C:\Users\Ben\AppData\Local\Temp\installerdll9778891.dll
C:\Users\Ben\AppData\Local\Temp\iw5sp.exe
C:\Users\Ben\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Ben\AppData\Local\Temp\Offer100.exe
C:\Users\Ben\AppData\Local\Temp\ose00000.exe
C:\Users\Ben\AppData\Local\Temp\pixsetup.exe
C:\Users\Ben\AppData\Local\Temp\readSTILog.dll
C:\Users\Ben\AppData\Local\Temp\Risweb32.exe
C:\Users\Ben\AppData\Local\Temp\rootsupd.exe
C:\Users\Ben\AppData\Local\Temp\rundll32.exe
C:\Users\Ben\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Ben\AppData\Local\Temp\Setup.exe
C:\Users\Ben\AppData\Local\Temp\sonarinst.exe
C:\Users\Ben\AppData\Local\Temp\tmp2C13.exe
C:\Users\Ben\AppData\Local\Temp\tmp3217.exe
C:\Users\Ben\AppData\Local\Temp\tmp7E05.exe
C:\Users\Ben\AppData\Local\Temp\tmp8F24.exe
C:\Users\Ben\AppData\Local\Temp\tmpB71E.exe
C:\Users\Ben\AppData\Local\Temp\tmpDA57.exe
C:\Users\Ben\AppData\Local\Temp\tmpDD24.exe
C:\Users\Ben\AppData\Local\Temp\Tsu-0DA4.dll
C:\Users\Ben\AppData\Local\Temp\Tsu4F6041C1.dll
C:\Users\Ben\AppData\Local\Temp\ubiFA46.tmp.exe
C:\Users\Ben\AppData\Local\Temp\unrar.dll
C:\Users\Ben\AppData\Local\Temp\utils.dll
C:\Users\Ben\AppData\Local\Temp\utt9DB2.tmp.exe
C:\Users\Ben\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Ben\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Ben\AppData\Local\Temp\vlc-2.0.2-win32.exe
C:\Users\Ben\AppData\Local\Temp\vlc-2.0.5-win32.exe
C:\Users\Ben\AppData\Local\Temp\vlc-2.1.1-win32.exe
C:\Users\Ben\AppData\Local\Temp\vlc-2.1.5-win32.exe
C:\Users\Ben\AppData\Local\Temp\WindowsInstaller-KB893803-v2-x86.exe
C:\Users\Ben\AppData\Local\Temp\YontooSetup-S.exe
C:\Users\Ben\AppData\Local\Temp\_is737E.exe
C:\Users\Ben\AppData\Local\Temp\_isB6F0.exe
C:\Users\Ben\AppData\Local\Temp\_isFE2C.exe
C:\Users\Ben\AppData\Local\Temp\{A6F12165-3DEB-4252-AD1C-B55F3D795187}.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-02-18 19:10
==================== Ende von FRST.txt ============================ Panda-Logfile Stand-PC Code:
timestamp,job Id,profile,date,job type,task type,file (path),pid,result
57543261, 7670, 1, Sat Feb 27 12:41:49 2016, Analysis request, ON ACCESS, C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\FLV Player FLV Player.lnk, 3752
57543261, 7670, 1, Sat Feb 27 12:41:49 2016, Analysis result, ON ACCESS, C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\FLV Player FLV Player.lnk, 3752, OFFLINE, 24-02-2016 14:38,,, -, -, -, -, -, 0, -
57543324, 7671, 1, Sat Feb 27 12:41:49 2016, Analysis request, ON ACCESS, C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\FLV Player Uninstall FLV Player.lnk, 3752
57543324, 7671, 1, Sat Feb 27 12:41:49 2016, Analysis result, ON ACCESS, C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\FLV Player Uninstall FLV Player.lnk, 3752, OFFLINE, 24-02-2016 14:38,,, -, -, -, -, -, 0, -
57543480, 7672, 1, Sat Feb 27 12:41:49 2016, Analysis request, ON ACCESS, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus\Panda Free Antivirus.lnk, 3752
57543480, 7672, 1, Sat Feb 27 12:41:49 2016, Analysis result, ON ACCESS, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus\Panda Free Antivirus.lnk, 3752, OFFLINE, 24-02-2016 14:38,,, -, -, -, -, -, 0, -
57543511, 7673, 1, Sat Feb 27 12:41:49 2016, Analysis request, ON ACCESS, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Focusrite\USB Audio & MIDI Driver\Audio Control Panel.lnk, 3752
57543511, 7673, 1, Sat Feb 27 12:41:49 2016, Analysis result, ON ACCESS, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Focusrite\USB Audio & MIDI Driver\Audio Control Panel.lnk, 3752, OFFLINE, 24-02-2016 14:38,,, -, -, -, -, -, 0, -
57544276, 7674, 1, Sat Feb 27 12:41:50 2016, Analysis request, ON ACCESS EXE, C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDMH64.dll, 7080
57544276, 7674, 1, Sat Feb 27 12:41:50 2016, Analysis result, ON ACCESS EXE, C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDMH64.dll, 7080, OFFLINE, 24-02-2016 14:38,, A49748E70AF82131C256C40BDF8F538D, 10, 1, -, 0, 0, 0, -
57544307, 7675, 1, Sat Feb 27 12:41:50 2016, Analysis request, ON ACCESS, C:\Program Files (x86)\Panda Security\Panda Security Protection\rtl120.bpl, 4540
57544307, 7675, 1, Sat Feb 27 12:41:50 2016, Analysis result, ON ACCESS, C:\Program Files (x86)\Panda Security\Panda Security Protection\rtl120.bpl, 4540, OFFLINE, 24-02-2016 14:38,,, -, -, -, -, -, 0, -
57544307, 7676, 1, Sat Feb 27 12:41:50 2016, Analysis request, ON ACCESS, C:\Program Files (x86)\Panda Security\Panda Security Protection\vcl120.bpl, 4540
57544307, 7676, 1, Sat Feb 27 12:41:50 2016, Analysis result, ON ACCESS, C:\Program Files (x86)\Panda Security\Panda Security Protection\vcl120.bpl, 4540, OFFLINE, 24-02-2016 14:38,,, -, -, -, -, -, 0, -
57544307, 7677, 1, Sat Feb 27 12:41:50 2016, Analysis request, ON ACCESS, C:\Windows\SysWOW64\winspool.drv, 4540
57544307, 7677, 1, Sat Feb 27 12:41:50 2016, Analysis result, ON ACCESS, C:\Windows\SysWOW64\winspool.drv, 4540, OFFLINE, 24-02-2016 14:38,,, -, -, -, -, -, 0, -
57544307, 7678, 1, Sat Feb 27 12:41:50 2016, Analysis request, ON ACCESS, C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUACtrls.bpl, 4540
57544307, 7678, 1, Sat Feb 27 12:41:50 2016, Analysis result, ON ACCESS, C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUACtrls.bpl, 4540, OFFLINE, 24-02-2016 14:38,,, -, -, -, -, -, 0, -
57544307, 7679, 1, Sat Feb 27 12:41:50 2016, Analysis request, ON ACCESS, C:\Program Files (x86)\Panda Security\Panda Security Protection\bcbie120.bpl, 4540
57544307, 7679, 1, Sat Feb 27 12:41:50 2016, Analysis result, ON ACCESS, C:\Program Files (x86)\Panda Security\Panda Security Protection\bcbie120.bpl, 4540, OFFLINE, 24-02-2016 14:38,,, -, -, -, -, -, 0, -
57544322, 7680, 1, Sat Feb 27 12:41:50 2016, Analysis request, ON ACCESS EXE, C:\Windows\System32\NlsData001a.dll, 4164
57544447, 7680, 1, Sat Feb 27 12:41:50 2016, Analysis result, ON ACCESS EXE, C:\Windows\System32\NlsData001a.dll, 4164, OFFLINE, 24-02-2016 14:38,,, -, -, -, 30, -, -, -
57544572, 7681, 1, Sat Feb 27 12:41:50 2016, Analysis request, ON ACCESS EXE, C:\Windows\System32\NlsLexicons001a.dll, 4164
57544619, 7681, 1, Sat Feb 27 12:41:50 2016, Analysis result, ON ACCESS EXE, C:\Windows\System32\NlsLexicons001a.dll, 4164, OFFLINE, 24-02-2016 14:38,,, -, -, -, 30, -, -, -
57550890, 7685, 1, Sat Feb 27 12:41:57 2016, Analysis request, ON ACCESS EXECUTION, C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE, 4428
57550921, 7685, 1, Sat Feb 27 12:41:57 2016, Analysis result, ON ACCESS EXECUTION, C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE, 4428, OFFLINE, 24-02-2016 14:38,, DC353503FD136FABFA63840B229DD7F5, -, -, -, -, 30, -, 0
57550999, 7686, 1, Sat Feb 27 12:41:57 2016, Analysis request, ON ACCESS, C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF, 4428
57550999, 7686, 1, Sat Feb 27 12:41:57 2016, Analysis result, ON ACCESS, C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF, 4428, OFFLINE, 24-02-2016 14:38,,, -, -, -, -, -, 0, -
57606832, 7689, 1, Sat Feb 27 12:42:53 2016, Analysis request, ON ACCESS, C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase 7 64bit\Dokumentation\English\PlugIn-Referenz.lnk, 3752
57606832, 7689, 1, Sat Feb 27 12:42:53 2016, Analysis result, ON ACCESS, C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase 7 64bit\Dokumentation\English\PlugIn-Referenz.lnk, 3752, OFFLINE, 24-02-2016 14:38,,, -, -, -, -, -, 0, -
57606863, 7690, 1, Sat Feb 27 12:42:53 2016, Analysis request, ON ACCESS, C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP\HP LaserJet 200 color M251\Produktsoftware deinstallieren.lnk, 3752
57606863, 7690, 1, Sat Feb 27 12:42:53 2016, Analysis result, ON ACCESS, C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP\HP LaserJet 200 color M251\Produktsoftware deinstallieren.lnk, 3752, OFFLINE, 24-02-2016 14:38,,, -, -, -, -, -, 0, -
57607082, 7691, 1, Sat Feb 27 12:42:53 2016, Analysis request, ON ACCESS, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk, 3752
57607082, 7691, 1, Sat Feb 27 12:42:53 2016, Analysis result, ON ACCESS, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk, 3752, OFFLINE, 24-02-2016 14:38,,, -, -, -, -, -, 0, -
57608267, 7692, 1, Sat Feb 27 12:42:54 2016, Analysis request, ON ACCESS EXE, C:\Windows\System32\SNTSearch.dll, 3752
57608283, 7692, 1, Sat Feb 27 12:42:54 2016, Analysis result, ON ACCESS EXE, C:\Windows\System32\SNTSearch.dll, 3752, OFFLINE, 24-02-2016 14:38,,, -, -, -, 30, -, -, -
57608361, 7693, 1, Sat Feb 27 12:42:54 2016, Analysis request, ON ACCESS, C:\Users\Ben\Desktop\Panda Free Antivirus.lnk, 3752
57608361, 7693, 1, Sat Feb 27 12:42:54 2016, Analysis result, ON ACCESS, C:\Users\Ben\Desktop\Panda Free Antivirus.lnk, 3752, OFFLINE, 24-02-2016 14:38,,, -, -, -, -, -, 0, - |