Div. Malware lässt sich nicht entfernen Patched.Ren.Gen und Luhe.Fiha.A. Liebes Trojaner Board,
bei mir häufen sich die Probleme und irgendwie werde ich sie nicht mehr los. Ich habe versucht mich an Eure Anleitung zu orientieren und habe ein paar Log-Dateien erstellt. Es fing an mit Patched.Ren.Gen, angeblich immer entfernt von meiner Virusprogramm, aber dann doch wieder aufgetaucht. Vorhin ist dann Luhe.Fiha.A. dazugekommen und jetzt bekomme ich langsam Angst.
Leider bin ich selber nur Nutzer und steige bei dieser Komplexität langsam aus, wenn ich also etwas vergessen habe oder mir nicht mehr zu helfen ist, dann einfach melden.
Danke für Eure Unterstützung:
Gruß Tobias
FRST
FRST Logfile: Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
durchgeführt von Nutzer (Administrator) auf NUTZER-HP (21-03-2016 12:43:44)
Gestartet von C:\Users\Nutzer\Downloads
Geladene Profile: Nutzer (Verfügbare Profile: Nutzer & Tine & DefaultAppPool)
Platform: Windows 10 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(IPAS GmbH) C:\Program Files (x86)\IPAS GmbH\ComBridge Studio\bin\CemiService.exe
(IPAS GmbH) C:\Program Files (x86)\IPAS GmbH\ComBridge Studio\bin\CBMCGSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
() C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
() C:\Windows\System32\fpCSEvtSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareService.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON_P2\Status Monitor\SESDBN.EXE
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON_P2\Status Monitor\SEPWDN.EXE
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Ericsson AB) C:\Program Files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(O&O Software GmbH) C:\Program Files\OO Software\DiskImage\oodiag.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\BCMWLTRY.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Microsoft Corporation) C:\Windows\System32\vdsldr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(WiseCleaner.com) C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON_P2\Status Monitor\SEPSPZ.EXE
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareTray.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(O&O Software GmbH) C:\Program Files\OO Software\DiskImage\ooditray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Users\Nutzer\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(© 2015 Microsoft Corporation) C:\Users\Nutzer\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
(Mindjet) C:\Program Files (x86)\Mindjet\MindManager 14\MmReminderService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Axentra Corporation) C:\Program Files (x86)\MEDION\LifeCloud Desktop Applications\HipServAgent\HipServAgent.exe
(Synology Inc.) C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-ui.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Synology Inc.) C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-connect.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Synology Inc.) C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-daemon.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(Dropbox, Inc.) C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.19020.0_x64__8wekyb3d8bbwe\Calculator.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10240.16719_none_11647d1561f368c0\TiWorker.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [3488640 2012-03-14] (Hewlett-Packard Company)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [SEQLU] => C:\Program Files\EPSON_P2\Printer Software\SEQLUZ.EXE [950704 2012-11-16] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [SESMPSP] => C:\Program Files\EPSON_P2\Status Monitor\SEPSPZ.EXE [459184 2012-11-16] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe [7032320 2014-08-20] (Broadcom Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-03-31] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-03] (Synaptics Incorporated)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareTray.exe [9574112 2015-12-09] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM\...\Run: [OODITRAY.EXE] => C:\Program Files\OO Software\DiskImage\ooditray.exe [6360824 2015-08-28] (O&O Software GmbH)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285832 2015-09-09] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2014-10-16] (Intel Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [807392 2016-03-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498728 2015-06-29] (Adobe Systems Inc.)
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [128352 2010-01-18] (CANON INC.)
HKLM-x32\...\Run: [MMReminderService] => C:\Program Files (x86)\Mindjet\MindManager 14\MMReminderService.exe [42312 2013-09-06] (Mindjet)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [336672 2014-05-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HipServ Agent] => C:\Program Files (x86)\MEDION\LifeCloud Desktop Applications\HipServAgent\HipServAgent.exe [2722920 2014-01-27] (Axentra Corporation)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-12] (Logitech Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-01-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1284680 2014-01-17] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [438888 2014-01-15] (CANON INC.)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [14952 2016-02-26] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [179624 2016-02-18] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3862440 2016-03-02] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\WINDOWS\SYSTEM32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\Run: [Amazon Cloud Player] => C:\Users\Nutzer\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3140608 2014-01-14] ()
HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\AdobeCollabSync.exe [761064 2015-06-29] (Adobe Systems Incorporated)
HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\Run: [Dropbox Update] => C:\Users\Nutzer\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\Run: [BingSvc] => C:\Users\Nutzer\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50615936 2016-01-18] (Skype Technologies S.A.)
HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23499656 2016-01-15] (Google)
HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\MountPoints2: {132320fd-603f-11e5-9c01-028037ec0200} - "D:\LaunchU3.exe" -a
Lsa: [Notification Packages] scecli c:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [ 01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\icon-overlay\14\x64\iconOverlay.dll [2015-11-17] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\icon-overlay\14\x64\iconOverlay.dll [2015-11-17] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\icon-overlay\14\x64\iconOverlay.dll [2015-11-17] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\icon-overlay\14\x64\iconOverlay.dll [2015-11-17] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\Nutzer\AppData\Local\CloudStation\CloudStation.app\icon-overlay\14\x64\iconOverlay.dll [2015-11-17] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [OODIIcon] -> {14A94384-BBED-47ed-86C0-6BF63FD892D0} => C:\Program Files\OO Software\DiskImage\oodishi.dll [2015-08-28] (O&O Software GmbH)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
Startup: C:\Users\Nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-03-21]
ShortcutTarget: Dropbox.lnk -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler.exe [2015-12-30] ()
Startup: C:\Users\Nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station Drive.lnk [2016-03-20]
ShortcutTarget: Synology Cloud Station Drive.lnk -> C:\Program Files (x86)\Synology\CloudStation\bin\launcher.exe (Synology Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\..\Interfaces\{00e337c2-2a81-46a1-963a-31f2294d9825}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{87dc13c9-ca95-45c6-9efe-5a7f4e8c2580}: [DhcpNameServer] 192.168.14.1 192.168.14.1
Tcpip\..\Interfaces\{b63e91dc-3102-4765-8651-9a0a6546b831}: [DhcpNameServer] 192.168.179.1
Tcpip\..\Interfaces\{e93d9ec1-d8cf-4d32-af98-e4036ddd5a1d}: [NameServer] 139.7.30.126 139.7.30.125
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=de-de
HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/10
HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
hxxp://www.fibercheck.de/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
SearchScopes: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001 -> 51B8090724154198AC9D55380858D24C URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=2dea3aaf-fd01-4f6d-8b86-de643d5aaf49&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=14/05/2013&type=hp1000
SearchScopes: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001 -> {2F241019-B5B5-4A3B-9777-05796CC07CE4} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-3737527253-1174571278-2646331852-1001 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-02-09] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-02-09] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> Keine Datei
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-02-09] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: CmjBrowserHelperObject Object -> {6FE6A929-59D1-4763-91AD-29B61CFFB35B} -> C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll [2013-09-06] (Mindjet)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\ssv.dll [2016-01-28] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-02-09] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\jp2ssv.dll [2016-01-28] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-03-12] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hdd4g0s7.default
FF NewTab: hxxp://www.bing.com/?pc=COSP&ptag=D122814-AE3372CAF8274412FA2F&form=CONMHP&conlogo=CT3330942
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=de-de
www.google.de
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-11] ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\windows\system32\npDeployJava1.dll [2013-08-13] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-11] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-11-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-11-01] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.72.2 -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\dtplugin\npDeployJava1.dll [2016-01-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.72.2 -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\plugin2\npjp2.dll [2016-01-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-07-30] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3737527253-1174571278-2646331852-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2015-09-29] (Sony Network Entertainment International LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hdd4g0s7.default\searchplugins\bingp.xml [2014-11-09]
FF SearchPlugin: C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hdd4g0s7.default\searchplugins\google-images.xml [2014-06-19]
FF SearchPlugin: C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hdd4g0s7.default\searchplugins\google-maps.xml [2014-06-19]
FF Extension: Fox!Box - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hdd4g0s7.default\extensions\{df4e4df5-5cb7-46b0-9aef-6c784c3249f8}.xpi [2015-05-29]
FF Extension: Avira Browser Safety - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hdd4g0s7.default\Extensions\abs@avira.com [2016-03-16]
FF Extension: Bing Search - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hdd4g0s7.default\Extensions\bingsearch.full@microsoft.com.xpi [2016-01-20]
FF Extension: HP Detect - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hdd4g0s7.default\Extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2} [2013-08-22] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hdd4g0s7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24]
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-20] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-08-06] [ist nicht signiert]
FF HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hdd4g0s7.default\extensions\cliqz@cliqz.com => nicht gefunden
Chrome:
=======
CHR Profile: C:\Users\Nutzer\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Nutzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-07]
CHR Extension: (Google Docs) - C:\Users\Nutzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-07]
CHR Extension: (Google Drive) - C:\Users\Nutzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-07]
CHR Extension: (YouTube) - C:\Users\Nutzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-07]
CHR Extension: (Adobe Acrobat) - C:\Users\Nutzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-03-07]
CHR Extension: (Google Tabellen) - C:\Users\Nutzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-07]
CHR Extension: (Avira Browserschutz) - C:\Users\Nutzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-03-15]
CHR Extension: (Google Docs Offline) - C:\Users\Nutzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Nutzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-03-07]
CHR Extension: (Google Mail) - C:\Users\Nutzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-07]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3737527253-1174571278-2646331852-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2015-06-29]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <nicht gefunden>
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [955736 2016-03-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466504 2016-03-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466504 2016-03-11] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1424880 2016-03-11] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [604144 2016-03-02] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3934184 2016-03-02] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1045928 2016-02-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [561104 2016-03-02] (AVG Technologies CZ, s.r.o.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [260456 2016-01-27] (Avira Operations GmbH & Co. KG)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2288384 2015-12-24] (Broadcom Corporation.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 CBEIBnetIPService; C:\Program Files (x86)\Ipas GmbH\ComBridge Studio\bin\CemiService.exe [249856 2009-09-16] (IPAS GmbH) [Datei ist nicht signiert]
R2 CBStudioMCGService; C:\Program Files (x86)\Ipas GmbH\ComBridge Studio\bin\CBMCGSvc.exe [503808 2009-09-16] (IPAS GmbH) [Datei ist nicht signiert]
R2 Cloud Station Drive VSS Service x64; C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe [287712 2015-10-06] ()
R2 fpCsEvtSvc; C:\Windows\system32\fpCSEvtSvc.exe [13824 2015-12-09] ()
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [683296 2014-05-16] (Hewlett-Packard Company)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26680 2016-02-18] (Hewlett-Packard Company)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131032 2013-11-01] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165336 2013-11-01] (Intel Corporation)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareService.exe [712432 2015-12-09] ()
R2 OO DiskImage; C:\Program Files\OO Software\DiskImage\oodiag.exe [7766264 2015-08-28] (O&O Software GmbH)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [66872 2015-12-30] ()
R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [107832 2015-12-30] ()
R2 RoxioBurnLauncher; C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [536848 2012-03-21] ()
R2 SESMPWD; C:\Program Files\EPSON_P2\Status Monitor\SEPWDN.EXE [155568 2012-11-16] (SEIKO EPSON CORPORATION)
R2 SESMSDB; C:\Program Files\EPSON_P2\Status Monitor\SESDBN.EXE [343472 2012-11-16] (SEIKO EPSON CORPORATION)
R2 SpeedupService; C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [24224 2016-02-26] (Avira Operations GmbH & Co. KG)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2013-03-31] (IDT, Inc.) [Datei ist nicht signiert]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-07-03] (Synaptics Incorporated)
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [498352 2012-02-03] (ArcSoft, Inc.)
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248736 2014-02-25] ()
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [53248 2015-12-09] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580144 2015-08-06] (WiseCleaner.com)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe [5878272 2014-08-20] (Broadcom Corporation) [Datei ist nicht signiert]
R2 WMCoreService; C:\Program Files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe [689560 2012-10-18] (Ericsson AB)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 ARCVCAM; C:\Windows\system32\DRIVERS\ArcSoftVCapture.sys [42816 2012-02-03] (ArcSoft, Inc.)
R3 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1369288 2015-07-29] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [271272 2015-07-29] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [747120 2015-07-29] (BitDefender)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2016-01-26] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272304 2016-01-26] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378288 2016-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [269232 2016-03-02] (AVG Technologies CZ, s.r.o.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-03-11] (Avira Operations GmbH & Co. KG)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-12-04] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [23472 2016-01-08] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [315840 2015-12-16] (AVG Technologies CZ, s.r.o.)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [137952 2016-03-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [68936 2016-03-11] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [208192 2015-12-24] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7480496 2013-09-13] (Broadcom Corporation)
R1 BdfNdisf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfndisf6.sys [97816 2015-01-06] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys [107080 2015-01-06] (BitDefender LLC)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-07-10] (Microsoft Corporation)
S3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2012-02-02] (Broadcom Corporation.)
R3 e1cexpress; C:\Windows\system32\DRIVERS\e1c64x64.sys [468752 2014-07-28] (Intel Corporation)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2011-10-05] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [29736 2011-10-05] (Ericsson AB)
R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.99.0\gzflt.sys [155912 2015-12-09] (BitDefender LLC)
R3 h36wgps; C:\Windows\system32\DRIVERS\h36wgps64.sys [103184 2012-03-01] (Ericsson AB)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-12-02] (REALiX(tm))
R3 johci; C:\Windows\System32\drivers\johci.sys [26208 2013-11-06] (JMicron Technology Corp.)
S3 KOBCCEX; C:\Windows\System32\drivers\KOBCCEX.sys [25344 2009-10-08] (KOBIL Systems GmbH) [Datei ist nicht signiert]
S3 massfilter_LTE; C:\Windows\System32\drivers\massfilter_LTE.sys [18456 2011-04-28] (HandSet Incorporated)
S3 massfilter_LTE; C:\Windows\SysWOW64\drivers\massfilter_LTE.sys [15896 2011-04-28] (HandSet Incorporated)
R3 Mbm3CBus; C:\Windows\System32\drivers\Mbm3CBus.sys [443648 2013-04-22] (MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\system32\DRIVERS\Mbm3DevMt.sys [455936 2013-04-22] (MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\system32\DRIVERS\Mbm3mdfl.sys [22272 2013-04-22] (MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\system32\DRIVERS\Mbm3Mdm.sys [508160 2013-04-22] (MCCI Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [185088 2015-12-02] (Intel Corporation)
R0 oodisr; C:\Windows\System32\DRIVERS\oodisr.sys [116888 2015-08-28] (O&O Software GmbH)
R0 oodisrh; C:\Windows\System32\DRIVERS\oodisrh.sys [41112 2015-08-28] (O&O Software GmbH)
R0 oodivd; C:\Windows\System32\DRIVERS\oodivd.sys [255640 2015-08-28] (O&O Software GmbH)
R0 oodivdh; C:\Windows\System32\DRIVERS\oodivdh.sys [44696 2015-08-28] (O&O Software GmbH)
S3 pmxdrv; C:\windows\system32\drivers\pmxdrv.sys [31152 2013-09-01] ()
S4 RsFx0153; C:\Windows\System32\DRIVERS\RsFx0153.sys [321992 2012-06-29] (Microsoft Corporation)
S2 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [28624 2015-12-30] () [Datei ist nicht signiert]
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [700128 2015-11-13] (Sunplus)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [452040 2015-12-09] (BitDefender S.R.L.)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R1 UimBus; C:\Windows\System32\drivers\UimBus.sys [102576 2015-08-10] ()
R1 Uim_DEVIM; C:\Windows\System32\drivers\uim_devim.sys [25904 2015-08-10] ()
R1 Uim_IM; C:\Windows\System32\drivers\uim_im.sys [701232 2015-08-10] ()
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2014-10-16] (Cisco Systems, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30544 2015-12-09] (HP)
S3 WiseHDInfo; C:\WINDOWS\WiseHDInfo64.dll [14800 2015-12-23] (wisecleaner.com)
R3 WwanUsbServ; C:\Windows\System32\drivers\WwanUsbMp64.sys [284912 2013-11-25] (Ericsson AB)
S3 zgdcat; C:\Windows\System32\DRIVERS\zgdcat.sys [129040 2011-04-28] (ZTE Incorporated)
S3 zgdcat; C:\Windows\SysWOW64\DRIVERS\zgdcat.sys [113168 2011-04-28] (ZTE Incorporated)
S3 zgdcdiag; C:\Windows\System32\DRIVERS\zgdcdiag.sys [129040 2011-04-28] (ZTE Incorporated)
S3 zgdcdiag; C:\Windows\SysWOW64\DRIVERS\zgdcdiag.sys [113168 2011-04-28] (ZTE Incorporated)
S3 zgdcmdm; C:\Windows\System32\DRIVERS\zgdcmdm.sys [129040 2011-04-28] (ZTE Incorporated)
S3 zgdcmdm; C:\Windows\SysWOW64\DRIVERS\zgdcmdm.sys [113168 2011-04-28] (ZTE Incorporated)
S3 zgdcnet; C:\Windows\System32\DRIVERS\zgdcnet.sys [163352 2011-04-28] (ZTE Incorporated)
S3 zgdcnet; C:\Windows\SysWOW64\DRIVERS\zgdcnet.sys [138264 2011-04-28] (ZTE Incorporated)
S3 zgdcnmea; C:\Windows\System32\DRIVERS\zgdcnmea.sys [129040 2011-04-28] (ZTE Incorporated)
S3 zgdcnmea; C:\Windows\SysWOW64\DRIVERS\zgdcnmea.sys [113168 2011-04-28] (ZTE Incorporated)
U3 idsvc; kein ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-03-21 12:43 - 2016-03-21 12:44 - 00049406 _____ C:\Users\Nutzer\Downloads\FRST.txt
2016-03-21 12:43 - 2016-03-21 12:43 - 00000000 ____D C:\FRST
2016-03-21 12:42 - 2016-03-21 12:43 - 02374144 _____ (Farbar) C:\Users\Nutzer\Downloads\FRST64.exe
2016-03-21 12:29 - 2016-03-21 12:29 - 00016148 _____ C:\WINDOWS\system32\NUTZER-HP_Nutzer_HistoryPrediction.bin
2016-03-21 09:45 - 2016-03-21 09:45 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-03-15 10:00 - 2016-03-15 10:00 - 00184296 _____ C:\Users\Nutzer\Downloads\Umsaetze_KtoNr142332600_EUR_15-03-2016_1000.CSV
2016-03-14 12:09 - 2016-03-14 12:10 - 00010487 _____ C:\Users\Nutzer\Downloads\FiberC_elster_14.03.2016_12.09.pfx
2016-03-09 11:45 - 2016-02-23 15:53 - 01314496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-03-09 11:45 - 2016-02-23 15:52 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-03-09 11:45 - 2016-02-23 15:51 - 00633184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-03-09 11:45 - 2016-02-23 15:51 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-03-09 11:45 - 2016-02-23 15:50 - 00630160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-03-09 11:45 - 2016-02-23 15:48 - 08022368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-03-09 11:45 - 2016-02-23 15:48 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-03-09 11:45 - 2016-02-23 15:48 - 01123952 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-03-09 11:45 - 2016-02-23 15:41 - 01150816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-03-09 11:45 - 2016-02-23 15:41 - 00299600 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMASF.DLL
2016-03-09 11:45 - 2016-02-23 15:41 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-03-09 11:45 - 2016-02-23 15:40 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-03-09 11:45 - 2016-02-23 15:38 - 00272752 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-03-09 11:45 - 2016-02-23 15:36 - 00080128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-03-09 11:45 - 2016-02-23 15:11 - 00781984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-03-09 11:45 - 2016-02-23 15:11 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-09 11:45 - 2016-02-23 15:11 - 00103776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-03-09 11:45 - 2016-02-23 15:08 - 03622272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-03-09 11:45 - 2016-02-23 15:07 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-03-09 11:45 - 2016-02-23 14:39 - 00607416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-03-09 11:45 - 2016-02-23 14:30 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-03-09 11:45 - 2016-02-23 14:25 - 01085632 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-03-09 11:45 - 2016-02-23 14:23 - 00952968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-03-09 11:45 - 2016-02-23 14:21 - 00529456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-03-09 11:45 - 2016-02-23 14:21 - 00141152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-03-09 11:45 - 2016-02-23 14:11 - 00249976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMASF.DLL
2016-03-09 11:45 - 2016-02-23 14:11 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-03-09 11:45 - 2016-02-23 14:11 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-03-09 11:45 - 2016-02-23 14:09 - 00229352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-03-09 11:45 - 2016-02-23 14:06 - 00069232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-03-09 11:45 - 2016-02-23 13:58 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-03-09 11:45 - 2016-02-23 13:50 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-03-09 11:45 - 2016-02-23 13:50 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-03-09 11:45 - 2016-02-23 13:42 - 00658536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-03-09 11:45 - 2016-02-23 13:42 - 00467296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-03-09 11:45 - 2016-02-23 13:42 - 00078176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-03-09 11:45 - 2016-02-23 13:39 - 02879024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-03-09 11:45 - 2016-02-23 13:38 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-03-09 11:45 - 2016-02-23 13:35 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-03-09 11:45 - 2016-02-23 13:20 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-03-09 11:45 - 2016-02-23 13:17 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-03-09 11:45 - 2016-02-23 13:16 - 02237952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-03-09 11:45 - 2016-02-23 13:15 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-03-09 11:45 - 2016-02-23 13:15 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-03-09 11:45 - 2016-02-23 12:59 - 00319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2016-03-09 11:45 - 2016-02-23 12:59 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-03-09 11:45 - 2016-02-23 12:57 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-09 11:45 - 2016-02-23 12:55 - 24592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-03-09 11:45 - 2016-02-23 12:45 - 12504576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-03-09 11:45 - 2016-02-23 12:45 - 06788608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-03-09 11:45 - 2016-02-23 12:42 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-03-09 11:45 - 2016-02-23 12:42 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-03-09 11:45 - 2016-02-23 12:38 - 02663424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-09 11:45 - 2016-02-23 12:37 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe
2016-03-09 11:45 - 2016-02-23 12:36 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-03-09 11:45 - 2016-02-23 12:25 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-03-09 11:45 - 2016-02-23 12:18 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-03-09 11:45 - 2016-02-23 12:17 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-03-09 11:45 - 2016-02-23 12:17 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-03-09 11:45 - 2016-02-23 12:14 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-03-09 11:45 - 2016-02-23 12:08 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-03-09 11:45 - 2016-02-23 12:04 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-03-09 11:45 - 2016-02-23 12:03 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-03-09 11:45 - 2016-02-23 12:03 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-03-09 11:45 - 2016-02-23 12:02 - 03587584 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-03-09 11:45 - 2016-02-23 11:55 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-03-09 11:45 - 2016-02-23 11:55 - 14241792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-03-09 11:45 - 2016-02-23 11:51 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-03-09 11:45 - 2016-02-23 11:51 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-03-09 11:45 - 2016-02-23 11:48 - 21859840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-03-09 11:45 - 2016-02-23 11:48 - 05157376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-03-09 11:45 - 2016-02-23 11:46 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-03-09 11:45 - 2016-02-23 11:45 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-03-09 11:45 - 2016-02-23 11:45 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-03-09 11:45 - 2016-02-23 11:45 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-03-09 11:45 - 2016-02-23 11:45 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-03-09 11:45 - 2016-02-23 11:44 - 01821696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-03-09 11:45 - 2016-02-23 11:38 - 07524864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-03-09 11:45 - 2016-02-23 11:29 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-03-09 11:45 - 2016-02-23 11:17 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-03-09 11:45 - 2016-02-23 11:17 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-03-09 11:45 - 2016-02-23 11:11 - 12589056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-03-09 11:45 - 2016-02-23 11:03 - 01495040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-03-09 11:45 - 2016-02-23 11:00 - 11263488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-03-09 11:45 - 2016-02-23 11:00 - 05457408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-03-09 11:45 - 2016-02-23 10:58 - 18800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-03-08 11:48 - 2016-03-08 11:48 - 00001176 _____ C:\Users\Nutzer\Downloads\BAHN_Fahrplan.ics
2016-03-07 15:06 - 2016-03-15 10:19 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-07 15:06 - 2016-03-15 10:19 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-07 15:04 - 2016-03-07 15:05 - 00987728 _____ (Google Inc.) C:\Users\Nutzer\Downloads\ChromeSetup.exe
2016-03-02 13:50 - 2016-03-16 18:17 - 00000356 _____ C:\WINDOWS\Tasks\HPCeeScheduleForNutzer.job
2016-03-02 13:50 - 2016-03-16 13:56 - 00003252 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForNutzer
2016-03-02 10:29 - 2016-03-02 10:30 - 00000000 ____D C:\Users\Nutzer\Desktop\futuresax
2016-03-02 10:21 - 2016-03-02 10:21 - 00269232 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx64.sys
2016-02-29 21:34 - 2016-02-29 21:43 - 00000000 ____D C:\Users\Nutzer\Desktop\steuer_2014
2016-02-29 17:15 - 2016-03-20 16:06 - 00000504 _____ C:\WINDOWS\Tasks\OO DiskImage {dbb774bd-d681-428d-8b24-df4d3382d2f1}.job
2016-02-29 17:15 - 2016-02-29 17:15 - 00003096 _____ C:\WINDOWS\System32\Tasks\OO DiskImage {dbb774bd-d681-428d-8b24-df4d3382d2f1}
2016-02-29 16:30 - 2016-03-20 16:07 - 00000000 ____D C:\Users\Public\Speedup Sessions
2016-02-29 16:30 - 2016-02-29 16:30 - 00002525 _____ C:\Users\Public\Desktop\O&O DiskImage.lnk
2016-02-29 16:30 - 2016-02-29 16:30 - 00001292 _____ C:\Users\Public\Desktop\Avira System Speedup.lnk
2016-02-29 16:30 - 2016-02-29 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O&O Software
2016-02-29 16:30 - 2016-02-29 16:30 - 00000000 ____D C:\Program Files\OO Software
2016-02-29 13:45 - 2016-03-01 10:38 - 00000000 ____D C:\Users\Nutzer\Desktop\arbeitsamt
2016-02-29 12:48 - 2016-03-20 16:07 - 00000000 ___RD C:\Users\Nutzer\Google Drive
2016-02-29 12:48 - 2016-02-29 12:48 - 00001818 _____ C:\Users\Nutzer\Desktop\Google Drive.lnk
2016-02-29 12:46 - 2016-03-21 11:51 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-29 12:46 - 2016-03-20 16:06 - 00001126 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-29 12:46 - 2016-03-14 14:53 - 00001962 _____ C:\Users\Public\Desktop\Google Slides.lnk
2016-02-29 12:46 - 2016-03-14 14:53 - 00001960 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2016-02-29 12:46 - 2016-03-14 14:53 - 00001950 _____ C:\Users\Public\Desktop\Google Docs.lnk
2016-02-29 12:46 - 2016-02-29 12:46 - 00004188 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-29 12:46 - 2016-02-29 12:46 - 00003956 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-29 12:46 - 2016-02-29 12:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-02-29 12:45 - 2016-02-29 12:46 - 00987728 _____ (Google Inc.) C:\Users\Nutzer\Downloads\googledrivesync(2).exe
2016-02-28 16:57 - 2016-02-28 16:57 - 00000000 ____D C:\Users\Nutzer\AppData\LocalLow\Temp
2016-02-28 16:47 - 2016-02-28 16:54 - 00024994 _____ C:\Users\Nutzer\Desktop\Simple PERT Chart.eddx
2016-02-28 09:55 - 2016-02-28 21:15 - 00000000 ____D C:\Users\Nutzer\Desktop\promotion
2016-02-27 10:47 - 2016-02-27 10:47 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SAB
2016-02-27 10:47 - 2016-02-27 10:47 - 00000000 ____D C:\Program Files\SAB
2016-02-25 16:34 - 2016-02-25 16:34 - 01456800 _____ C:\WINDOWS\ProcessedPackets.KTL
2016-02-25 16:34 - 2016-02-25 16:34 - 00576088 _____ C:\WINDOWS\Packet.KTL
2016-02-25 16:34 - 2016-02-25 16:34 - 00043862 _____ C:\WINDOWS\Control.KTL
2016-02-25 16:34 - 2016-02-25 16:34 - 00001177 _____ C:\WINDOWS\SentOSPackets.KTL
2016-02-25 16:34 - 2016-02-25 16:34 - 00000286 _____ C:\WINDOWS\NGIControl.KTL
2016-02-25 11:58 - 2016-02-25 11:58 - 00000000 ____D C:\Users\Nutzer\Documents\Edraw Max
2016-02-25 11:58 - 2016-02-25 11:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Edraw Max 7.9
2016-02-25 11:58 - 2016-02-25 11:58 - 00000000 ____D C:\Program Files (x86)\Edraw Max
2016-02-25 11:26 - 2016-02-25 11:58 - 80442944 _____ (EdrawSoft ) C:\Users\Nutzer\Downloads\edrawmax-de.exe
2016-02-25 10:05 - 2016-02-25 10:05 - 00035121 _____ C:\Users\Nutzer\Desktop\Flussdiagramm.vsdx
2016-02-24 12:40 - 2016-02-27 10:47 - 79114984 _____ C:\Users\Nutzer\Downloads\InstallPrano_FZR1420_JRE_64bit.exe
2016-02-24 12:06 - 2016-02-24 12:08 - 00000000 ____D C:\Users\Nutzer\Desktop\Inventur
2016-02-22 11:03 - 2016-02-28 21:15 - 00000000 ____D C:\Users\Nutzer\Desktop\Smart
2016-02-21 14:26 - 2016-02-21 14:26 - 00002162 _____ C:\Users\Public\Desktop\roomeon Portal.lnk
2016-02-21 14:26 - 2016-02-21 14:26 - 00002125 _____ C:\Users\Public\Desktop\roomeon 3D-Planer.lnk
2016-02-21 14:26 - 2016-02-21 14:26 - 00000000 ____D C:\Users\Nutzer\AppData\Local\roomeon
2016-02-21 14:26 - 2016-02-21 14:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\roomeon
2016-02-21 14:26 - 2016-02-21 14:26 - 00000000 ____D C:\Program Files (x86)\roomeon GmbH
2016-02-21 14:23 - 2016-02-21 14:25 - 14467023 _____ C:\Users\Nutzer\Downloads\roomeon_3D-Planer_DE_1.6.2(1).exe.part
2016-02-21 14:09 - 2016-02-21 14:25 - 55614231 _____ C:\Users\Nutzer\Downloads\roomeon_3D-Planer_DE_1.6.2.exe
2016-02-20 16:09 - 2016-02-20 16:09 - 00003628 _____ C:\WINDOWS\System32\Tasks\Inst_Rep
2016-02-20 16:09 - 2016-02-20 16:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MYBESTOFFERSTODAY
2016-02-20 16:08 - 2016-02-20 16:09 - 00000000 ____D C:\Program Files (x86)\mbot_de_014010244
2016-02-20 16:08 - 2016-02-20 16:08 - 00000000 ____D C:\Users\Nutzer\AppData\Local\mbot_de_014010244
2016-02-20 16:05 - 2016-02-22 15:39 - 00000000 ____D C:\Users\Nutzer\Desktop\keygen__15344_il2310679
2016-02-20 15:56 - 2016-02-20 16:07 - 00172620 _____ (Feme ) C:\Users\Nutzer\Downloads\tropico_4_keygen.exe.part
2016-02-20 15:41 - 2016-02-20 15:41 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\Tropico 4
2016-02-20 15:36 - 2016-02-20 15:36 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\Kalypso Media
2016-02-20 14:52 - 2016-02-20 15:11 - 00000000 ____D C:\Program Files (x86)\Kalypso Media
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-03-21 12:21 - 2013-03-20 11:50 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\Skype
2016-03-21 12:12 - 2012-05-05 19:15 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-03-21 11:50 - 2015-08-03 15:32 - 00000000 ____D C:\Users\Nutzer\AppData\Local\Packages
2016-03-21 11:47 - 2015-06-17 12:30 - 00001228 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3737527253-1174571278-2646331852-1001UA.job
2016-03-21 11:38 - 2015-12-24 10:27 - 00000000 ____D C:\ProgramData\MFAData
2016-03-21 09:45 - 2013-07-21 14:28 - 00000000 ___RD C:\Users\Nutzer\Dropbox
2016-03-21 09:45 - 2013-07-21 14:25 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\Dropbox
2016-03-21 09:38 - 2015-07-10 10:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-03-21 09:35 - 2013-09-06 09:04 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\vlc
2016-03-20 16:17 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-03-20 16:12 - 2015-07-10 12:04 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-20 16:11 - 2015-08-03 15:12 - 02266390 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-20 16:11 - 2015-07-10 17:34 - 00952100 _____ C:\WINDOWS\system32\perfh007.dat
2016-03-20 16:11 - 2015-07-10 17:34 - 00221546 _____ C:\WINDOWS\system32\perfc007.dat
2016-03-20 16:11 - 2015-07-10 12:02 - 00000000 ____D C:\WINDOWS\INF
2016-03-20 16:08 - 2015-12-29 12:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-03-20 16:08 - 2013-03-17 17:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-20 16:07 - 2015-12-23 15:27 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\Wise Care 365
2016-03-20 16:07 - 2015-06-24 11:25 - 00000000 ___RD C:\Users\Nutzer\CloudStation
2016-03-20 16:07 - 2015-03-04 14:55 - 00000000 ___RD C:\Users\Nutzer\Desktop\FC_Cloud
2016-03-20 16:06 - 2015-12-18 15:53 - 00002402 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2016-03-20 16:06 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-20 16:06 - 2013-03-04 22:02 - 00000000 ____D C:\ProgramData\Validity
2016-03-19 15:14 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-03-17 10:53 - 2015-08-03 15:12 - 00000000 ____D C:\Users\Nutzer
2016-03-15 12:46 - 2013-05-15 05:53 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-03-12 13:00 - 2015-12-24 10:28 - 00001009 _____ C:\Users\Public\Desktop\AVG Protection.lnk
2016-03-12 13:00 - 2015-12-24 10:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-03-11 12:54 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-11 11:22 - 2013-03-16 09:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-03-11 11:21 - 2013-05-09 16:12 - 00068936 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2016-03-11 11:21 - 2013-03-20 12:03 - 00137952 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2016-03-11 11:21 - 2013-03-20 12:03 - 00128664 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2016-03-11 10:07 - 2015-08-03 15:34 - 00002429 _____ C:\Users\Nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-03-11 10:07 - 2015-08-03 15:34 - 00000000 ___RD C:\Users\Nutzer\OneDrive
2016-03-09 17:55 - 2015-08-03 15:32 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-09 17:47 - 2016-01-11 16:34 - 00402568 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-09 16:38 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-09 16:38 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-09 16:38 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-09 16:38 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-03-09 16:32 - 2013-07-16 15:56 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-03-09 16:26 - 2013-03-12 15:46 - 143659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-03-09 16:24 - 2009-07-14 03:34 - 00000478 _____ C:\WINDOWS\win.ini
2016-03-08 08:10 - 2015-07-10 12:06 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-03-08 08:10 - 2015-07-10 12:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-07 15:44 - 2014-03-05 10:48 - 00000000 ____D C:\Users\Nutzer\AppData\Local\Google
2016-03-07 15:05 - 2014-03-05 10:48 - 00000000 ____D C:\Program Files (x86)\Google
2016-03-06 02:27 - 2015-12-11 15:53 - 00000000 ____D C:\ProgramData\Sonos,_Inc
2016-03-01 13:45 - 2014-05-11 11:56 - 00000000 ____D C:\ProgramData\Package Cache
2016-02-29 21:44 - 2013-04-23 17:08 - 00000000 ____D C:\Users\Nutzer\Documents\Steuerfälle
2016-02-29 20:53 - 2013-04-23 16:40 - 00000000 ____D C:\ProgramData\AAV
2016-02-29 16:30 - 2015-12-03 15:04 - 00003430 _____ C:\WINDOWS\System32\Tasks\Avira System Speedup Tray
2016-02-29 16:30 - 2014-12-15 13:55 - 00000000 ____D C:\ProgramData\OO Software
2016-02-29 16:29 - 2013-03-16 09:51 - 00000000 ____D C:\Program Files (x86)\Avira
2016-02-29 14:16 - 2013-12-11 17:06 - 00000000 ____D C:\Users\Nutzer\Desktop\cafe100
2016-02-29 12:45 - 2013-09-13 11:28 - 00000000 ____D C:\Users\Nutzer\Desktop\ideentransfer
2016-02-28 21:15 - 2013-04-16 21:27 - 00000000 ____D C:\Users\Nutzer\Desktop\privat
2016-02-27 14:56 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2016-02-27 10:54 - 2015-10-30 08:30 - 00000000 ____D C:\Users\Nutzer\.oracle_jre_usage
2016-02-26 23:28 - 2015-07-10 11:59 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2016-02-26 23:28 - 2015-07-10 11:59 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2016-02-26 23:28 - 2015-07-10 11:59 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2016-02-26 23:28 - 2015-07-10 11:59 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2016-02-26 23:28 - 2015-07-10 11:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2016-02-26 23:28 - 2015-07-10 11:59 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2016-02-26 23:28 - 2015-07-10 11:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2016-02-26 23:28 - 2015-07-10 11:59 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2016-02-26 23:28 - 2015-07-10 11:59 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2016-02-26 23:28 - 2015-07-10 11:59 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2016-02-26 23:28 - 2015-07-10 11:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2016-02-26 23:28 - 2015-07-10 11:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2016-02-26 23:28 - 2015-07-10 11:59 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2016-02-26 23:28 - 2015-07-10 11:59 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2016-02-26 23:28 - 2015-07-10 11:59 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2016-02-26 23:28 - 2015-07-10 11:59 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2016-02-26 23:28 - 2015-07-10 11:59 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2016-02-26 23:28 - 2015-07-10 11:59 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2016-02-25 09:50 - 2013-03-04 21:55 - 00017272 _____ C:\WINDOWS\system32\results.xml
2016-02-24 13:27 - 2012-05-05 19:07 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-02-24 13:26 - 2011-07-29 00:51 - 00000000 ____D C:\swsetup
2016-02-23 18:10 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-02-21 14:25 - 2014-06-06 12:38 - 00000000 ____D C:\Users\Nutzer\AppData\Local\Downloaded Installations
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-08-06 12:59 - 2015-08-06 12:59 - 0000000 _____ () C:\Program Files (x86)\JMicr
2015-08-06 12:59 - 2015-08-06 12:59 - 0000000 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-08-06 12:59 - 2015-08-06 12:59 - 0000000 _____ () C:\Program Files (x86)\StarMoney 9.0
2014-06-19 13:17 - 2014-06-19 13:32 - 0009089 _____ () C:\Users\Nutzer\AppData\Roaming\.freeciv-client-rc-2.4
2013-06-19 13:44 - 2013-11-12 12:41 - 0000116 _____ () C:\Users\Nutzer\AppData\Roaming\BEVI.CFG
2013-09-02 16:27 - 2013-09-02 16:27 - 0033193 _____ () C:\Users\Nutzer\AppData\Roaming\UserTile.png
2015-11-05 11:35 - 2015-11-05 11:35 - 0000122 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
Einige Dateien in TEMP:
====================
C:\Users\Nutzer\AppData\Local\Temp\avgnt.exe
C:\Users\Nutzer\AppData\Local\Temp\i4jdel0.exe
C:\Users\Nutzer\AppData\Local\Temp\jre-8u71-windows-au.exe
C:\Users\Nutzer\AppData\Local\Temp\jre-8u74-windows-au.exe
C:\Users\Nutzer\AppData\Local\Temp\proxy_vole2479119636678680774.dll
C:\Users\Nutzer\AppData\Local\Temp\setup_mbot_de.exe
C:\Users\Nutzer\AppData\Local\Temp\SIntf16.dll
C:\Users\Nutzer\AppData\Local\Temp\SIntf32.dll
C:\Users\Nutzer\AppData\Local\Temp\SIntfNT.dll
C:\Users\Nutzer\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-03-12 14:53
==================== Ende von FRST.txt ============================ --- --- --- |