| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows Updates und Grafikkartentreiber Update nicht möglichWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
02.02.2015, 20:48
| #16 | |
| /// Malwareteam   |  Windows Updates und Grafikkartentreiber Update nicht möglich Hi, Zitat:
 dein MBR ist ok ... Schritt 1: Downloade dir bitte Windows Repair (All In One) von hier.
Schritt 2: verändert sich das Problem mit den Updates danach? |
|
02.02.2015, 23:15
| #17 |
 | Windows Updates und Grafikkartentreiber Update nicht möglich JUHUU! Du hast es geschafft!!
__________________Alle Updates ließen sich jetzt installieren, vielen Dank!!!  Seitdem ich Windows Repair benutzt habe hat sich jetzt aber bei jedem Neustart mein Avast gemeldet mit einer angeblichen Infektion: URL: hxxp://dl.secunia.com/SPS/AdobeAir_16.0.0.245_SPS.exe Infektion: Win32:Evo-gen[Susp] Prozess: C:\Program Files (x86)\Secunia\PSI\PSIA.exe Was hat das zu bedeuten? |
|
03.02.2015, 21:24
| #18 |
| /// Malwareteam | Windows Updates und Grafikkartentreiber Update nicht möglich Hi, ich bin noch unterwegs und schau es mir an sobald ich an einem Rechner sitze
__________________
__________________ |
|
04.02.2015, 08:22
| #19 | |
| /// Malwareteam | Windows Updates und Grafikkartentreiber Update nicht möglich Hi, ich bekomme die avast Warnung auch bei mir... Zitat:
Poste mir bitte ein frisches, wenn alles passt letztes FRST Logfile. Wenn hier nichts mehr zu finden ist räumen wir noch auf und sichern dein System ab. |
|
04.02.2015, 10:36
| #20 |
| | Windows Updates und Grafikkartentreiber Update nicht möglich Ja du hast recht. Wenn ich die Datei selber scanne findet er keine Bedrohung. FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015
Ran by pc (administrator) on PC-PC on 04-02-2015 10:35:22
Running from C:\Users\pc\Desktop
Loaded Profiles: pc (Available profiles: pc)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac207\Monitor.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Gainward Co.) C:\Program Files (x86)\EXPERTool\TBPANEL.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(FileHippo.com) C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Spotify Ltd) C:\Users\pc\AppData\Roaming\Spotify\spotify.exe
(Spotify Ltd) C:\Users\pc\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(GoPro) C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Dropbox, Inc.) C:\Users\pc\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
() C:\Users\pc\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\pc\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\pc\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\pc\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\pc\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Monitor] => C:\Windows\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-15] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2770432 2010-02-10] (VIA)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-01-20] (Apple Inc.)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKU\S-1-5-21-648632289-941596113-564908001-1000\...\Run: [GAINWARD] => C:\Program Files (x86)\EXPERTool\TBPanel.exe [2181744 2010-10-22] (Gainward Co.)
HKU\S-1-5-21-648632289-941596113-564908001-1000\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3046808 2011-02-07] ()
HKU\S-1-5-21-648632289-941596113-564908001-1000\...\Run: [Wisdom-soft AutoScreenRecorder 3.1 Pro] => 0
HKU\S-1-5-21-648632289-941596113-564908001-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [784904 2014-10-14] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-648632289-941596113-564908001-1000\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [307712 2012-11-23] (FileHippo.com)
HKU\S-1-5-21-648632289-941596113-564908001-1000\...\Run: [GoogleChromeAutoLaunch_17E89F440D584F67E92EAD2E51C3A3A4] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [854344 2014-10-22] (Google Inc.)
HKU\S-1-5-21-648632289-941596113-564908001-1000\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1080104 2014-08-04] (Apple Inc.)
HKU\S-1-5-21-648632289-941596113-564908001-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-648632289-941596113-564908001-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-648632289-941596113-564908001-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-10-20] (Apple Inc.)
HKU\S-1-5-21-648632289-941596113-564908001-1000\...\Run: [Spotify] => C:\Users\pc\AppData\Roaming\Spotify\Spotify.exe [6737976 2014-12-28] (Spotify Ltd)
HKU\S-1-5-21-648632289-941596113-564908001-1000\...\Run: [Spotify Web Helper] => C:\Users\pc\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-28] (Spotify Ltd)
HKU\S-1-5-21-648632289-941596113-564908001-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GoPro Importer.lnk
ShortcutTarget: GoPro Importer.lnk -> C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe (GoPro)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\avast! Free Antivirus (2).lnk
ShortcutTarget: avast! Free Antivirus (2).lnk -> C:\Program Files\AVAST Software\Avast\avastui.exe (AVAST Software)
Startup: C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\pc\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-648632289-941596113-564908001-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-648632289-941596113-564908001-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
DPF: HKLM-x32 {140E4DF8-9E14-4A34-9577-C77561ED7883} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.72.0.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\ahit0ekq.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-648632289-941596113-564908001-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101714.dll No File
FF Plugin HKU\S-1-5-21-648632289-941596113-564908001-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKU\S-1-5-21-648632289-941596113-564908001-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-10-28]
Chrome:
=======
CHR Profile: C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-01-20]
CHR Extension: (Google Drive) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-20]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-04]
CHR Extension: (YouTube) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-20]
CHR Extension: (Google-Suche) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-20]
CHR Extension: (HTTPS Everywhere) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2013-01-20]
CHR Extension: (AdBlock) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-01-20]
CHR Extension: (Ghostery) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-01-31]
CHR Extension: (Google Wallet) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-04]
CHR Extension: (Google Mail) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-20]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-02]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-02] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-02] (Avast Software)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
S4 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-09-30] (Intel Corporation) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-11-15] ()
R2 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [253776 2013-03-06] ()
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [174600 2014-10-14] (Sandboxie Holdings, LLC)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1328736 2012-09-24] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [656480 2012-09-24] (Secunia)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-09-30] (Intel Corporation) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-02] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-02] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-02] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-25] (AVM Berlin)
R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-25] (AVM GmbH)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-01] (HTC, Corporation) [File not signed]
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 OXSDIDRV_x64; C:\Windows\System32\DRIVERS\OXSDIDRV_x64.sys [51760 2009-09-28] ()
S3 OXUDIDRV; C:\Windows\system32\Drivers\OXUDIDRV_X64.sys [31280 2010-05-25] ()
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [572416 2006-12-05] (PixArt Imaging Inc.)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [185352 2014-10-14] (Sandboxie Holdings, LLC)
S3 TBPanel; No ImagePath
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-02] (Avast Software)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 RTL8192cu; system32\DRIVERS\rtwlanu.sys [X]
S3 rtlss; System32\Drivers\rtlss.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2051-01-27 18:38 - 2012-06-10 14:25 - 00000000 ____D () C:\Users\pc\AppData\Roaming\QuickScan
2051-01-27 18:33 - 2051-01-27 18:33 - 00809541 _____ () C:\Users\pc\AppData\Local\census.cache
2051-01-27 18:32 - 2051-01-27 18:32 - 00097995 _____ () C:\Users\pc\AppData\Local\ars.cache
2051-01-27 18:24 - 2051-01-27 18:24 - 00000036 _____ () C:\Users\pc\AppData\Local\housecall.guid.cache
2015-02-04 10:11 - 2015-02-04 10:11 - 00000197 _____ () C:\Windows\system32\2015-02-04-09-11-42.072-AvastVBoxSVC.exe-1348.log
2015-02-03 18:43 - 2015-02-03 18:43 - 00000000 ____D () C:\Users\pc\AppData\Local\NVIDIA Corporation
2015-02-03 17:12 - 2015-02-03 17:12 - 00001713 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-02-03 17:12 - 2015-02-03 17:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-02-03 17:11 - 2015-02-03 17:12 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-03 17:11 - 2015-02-03 17:12 - 00000000 ____D () C:\Program Files\iTunes
2015-02-03 17:11 - 2015-02-03 17:11 - 00000000 ____D () C:\Program Files\iPod
2015-02-03 17:03 - 2015-02-03 17:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-02-03 15:05 - 2015-02-03 15:06 - 00000197 _____ () C:\Windows\system32\2015-02-03-14-05-58.065-AvastVBoxSVC.exe-6548.log
2015-02-03 10:19 - 2015-02-03 19:16 - 92328291 _____ () C:\Users\pc\Desktop\Harz.mp4
2015-02-03 10:04 - 2015-02-03 10:04 - 00000247 _____ () C:\Windows\system32\2015-02-03-09-04-08.050-aswFe.exe-7956.log
2015-02-03 09:48 - 2015-02-03 10:03 - 00000247 _____ () C:\Windows\system32\2015-02-03-08-48-52.033-aswFe.exe-7272.log
2015-02-03 09:48 - 2015-02-03 09:48 - 00000197 _____ () C:\Windows\system32\2015-02-03-08-48-36.076-AvastVBoxSVC.exe-3808.log
2015-02-02 22:47 - 2014-12-13 01:11 - 02824504 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-02-02 22:47 - 2014-12-13 01:11 - 02210040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-02-02 22:47 - 2014-12-13 01:11 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-02-02 22:47 - 2014-12-13 01:11 - 01291464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-02-02 22:46 - 2015-02-02 22:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-02-02 22:46 - 2015-02-02 22:46 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2015-02-02 22:45 - 2014-12-13 01:47 - 00620176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-02-02 22:41 - 2014-12-13 11:08 - 32099472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-02-02 22:41 - 2014-12-13 11:08 - 25460552 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-02-02 22:41 - 2014-12-13 11:08 - 24764232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-02-02 22:41 - 2014-12-13 11:08 - 20465808 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-02-02 22:41 - 2014-12-13 11:08 - 18594432 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-02-02 22:41 - 2014-12-13 11:08 - 17264312 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-02-02 22:41 - 2014-12-13 11:08 - 16040184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-02-02 22:41 - 2014-12-13 11:08 - 13288360 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-02-02 22:41 - 2014-12-13 11:08 - 13202520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-02-02 22:41 - 2014-12-13 11:08 - 10770120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-02-02 22:41 - 2014-12-13 11:08 - 10710160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-02-02 22:41 - 2014-12-13 11:08 - 10345280 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-02-02 22:41 - 2014-12-13 11:08 - 03610440 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-02-02 22:41 - 2014-12-13 11:08 - 03293136 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-02-02 22:41 - 2014-12-13 11:08 - 03248968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-02-02 22:41 - 2014-12-13 11:08 - 01895056 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434709.dll
2015-02-02 22:41 - 2014-12-13 11:08 - 01556624 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434709.dll
2015-02-02 22:41 - 2014-12-13 11:08 - 00994384 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-02-02 22:41 - 2014-12-13 11:08 - 00968336 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-02-02 22:41 - 2014-12-13 11:08 - 00942400 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-02-02 22:41 - 2014-12-13 11:08 - 00928072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-02-02 22:41 - 2014-12-13 11:08 - 00906560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-02-02 22:41 - 2014-12-13 11:08 - 00876976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-02-02 22:41 - 2014-12-13 11:08 - 00353224 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-02-02 22:41 - 2014-12-13 11:08 - 00306328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-02-02 22:41 - 2014-12-13 11:08 - 00178632 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-02-02 22:41 - 2014-12-13 11:08 - 00165760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-02-02 22:41 - 2014-11-22 11:46 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-02-02 22:41 - 2014-11-22 11:46 - 00035472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-02-02 22:41 - 2014-11-22 11:46 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-02-02 22:41 - 2014-10-09 18:02 - 00195728 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-02-02 22:41 - 2014-10-09 18:02 - 00030536 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-02-02 22:41 - 2014-10-09 08:17 - 01540240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll
2015-02-02 22:04 - 2015-02-02 22:04 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-PC-PC-Windows-7-Home-Premium-(64-bit).dat
2015-02-02 21:48 - 2015-02-02 21:48 - 00000197 _____ () C:\Windows\system32\2015-02-02-20-48-05.050-AvastVBoxSVC.exe-5212.log
2015-02-02 21:26 - 2015-02-02 21:26 - 00002155 _____ () C:\Users\pc\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2015-02-02 21:26 - 2015-02-02 21:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-02-02 21:26 - 2015-02-02 21:26 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2015-02-02 21:21 - 2015-02-02 21:25 - 10318832 _____ () C:\Users\pc\Downloads\tweaking.com_windows_repair_aio_setup.exe
2015-02-02 18:39 - 2015-02-02 18:40 - 00000197 _____ () C:\Windows\system32\2015-02-02-17-39-44.058-AvastVBoxSVC.exe-3840.log
2015-02-01 21:24 - 2015-02-01 21:24 - 00000197 _____ () C:\Windows\system32\2015-02-01-20-24-13.081-AvastVBoxSVC.exe-1524.log
2015-02-01 16:42 - 2015-02-01 16:43 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\pc\Desktop\tdsskiller.exe
2015-02-01 10:50 - 2015-02-01 10:50 - 00000197 _____ () C:\Windows\system32\2015-02-01-09-50-20.059-AvastVBoxSVC.exe-3184.log
2015-01-31 21:13 - 2015-01-31 21:13 - 00002345 _____ () C:\Users\pc\Downloads\FSS.txt
2015-01-31 21:12 - 2015-01-31 21:12 - 00415232 _____ (Farbar) C:\Users\pc\Downloads\FSS.exe
2015-01-31 15:23 - 2015-01-31 15:23 - 02347384 _____ (ESET) C:\Users\pc\Downloads\esetsmartinstaller_deu.exe
2015-01-31 15:21 - 2015-01-31 15:21 - 00001304 _____ () C:\Users\pc\Desktop\mbam.txt
2015-01-31 15:16 - 2015-01-31 15:16 - 00000197 _____ () C:\Windows\system32\2015-01-31-14-16-45.091-AvastVBoxSVC.exe-812.log
2015-01-31 14:59 - 2015-01-31 15:20 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-31 14:59 - 2015-01-31 14:59 - 00001098 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-31 14:59 - 2015-01-31 14:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-01-31 14:59 - 2015-01-31 14:59 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-01-31 14:59 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-31 14:59 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-31 14:59 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-31 14:58 - 2015-01-31 14:59 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\pc\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-31 14:49 - 2015-01-31 14:49 - 00000197 _____ () C:\Windows\system32\2015-01-31-13-49-08.094-AvastVBoxSVC.exe-3888.log
2015-01-31 14:46 - 2015-01-31 14:46 - 00286856 _____ () C:\Windows\Minidump\013115-31605-01.dmp
2015-01-31 14:43 - 2015-01-31 14:43 - 00448512 _____ (OldTimer Tools) C:\Users\pc\Desktop\TFC.exe
2015-01-31 14:41 - 2015-02-01 13:17 - 00000000 ____D () C:\Users\pc\Desktop\FRST-OlderVersion
2015-01-31 14:37 - 2015-01-31 14:37 - 00000197 _____ () C:\Windows\system32\2015-01-31-13-37-26.032-AvastVBoxSVC.exe-4884.log
2015-01-31 11:03 - 2015-01-31 11:03 - 00000197 _____ () C:\Windows\system32\2015-01-31-10-03-13.087-AvastVBoxSVC.exe-4112.log
2015-01-30 15:08 - 2015-01-31 21:09 - 00047468 _____ () C:\Users\pc\Desktop\Addition.txt
2015-01-30 15:04 - 2015-02-04 10:35 - 00022490 _____ () C:\Users\pc\Desktop\FRST.txt
2015-01-30 15:04 - 2015-01-30 15:04 - 00000197 _____ () C:\Windows\system32\2015-01-30-14-04-03.072-AvastVBoxSVC.exe-2692.log
2015-01-30 15:03 - 2015-02-01 13:17 - 02131456 _____ (Farbar) C:\Users\pc\Desktop\FRST64.exe
2015-01-30 15:00 - 2015-01-30 15:00 - 00002511 _____ () C:\Users\pc\Desktop\AdwCleaner[S1].txt
2015-01-30 14:54 - 2015-01-30 14:54 - 02194432 _____ () C:\Users\pc\Downloads\AdwCleaner_4.109.exe
2015-01-30 14:52 - 2015-01-30 14:52 - 00027043 _____ () C:\ComboFix.txt
2015-01-30 14:29 - 2015-01-30 14:30 - 05611408 ____R (Swearware) C:\Users\pc\Desktop\ComboFix.exe
2015-01-29 22:10 - 2015-01-29 22:10 - 00018200 _____ () C:\Users\pc\Desktop\Gmer.log
2015-01-29 21:54 - 2015-01-29 21:54 - 00380416 _____ () C:\Users\pc\Downloads\u06ihi7j.exe
2015-01-29 21:54 - 2015-01-29 21:54 - 00380416 _____ () C:\Users\pc\Downloads\Gmer-19357.exe
2015-01-29 13:17 - 2015-01-29 16:08 - 00489918 _____ () C:\Users\pc\Desktop\AKTUELLECtrees20150129.xlsx
2015-01-29 13:14 - 2015-01-29 13:14 - 00480115 _____ () C:\Users\pc\Downloads\ECtrees20150129.xlsx
2015-01-27 14:07 - 2015-01-27 14:26 - 00493251 _____ () C:\Users\pc\Desktop\ECtrees20150126_bearbeitet_blaetter.xlsx
2015-01-27 12:54 - 2015-01-27 12:54 - 00487357 _____ () C:\Users\pc\Desktop\ECtrees20150126.xlsx
2015-01-26 20:58 - 2015-01-26 20:58 - 00000197 _____ () C:\Windows\system32\2015-01-26-19-58-12.097-AvastVBoxSVC.exe-3428.log
2015-01-26 13:08 - 2015-01-26 13:08 - 00000197 _____ () C:\Windows\system32\2015-01-26-12-08-05.044-AvastVBoxSVC.exe-3080.log
2015-01-26 11:09 - 2015-01-26 11:09 - 00000197 _____ () C:\Windows\system32\2015-01-26-10-09-15.027-AvastVBoxSVC.exe-3716.log
2015-01-25 15:20 - 2015-01-25 15:20 - 00000197 _____ () C:\Windows\system32\2015-01-25-14-20-45.089-AvastVBoxSVC.exe-4120.log
2015-01-25 11:26 - 2015-01-25 11:26 - 00000197 _____ () C:\Windows\system32\2015-01-25-10-26-02.084-AvastVBoxSVC.exe-5928.log
2015-01-24 22:24 - 2015-01-24 22:24 - 00000197 _____ () C:\Windows\system32\2015-01-24-21-24-40.077-AvastVBoxSVC.exe-3368.log
2015-01-22 18:10 - 2015-01-22 18:10 - 00000197 _____ () C:\Windows\system32\2015-01-22-17-10-21.047-AvastVBoxSVC.exe-3016.log
2015-01-21 21:05 - 2015-01-21 21:05 - 00000197 _____ () C:\Windows\system32\2015-01-21-20-05-34.073-AvastVBoxSVC.exe-2720.log
2015-01-21 18:42 - 2015-01-21 18:42 - 00000197 _____ () C:\Windows\system32\2015-01-21-17-42-31.095-AvastVBoxSVC.exe-5504.log
2015-01-21 11:02 - 2015-01-21 11:02 - 00000197 _____ () C:\Windows\system32\2015-01-21-10-02-47.015-AvastVBoxSVC.exe-4356.log
2015-01-20 20:13 - 2015-01-20 20:13 - 00985600 _____ () C:\Users\pc\Downloads\MicrosoftFixit50123 (1).msi
2015-01-20 20:06 - 2015-01-20 20:07 - 00985600 _____ () C:\Users\pc\Downloads\MicrosoftFixit50123.msi
2015-01-20 19:57 - 2015-01-20 19:57 - 00000197 _____ () C:\Windows\system32\2015-01-20-18-57-01.011-AvastVBoxSVC.exe-1644.log
2015-01-20 19:49 - 2015-01-20 19:49 - 00863476 _____ (IDG Magazine Media GmbH ) C:\Users\pc\Downloads\pcwFixWindowsUpdate.exe
2015-01-20 17:58 - 2015-01-20 17:59 - 00000197 _____ () C:\Windows\system32\2015-01-20-16-58-57.020-AvastVBoxSVC.exe-3880.log
2015-01-20 13:22 - 2015-01-20 13:22 - 00000197 _____ () C:\Windows\system32\2015-01-20-12-22-30.032-AvastVBoxSVC.exe-3656.log
2015-01-19 10:38 - 2015-01-19 10:38 - 00000197 _____ () C:\Windows\system32\2015-01-19-09-38-16.001-AvastVBoxSVC.exe-3840.log
2015-01-18 21:52 - 2015-01-18 21:52 - 00000197 _____ () C:\Windows\system32\2015-01-18-20-52-07.005-AvastVBoxSVC.exe-3940.log
2015-01-18 18:03 - 2015-01-18 18:04 - 00000197 _____ () C:\Windows\system32\2015-01-18-17-03-54.088-AvastVBoxSVC.exe-5408.log
2015-01-18 11:40 - 2015-01-18 11:40 - 00000197 _____ () C:\Windows\system32\2015-01-18-10-40-33.035-AvastVBoxSVC.exe-4308.log
2015-01-18 11:25 - 2015-01-18 11:25 - 00000000 ____D () C:\Windows\Sun
2015-01-18 11:23 - 2015-01-18 11:23 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-01-18 11:22 - 2015-01-18 11:22 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-18 11:22 - 2015-01-18 11:22 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-18 11:21 - 2015-01-18 11:21 - 00638888 _____ (Oracle Corporation) C:\Users\pc\Downloads\chromeinstall-8u25.exe
2015-01-18 11:17 - 2015-01-18 11:19 - 307606328 _____ (NVIDIA Corporation) C:\Users\pc\Downloads\347.09-desktop-win8-win7-winvista-64bit-international-whql (1).exe
2015-01-18 11:11 - 2015-01-18 11:12 - 00000197 _____ () C:\Windows\system32\2015-01-18-10-11-58.005-AvastVBoxSVC.exe-4864.log
2015-01-17 20:47 - 2015-01-17 20:47 - 00000197 _____ () C:\Windows\system32\2015-01-17-19-47-01.070-AvastVBoxSVC.exe-2592.log
2015-01-17 15:05 - 2015-01-17 15:05 - 00000197 _____ () C:\Windows\system32\2015-01-17-14-05-45.035-AvastVBoxSVC.exe-3448.log
2015-01-17 13:18 - 2015-01-17 13:18 - 00000197 _____ () C:\Windows\system32\2015-01-17-12-18-13.061-AvastVBoxSVC.exe-500.log
2015-01-17 11:17 - 2015-01-17 11:17 - 00000197 _____ () C:\Windows\system32\2015-01-17-10-17-25.011-AvastVBoxSVC.exe-5132.log
2015-01-16 19:06 - 2015-01-16 19:06 - 00000197 _____ () C:\Windows\system32\2015-01-16-18-06-44.035-AvastVBoxSVC.exe-5152.log
2015-01-16 10:10 - 2015-01-16 10:10 - 00000197 _____ () C:\Windows\system32\2015-01-16-09-10-32.006-AvastVBoxSVC.exe-3448.log
2015-01-15 17:28 - 2015-01-15 17:28 - 00000197 _____ () C:\Windows\system32\2015-01-15-16-28-16.079-AvastVBoxSVC.exe-5424.log
2015-01-15 10:25 - 2015-01-15 10:25 - 00000197 _____ () C:\Windows\system32\2015-01-15-09-25-13.069-AvastVBoxSVC.exe-4084.log
2015-01-14 13:53 - 2015-01-14 13:54 - 00000197 _____ () C:\Windows\system32\2015-01-14-12-53-38.078-AvastVBoxSVC.exe-3856.log
2015-01-14 10:18 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 10:18 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 10:18 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 10:18 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 10:18 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 10:18 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 10:18 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 10:18 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 10:18 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 10:18 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 10:18 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 10:18 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 10:18 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-14 10:05 - 2015-01-14 10:05 - 00000197 _____ () C:\Windows\system32\2015-01-14-09-05-41.074-AvastVBoxSVC.exe-3720.log
2015-01-13 18:09 - 2015-01-13 18:09 - 00000197 _____ () C:\Windows\system32\2015-01-13-17-09-39.054-AvastVBoxSVC.exe-5088.log
2015-01-13 15:09 - 2015-01-13 15:10 - 00000197 _____ () C:\Windows\system32\2015-01-13-14-09-48.037-AvastVBoxSVC.exe-5052.log
2015-01-13 10:49 - 2015-01-13 10:49 - 00000197 _____ () C:\Windows\system32\2015-01-13-09-49-33.076-AvastVBoxSVC.exe-5612.log
2015-01-12 22:43 - 2015-01-12 22:44 - 00000197 _____ () C:\Windows\system32\2015-01-12-21-43-53.085-AvastVBoxSVC.exe-5084.log
2015-01-12 16:51 - 2015-01-12 16:51 - 00000197 _____ () C:\Windows\system32\2015-01-12-15-51-07.055-AvastVBoxSVC.exe-3612.log
2015-01-12 16:01 - 2015-01-12 16:01 - 00000197 _____ () C:\Windows\system32\2015-01-12-15-01-15.091-AvastVBoxSVC.exe-3828.log
2015-01-12 12:06 - 2015-01-12 12:06 - 00000197 _____ () C:\Windows\system32\2015-01-12-11-06-06.081-AvastVBoxSVC.exe-3920.log
2015-01-11 17:34 - 2015-01-11 17:34 - 00000197 _____ () C:\Windows\system32\2015-01-11-16-34-32.091-AvastVBoxSVC.exe-5092.log
2015-01-11 10:32 - 2015-01-11 10:32 - 00000197 _____ () C:\Windows\system32\2015-01-11-09-32-25.034-AvastVBoxSVC.exe-4144.log
2015-01-10 15:04 - 2015-01-10 15:05 - 00000197 _____ () C:\Windows\system32\2015-01-10-14-04-50.060-AvastVBoxSVC.exe-3108.log
2015-01-10 09:41 - 2015-01-10 09:42 - 00000197 _____ () C:\Windows\system32\2015-01-10-08-41-27.032-AvastVBoxSVC.exe-3252.log
2015-01-09 14:04 - 2015-01-09 14:04 - 00000197 _____ () C:\Windows\system32\2015-01-09-13-04-00.070-AvastVBoxSVC.exe-3864.log
2015-01-09 10:08 - 2015-01-09 10:08 - 00000197 _____ () C:\Windows\system32\2015-01-09-09-08-40.086-AvastVBoxSVC.exe-5532.log
2015-01-08 17:34 - 2015-01-08 17:34 - 00000197 _____ () C:\Windows\system32\2015-01-08-16-34-36.098-AvastVBoxSVC.exe-5968.log
2015-01-08 16:00 - 2015-01-08 16:00 - 00000197 _____ () C:\Windows\system32\2015-01-08-15-00-34.077-AvastVBoxSVC.exe-3712.log
2015-01-08 11:34 - 2015-01-08 11:35 - 00000197 _____ () C:\Windows\system32\2015-01-08-10-34-47.001-AvastVBoxSVC.exe-5620.log
2015-01-07 21:26 - 2015-01-08 18:47 - 00000000 ____D () C:\Users\pc\Documents\Bewerbungen
2015-01-07 20:32 - 2015-01-07 20:32 - 00000197 _____ () C:\Windows\system32\2015-01-07-19-32-21.099-AvastVBoxSVC.exe-3312.log
2015-01-06 13:56 - 2015-01-06 13:56 - 00000197 _____ () C:\Windows\system32\2015-01-06-12-56-05.001-AvastVBoxSVC.exe-3500.log
2015-01-06 10:34 - 2015-01-06 10:34 - 00000197 _____ () C:\Windows\system32\2015-01-06-09-34-33.042-AvastVBoxSVC.exe-3300.log
2015-01-05 14:43 - 2015-01-05 14:43 - 00000197 _____ () C:\Windows\system32\2015-01-05-13-43-51.053-AvastVBoxSVC.exe-5748.log
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-04 10:35 - 2013-10-24 08:11 - 00000000 ____D () C:\FRST
2015-02-04 10:35 - 2011-02-07 23:44 - 00000000 ____D () C:\Users\pc\AppData\Local\PMB Files
2015-02-04 10:18 - 2009-07-14 05:45 - 00023344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-04 10:18 - 2009-07-14 05:45 - 00023344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-04 10:13 - 2014-12-28 19:33 - 00000000 ____D () C:\Users\pc\AppData\Roaming\Spotify
2015-02-04 10:09 - 2013-11-12 23:24 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-02-04 10:09 - 2012-11-07 18:28 - 00000000 ___RD () C:\Users\pc\Dropbox
2015-02-04 10:09 - 2012-11-07 18:21 - 00000000 ____D () C:\Users\pc\AppData\Roaming\Dropbox
2015-02-04 10:08 - 2014-09-19 18:00 - 00000000 ___RD () C:\Users\pc\iCloudDrive
2015-02-04 10:08 - 2009-07-14 05:51 - 02177567 _____ () C:\Windows\setupact.log
2015-02-04 10:07 - 2013-01-20 18:04 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-04 10:06 - 2010-12-20 18:53 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-04 10:06 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-03 21:20 - 2010-12-20 16:37 - 01223341 _____ () C:\Windows\WindowsUpdate.log
2015-02-03 20:53 - 2013-01-20 18:04 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-03 20:41 - 2013-01-17 20:32 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-03 19:45 - 2010-12-30 23:07 - 00000000 ____D () C:\Users\pc\AppData\Roaming\Adobe
2015-02-03 18:49 - 2014-08-14 15:07 - 00000000 ____D () C:\Users\pc\AppData\Local\Adobe
2015-02-03 18:43 - 2010-12-20 18:52 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-02-03 17:11 - 2013-10-09 15:30 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-02-03 17:11 - 2010-12-30 15:10 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-02-03 15:17 - 2014-03-07 11:01 - 00000000 ____D () C:\Users\pc\Documents\Masterarbeit
2015-02-03 10:44 - 2011-11-04 18:25 - 00000000 ____D () C:\ProgramData\TEMP
2015-02-03 09:48 - 2013-01-20 18:04 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-03 09:48 - 2013-01-20 18:04 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-03 09:33 - 2009-07-14 18:58 - 00906064 _____ () C:\Windows\system32\perfh007.dat
2015-02-03 09:33 - 2009-07-14 18:58 - 00238836 _____ () C:\Windows\system32\perfc007.dat
2015-02-03 09:33 - 2009-07-14 06:13 - 00011936 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-02 23:10 - 2013-12-07 20:04 - 00000000 ____D () C:\Users\pc\AppData\Local\GoPro
2015-02-02 22:58 - 2014-02-25 17:32 - 00011936 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-02-02 22:48 - 2013-01-20 18:15 - 00003532 _____ () C:\Windows\Sandboxie.ini
2015-02-02 22:47 - 2010-12-20 18:53 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-02-02 22:47 - 2010-12-20 18:46 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-02-02 22:29 - 2014-12-28 19:35 - 00000000 ____D () C:\Users\pc\AppData\Local\Spotify
2015-02-02 22:28 - 2010-12-21 00:20 - 00073416 _____ () C:\Users\pc\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-02 22:27 - 2009-07-14 05:45 - 04873136 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-02 22:26 - 2011-01-01 14:29 - 01002944 _____ () C:\Windows\PFRO.log
2015-02-02 22:22 - 2009-07-14 03:34 - 00000482 _____ () C:\Windows\win.ini
2015-02-02 21:31 - 2013-10-21 13:13 - 00000000 ____D () C:\Users\pc\AppData\Local\Battle.net
2015-01-31 15:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\schemas
2015-01-31 14:59 - 2013-01-14 14:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-31 14:46 - 2011-03-26 13:31 - 643959674 _____ () C:\Windows\MEMORY.DMP
2015-01-31 14:46 - 2011-03-26 13:31 - 00000000 ____D () C:\Windows\Minidump
2015-01-30 18:48 - 2013-10-21 14:46 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2015-01-30 16:38 - 2011-07-02 22:59 - 00000000 ____D () C:\Program Files\KeePass
2015-01-30 14:58 - 2013-10-25 11:11 - 00000000 ____D () C:\AdwCleaner
2015-01-30 14:52 - 2013-10-24 11:55 - 00000000 ____D () C:\Qoobox
2015-01-30 14:49 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-01-27 22:21 - 2010-12-30 14:39 - 00000000 ____D () C:\Users\pc\AppData\Roaming\Skype
2015-01-26 14:15 - 2013-12-04 23:47 - 00000000 ____D () C:\Users\pc\AppData\Roaming\vlc
2015-01-24 23:41 - 2013-01-17 20:32 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-24 23:41 - 2013-01-17 20:32 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-24 23:41 - 2013-01-17 20:32 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-18 11:35 - 2011-11-04 18:25 - 00000000 ____D () C:\Program Files (x86)\Fraps
2015-01-14 13:03 - 2013-08-15 23:25 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 12:55 - 2012-08-11 12:41 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-14 11:03 - 2012-05-14 16:20 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2015-01-14 10:17 - 2013-10-26 20:24 - 00000000 ____D () C:\Windows\system32\catroot2.old
2015-01-06 04:36 - 2010-12-30 14:39 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-05 13:44 - 2010-12-20 16:41 - 00000000 ____D () C:\Users\pc
==================== Files in the root of some directories =======
2011-11-04 18:25 - 2012-06-05 21:36 - 0175104 _____ () C:\Users\pc\AppData\Roaming\locked-pc3SQLite3.dll.jgdl
2051-01-27 18:32 - 2051-01-27 18:32 - 0097995 _____ () C:\Users\pc\AppData\Local\ars.cache
2051-01-27 18:33 - 2051-01-27 18:33 - 0809541 _____ () C:\Users\pc\AppData\Local\census.cache
2012-04-22 17:46 - 2014-02-24 09:57 - 0009216 _____ () C:\Users\pc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-02-08 02:07 - 2011-02-08 02:07 - 0000090 _____ () C:\Users\pc\AppData\Local\fusioncache.dat
2051-01-27 18:24 - 2051-01-27 18:24 - 0000036 _____ () C:\Users\pc\AppData\Local\housecall.guid.cache
2010-12-30 14:42 - 2010-12-30 14:42 - 0000056 _____ () C:\ProgramData\ezsidmv.dat
Some content of TEMP:
====================
C:\Users\pc\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp5bq_cc.dll
C:\Users\pc\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\pc\AppData\Local\Temp\nvStInst.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-03 15:35
==================== End Of Log ============================
|
|
04.02.2015, 10:38
| #21 |
| /// Malwareteam | Windows Updates und Grafikkartentreiber Update nicht möglich Hi, da haben wir noch ein Paar Reste ... Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-648632289-941596113-564908001-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2: Die Reihenfolge ist hier entscheidend.
__________________ --> Windows Updates und Grafikkartentreiber Update nicht möglich |
|
04.02.2015, 10:43
| #22 |
| | Windows Updates und Grafikkartentreiber Update nicht möglichCode:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-02-2015
Ran by pc at 2015-02-04 10:41:38 Run:3
Running from C:\Users\pc\Desktop
Loaded Profiles: pc (Available profiles: pc)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-648632289-941596113-564908001-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
*****************
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-648632289-941596113-564908001-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
==== End of Fixlog 10:41:38 ====
Code:
ATTFilter ComboFix 15-01-29.01 - pc 04.02.2015 10:52:13.4.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4055.1904 [GMT 1:00]
ausgeführt von:: c:\users\pc\Desktop\Combofix.exe
Benutzte Befehlsschalter :: /Uninsall
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\TEMP\CR_85352.tmp\setup.exe
E:\AUTORUN.INF
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-01-04 bis 2015-02-04 ))))))))))))))))))))))))))))))
.
.
2051-01-27 17:38 . 2012-06-10 13:25 -------- d-----w- c:\users\pc\AppData\Roaming\QuickScan
2015-02-04 10:05 . 2015-02-04 10:05 -------- d-----w- c:\users\Public\AppData\Local\temp
2015-02-04 10:05 . 2015-02-04 10:05 -------- d-----w- c:\users\hedev\AppData\Local\temp
2015-02-04 10:05 . 2015-02-04 10:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-02-04 09:45 . 2015-02-04 09:45 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{60B7AAF3-5C20-4A3B-AC3F-F7388E189442}\offreg.dll
2015-02-03 19:23 . 2014-12-02 10:26 11870360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{60B7AAF3-5C20-4A3B-AC3F-F7388E189442}\mpengine.dll
2015-02-03 17:43 . 2015-02-03 17:43 -------- d-----w- c:\users\pc\AppData\Local\NVIDIA Corporation
2015-02-03 16:11 . 2015-02-03 16:11 -------- d-----w- c:\program files\iPod
2015-02-03 16:11 . 2015-02-03 16:12 -------- d-----w- c:\programdata\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-03 16:11 . 2015-02-03 16:12 -------- d-----w- c:\program files\iTunes
2015-02-02 21:47 . 2014-12-13 00:11 2210040 ----a-w- c:\windows\SysWow64\nvspcap.dll
2015-02-02 21:47 . 2014-12-13 00:11 1291464 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2015-02-02 21:47 . 2014-12-13 00:11 2824504 ----a-w- c:\windows\system32\nvspcap64.dll
2015-02-02 21:47 . 2014-12-13 00:11 1715224 ----a-w- c:\windows\system32\nvspbridge64.dll
2015-02-02 21:46 . 2015-02-02 21:46 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2015-02-02 21:45 . 2014-12-13 00:47 620176 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2015-02-02 21:31 . 2015-02-02 21:36 -------- d-----w- c:\windows\system32\catroot2
2015-02-02 20:26 . 2015-02-02 20:26 -------- d-----w- c:\program files (x86)\Tweaking.com
2015-01-31 13:59 . 2015-01-31 14:20 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-01-31 13:59 . 2015-01-31 13:59 -------- d-----w- c:\program files (x86)\ Malwarebytes Anti-Malware
2015-01-31 13:59 . 2014-11-21 05:14 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-01-31 13:59 . 2014-11-21 05:14 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-01-31 13:59 . 2014-11-21 05:14 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-01-18 10:25 . 2015-01-18 10:25 -------- d-----w- c:\windows\Sun
2015-01-18 10:23 . 2015-01-18 10:23 -------- d-----w- c:\program files (x86)\Common Files\Java
2015-01-18 10:23 . 2015-01-18 10:23 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-01-18 10:22 . 2015-01-18 10:22 -------- d-----w- c:\programdata\Oracle
2015-01-18 10:22 . 2015-01-18 10:22 -------- d-----w- c:\program files (x86)\Java
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-01-24 22:41 . 2013-01-17 19:32 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-01-24 22:41 . 2013-01-17 19:32 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-01-14 11:55 . 2012-08-11 11:41 113365784 ----a-w- c:\windows\system32\MRT.exe
2015-01-06 03:36 . 2010-12-30 13:39 298120 ------w- c:\windows\system32\MpSigStub.exe
2014-12-19 11:09 . 2011-05-13 17:44 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-12-19 11:09 . 2011-05-13 13:50 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-12-16 23:45 . 2014-11-05 00:18 1462272 ----a-w- c:\windows\system32\CFHD.dll
2014-12-16 23:42 . 2014-11-05 00:15 1490944 ----a-w- c:\windows\SysWow64\CFHD.dll
2014-12-13 10:08 . 2014-03-20 21:02 14128496 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-12-13 10:08 . 2013-02-25 22:32 2897824 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-12-13 08:03 . 2010-10-19 01:25 6859408 ----a-w- c:\windows\system32\nvcpl.dll
2014-12-13 08:03 . 2010-10-19 01:25 3513488 ----a-w- c:\windows\system32\nvsvc64.dll
2014-12-13 08:03 . 2010-10-19 01:25 935240 ----a-w- c:\windows\system32\nvvsvc.exe
2014-12-13 08:03 . 2010-10-19 01:25 62608 ----a-w- c:\windows\system32\nvshext.dll
2014-12-13 08:03 . 2010-10-19 01:25 386368 ----a-w- c:\windows\system32\nvmctray.dll
2014-12-13 08:03 . 2010-10-19 01:25 2558608 ----a-w- c:\windows\system32\nvsvcr.dll
2014-12-13 05:09 . 2014-12-18 11:59 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2014-12-13 03:33 . 2014-12-18 11:59 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-12-12 23:11 . 2012-11-18 15:07 4151176 ----a-w- c:\windows\system32\nvcoproc.bin
2014-12-06 17:07 . 2011-05-13 13:50 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-12-04 02:50 . 2014-12-10 10:52 413184 ----a-w- c:\windows\system32\generaltel.dll
2014-12-04 02:50 . 2014-12-10 10:52 741376 ----a-w- c:\windows\system32\invagent.dll
2014-12-04 02:50 . 2014-12-10 10:52 396800 ----a-w- c:\windows\system32\devinv.dll
2014-12-04 02:50 . 2014-12-10 10:52 830976 ----a-w- c:\windows\system32\appraiser.dll
2014-12-04 02:50 . 2014-12-10 10:52 192000 ----a-w- c:\windows\system32\aepic.dll
2014-12-04 02:50 . 2014-12-10 10:52 227328 ----a-w- c:\windows\system32\aepdu.dll
2014-12-04 02:44 . 2014-12-10 10:52 1083392 ----a-w- c:\windows\system32\aeinv.dll
2014-12-02 17:30 . 2013-10-28 18:07 1050432 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-12-02 17:30 . 2014-12-02 17:30 364512 ----a-w- c:\windows\system32\aswBoot.exe
2014-12-02 17:30 . 2014-05-28 21:38 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-12-02 17:30 . 2014-02-13 13:13 116728 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-12-02 17:30 . 2013-10-28 18:07 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-12-02 17:30 . 2013-10-28 18:07 267632 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-12-02 17:30 . 2013-10-28 18:07 83280 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-12-02 17:30 . 2013-10-28 18:07 436624 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-12-02 17:30 . 2013-10-28 18:07 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-12-02 17:30 . 2014-12-02 17:30 43152 ----a-w- c:\windows\avastSS.scr
2014-12-01 23:28 . 2014-12-10 10:52 1232040 ----a-w- c:\windows\system32\aitstatic.exe
2014-11-27 01:43 . 2014-12-10 10:52 389296 ----a-w- c:\windows\system32\iedkcs32.dll
2014-11-22 03:13 . 2014-12-10 10:52 25059840 ----a-w- c:\windows\system32\mshtml.dll
2014-11-22 03:06 . 2014-12-10 10:52 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-11-22 03:06 . 2014-12-10 10:52 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-11-22 02:50 . 2014-12-10 10:52 66560 ----a-w- c:\windows\system32\iesetup.dll
2014-11-22 02:50 . 2014-12-10 10:52 580096 ----a-w- c:\windows\system32\vbscript.dll
2014-11-22 02:49 . 2014-12-10 10:52 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-11-22 02:49 . 2014-12-10 10:52 2885120 ----a-w- c:\windows\system32\iertutil.dll
2014-11-22 02:48 . 2014-12-10 10:52 88064 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-11-22 02:41 . 2014-12-10 10:52 54784 ----a-w- c:\windows\system32\jsproxy.dll
2014-11-22 02:40 . 2014-12-10 10:52 34304 ----a-w- c:\windows\system32\iernonce.dll
2014-11-22 02:37 . 2014-12-10 10:52 633856 ----a-w- c:\windows\system32\ieui.dll
2014-11-22 02:35 . 2014-12-10 10:52 114688 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-11-22 02:34 . 2014-12-10 10:52 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2014-11-22 02:34 . 2014-12-10 10:52 6039552 ----a-w- c:\windows\system32\jscript9.dll
2014-11-22 02:26 . 2014-12-10 10:52 968704 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-11-22 02:22 . 2014-12-10 10:52 490496 ----a-w- c:\windows\system32\dxtmsft.dll
2014-11-22 02:20 . 2014-12-10 10:52 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-11-22 02:14 . 2014-12-10 10:52 77824 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-22 02:09 . 2014-12-10 10:52 199680 ----a-w- c:\windows\system32\msrating.dll
2014-11-22 02:08 . 2014-12-10 10:52 92160 ----a-w- c:\windows\system32\mshtmled.dll
2014-11-22 02:07 . 2014-12-10 10:52 501248 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-11-22 02:07 . 2014-12-10 10:52 62464 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-11-22 02:06 . 2014-12-10 10:52 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2014-11-22 02:05 . 2014-12-10 10:52 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2014-11-22 02:05 . 2014-12-10 10:52 316928 ----a-w- c:\windows\system32\dxtrans.dll
2014-11-22 01:54 . 2014-12-10 10:52 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2014-11-22 01:49 . 2014-12-10 10:52 718848 ----a-w- c:\windows\system32\ie4uinit.exe
2014-11-22 01:49 . 2014-12-10 10:52 800768 ----a-w- c:\windows\system32\msfeeds.dll
2014-11-22 01:47 . 2014-12-10 10:52 1359360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-11-22 01:46 . 2014-12-10 10:52 2125312 ----a-w- c:\windows\system32\inetcpl.cpl
2014-11-22 01:43 . 2014-12-10 10:52 14412800 ----a-w- c:\windows\system32\ieframe.dll
2014-11-22 01:40 . 2014-12-10 10:52 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-22 01:29 . 2014-12-10 10:52 4299264 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-11-22 01:28 . 2014-12-10 10:52 2358272 ----a-w- c:\windows\system32\wininet.dll
2014-11-22 01:22 . 2014-12-10 10:52 2052096 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-11-22 01:21 . 2014-12-10 10:52 1155072 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2014-11-22 01:15 . 2014-12-10 10:52 1548288 ----a-w- c:\windows\system32\urlmon.dll
2014-11-22 01:03 . 2014-12-10 10:52 800768 ----a-w- c:\windows\system32\ieapfltr.dll
2014-11-22 01:00 . 2014-12-10 10:52 1888256 ----a-w- c:\windows\SysWow64\wininet.dll
2014-11-18 13:56 . 2014-11-18 13:56 1202848 ----a-w- c:\windows\SysWow64\FM20.DLL
2014-11-15 10:36 . 2011-05-13 13:50 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2014-11-11 03:09 . 2014-12-10 10:52 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-11-11 03:08 . 2014-11-25 15:11 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-11 03:08 . 2014-11-25 15:11 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-11 02:44 . 2014-12-10 10:52 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-11-11 02:44 . 2014-11-25 15:11 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-11 02:44 . 2014-11-25 15:11 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-11-11 01:46 . 2014-12-10 10:52 119296 ----a-w- c:\windows\system32\drivers\tdx.sys
2014-11-08 03:16 . 2014-12-10 10:51 2048 ----a-w- c:\windows\system32\tzres.dll
2014-11-08 02:45 . 2014-12-10 10:51 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\pc\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\pc\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\pc\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\pc\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\pc\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\pc\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\pc\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\pc\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Wisdom-soft AutoScreenRecorder 3.1 Pro"="0" [X]
"GAINWARD"="c:\program files (x86)\EXPERTool\TBPanel.exe" [2010-10-22 2181744]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2011-02-07 3046808]
"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2014-10-14 784904]
"FileHippo.com"="c:\program files (x86)\FileHippo.com\UpdateChecker.exe" [2012-11-23 307712]
"GoogleChromeAutoLaunch_17E89F440D584F67E92EAD2E51C3A3A4"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2014-10-22 854344]
"AppleIEDAV"="c:\program files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe" [2014-08-04 1080104]
"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2014-11-21 43816]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2014-10-17 43816]
"iCloudDrive"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe" [2014-10-20 43816]
"Spotify"="c:\users\pc\AppData\Roaming\Spotify\Spotify.exe" [2014-12-28 6737976]
"Spotify Web Helper"="c:\users\pc\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-12-28 1676344]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2010-02-10 2770432]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2015-01-20 60712]
"AVMWlanClient"="c:\program files (x86)\avmwlanstick\wlangui.exe" [2010-10-22 2105344]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-12-21 959904]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-01-27 5227112]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-10-02 421888]
.
c:\users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
avast! Free Antivirus (2).lnk - c:\program files\AVAST Software\Avast\AvastUI.exe [2015-1-27 5227112]
Dropbox.lnk - c:\users\pc\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-12-9 39207112]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
GoPro Importer.lnk - c:\program files (x86)\GoPro\Tools\Importer\GoPro Importer.exe [2014-12-16 3169792]
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2012-9-24 573536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer9"=wdmaud.drv
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys;c:\windows\SYSNATIVE\drivers\avmeject.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 OXSDIDRV_x64;Oxford Semi eSATA Filter (x64);c:\windows\system32\DRIVERS\OXSDIDRV_x64.sys;c:\windows\SYSNATIVE\DRIVERS\OXSDIDRV_x64.sys [x]
R3 OXUDIDRV;OXUDIDRV;c:\windows\system32\Drivers\OXUDIDRV_X64.sys;c:\windows\SYSNATIVE\Drivers\OXUDIDRV_X64.sys [x]
R3 PAC207;SoC PC-Camera;c:\windows\system32\DRIVERS\PFC027.SYS;c:\windows\SYSNATIVE\DRIVERS\PFC027.SYS [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8192cu;PEARL PX-8266 300Mbps 11n Wireless USB Network Adapter;c:\windows\system32\DRIVERS\rtwlanu.sys;c:\windows\SYSNATIVE\DRIVERS\rtwlanu.sys [x]
R3 rtlss;Service for enabling selective suspend to RTL device;c:\windows\system32\Drivers\rtlss.sys;c:\windows\SYSNATIVE\Drivers\rtlss.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [x]
S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]
S3 fwlanusbn;FRITZ!WLAN N;c:\windows\system32\DRIVERS\fwlanusbn.sys;c:\windows\SYSNATIVE\DRIVERS\fwlanusbn.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-10-27 19:47 1089352 ----a-w- c:\program files (x86)\Google\Chrome\Application\38.0.2125.111\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-02-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-17 22:41]
.
2015-02-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-20 17:04]
.
2015-02-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-20 17:04]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-12-02 17:30 860984 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-12-13 2531472]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-12-13 2824504]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-01-27 169768]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page =
IE: Free YouTube Download - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\ahit0ekq.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-Uninstall_is1 - c:\program files (x86)\Common Files\DVDVideoSoft\unins000.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-648632289-941596113-564908001-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:29,69,8e,83,ea,98,b2,3e,af,7c,ca,5a,ec,2d,01,b9,d5,86,72,69,77,32,bd,
a1,d5,e8,da,25,66,c9,19,f3,e4,b9,d8,15,e2,94,55,53,84,88,35,90,49,5d,e1,08,\
"??"=hex:a1,5e,47,db,25,65,bb,27,8b,92,55,34,10,3f,d9,49
.
[HKEY_USERS\S-1-5-21-648632289-941596113-564908001-1000\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:4f,e1,a6,82,4f,f6,ca,fb,7d,45,19,17,79,30,e5,48,6d,7f,8c,43,ff,
55,af,19,ed,56,8f,8b,ee,88,ef,6d,73,27,06,69,b2,72,b2,05,6d,e1,73,cf,60,3e,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
Zeit der Fertigstellung: 2015-02-04 11:08:24
ComboFix-quarantined-files.txt 2015-02-04 10:08
ComboFix2.txt 2015-01-30 13:52
.
Vor Suchlauf: 20 Verzeichnis(se), 149.192.785.920 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 149.220.790.272 Bytes frei
.
- - End Of File - - 748B9C774A87885DC4637C7A22766BFD
A36C5E4F47E84449FF07ED3517B43A31
Und Delfix ist auch erledigt: Code:
ATTFilter # DelFix v10.8 - Datei am 04/02/2015 um 11:13:53 erstellt
# Aktualisiert am 29/07/2014 von Xplode
# Benutzer : pc - PC-PC
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
~ Aktiviere die Benutzerkontensteuerung ... OK
~ Entferne die Bereinigungsprogramme ...
Gelöscht : C:\Combofix
Gelöscht : C:\FRST
Gelöscht : C:\AdwCleaner
Gelöscht : C:\Users\pc\Desktop\FRST-OlderVersion
Gelöscht : C:\AdwCleaner[R1].txt
Gelöscht : C:\AdwCleaner[S1].txt
Gelöscht : C:\ComboFix.txt
Gelöscht : C:\TDSSKiller.3.0.0.44_01.02.2015_16.44.34_log.txt
Gelöscht : C:\Users\pc\Desktop\Addition.txt
Gelöscht : C:\Users\pc\Desktop\AdwCleaner[S1].txt
Gelöscht : C:\Users\pc\Desktop\Fixlog.txt
Gelöscht : C:\Users\pc\Desktop\FRST.txt
Gelöscht : C:\Users\pc\Desktop\FRST64.exe
Gelöscht : C:\Users\pc\Desktop\tdsskiller.exe
Gelöscht : C:\Users\pc\Desktop\TFC.exe
Gelöscht : C:\Users\pc\Downloads\AdwCleaner_4.109.exe
Gelöscht : C:\Users\pc\Downloads\esetsmartinstaller_deu.exe
Gelöscht : C:\Users\pc\Downloads\FSS.exe
Gelöscht : C:\Users\pc\Downloads\FSS.txt
Gelöscht : C:\Windows\grep.exe
Gelöscht : C:\Windows\PEV.exe
Gelöscht : C:\Windows\NIRCMD.exe
Gelöscht : C:\Windows\MBR.exe
Gelöscht : C:\Windows\SED.exe
Gelöscht : C:\Windows\SWREG.exe
Gelöscht : C:\Windows\SWSC.exe
Gelöscht : C:\Windows\SWXCACLS.exe
Gelöscht : C:\Windows\Zip.exe
Gelöscht : HKCU\console_combofixbackup
Gelöscht : HKLM\SOFTWARE\OldTimer Tools
Gelöscht : HKLM\SOFTWARE\AdwCleaner
Gelöscht : HKLM\SOFTWARE\Swearware
Gelöscht : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart
Gelöscht : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys
Gelöscht : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart
Gelöscht : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys
~ Erstelle ein Backup der Registrierungsdatenbank ... OK
~ Lösche die Wiederherstellungspunkte ...
Gelöscht : RP #635 [Windows Update | 01/30/2015 10:01:02]
Gelöscht : RP #636 [Windows Update | 02/01/2015 12:19:45]
Gelöscht : RP #637 [Windows Update | 02/02/2015 21:49:33]
Gelöscht : RP #638 [ComboFix created restore point | 02/04/2015 09:50:55]
Ein neuer Wiederherstellungspunkt wurde erstellt !
~ Stelle die Systemeinstellungen wieder her ... OK
########## - EOF - ##########
Geändert von Khael (04.02.2015 um 11:16 Uhr) |
|
04.02.2015, 11:48
| #23 | |
| /// Malwareteam | Windows Updates und Grafikkartentreiber Update nicht möglich Der Befehl bei combofix war falsch geschrieben... Zitat:
Lauft das System stabil? |
|
04.02.2015, 14:10
| #24 |
| | Windows Updates und Grafikkartentreiber Update nicht möglich Na toll  Soll ich Combofix nochmal installieren und dann den uninstall richtig ausführen oder reicht das so? Alles läuft jetzt stabil!  |
|
04.02.2015, 14:17
| #25 |
| /// Malwareteam | Windows Updates und Grafikkartentreiber Update nicht möglich nein Combofix ist soweit weg... ich sehe keine Malwre mehr auf deinem System, daher: zum Absichern: Wunderbar dein System ist soweit ich das sehen kann sauber.  Hier noch ein paar Tipps zur Absicherung deines Systems. Benutzerkonto Einstellungen:  Wir sehen immer wieder User mit Administratorrechten. Hier kann jeder Nutzer eines Windowsrechners schon die erste Türe schließen. Arbeite mit einem eingeschränkten Benutzerkonto anstelle eines Kontos mit Administratorrechten. Diese sind für das tägliche Arbeiten nicht nötig, und solltest du einmal Software installieren wollen wirst du im normalfall nach deinem Passwort gefragt. Systemupdates: Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Besonders Java erfährt zur Zeit regelmäßig sicherheitsrelevante Updates Ältere Versionen enthalten Sicherheitslücken, die von Malware missbraucht werden können.
Antivirensoftware Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen alternatives Browsen Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen. Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann. Wenn du möchtest, kannst du das Trojaner Board Forum mit einer kleinen Spende unterstützen. |
|
08.02.2015, 12:14
| #26 |
| | Windows Updates und Grafikkartentreiber Update nicht möglich Hey Aneri, ich danke dir für all deine Hilfe, super von dir! Spende an euch ist unterwegs! Machs erstmal gut  |
|
08.02.2015, 20:19
| #27 |
| /// Malwareteam | Windows Updates und Grafikkartentreiber Update nicht möglich danke für die Rückmledung, wenn du möchtest kannst du in der Lob und Kiritk Ecke noch einen Satz schreiben |
|
| Themen zu Windows Updates und Grafikkartentreiber Update nicht möglich |
| administrator, bios, converter, cpu, file, firewall, funktioniert nicht mehr, geforce, generic, grafikkarte, home, i8042prt.sys, monitor, neu, nvidia, opera, realtek, sound, strong, system32, systeme, tables, treiber, updates, usb, virus, windows, windows updates, wrapper |
Linear-Darstellung
