Irgendwoher2 | 08.04.2019 01:50 | FRST Logfile: Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
durchgeführt von XX (Administrator) auf PC-01 (08-04-2019 02:29:04)
Gestartet von C:\Users\Xx\AppData\Local\Microsoft\Windows\INetCache\IE\VXEVB054
Geladene Profile: XX (Verfügbare Profile: XX)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(IDT, Inc.) [Datei ist nicht signiert] C:\Program Files\IDT\WDM\stacsv64.exe
(ArcSoft, Inc. -> ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Portrait Displays, Inc. -> Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\Ultralight\ulcore\1552296247\fshoster64.exe
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\Ultralight\ulcore\1552296247\fshoster64.exe
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\Ultralight\ulcore\1552296247\fsorsp64.exe
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\Ultralight\ulcore\1552296247\fsulprothoster.exe
(Intel(R) Corporation) [Datei ist nicht signiert] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Portrait Displays, Inc. -> Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Seagate Technology LLC -> Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Seagate Technology LLC -> Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe
(Integrated Device Technology Inc. -> Hewlett-Packard ) [Datei ist nicht signiert] C:\Program Files\IDT\WDM\Beats64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(IDT, Inc.) [Datei ist nicht signiert] C:\Program Files\IDT\WDM\sttray64.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(HP Inc -> HP Inc.) C:\Program Files\HP\HP OfficeJet Pro 8730\Bin\ScanToPCActivationApp.exe
(HP Inc -> HP Inc.) C:\Program Files\HP\HP OfficeJet Pro 8730\Bin\HPNetworkCommunicatorCom.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(Portrait Displays, Inc. -> ) C:\Program Files (x86)\Portrait Displays\Pivot Software\wpCtrl.exe
(Portrait Displays, Inc. -> ) C:\Program Files (x86)\Portrait Displays\Pivot Software\Floater.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Portrait Displays, Inc. -> Portrait Displays, Inc) C:\Program Files (x86)\Hewlett-Packard\HP My Display\dthtml.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Portrait Displays, Inc. -> Portrait Displays Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\HookManager.exe
(mquadr.at software engineering und consulting GmbH -> Swisscom) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Launcher.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(ArcSoft, Inc. -> ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(ArcSoft, Inc. -> ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(mquadr.at software engineering und consulting GmbH -> Swisscom) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Repair.exe
(Portrait Displays, Inc. -> Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelper.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Quick Start\HPQuickstart.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2014-01-05] (Integrated Device Technology Inc. -> Hewlett-Packard ) [Datei ist nicht signiert]
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1794904 2014-07-30] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942232 2016-10-14] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2014-01-05] (IDT, Inc.) [Datei ist nicht signiert]
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-01-18] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [PivotSoftware] => C:\Program Files (x86)\Portrait Displays\Pivot Software\wpctrl.exe [694824 2009-03-03] (Portrait Displays, Inc. -> )
HKLM-x32\...\Run: [DT HPC] => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [122384 2014-06-27] (Portrait Displays, Inc. -> Portrait Displays, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1518664 2014-09-17] (Seagate Technology LLC -> Seagate Technology LLC)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe [2089056 2014-11-18] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [Datei ist nicht signiert]
HKLM-x32\...\Run: [My Swisscom Assistant] => C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Launcher.exe [11054408 2018-10-24] (mquadr.at software engineering und consulting GmbH -> Swisscom)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [203264 2009-10-10] (ArcSoft, Inc. -> ArcSoft Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKU\S-1-5-21-2143967816-975072899-265787009-1001\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [127080 2014-09-17] (Seagate Technology LLC -> Seagate Technology LLC)
HKU\S-1-5-21-2143967816-975072899-265787009-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-2143967816-975072899-265787009-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) [Datei ist nicht signiert]
HKU\S-1-5-21-2143967816-975072899-265787009-1001\...\Run: [HP OfficeJet Pro 8730 (NET)] => C:\Program Files\HP\HP OfficeJet Pro 8730\Bin\ScanToPCActivationApp.exe [3734944 2018-12-05] (HP Inc -> HP Inc.)
HKU\S-1-5-21-2143967816-975072899-265787009-1001\...\MountPoints2: {5dea0c3a-3cba-11e4-8224-78e3b5c83e39} - "I:\WD SmartWare.exe" autoplay=true
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.86\Installer\chrmstp.exe [2019-03-21] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems, Inc.)
Startup: C:\Users\Xx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2018-12-04]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0FA8DC2E-FC4A-4551-82D1-77D89C16672C}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{CFD63DF3-7652-42CE-94A4-5AD5BBF5A3F4}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON13/35
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON13/35
HKU\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.ch/
SearchScopes: HKLM -> {53F55657-9B2E-4F9C-BEF9-42715B672147} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {53F55657-9B2E-4F9C-BEF9-42715B672147} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2143967816-975072899-265787009-1001 -> {3C27820D-A4E1-4A2C-A54D-6438685ED905} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-2143967816-975072899-265787009-1001 -> {DFF453F4-8C04-4DC4-8D04-17F72A9AB048} URL = hxxp://en.wikipedia.org/w/index.php?title=Special:Search&search={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\apps\Ultralight\nif\1553689882\browser\install\fs_ie_https\fs_ie_https64.dll [2019-03-27] (F-Secure Corporation -> F-Secure Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: Kein Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> Keine Datei
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH -> Eyeo GmbH)
BHO-x32: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\apps\Ultralight\nif\1553689882\browser\install\fs_ie_https\fs_ie_https.dll [2019-03-27] (F-Secure Corporation -> F-Secure Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (Hewlett-Packard Company -> HP Inc.)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH -> Eyeo GmbH)
Toolbar: HKU\S-1-5-21-2143967816-975072899-265787009-1001 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Xx\AppData\Roaming\Mozilla\Firefox\Profiles\8vi706ih.default [2019-04-08]
FF Homepage: Mozilla\Firefox\Profiles\8vi706ih.default -> hxxp://www.google.ch/
FF Extension: (uBlock Origin) - C:\Users\Xx\AppData\Roaming\Mozilla\Firefox\Profiles\8vi706ih.default\Extensions\uBlock0@raymondhill.net.xpi [2019-03-14]
FF Extension: (Web of Trust) - C:\Users\Xx\AppData\Roaming\Mozilla\Firefox\Profiles\8vi706ih.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2018-06-26]
FF Extension: (Video DownloadHelper) - C:\Users\Xx\AppData\Roaming\Mozilla\Firefox\Profiles\8vi706ih.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-08-02]
FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\Xx\AppData\Roaming\Mozilla\Firefox\Profiles\8vi706ih.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-04-04]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25] [Legacy]
FF HKLM\...\Firefox\Extensions: [ols@f-secure.com] - C:\Program Files (x86)\F-Secure\apps\Ultralight\nif\1553689882\browser\install\fs_firefox_https\fs_firefox_https.xpi
FF Extension: (Browsing Protection by F-Secure) - C:\Program Files (x86)\F-Secure\apps\Ultralight\nif\1553689882\browser\install\fs_firefox_https\fs_firefox_https.xpi [2019-03-27]
FF HKLM-x32\...\Firefox\Extensions: [{ab9c4c65-5a13-49d6-893d-f8698f0686dc}] - C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\deploy\fs_firefox_https => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [ols@f-secure.com] - C:\Program Files (x86)\F-Secure\apps\Ultralight\nif\1553689882\browser\install\fs_firefox_https\fs_firefox_https.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_156.dll [2019-03-13] (Adobe Systems Incorporated -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_156.dll [2019-03-13] (Adobe Systems Incorporated -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-18] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-18] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-01-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-12-19] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Datei ist nicht signiert]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-12-19] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Datei ist nicht signiert]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2143967816-975072899-265787009-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Xx\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-01-20] (Citrix Online -> Citrix Online)
Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxps://www.google.ch/"
CHR DefaultSearchKeyword: Default -> hma
CHR Profile: C:\Users\Xx\AppData\Local\Google\Chrome\User Data\Default [2019-04-08]
CHR Extension: (Präsentationen) - C:\Users\Xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-31]
CHR Extension: (Docs) - C:\Users\Xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-31]
CHR Extension: (Google Drive) - C:\Users\Xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-26]
CHR Extension: (YouTube) - C:\Users\Xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-26]
CHR Extension: (Hide My Ass! Web Proxy) - C:\Users\Xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmgnmcnlncejehjlnhaglpnoolgbflbd [2015-11-26]
CHR Extension: (Google-Suche) - C:\Users\Xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-26]
CHR Extension: (Tabellen) - C:\Users\Xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-31]
CHR Extension: (Google Docs Offline) - C:\Users\Xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-26]
CHR Extension: (Browsing Protection by F-Secure) - C:\Users\Xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2018-12-26]
CHR Extension: (Skype) - C:\Users\Xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2018-02-18]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Web Cache Viewer) - C:\Users\Xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbkloffickinnlnmefmjmjbacohecpbd [2017-09-28]
CHR Extension: (Google Mail) - C:\Users\Xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-16]
CHR Extension: (Chrome Media Router) - C:\Users\Xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-14]
CHR HKLM\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR StartupUrls: "hxxps://www.google.ch/"
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-09-28] (ArcSoft, Inc. -> ArcSoft Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
R3 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058256 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-09-27] (CyberLink Corp. -> CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [298760 2013-09-27] (CyberLink Corp. -> CyberLink)
R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [138768 2014-06-27] (Portrait Displays, Inc. -> Portrait Displays, Inc.)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2015-06-13] (Macrovision Europe Ltd.) [Datei ist nicht signiert]
R2 fshoster; C:\Program Files (x86)\F-Secure\fshoster32.exe [213472 2018-05-08] (F-Secure Corporation -> F-Secure Corporation)
R2 fsnethoster; C:\Program Files (x86)\F-Secure\fshoster32.exe [213472 2018-05-08] (F-Secure Corporation -> F-Secure Corporation)
R2 fsulhoster; C:\Program Files (x86)\F-Secure\apps\Ultralight\ulcore\1552296247\fshoster64.exe [579560 2019-03-11] (F-Secure Corporation -> F-Secure Corporation)
R2 fsulnethoster; C:\Program Files (x86)\F-Secure\apps\Ultralight\ulcore\1552296247\fshoster64.exe [579560 2019-03-11] (F-Secure Corporation -> F-Secure Corporation)
R2 fsulorsp; C:\Program Files (x86)\F-Secure\apps\Ultralight\ulcore\1552296247\fsorsp64.exe [101320 2019-03-11] (F-Secure Corporation -> F-Secure Corporation)
R2 fsulprothoster; C:\Program Files (x86)\F-Secure\apps\Ultralight\ulcore\1552296247\fsulprothoster.exe [579560 2019-03-11] (F-Secure Corporation -> F-Secure Corporation)
S3 GoToAssist; C:\Program Files (x86)\Citrix\GoToAssist Corporate\1055\G2AC_Service.exe [309568 2014-08-18] (Citrix Online -> Citrix Online, a division of Citrix Systems, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [347512 2018-12-06] (HP Inc. -> HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc. -> HP Inc.)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-03-18] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2014-03-18] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S3 m2UpdateService_F8F8565687B043BDB2BA3B7982C22B5E; C:\Program Files (x86)\Swisscom\My Swisscom Assistant\m2UpdateService.exe [7862088 2018-10-24] (mquadr.at software engineering und consulting GmbH -> Swisscom)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16000 2014-09-17] (Seagate Technology LLC -> Seagate Technology LLC)
R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [157776 2014-09-17] (Seagate Technology LLC -> Seagate Technology LLC)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340480 2014-01-05] (IDT, Inc.) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S2 HPSLPSVC; C:\Users\Xx\AppData\Local\Temp\7zS671B\hpslpsvc64.dll [X] <==== ACHTUNG
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 athr; C:\WINDOWS\system32\DRIVERS\athwbx.sys [4265984 2014-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
S3 DrvAgent64; C:\WINDOWS\SysWOW64\Drivers\DrvAgent64.SYS [20872 2017-01-13] (eSupport.com, Inc -> Phoenix Technologies)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [18528 2014-11-18] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Datei ist nicht signiert]
S3 epmntdrv; C:\WINDOWS\SysWOW64\epmntdrv.sys [14944 2014-11-18] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Datei ist nicht signiert]
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10848 2014-11-18] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Datei ist nicht signiert]
S3 EuGdiDrv; C:\WINDOWS\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Datei ist nicht signiert]
R3 F-Secure Gatekeeper; C:\Program Files (x86)\F-Secure\apps\Ultralight\ulcore\1552296247\fsulgk.sys [262304 2019-03-11] (F-Secure Corporation -> F-Secure Corporation)
R1 F-Secure UL HIPS; C:\Program Files (x86)\F-Secure\apps\Ultralight\ulcore\1552296247\fshs.sys [97440 2019-03-11] (F-Secure Corporation -> F-Secure Corporation)
R0 fsbts; C:\WINDOWS\System32\drivers\fsbts.sys [65872 2018-08-07] (F-Secure Corporation -> )
R3 fsni; C:\Program Files (x86)\F-Secure\apps\Ultralight\nif\1553689882\fsni64.sys [108704 2019-03-27] (F-Secure Corporation -> F-Secure Corporation)
S3 Netaapl; C:\WINDOWS\system32\DRIVERS\netaapl64.sys [23040 2014-08-16] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50472 2015-11-25] (NVIDIA Corporation -> NVIDIA Corporation)
R3 STHDA; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [551936 2014-01-05] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> )
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 usbrndis6; C:\WINDOWS\system32\DRIVERS\usb80236.sys [20992 2015-04-25] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [14464 2015-01-27] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [62856 2017-10-24] (Intel Corporation -> Intel Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2019-04-08 02:28 - 2019-04-08 02:29 - 000000000 ____D C:\FRST
2019-04-08 00:37 - 2019-04-08 00:37 - 000455056 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20190408-003753.backup
2019-04-08 00:37 - 2015-12-30 12:54 - 000450821 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20190408-003730.backup
2019-04-08 00:33 - 2019-04-08 00:34 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2019-04-08 00:33 - 2019-04-08 00:33 - 000001428 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2019-04-08 00:33 - 2019-04-08 00:33 - 000001416 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2019-04-08 00:33 - 2019-04-08 00:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2019-04-08 00:33 - 2018-02-06 19:04 - 000032168 _____ (Safer-Networking Ltd.) C:\WINDOWS\system32\sdnclean64.exe
2019-04-08 00:32 - 2019-04-08 00:32 - 069910960 _____ (Safer-Networking Ltd. ) C:\Users\Xx\Downloads\spybotsd-2.7.64.0.exe
2019-04-07 12:19 - 2019-04-07 12:57 - 000000360 _____ C:\WINDOWS\Tasks\HPCeeScheduleForXX.job
2019-04-07 12:19 - 2019-04-07 12:19 - 000003182 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForXX
2019-04-07 04:47 - 2019-04-07 04:47 - 002371048 _____ C:\Users\Xx\Downloads\PKKatalogEinleitung.pdf
2019-04-05 02:26 - 2019-04-05 02:27 - 000000000 ____D C:\Users\Xx\Downloads\Ricardo Statistik
2019-04-05 02:24 - 2019-04-05 02:24 - 000000000 ____D C:\Users\Xx\Downloads\Bachpiece
2019-03-31 06:53 - 2019-03-31 06:53 - 000003176 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2143967816-975072899-265787009-1001
2019-03-31 06:53 - 2019-03-31 06:53 - 000002351 _____ C:\Users\Xx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2019-03-29 18:26 - 2019-03-29 18:26 - 000003862 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1427314068
2019-03-29 18:26 - 2019-03-29 18:26 - 000001099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2019-03-23 07:54 - 2019-03-23 07:54 - 000001945 _____ C:\Users\Public\Desktop\PayMaker.lnk
2019-03-23 07:54 - 2019-03-23 07:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PayMaker
2019-03-21 13:21 - 2019-03-28 13:21 - 000000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2019-03-21 13:21 - 2019-03-21 13:21 - 000001155 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixPad Audiodatei-Mixer.lnk
2019-03-21 13:21 - 2019-03-21 13:21 - 000000000 ____D C:\Users\Xx\Documents\Mixpad Projects
2019-03-21 13:21 - 2019-03-21 13:21 - 000000000 ____D C:\ProgramData\NCH Software
2019-03-21 13:21 - 2019-03-21 13:21 - 000000000 ____D C:\Program Files (x86)\NCH Software
2019-03-16 05:28 - 2019-03-16 05:28 - 000000000 ____D C:\Users\Xx\AppData\Roaming\EPSON
2019-03-16 05:18 - 2019-03-16 05:18 - 000000000 ____D C:\Users\Xx\AppData\Roaming\Lasersoft Imaging
2019-03-16 05:13 - 2019-03-16 05:13 - 000002189 _____ C:\Users\Public\Desktop\Scan-n-Stitch Deluxe.lnk
2019-03-16 05:13 - 2019-03-16 05:13 - 000000000 ____D C:\Users\Xx\AppData\Local\ArcSoft
2019-03-16 05:13 - 2019-03-16 05:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Scan-n-Stitch Deluxe
2019-03-16 05:13 - 2019-03-16 05:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Connect
2019-03-16 05:13 - 2019-03-16 05:13 - 000000000 ____D C:\ProgramData\ArcSoft
2019-03-16 05:13 - 2019-03-16 05:13 - 000000000 ____D C:\Program Files (x86)\ArcSoft
2019-03-16 05:12 - 2019-03-16 05:14 - 000000000 ____D C:\Users\Xx\AppData\Roaming\ArcSoft
2019-03-16 05:11 - 2019-03-16 05:11 - 000000953 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2019-03-16 05:11 - 2019-03-16 05:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Scan
2019-03-16 05:11 - 2019-03-16 05:11 - 000000000 ____D C:\Program Files (x86)\epson
2019-03-16 05:11 - 2009-05-01 01:00 - 000128392 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\esdevapp.exe
2019-03-16 05:11 - 2009-05-01 01:00 - 000017408 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\esxcdev.dll
2019-03-16 05:11 - 2007-11-20 01:00 - 000055808 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\esxcwiab.dll
2019-03-13 02:14 - 2019-03-02 17:01 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-03-13 02:14 - 2019-03-02 17:01 - 000179608 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-03-12 20:26 - 2019-03-06 09:23 - 001737712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-03-12 20:26 - 2019-03-06 09:23 - 001501056 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-03-12 20:26 - 2019-03-06 09:23 - 001371464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-03-12 20:26 - 2019-03-06 09:22 - 001677232 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-03-12 20:26 - 2019-03-06 09:22 - 001537768 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-03-12 20:26 - 2019-03-06 09:18 - 007368440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-03-12 20:26 - 2019-03-06 08:27 - 004167680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-03-12 20:26 - 2019-03-06 08:26 - 000032896 ____C (Microsoft Corporation) C:\WINDOWS\system32\hidparse.sys
2019-03-12 20:26 - 2019-03-06 08:26 - 000032896 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-03-12 20:26 - 2019-03-06 08:03 - 003324416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-03-12 20:26 - 2019-03-06 07:37 - 003617280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-03-12 20:26 - 2019-03-06 06:50 - 002780160 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2019-03-12 20:26 - 2019-03-06 06:39 - 002464256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2019-03-12 20:26 - 2019-02-26 09:57 - 025737216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-03-12 20:26 - 2019-02-26 09:33 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-03-12 20:26 - 2019-02-26 09:31 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-03-12 20:26 - 2019-02-26 09:31 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2019-03-12 20:26 - 2019-02-26 09:31 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2019-03-12 20:26 - 2019-02-26 09:25 - 020281856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-03-12 20:26 - 2019-02-26 09:22 - 005777920 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-03-12 20:26 - 2019-02-26 09:20 - 000790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-03-12 20:26 - 2019-02-26 09:07 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-03-12 20:26 - 2019-02-26 09:04 - 002295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-03-12 20:26 - 2019-02-26 08:58 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2019-03-12 20:26 - 2019-02-26 08:57 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-03-12 20:26 - 2019-02-26 08:56 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2019-03-12 20:26 - 2019-02-26 08:56 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2019-03-12 20:26 - 2019-02-26 08:51 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2019-03-12 20:26 - 2019-02-26 08:46 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2019-03-12 20:26 - 2019-02-26 08:44 - 000381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-03-12 20:26 - 2019-02-26 08:43 - 015284224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-03-12 20:26 - 2019-02-26 08:43 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2019-03-12 20:26 - 2019-02-26 08:41 - 002135552 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-03-12 20:26 - 2019-02-26 08:41 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2019-03-12 20:26 - 2019-02-26 08:39 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2019-03-12 20:26 - 2019-02-26 08:39 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2019-03-12 20:26 - 2019-02-26 08:36 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2019-03-12 20:26 - 2019-02-26 08:35 - 004494848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-03-12 20:26 - 2019-02-26 08:33 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2019-03-12 20:26 - 2019-02-26 08:31 - 002059776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-03-12 20:26 - 2019-02-26 08:31 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2019-03-12 20:26 - 2019-02-26 08:31 - 000333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2019-03-12 20:26 - 2019-02-26 08:29 - 013681664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-03-12 20:26 - 2019-02-26 08:29 - 004858880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-03-12 20:26 - 2019-02-26 08:25 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2019-03-12 20:26 - 2019-02-26 08:20 - 001049600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2019-03-12 20:26 - 2019-02-26 08:18 - 001557504 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-03-12 20:26 - 2019-02-26 08:12 - 004386304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-03-12 20:26 - 2019-02-26 08:09 - 001332224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-03-12 20:26 - 2019-02-26 08:07 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2019-03-12 20:26 - 2019-02-26 08:06 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2019-03-12 20:26 - 2019-02-20 22:17 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-03-12 20:26 - 2019-02-15 21:58 - 000536584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-03-12 20:26 - 2019-02-15 21:58 - 000466272 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-03-12 20:26 - 2019-02-15 21:58 - 000413176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-03-12 20:26 - 2019-02-15 21:54 - 000038184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-03-12 20:26 - 2019-02-15 21:51 - 000449744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-03-12 20:26 - 2019-02-15 21:51 - 000413576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-03-12 20:26 - 2019-02-15 21:51 - 000033504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-03-12 20:26 - 2019-02-15 21:50 - 000372328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-03-12 20:26 - 2019-02-09 21:36 - 000444392 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-03-12 20:26 - 2019-02-09 21:36 - 000218056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-03-12 20:26 - 2019-02-09 20:53 - 000923384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-03-12 20:26 - 2019-02-09 20:51 - 002014696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-03-12 20:26 - 2019-02-09 20:26 - 000333560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-03-12 20:26 - 2019-02-09 19:49 - 000316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-03-12 20:26 - 2019-02-09 19:49 - 000200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-03-12 20:26 - 2019-02-09 19:49 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-03-12 20:26 - 2019-02-09 19:46 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2019-03-12 20:26 - 2019-02-09 19:18 - 000445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2019-03-12 20:26 - 2019-02-09 19:03 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2019-03-12 20:26 - 2019-02-09 18:56 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2019-03-12 20:26 - 2019-02-09 18:45 - 000367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2019-03-12 20:26 - 2019-02-09 18:18 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-03-12 20:26 - 2019-02-09 18:16 - 000399360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-03-12 20:26 - 2019-02-09 18:15 - 001095680 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-03-12 20:26 - 2019-02-09 02:38 - 002534936 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-03-12 20:26 - 2019-02-09 02:33 - 001901888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-03-12 20:26 - 2019-02-09 01:40 - 001137776 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-03-12 20:26 - 2019-02-09 01:40 - 000805168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-03-12 20:26 - 2019-02-09 01:07 - 000614040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-03-12 20:26 - 2019-02-09 00:18 - 000862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-03-12 20:26 - 2019-02-08 23:39 - 001197056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2019-03-12 20:26 - 2019-02-08 23:29 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2019-03-12 20:26 - 2019-02-08 21:55 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-03-12 20:26 - 2019-02-08 20:54 - 001755136 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-03-12 20:26 - 2019-02-08 20:51 - 002348032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-03-12 20:26 - 2019-02-08 20:32 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-03-12 20:26 - 2019-02-08 19:50 - 001493504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-03-12 20:26 - 2019-02-08 19:45 - 001556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-03-12 20:26 - 2019-02-07 21:38 - 000116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2019-03-12 20:26 - 2019-02-07 02:40 - 001311240 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-03-12 20:26 - 2019-02-07 02:40 - 001308240 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-03-12 20:26 - 2019-02-06 21:32 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2019-03-12 20:26 - 2019-02-06 21:32 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys
2019-03-12 20:26 - 2019-02-06 21:31 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-03-12 20:26 - 2019-02-06 21:30 - 000416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2019-03-12 20:26 - 2019-02-06 21:30 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-03-12 20:26 - 2019-02-06 20:27 - 001040384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-03-12 20:26 - 2019-02-06 19:52 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-03-12 20:26 - 2019-02-01 06:27 - 002447600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-03-12 20:26 - 2019-01-09 06:20 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hcproviders.dll
2019-03-12 20:26 - 2019-01-09 06:10 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2019-03-12 20:26 - 2019-01-09 06:06 - 000894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2019-03-12 20:26 - 2019-01-09 05:52 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hcproviders.dll
2019-03-12 20:26 - 2019-01-09 05:45 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2019-03-12 20:26 - 2019-01-09 05:40 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2019-03-12 20:26 - 2019-01-08 08:02 - 001764504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2019-03-12 20:26 - 2019-01-08 07:12 - 001489704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2019-03-12 20:26 - 2019-01-05 09:35 - 000152128 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-03-12 20:26 - 2019-01-04 16:15 - 001635328 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-03-12 20:26 - 2019-01-04 16:15 - 000799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-03-12 20:26 - 2019-01-04 16:15 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-03-12 20:26 - 2019-01-04 16:15 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-03-12 20:26 - 2019-01-04 16:15 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2019-03-12 20:26 - 2019-01-04 16:15 - 000451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-03-12 20:26 - 2019-01-04 16:15 - 000313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-03-12 20:26 - 2019-01-04 16:15 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-03-12 20:14 - 2019-03-12 20:14 - 000513376 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-03-12 20:14 - 2019-03-12 20:14 - 000513376 _____ C:\WINDOWS\system32\locale.nls
==================== Ein Monat (geänderte) ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2019-04-08 02:01 - 2016-11-16 18:26 - 000000000 ____D C:\Users\Xx\AppData\LocalLow\Mozilla
2019-04-08 01:45 - 2014-01-21 12:21 - 000000000 ____D C:\Users\Xx\AppData\Local\HPConnectedMusic
2019-04-08 01:44 - 2017-03-09 14:59 - 000000000 ____D C:\Users\Xx\AppData\Local\F-Secure
2019-04-08 01:17 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-04-08 01:11 - 2015-12-30 12:31 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2019-04-08 01:09 - 2014-01-21 04:35 - 000000000 ____D C:\Users\Xx\Documents\Outlook-Dateien
2019-04-08 01:09 - 2014-01-18 14:01 - 000003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2143967816-975072899-265787009-1001
2019-04-08 01:04 - 2019-02-07 20:35 - 000000059 _____ C:\Users\Xx\AppData\Local\UserProducts.xml
2019-04-08 01:04 - 2019-02-07 20:35 - 000000000 ____D C:\Program Files (x86)\Skillbrains
2019-04-08 00:39 - 2017-08-20 22:12 - 000000000 ____D C:\Users\Xx\AppData\Local\CrashDumps
2019-04-08 00:36 - 2019-02-07 20:35 - 000000408 _____ C:\WINDOWS\Tasks\update-sys.job
2019-04-08 00:29 - 2014-01-18 13:49 - 000000000 ____D C:\Users\Xx\AppData\Roaming\Adobe
2019-04-07 23:36 - 2019-02-07 20:35 - 000000408 _____ C:\WINDOWS\Tasks\update-S-1-5-21-2143967816-975072899-265787009-1001.job
2019-04-07 21:57 - 2014-01-19 00:40 - 000000000 ____D C:\Users\Public\Documents\Crealogix
2019-04-07 21:03 - 2014-01-18 15:17 - 000000000 ____D C:\Users\Xx
2019-04-07 20:17 - 2014-01-18 13:48 - 000000000 ____D C:\Users\Xx\AppData\Local\Packages
2019-04-07 16:54 - 2013-11-14 09:27 - 002019734 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-07 16:54 - 2013-11-14 09:11 - 000860236 _____ C:\WINDOWS\system32\perfh007.dat
2019-04-07 16:54 - 2013-11-14 09:11 - 000197328 _____ C:\WINDOWS\system32\perfc007.dat
2019-04-07 16:54 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2019-04-07 16:49 - 2014-01-18 15:15 - 000000000 ____D C:\ProgramData\NVIDIA
2019-04-07 16:49 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-04-07 08:32 - 2014-01-28 16:53 - 000522752 ___SH C:\Users\Xx\Desktop\Thumbs.db
2019-04-05 20:14 - 2018-07-16 20:30 - 000000000 ____D C:\Users\Xx\Documents\Silvia
2019-04-05 02:26 - 2015-10-19 16:12 - 000000000 ____D C:\Users\Xx\Downloads\Diverse
2019-04-05 02:24 - 2014-01-21 01:15 - 000000000 ____D C:\Users\Xx\Downloads\Adobe Produkte
2019-04-02 11:26 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2019-04-01 14:08 - 2019-03-01 10:09 - 000000000 _____ C:\Users\Xx\Documents\HPOJ8730_Fax_Port
2019-03-30 12:18 - 2014-02-07 00:24 - 000002031 _____ C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2019-03-29 18:26 - 2015-03-25 22:07 - 000000000 ____D C:\Program Files (x86)\Opera
2019-03-28 07:18 - 2017-01-27 08:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-03-28 07:18 - 2014-03-12 00:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-03-28 05:21 - 2014-03-12 00:19 - 000001178 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-03-28 03:04 - 2015-01-13 03:15 - 000003542 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-28 03:04 - 2015-01-13 03:15 - 000003414 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-23 14:31 - 2014-01-18 16:32 - 000000000 ____D C:\Program Files\Microsoft Office 15
2019-03-23 14:31 - 2013-08-22 17:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-03-23 07:54 - 2014-01-18 23:24 - 000000000 ____D C:\Program Files (x86)\CLX.PayMaker
2019-03-22 19:25 - 2018-07-11 18:34 - 000000000 ____D C:\Users\Xx\Documents\Philipp
2019-03-21 17:49 - 2014-01-24 16:31 - 000000000 ____D C:\Users\Xx\AppData\Local\HP
2019-03-21 13:19 - 2015-08-15 03:11 - 000000000 ____D C:\Users\Xx\AppData\Roaming\vlc
2019-03-21 07:25 - 2015-01-13 03:15 - 000002243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-03-16 05:24 - 2017-03-09 14:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2019-03-16 05:13 - 2013-11-12 01:23 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-03-16 05:10 - 2014-01-18 22:34 - 000000000 ____D C:\Users\Xx\AppData\Local\ElevatedDiagnostics
2019-03-15 06:45 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\rescache
2019-03-13 13:08 - 2013-08-22 16:44 - 002313888 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-03-13 12:42 - 2015-05-20 00:52 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-03-13 12:42 - 2014-12-24 09:19 - 000000000 ___SD C:\WINDOWS\system32\CompatTel
2019-03-13 12:42 - 2013-08-22 17:36 - 000000000 ___RD C:\WINDOWS\ToastData
2019-03-13 06:23 - 2018-03-14 07:52 - 000004518 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-03-13 06:23 - 2014-03-17 06:03 - 000004342 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-03-13 06:23 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-03-13 06:23 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-03-13 02:14 - 2014-01-18 14:31 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-03-13 02:14 - 2012-07-26 09:59 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-03-13 02:12 - 2014-01-18 14:31 - 127411920 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-05-25 04:35 - 2014-05-25 18:01 - 000005120 _____ () C:\Users\Xx\AppData\Local\Databases.db
2015-05-27 12:30 - 2019-02-04 19:24 - 000007596 _____ () C:\Users\Xx\AppData\Local\Resmon.ResmonCfg
2019-02-07 20:35 - 2019-02-07 20:35 - 000000003 _____ () C:\Users\Xx\AppData\Local\updater.log
2019-02-07 20:35 - 2019-04-08 01:04 - 000000059 _____ () C:\Users\Xx\AppData\Local\UserProducts.xml
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\dllhost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dllhost.exe => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2019-04-06 14:12
==================== Ende von FRST.txt ============================ --- --- --- Code:
Search results from Spybot - Search & Destroy
08.04.2019 00:58:15
Scan took 00:22:06.
45 items found.
PU.PrivacyRisk.WOT: [SBI $B21323E8] Data (File, nothing done)
C:\Users\Xx\AppData\Roaming\Mozilla\Firefox\Profiles\8vi706ih.default\WOT\storage.json
Category=PUPS
ThreatLevel=2
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
Properties.size=40617
Properties.md5=AA78AAAE3C9991EC322AC13C3BB457C8
Properties.filedate=1506882336
Properties.filedatetext=2017-10-01 18:25:35
PU.Mindspark.PDFConverterHQ: [SBI $E979ADAB] User settings (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\PDFConverterHQ
Category=PUPS
ThreatLevel=2
Weblink=hxxp://forums.spybot.info/showthread.php?74295
CasaleMedia: [SBI $ASBRCOOK] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
Category=Browser
ThreatLevel=1
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
CasaleMedia: [SBI $ASBRCOOK] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
Category=Browser
ThreatLevel=1
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
CasaleMedia: [SBI $ASBRCOOK] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
Category=Browser
ThreatLevel=1
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
CasaleMedia: [SBI $ASBRCOOK] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
Category=Browser
ThreatLevel=1
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
CasaleMedia: [SBI $ASBRCOOK] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
Category=Browser
ThreatLevel=1
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
CasaleMedia: [SBI $ASBRCOOK] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
Category=Browser
ThreatLevel=1
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
CasaleMedia: [SBI $ASBRCOOK] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
Category=Browser
ThreatLevel=1
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
Zedo: [SBI $ASBRCOOK] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
Category=Browser
ThreatLevel=1
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
Zedo: [SBI $ASBRCOOK] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
Category=Browser
ThreatLevel=1
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
Zedo: [SBI $ASBRCOOK] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
Category=Browser
ThreatLevel=1
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
Zedo: [SBI $ASBRCOOK] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
Category=Browser
ThreatLevel=1
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
Zedo: [SBI $ASBRCOOK] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
Category=Browser
ThreatLevel=1
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
DoubleClick: [SBI $ASBRCOOK] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
Category=Browser
ThreatLevel=1
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
Zedo: [SBI $ASBRCOOK] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
Category=Browser
ThreatLevel=1
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
Zedo: [SBI $ASBRCOOK] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
Category=Browser
ThreatLevel=1
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
7-Zip: [SBI $12C3A52C] Folder history (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\7-ZIP\FM\FolderHistory
Category=Tracks
ThreatLevel=2
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
7-Zip: [SBI $3D5692BD] Last used folder (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\7-ZIP\FM\PanelPath0
Category=Tracks
ThreatLevel=2
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
MS Management Console: [SBI $ECD50EAD] Recent command list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\Microsoft Management Console\Recent File List
Category=Tracks
ThreatLevel=2
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\MediaPlayer\Player\Settings\Client ID
Category=Tracks
ThreatLevel=2
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
Category=Tracks
ThreatLevel=2
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
MS DirectInput: [SBI $9A063C91] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\DirectInput\MostRecentApplication\Name
Category=Tracks
ThreatLevel=2
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
MS DirectInput: [SBI $7B184199] Most recent application ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\DirectInput\MostRecentApplication\Id
Category=Tracks
ThreatLevel=2
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
MS Paint: [SBI $07867C39] Recent file list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List
Category=Tracks
ThreatLevel=2
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
MS Regedit: [SBI $C3B62FC1] Recent open key (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit\LastKey
Category=Tracks
ThreatLevel=2
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
Category=Tracks
ThreatLevel=2
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
Category=Tracks
ThreatLevel=2
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
Windows.OpenWith: [SBI $F7204896] Open with list - .AVI extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
Category=Tracks
ThreatLevel=2
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
Windows.OpenWith: [SBI $A1C94E79] Open with list - .BMP extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList
Category=Tracks
ThreatLevel=2
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
Windows.OpenWith: [SBI $ECC28BDF] Open with list - .CSV extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList
Category=Tracks
ThreatLevel=2
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
Windows Explorer: [SBI $7308A845] Run history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU
Category=Tracks
ThreatLevel=2
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
Windows Explorer: [SBI $AA0766B5] Stream history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
Category=Tracks
ThreatLevel=2
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Category=Tracks
ThreatLevel=2
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
Category=Tracks
ThreatLevel=2
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
Category=Tracks
ThreatLevel=2
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
Category=Tracks
ThreatLevel=2
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
Cookie: [SBI $BCOOKIES] Browser: Cookie (15) (Browser: Cookie, nothing done)
Category=Browser
ThreatLevel=1
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
Cache: [SBI $BCACHE00] Browser: Cache (11) (Browser: Cache, nothing done)
Category=Browser
ThreatLevel=1
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
Verlauf: [SBI $BHISTORY] Browser: History (25) (Browser: History, nothing done)
Category=Browser
ThreatLevel=1
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
Cache: [SBI $BCACHE00] Browser: Cache (12378) (Browser: Cache, nothing done)
Category=Browser
ThreatLevel=1
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
Verlauf: [SBI $BHISTORY] Browser: History (5428) (Browser: History, nothing done)
Category=Browser
ThreatLevel=1
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
Cookie: [SBI $BCOOKIES] Browser: Cookie (263) (Browser: Cookie, nothing done)
Category=Browser
ThreatLevel=1
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
Cache: [SBI $BCACHE00] Browser: Cache (1520) (Browser: Cache, nothing done)
Category=Browser
ThreatLevel=1
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
Verlauf: [SBI $BHISTORY] Browser: History (51) (Browser: History, nothing done)
Category=Browser
ThreatLevel=1
Weblink=hxxp://forums.spybot.info/forumdisplay.php?54
--- Spybot - Search & Destroy version: 2.7.64.131 DLL (build: 20180214) ---
2018-04-20 blindman.exe (2.7.64.152)
2018-04-20 explorer.exe (2.7.64.191)
2018-02-06 SDBootCD.exe (2.7.64.109)
2018-04-20 SDCleaner.exe (2.7.64.110)
2018-04-20 SDDelFile.exe (2.7.64.94)
2018-04-20 SDFiles.exe (2.7.64.137)
2018-04-20 SDFileScanHelper.exe (2.7.64.7)
2018-04-20 SDFSSvc.exe (2.7.64.219)
2018-04-20 SDHelp.exe (2.7.64.1)
2018-02-06 SDHookHelper.exe (2.7.64.2)
2018-02-06 SDHookInst32.exe (2.7.64.2)
2018-02-06 SDHookInst64.exe (2.7.64.2)
2018-04-20 SDImmunize.exe (2.7.64.133)
2018-08-15 SDLicense.exe (2.7.65.3)
2018-04-20 SDLogReport.exe (2.7.64.107)
2018-04-20 SDOnAccess.exe (2.7.64.12)
2018-04-20 SDPESetup.exe (2.7.64.3)
2018-04-20 SDPEStart.exe (2.7.64.86)
2018-04-20 SDPhoneScan.exe (2.7.64.29)
2018-04-20 SDPRE.exe (2.7.64.22)
2018-02-06 SDPrepPos.exe (2.7.64.15)
2018-04-20 SDQuarantine.exe (2.7.64.103)
2018-02-06 SDRootAlyzer.exe (2.7.64.116)
2018-02-06 SDSBIEdit.exe (2.7.64.39)
2018-04-20 SDScan.exe (2.7.64.191)
2018-02-06 SDScript.exe (2.7.64.54)
2018-04-20 SDSettings.exe (2.7.64.139)
2018-04-20 SDShell.exe (2.7.64.2)
2018-02-06 SDShred.exe (2.7.64.108)
2018-02-06 SDSysRepair.exe (2.7.64.102)
2018-02-06 SDTools.exe (2.7.64.157)
2018-04-20 SDTray.exe (2.7.64.129)
2018-04-20 SDUpdate.exe (2.7.64.98)
2018-04-20 SDUpdSvc.exe (2.7.64.82)
2018-08-08 SDUpgrade.exe (2.7.65.0)
2018-08-15 SDWelcome.exe (2.7.65.131)
2018-02-06 SDWSCSvc.exe (2.7.64.3)
2018-09-03 Spybot3.LicenseInstaller.exe
2018-10-24 spybotsd2-install-license-installer.exe (2.7.65.0)
2019-02-22 spybotsd2-SDLicense-websitev5.exe (2.7.65.0)
2019-04-08 unins000.exe (51.1052.0.0)
2017-11-28 xcacls.exe
2017-11-28 borlndmm.dll (10.0.2288.42451)
2018-01-29 DelZip190.dll (1.9.0.119)
2018-01-29 DelZip192.dll (1.9.2.136)
2018-01-29 libeay32.dll (1.0.2.14)
2017-11-28 libssl32.dll (1.0.0.4)
2018-02-06 NotificationSpreader.dll (2.7.64.4)
2018-04-20 SDAdvancedCheckLibrary.dll (2.7.64.98)
2018-04-20 SDAV.dll (2.4.40.7)
2018-02-06 SDECon32.dll (2.7.64.114)
2018-03-23 SDECon64.dll (2.7.64.113)
2018-02-06 SDEvents.dll (2.7.64.2)
2018-04-20 SDFileScanLibrary.dll (2.7.64.24)
2018-02-06 SDHook32.dll (2.7.64.2)
2018-02-06 SDHook64.dll (2.7.64.2)
2018-04-20 SDImmunizeLibrary.dll (2.7.64.3)
2018-04-20 SDLicense.dll (2.7.64.3)
2018-04-20 SDLists.dll (2.7.64.8)
2018-02-06 SDResources.dll (2.7.64.7)
2018-04-20 SDScanLibrary.dll (2.7.64.131)
2018-04-20 SDTasks.dll (2.7.64.15)
2018-02-06 SDWinLogon.dll (2.7.64.0)
2018-01-29 sqlite3.dll (3.22.0.0)
2018-01-29 ssleay32.dll (1.0.2.14)
2018-02-06 Tools.dll (2.7.64.36)
2018-09-24 Includes\Adware-000.sbi (*)
2018-09-24 Includes\Adware-001.sbi (*)
2018-09-24 Includes\Adware-002.sbi (*)
2018-09-24 Includes\Adware-003.sbi (*)
2019-04-03 Includes\Adware-C.sbi (*)
2014-01-13 Includes\Adware.sbi (*)
2014-01-13 Includes\AdwareC.sbi (*)
2017-11-28 Includes\Cookies.sbi (*)
2014-11-14 Includes\Dialer-000.sbi (*)
2014-11-14 Includes\Dialer-001.sbi (*)
2018-06-20 Includes\Dialer-C.sbi (*)
2014-01-13 Includes\Dialer.sbi (*)
2014-01-13 Includes\DialerC.sbi (*)
2014-01-09 Includes\Fraud-000.sbi (*)
2017-01-30 Includes\Fraud-001.sbi (*)
2014-03-31 Includes\Fraud-002.sbi (*)
2016-07-06 Includes\Fraud-003.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2014-11-14 Includes\Hijackers-000.sbi (*)
2014-11-14 Includes\Hijackers-001.sbi (*)
2018-04-04 Includes\Hijackers-C.sbi (*)
2014-01-13 Includes\Hijackers.sbi (*)
2014-01-13 Includes\HijackersC.sbi (*)
2014-01-08 Includes\iPhone-000.sbi (*)
2014-01-08 Includes\iPhone.sbi (*)
2016-05-27 Includes\Keyloggers-000.sbi (*)
2019-03-20 Includes\Keyloggers-C.sbi (*)
2014-01-13 Includes\Keyloggers.sbi (*)
2014-01-13 Includes\KeyloggersC.sbi (*)
2015-06-25 Includes\Malware-000.sbi (*)
2014-11-14 Includes\Malware-001.sbi (*)
2018-04-12 Includes\Malware-002.sbi (*)
2016-11-07 Includes\Malware-003.sbi (*)
2014-11-14 Includes\Malware-004.sbi (*)
2014-11-14 Includes\Malware-005.sbi (*)
2014-02-26 Includes\Malware-006.sbi (*)
2014-01-09 Includes\Malware-007.sbi (*)
2018-12-19 Includes\Malware-C.sbi (*)
2014-01-13 Includes\Malware.sbi (*)
2014-01-13 Includes\MalwareC.sbi (*)
2018-05-02 Includes\PUPS-000.sbi (*)
2018-05-02 Includes\PUPS-001.sbi (*)
2018-05-02 Includes\PUPS-002.sbi (*)
2018-05-02 Includes\PUPS-003.sbi (*)
2018-05-02 Includes\PUPS-004.sbi (*)
2019-04-03 Includes\PUPS-C.sbi (*)
2014-01-13 Includes\PUPS.sbi (*)
2014-01-13 Includes\PUPSC.sbi (*)
2014-01-08 Includes\Security-000.sbi (*)
2018-08-01 Includes\Security-C.sbi (*)
2014-01-21 Includes\Security.sbi (*)
2014-01-21 Includes\SecurityC.sbi (*)
2015-11-11 Includes\Spyware-000.sbi (*)
2015-05-06 Includes\Spyware-001.sbi (*)
2019-03-06 Includes\Spyware-C.sbi (*)
2014-01-21 Includes\Spyware.sbi (*)
2014-01-21 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2017-06-28 Includes\Trojans-000.sbi (*)
2014-01-15 Includes\Trojans-001.sbi (*)
2017-10-25 Includes\Trojans-002.sbi (*)
2016-01-20 Includes\Trojans-003.sbi (*)
2018-11-28 Includes\Trojans-004.sbi (*)
2014-03-19 Includes\Trojans-005.sbi (*)
2015-03-31 Includes\Trojans-006.sbi (*)
2017-12-01 Includes\Trojans-007.sbi (*)
2014-07-09 Includes\Trojans-008.sbi (*)
2018-11-28 Includes\Trojans-009.sbi (*)
2018-06-21 Includes\Trojans-010.sbi (*)
2019-04-03 Includes\Trojans-C.sbi (*)
2014-01-15 Includes\Trojans-OG-000.sbi (*)
2014-01-15 Includes\Trojans-TD-000.sbi (*)
2014-01-15 Includes\Trojans-VM-000.sbi (*)
2014-01-15 Includes\Trojans-VM-001.sbi (*)
2014-01-15 Includes\Trojans-VM-002.sbi (*)
2014-01-15 Includes\Trojans-VM-003.sbi (*)
2014-01-15 Includes\Trojans-VM-004.sbi (*)
2014-01-15 Includes\Trojans-VM-005.sbi (*)
2014-01-15 Includes\Trojans-VM-006.sbi (*)
2014-01-15 Includes\Trojans-VM-007.sbi (*)
2014-01-15 Includes\Trojans-VM-008.sbi (*)
2014-01-15 Includes\Trojans-VM-009.sbi (*)
2014-01-15 Includes\Trojans-VM-010.sbi (*)
2014-01-15 Includes\Trojans-VM-011.sbi (*)
2014-01-15 Includes\Trojans-VM-012.sbi (*)
2014-01-15 Includes\Trojans-VM-013.sbi (*)
2014-01-15 Includes\Trojans-VM-014.sbi (*)
2014-01-15 Includes\Trojans-VM-015.sbi (*)
2014-01-15 Includes\Trojans-VM-016.sbi (*)
2014-01-15 Includes\Trojans-VM-017.sbi (*)
2014-01-15 Includes\Trojans-VM-018.sbi (*)
2014-01-15 Includes\Trojans-VM-019.sbi (*)
2014-01-15 Includes\Trojans-VM-020.sbi (*)
2014-01-15 Includes\Trojans-VM-021.sbi (*)
2014-01-15 Includes\Trojans-VM-022.sbi (*)
2014-01-15 Includes\Trojans-VM-023.sbi (*)
2014-01-15 Includes\Trojans-VM-024.sbi (*)
2014-01-15 Includes\Trojans-ZB-000.sbi (*)
2016-02-03 Includes\Trojans-ZL-000.sbi (*)
2014-01-09 Includes\Trojans.sbi (*)
2014-01-16 Includes\TrojansC-01.sbi (*)
2014-01-16 Includes\TrojansC-02.sbi (*)
2014-01-16 Includes\TrojansC-03.sbi (*)
2014-01-16 Includes\TrojansC-04.sbi (*)
2014-01-16 Includes\TrojansC-05.sbi (*)
2014-01-09 Includes\TrojansC.sbi (*) Code:
[i] 19-04-08 01:11:54
[i] 19-04-08 01:11:54 Product PU.PrivacyRisk.WOT
[+] 19-04-08 01:11:54 Moving into quarantine C:\Users\Xx\AppData\Roaming\Mozilla\Firefox\Profiles\8vi706ih.default\WOT\storage.json
[+] 19-04-08 01:11:54 Successfully cleaned C:\Users\Xx\AppData\Roaming\Mozilla\Firefox\Profiles\8vi706ih.default\WOT\storage.json
[i] 19-04-08 01:11:54
[i] 19-04-08 01:11:54 Product PU.Mindspark.PDFConverterHQ
[+] 19-04-08 01:11:54 Moving into quarantine HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\PDFConverterHQ
[+] 19-04-08 01:11:54 Successfully cleaned HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\PDFConverterHQ
[i] 19-04-08 01:11:54
[i] 19-04-08 01:11:54 Product CasaleMedia
[+] 19-04-08 01:11:54 Moving into quarantine Cookie (Google Chrome: Default).casalemedia.com/ (CMDD)
[+] 19-04-08 01:11:54 Moving into quarantine Cookie (Google Chrome: Default).casalemedia.com/ (CMRUM3)
[+] 19-04-08 01:11:54 Moving into quarantine Cookie (Google Chrome: Default).casalemedia.com/ (CMSUM)
[+] 19-04-08 01:11:54 Moving into quarantine Cookie (Google Chrome: Default).casalemedia.com/ (CMID)
[+] 19-04-08 01:11:54 Moving into quarantine Cookie (Google Chrome: Default).casalemedia.com/ (CMPRO)
[+] 19-04-08 01:11:54 Moving into quarantine Cookie (Google Chrome: Default).casalemedia.com/ (CMPS)
[+] 19-04-08 01:11:54 Moving into quarantine Cookie (Google Chrome: Default).casalemedia.com/ (CMST)
[+] 19-04-08 01:11:55 Successfully cleaned Cookie (Google Chrome: Default).casalemedia.com/ (CMDD)
[+] 19-04-08 01:11:55 Successfully cleaned Cookie (Google Chrome: Default).casalemedia.com/ (CMRUM3)
[+] 19-04-08 01:11:55 Successfully cleaned Cookie (Google Chrome: Default).casalemedia.com/ (CMSUM)
[+] 19-04-08 01:11:55 Successfully cleaned Cookie (Google Chrome: Default).casalemedia.com/ (CMID)
[+] 19-04-08 01:11:55 Successfully cleaned Cookie (Google Chrome: Default).casalemedia.com/ (CMPRO)
[+] 19-04-08 01:11:55 Successfully cleaned Cookie (Google Chrome: Default).casalemedia.com/ (CMPS)
[+] 19-04-08 01:11:55 Successfully cleaned Cookie (Google Chrome: Default).casalemedia.com/ (CMST)
[i] 19-04-08 01:11:55
[i] 19-04-08 01:11:55 Product Zedo
[+] 19-04-08 01:11:55 Moving into quarantine Cookie (Google Chrome: Default).zedo.com/ (FFIDA)
[+] 19-04-08 01:11:55 Moving into quarantine Cookie (Google Chrome: Default).zedo.com/ (FFad)
[+] 19-04-08 01:11:55 Moving into quarantine Cookie (Google Chrome: Default).zedo.com/ (FFcat)
[+] 19-04-08 01:11:55 Moving into quarantine Cookie (Google Chrome: Default).zedo.com/ (FFgb)
[+] 19-04-08 01:11:55 Moving into quarantine Cookie (Google Chrome: Default).zedo.com/ (FFgip)
[+] 19-04-08 01:11:55 Moving into quarantine Cookie (Google Chrome: Default).zedo.com/ (ZCBC)
[+] 19-04-08 01:11:55 Moving into quarantine Cookie (Google Chrome: Default).zedo.com/ (ZEDOIDA)
[+] 19-04-08 01:11:55 Successfully cleaned Cookie (Google Chrome: Default).zedo.com/ (FFIDA)
[+] 19-04-08 01:11:55 Successfully cleaned Cookie (Google Chrome: Default).zedo.com/ (FFad)
[+] 19-04-08 01:11:55 Successfully cleaned Cookie (Google Chrome: Default).zedo.com/ (FFcat)
[+] 19-04-08 01:11:55 Successfully cleaned Cookie (Google Chrome: Default).zedo.com/ (FFgb)
[+] 19-04-08 01:11:55 Successfully cleaned Cookie (Google Chrome: Default).zedo.com/ (FFgip)
[+] 19-04-08 01:11:55 Successfully cleaned Cookie (Google Chrome: Default).zedo.com/ (ZCBC)
[+] 19-04-08 01:11:55 Successfully cleaned Cookie (Google Chrome: Default).zedo.com/ (ZEDOIDA)
[i] 19-04-08 01:11:55
[i] 19-04-08 01:11:55 Product DoubleClick
[+] 19-04-08 01:11:55 Moving into quarantine Cookie (Google Chrome: Default).doubleclick.net/ (IDE)
[+] 19-04-08 01:11:55 Successfully cleaned Cookie (Google Chrome: Default).doubleclick.net/ (IDE)
[i] 19-04-08 01:11:55
[i] 19-04-08 01:11:55 Product 7-Zip
[+] 19-04-08 01:11:55 Moving into quarantine HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\7-ZIP\FM\FolderHistory
[+] 19-04-08 01:11:55 Moving into quarantine HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\7-ZIP\FM\PanelPath0
[+] 19-04-08 01:11:55 Successfully cleaned HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\7-ZIP\FM\FolderHistory
[+] 19-04-08 01:11:55 Successfully cleaned HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\7-ZIP\FM\PanelPath0
[i] 19-04-08 01:11:55
[i] 19-04-08 01:11:55 Product MS Management Console
[+] 19-04-08 01:11:55 Moving into quarantine HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\Microsoft Management Console\Recent File List
[+] 19-04-08 01:11:55 Successfully cleaned HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\Microsoft Management Console\Recent File List
[i] 19-04-08 01:11:55
[i] 19-04-08 01:11:55 Product MS Media Player
[+] 19-04-08 01:11:55 Moving into quarantine HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\MediaPlayer\Player\Settings\Client ID
[+] 19-04-08 01:11:55 Successfully cleaned HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\MediaPlayer\Player\Settings\Client ID
[i] 19-04-08 01:11:55
[i] 19-04-08 01:11:55 Product MS DirectDraw
[+] 19-04-08 01:11:55 Moving into quarantine HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
[+] 19-04-08 01:11:55 Successfully cleaned HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
[i] 19-04-08 01:11:55
[i] 19-04-08 01:11:55 Product MS DirectInput
[+] 19-04-08 01:11:55 Moving into quarantine HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\DirectInput\MostRecentApplication\Name
[+] 19-04-08 01:11:55 Moving into quarantine HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\DirectInput\MostRecentApplication\Id
[+] 19-04-08 01:11:55 Successfully cleaned HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\DirectInput\MostRecentApplication\Name
[+] 19-04-08 01:11:55 Successfully cleaned HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\DirectInput\MostRecentApplication\Id
[i] 19-04-08 01:11:55
[i] 19-04-08 01:11:55 Product MS Paint
[+] 19-04-08 01:11:55 Moving into quarantine HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List
[+] 19-04-08 01:11:55 Successfully cleaned HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List
[i] 19-04-08 01:11:55
[i] 19-04-08 01:11:55 Product MS Regedit
[+] 19-04-08 01:11:55 Moving into quarantine HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit\LastKey
[+] 19-04-08 01:11:56 Successfully cleaned HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit\LastKey
[i] 19-04-08 01:11:56
[i] 19-04-08 01:11:56 Product Windows
[+] 19-04-08 01:11:56 Moving into quarantine HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
[+] 19-04-08 01:11:56 Moving into quarantine HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
[+] 19-04-08 01:11:56 Successfully cleaned HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
[+] 19-04-08 01:11:56 Successfully cleaned HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
[i] 19-04-08 01:11:56
[i] 19-04-08 01:11:56 Product Windows.OpenWith
[+] 19-04-08 01:11:56 Moving into quarantine HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
[+] 19-04-08 01:11:56 Moving into quarantine HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList
[+] 19-04-08 01:11:56 Moving into quarantine HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList
[+] 19-04-08 01:11:56 Successfully cleaned HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
[+] 19-04-08 01:11:56 Successfully cleaned HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList
[+] 19-04-08 01:11:56 Successfully cleaned HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList
[i] 19-04-08 01:11:56
[i] 19-04-08 01:11:56 Product Windows Explorer
[+] 19-04-08 01:11:56 Moving into quarantine HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU
[+] 19-04-08 01:11:56 Moving into quarantine HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
[+] 19-04-08 01:11:56 Moving into quarantine HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
[+] 19-04-08 01:11:56 Successfully cleaned HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU
[+] 19-04-08 01:11:56 Successfully cleaned HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
[+] 19-04-08 01:11:56 Successfully cleaned HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
[i] 19-04-08 01:11:56
[i] 19-04-08 01:11:56 Product Windows Media SDK
[+] 19-04-08 01:11:56 Moving into quarantine HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+] 19-04-08 01:11:56 Moving into quarantine HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+] 19-04-08 01:11:56 Moving into quarantine HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+] 19-04-08 01:11:56 Successfully cleaned HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+] 19-04-08 01:11:56 Successfully cleaned HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+] 19-04-08 01:11:56 Successfully cleaned HKEY_USERS\S-1-5-21-2143967816-975072899-265787009-1001\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[i] 19-04-08 01:11:56
[i] 19-04-08 01:11:56 Product Cookie
[+] 19-04-08 01:11:56 Moving into quarantine Internet Explorer (Benutzer) (XX)Cookies
[+] 19-04-08 01:11:56 Moving into quarantine Google Chrome (Default)Cookies
[+] 19-04-08 01:11:56 Successfully cleaned Internet Explorer (Benutzer) (XX)Cookies
[+] 19-04-08 01:11:56 Successfully cleaned Google Chrome (Default)Cookies
[i] 19-04-08 01:11:56
[i] 19-04-08 01:11:56 Product Cache
[+] 19-04-08 01:11:56 Moving into quarantine Internet Explorer (Benutzer) (XX)Cache
[+] 19-04-08 01:11:56 Moving into quarantine Opera 7+ (XX)Cache
[+] 19-04-08 01:11:56 Moving into quarantine Google Chrome (Default)Cache
[+] 19-04-08 01:11:56 Successfully cleaned Internet Explorer (Benutzer) (XX)Cache
[+] 19-04-08 01:11:56 Successfully cleaned Opera 7+ (XX)Cache
[+] 19-04-08 01:11:56 Successfully cleaned Google Chrome (Default)Cache
[i] 19-04-08 01:11:56
[i] 19-04-08 01:11:56 Product Verlauf
[+] 19-04-08 01:11:56 Moving into quarantine Internet Explorer (Benutzer) (XX)History
[+] 19-04-08 01:11:56 Moving into quarantine Opera 7+ (XX)History
[+] 19-04-08 01:11:56 Moving into quarantine Google Chrome (Default)History
[+] 19-04-08 01:11:56 Successfully cleaned Internet Explorer (Benutzer) (XX)History
[+] 19-04-08 01:11:56 Successfully cleaned Opera 7+ (XX)History
[+] 19-04-08 01:11:56 Successfully cleaned Google Chrome (Default)History
[i] 19-04-08 01:11:56
[i] 19-04-08 01:11:56 Summary
[i] 19-04-08 01:11:56 Errors while cleaning 0
[i] 19-04-08 01:11:56 Files moved into quarantine 45
[i] 19-04-08 01:11:56 Files successfully cleaned 45 |