|
Plagegeister aller Art und deren Bekämpfung: Frantic Steal/ InintiativeWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
06.08.2015, 21:12 | #1 |
| Frantic Steal/ Inintiative Hallo, ich habe seit geraumer zeit Probleme mit meinem Rechner. Immer wieder wird mit adware/PUP auf meinen Rechner gezogen. Wie diese dort hinkommen ist mir schleierhaft. Nun ist mir ein Programm aufgefallen, welches ich nie selbst installierte es liegt in x86 im Ordner Frantiv Initiative Dort liegen die Dateien Frantic Initiative.exe und .dat. Löschen lassen sich diese Dateien und der Ordner nicht. Im Web finde ich keine Hinweise darauf was dies für ein Programm sein kann. Einen Ähnlichen Post habe ich hier gefunden der auf ein Programm namens Frantic steal hinweist. ADW und Avira erkennen diese Programm nicht als Problematisch an. Könnt Ihr mir helfen? p.s.: Avira und ADW helfen leider auch nicht dabei mich gegen Adware und PUP oder viren zu schützen. Spätestens nach 2 Tagen ist der Rechner wieder verseucht. Gruß Blum |
06.08.2015, 22:11 | #2 | ||
/// Winkelfunktion /// TB-Süch-Tiger™ | Frantic Steal/ Inintiative Hi,
__________________Zitat:
Allerdings lauern auch Adware-Fallen in den Setups, wenn man diese direkt vom Anbieter installiert. Die wollen halt Kohle machen. Und wenn man nicht benutzerdefiniert installiert und dann nichts richtig durchliest landet die Werbekacke halt im System. Zitat:
adwCleaner kannst du hier hier keinen Vorwurf machen, du musst erstmal verstehen was das Programm überhaupt macht und welche Funktion es nicht hat. Es ist KEIN Virenscanner oder "Werbescanner" der ständig im Hintergrund läuft als Echtzeitschutz. der adwCleaner läuft nur manuell, durchsucht das System, listet und entfernt bekannte Junkware. Poste mal alle Logs vom adwCleaner.
__________________ |
09.08.2015, 17:16 | #3 |
| Posten von ADW-Logs Hi, komme leider erst gerade dazu die Logfiles zu posten. Danke für die Hilfe:
__________________Blum Anhang 75444 Anhang 75445 Anhang 75446 Anhang 75447 Anhang 75448 Anhang 75449 Anhang 75450 Anhang 75451 Anhang 75452 |
09.08.2015, 22:22 | #4 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Frantic Steal/ InintiativeLesestoff: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten |
11.08.2015, 19:54 | #5 |
| Logfiles die erste Hallo, Dann versuche ich es mal. Hoffe ich habe Deine Anleitung verstanden. Code:
ATTFilter # AdwCleaner v4.208 - Bericht erstellt 12/07/2015 um 20:36:54 # Aktualisiert 09/07/2015 von Xplode # Datenbank : 2015-07-11.1 [Server] # Betriebssystem : Windows 8.1 (x64) # Benutzername : NukNukHase - TINAPEER # Gestarted von : C:\Users\NukNukHase\AppData\Local\Microsoft\Windows\INetCache\IE\SIV9OOSY\adwcleaner_4.208.exe # Option : Suchlauf ***** [ Dienste ] ***** Dienst Gefunden : CltMngSvc Dienst Gefunden : IHProtect Service Dienst Gefunden : serverjo Dienst Gefunden : WindowsMangerProtect Dienst Gefunden : Update Round World Dienst Gefunden : Util Round World Dienst Gefunden : {237a87b5-881c-4fd8-b80a-c3b471ff75d7}Gw64 Dienst Gefunden : {237a87b5-881c-4fd8-b80a-c3b471ff75d7}w64 Dienst Gefunden : {c6cf689f-ec21-4add-accd-adc0bafcbba6}Gw64 Dienst Gefunden : pfnfd_1_10_0_8 Dienst Gefunden : qrnfd_1_10_0_8 ***** [ Dateien / Ordner ] ***** Datei Gefunden : C:\Users\NukNukHase\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage Datei Gefunden : C:\Users\NukNukHase\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage-journal Datei Gefunden : C:\Users\NukNukHase\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\optimizerpro.lnk Datei Gefunden : C:\Windows\apppatch\apppatch64\vcldr64.dll Datei Gefunden : C:\Windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb Datei Gefunden : C:\Windows\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb Datei Gefunden : C:\Windows\AppPatch\nbin\VC32Loader.dll Datei Gefunden : C:\Windows\System32\drivers\{237a87b5-881c-4fd8-b80a-c3b471ff75d7}Gw64.sys Datei Gefunden : C:\Windows\System32\drivers\{237a87b5-881c-4fd8-b80a-c3b471ff75d7}w64.sys Datei Gefunden : C:\Windows\System32\drivers\{c6cf689f-ec21-4add-accd-adc0bafcbba6}Gw64.sys Ordner Gefunden : C:\Program Files (x86)\globalUpdate Ordner Gefunden : C:\Program Files (x86)\predm Ordner Gefunden : C:\Program Files (x86)\Round World Ordner Gefunden : C:\Program Files (x86)\Round World Ordner Gefunden : C:\Program Files (x86)\SearchProtect Ordner Gefunden : C:\Program Files (x86)\ver1BlockAndSurf Ordner Gefunden : C:\Program Files (x86)\ver1BlockAndSurf Ordner Gefunden : C:\Program Files (x86)\XTab Ordner Gefunden : C:\ProgramData\{651e79fc-8102-bbe4-651e-e79fc810e7f2} Ordner Gefunden : C:\ProgramData\12d56c180000254e Ordner Gefunden : C:\ProgramData\4885219098705052602 Ordner Gefunden : C:\ProgramData\67a37c28000001d2 Ordner Gefunden : C:\ProgramData\7f8e83f800000794 Ordner Gefunden : C:\ProgramData\d4ed9f49000049e5 Ordner Gefunden : C:\ProgramData\e43ece4600003c86 Ordner Gefunden : C:\ProgramData\IHProtectUpDate Ordner Gefunden : C:\ProgramData\Uniblue Ordner Gefunden : C:\ProgramData\WindowsMangerProtect Ordner Gefunden : C:\Users\NUKNUK~1\AppData\Local\Temp\Browser Good Ordner Gefunden : C:\Users\NUKNUK~1\AppData\Local\Temp\Round World Ordner Gefunden : C:\Users\NUKNUK~1\AppData\Local\Temp\Round World Ordner Gefunden : C:\Users\NukNukHase\AppData\Local\globalUpdate Ordner Gefunden : C:\Users\NukNukHase\AppData\Local\pay-by-ads Ordner Gefunden : C:\Users\NukNukHase\AppData\Local\SearchProtect Ordner Gefunden : C:\Users\NukNukHase\AppData\Roaming\Binkiland Ordner Gefunden : C:\Users\NukNukHase\AppData\Roaming\vi-view Ordner Gefunden : C:\Users\NukNukHase\AppData\Roaming\VOPackage ***** [ Geplante Tasks ] ***** Task Gefunden : Binkiland ***** [ Verknüpfungen ] ***** ***** [ Registrierungsdatenbank ] ***** Daten Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\searchprotect\searchprotect\bin\vc32loader.dll Schlüssel Gefunden : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F} Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Crossrider Schlüssel Gefunden : HKCU\Software\Binkiland Browser Schlüssel Gefunden : HKCU\Software\Boost Schlüssel Gefunden : HKCU\Software\Classes\PepperZip Schlüssel Gefunden : HKCU\Software\GAMESDESKTOP Schlüssel Gefunden : HKCU\Software\GlobalUpdate Schlüssel Gefunden : HKCU\Software\InstallCore Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Schlüssel Gefunden : HKCU\Software\OCS Schlüssel Gefunden : HKCU\Software\Optimizer Pro Schlüssel Gefunden : HKCU\Software\Round World Schlüssel Gefunden : HKCU\Software\TutoTag Schlüssel Gefunden : [x64] HKCU\Software\Binkiland Browser Schlüssel Gefunden : [x64] HKCU\Software\Boost Schlüssel Gefunden : [x64] HKCU\Software\GAMESDESKTOP Schlüssel Gefunden : [x64] HKCU\Software\GlobalUpdate Schlüssel Gefunden : [x64] HKCU\Software\InstallCore Schlüssel Gefunden : [x64] HKCU\Software\OCS Schlüssel Gefunden : [x64] HKCU\Software\Optimizer Pro Schlüssel Gefunden : [x64] HKCU\Software\Round World Schlüssel Gefunden : [x64] HKCU\Software\TutoTag Schlüssel Gefunden : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F} Schlüssel Gefunden : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81} Schlüssel Gefunden : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} Schlüssel Gefunden : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} Schlüssel Gefunden : HKLM\SOFTWARE\95a719bd-5880-5e3a-f729-4ac05378f5e8 Schlüssel Gefunden : HKLM\SOFTWARE\Boost Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\driverscanner Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{96BB8E60-6EF9-47E0-9ED8-4AD477ECF427} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66} Schlüssel Gefunden : HKLM\SOFTWARE\GAMESDESKTOP Schlüssel Gefunden : HKLM\SOFTWARE\GlobalUpdate Schlüssel Gefunden : HKLM\SOFTWARE\IHProtect Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D831E399-50FE-84AE-F5F7-0A63AC282464} Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6423EE4-93D8-FA04-D09D-A8598F6EFDFD} Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ASPackage Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage Schlüssel Gefunden : HKLM\SOFTWARE\Round World Schlüssel Gefunden : HKLM\SOFTWARE\SearchProtect Schlüssel Gefunden : HKLM\SOFTWARE\SPPDCOM Schlüssel Gefunden : HKLM\SOFTWARE\SupDp Schlüssel Gefunden : HKLM\SOFTWARE\SupTab Schlüssel Gefunden : HKLM\SOFTWARE\supWindowsMangerProtect Schlüssel Gefunden : HKLM\SOFTWARE\Tutorials Schlüssel Gefunden : HKLM\SOFTWARE\Uniblue Schlüssel Gefunden : HKLM\SOFTWARE\vi-viewSoftware Schlüssel Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update Round World Schlüssel Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util Round World Schlüssel Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Round World Wert Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce [Binkiland] Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce [Binkiland] ***** [ Internetbrowser ] ***** -\\ Internet Explorer v11.0.9600.17840 Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://myhome.vi-view.com/web/?type=ds&ts=1423838359&from=cor&uid=TOSHIBAXMQ01ABF050_Y4GJW7DQTXXY4GJW7DQT&q={searchTerms} Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://myhome.vi-view.com/web/?type=ds&ts=1423838359&from=cor&uid=TOSHIBAXMQ01ABF050_Y4GJW7DQTXXY4GJW7DQT&q={searchTerms} Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://myhome.vi-view.com/web/?type=ds&ts=1423838359&from=cor&uid=TOSHIBAXMQ01ABF050_Y4GJW7DQTXXY4GJW7DQT&q={searchTerms} Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://myhome.vi-view.com/web/?type=ds&ts=1423838359&from=cor&uid=TOSHIBAXMQ01ABF050_Y4GJW7DQTXXY4GJW7DQT&q={searchTerms} -\\ Google Chrome v [C:\Users\NukNukHase\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://binkiland.com/results.php?f=4&q={searchTerms}&a=bnk_ir_15_08&cd=2XzuyEtN2Y1L1QzutAzzyCtA0B0B0AtAtB0B0AzzyE0E0D0AtN0D0Tzu0StCtCyEyCtN1L2XzutAtFyBtFyBtFtCtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StA0C0CyCyCyB0CyCtG0D0FtB0BtGzz0D0DyBtG0E0BtAyCtGtD0ByCzyyE0F0E0C0DtAyDtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyBtB0AyD0E0B0CzztG0F0DyDzytGyEyB0CyDtGzyyD0DyCtG0B0E0CyB0BtAtD0C0BzyyByC2Q&cr=1522903628&ir= [C:\Users\NukNukHase\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://myhome.vi-view.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=TOSHIBAXMQ01ABF050_Y4GJW7DQTXXY4GJW7DQT&ts=1423838408&type=default&q={searchTerms} [C:\Users\NukNukHase\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3330130&octid=EB_ORIGINAL_CTID&ISID=MBAA99E30-E97C-4CFE-8154-5934452F2BA4&SearchSource=58&CUI=&UM=8&UP=SP1AE73458-09E9-4294-92A5-067EEEA01C08&q={searchTerms}&SSPV= ************************* AdwCleaner[R0].txt - [10754 Bytes] - [12/07/2015 20:36:54] ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [10814 Bytes] ########## Code:
ATTFilter # AdwCleaner v4.208 - Bericht erstellt 12/07/2015 um 20:39:08 # Aktualisiert 09/07/2015 von Xplode # Datenbank : 2015-07-11.1 [Server] # Betriebssystem : Windows 8.1 (x64) # Benutzername : NukNukHase - TINAPEER # Gestarted von : C:\Users\NukNukHase\AppData\Local\Microsoft\Windows\INetCache\IE\SIV9OOSY\adwcleaner_4.208.exe # Option : Löschen ***** [ Dienste ] ***** [#] Dienst Gelöscht : CltMngSvc [#] Dienst Gelöscht : IHProtect Service [#] Dienst Gelöscht : serverjo [#] Dienst Gelöscht : WindowsMangerProtect [#] Dienst Gelöscht : Update Round World [#] Dienst Gelöscht : Util Round World Dienst Gelöscht : {237a87b5-881c-4fd8-b80a-c3b471ff75d7}Gw64 Dienst Gelöscht : {237a87b5-881c-4fd8-b80a-c3b471ff75d7}w64 Dienst Gelöscht : {c6cf689f-ec21-4add-accd-adc0bafcbba6}Gw64 [#] Dienst Gelöscht : pfnfd_1_10_0_8 [#] Dienst Gelöscht : qrnfd_1_10_0_8 ***** [ Dateien / Ordner ] ***** Ordner Gelöscht : C:\ProgramData\Uniblue Ordner Gelöscht : C:\ProgramData\WindowsMangerProtect Ordner Gelöscht : C:\ProgramData\IHProtectUpDate Ordner Gelöscht : C:\ProgramData\12d56c180000254e Ordner Gelöscht : C:\ProgramData\4885219098705052602 Ordner Gelöscht : C:\ProgramData\67a37c28000001d2 Ordner Gelöscht : C:\ProgramData\7f8e83f800000794 Ordner Gelöscht : C:\ProgramData\d4ed9f49000049e5 Ordner Gelöscht : C:\ProgramData\e43ece4600003c86 Ordner Gelöscht : C:\ProgramData\{651e79fc-8102-bbe4-651e-e79fc810e7f2} Ordner Gelöscht : C:\Program Files (x86)\globalUpdate Ordner Gelöscht : C:\Program Files (x86)\predm Ordner Gelöscht : C:\Program Files (x86)\SearchProtect Ordner Gelöscht : C:\Program Files (x86)\XTab Ordner Gelöscht : C:\Program Files (x86)\Round World Ordner Gelöscht : C:\Program Files (x86)\ver1BlockAndSurf Ordner Gelöscht : C:\Users\NUKNUK~1\AppData\Local\Temp\Round World Ordner Gelöscht : C:\Users\NUKNUK~1\AppData\Local\Temp\Browser Good Ordner Gelöscht : C:\Users\NukNukHase\AppData\Local\globalUpdate Ordner Gelöscht : C:\Users\NukNukHase\AppData\Local\pay-by-ads Ordner Gelöscht : C:\Users\NukNukHase\AppData\Local\SearchProtect Ordner Gelöscht : C:\Users\NukNukHase\AppData\Roaming\vi-view Ordner Gelöscht : C:\Users\NukNukHase\AppData\Roaming\VOPackage Ordner Gelöscht : C:\Users\NukNukHase\AppData\Roaming\Binkiland Datei Gelöscht : C:\Windows\apppatch\apppatch64\vcldr64.dll Datei Gelöscht : C:\Windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb Datei Gelöscht : C:\Windows\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb Datei Gelöscht : C:\Windows\AppPatch\nbin\VC32Loader.dll Datei Gelöscht : C:\Windows\System32\drivers\{237a87b5-881c-4fd8-b80a-c3b471ff75d7}Gw64.sys Datei Gelöscht : C:\Windows\System32\drivers\{237a87b5-881c-4fd8-b80a-c3b471ff75d7}w64.sys Datei Gelöscht : C:\Windows\System32\drivers\{c6cf689f-ec21-4add-accd-adc0bafcbba6}Gw64.sys Datei Gelöscht : C:\Users\NukNukHase\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\optimizerpro.lnk Datei Gelöscht : C:\Users\NukNukHase\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage Datei Gelöscht : C:\Users\NukNukHase\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage-journal ***** [ Geplante Tasks ] ***** Task Gelöscht : Binkiland ***** [ Verknüpfungen ] ***** ***** [ Registrierungsdatenbank ] ***** Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\driverscanner Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce [Binkiland] Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce [Binkiland] Schlüssel Gelöscht : HKCU\Software\Classes\PepperZip Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update Round World Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util Round World Schlüssel Gelöscht : HKLM\SOFTWARE\95a719bd-5880-5e3a-f729-4ac05378f5e8 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{96BB8E60-6EF9-47E0-9ED8-4AD477ECF427} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5} Schlüssel Gelöscht : HKCU\Software\Boost Schlüssel Gelöscht : HKCU\Software\GlobalUpdate Schlüssel Gelöscht : HKCU\Software\InstallCore Schlüssel Gelöscht : HKCU\Software\OCS Schlüssel Gelöscht : HKCU\Software\Optimizer Pro Schlüssel Gelöscht : HKCU\Software\TutoTag Schlüssel Gelöscht : HKCU\Software\GAMESDESKTOP Schlüssel Gelöscht : HKCU\Software\Binkiland Browser Schlüssel Gelöscht : HKCU\Software\Round World Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F} Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider Schlüssel Gelöscht : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F} Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} Schlüssel Gelöscht : HKLM\SOFTWARE\Boost Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate Schlüssel Gelöscht : HKLM\SOFTWARE\SearchProtect Schlüssel Gelöscht : HKLM\SOFTWARE\SupDp Schlüssel Gelöscht : HKLM\SOFTWARE\SupTab Schlüssel Gelöscht : HKLM\SOFTWARE\supWindowsMangerProtect Schlüssel Gelöscht : HKLM\SOFTWARE\Tutorials Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue Schlüssel Gelöscht : HKLM\SOFTWARE\GAMESDESKTOP Schlüssel Gelöscht : HKLM\SOFTWARE\IHProtect Schlüssel Gelöscht : HKLM\SOFTWARE\vi-viewSoftware Schlüssel Gelöscht : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81} Schlüssel Gelöscht : HKLM\SOFTWARE\SPPDCOM Schlüssel Gelöscht : HKLM\SOFTWARE\Round World Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6423EE4-93D8-FA04-D09D-A8598F6EFDFD} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D831E399-50FE-84AE-F5F7-0A63AC282464} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ASPackage Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Round World Daten Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\searchprotect\searchprotect\bin\vc32loader.dll ***** [ Internetbrowser ] ***** -\\ Internet Explorer v11.0.9600.17840 Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] -\\ Google Chrome v [C:\Users\NukNukHase\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://binkiland.com/results.php?f=4&q={searchTerms}&a=bnk_ir_15_08&cd=2XzuyEtN2Y1L1QzutAzzyCtA0B0B0AtAtB0B0AzzyE0E0D0AtN0D0Tzu0StCtCyEyCtN1L2XzutAtFyBtFyBtFtCtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StA0C0CyCyCyB0CyCtG0D0FtB0BtGzz0D0DyBtG0E0BtAyCtGtD0ByCzyyE0F0E0C0DtAyDtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyBtB0AyD0E0B0CzztG0F0DyDzytGyEyB0CyDtGzyyD0DyCtG0B0E0CyB0BtAtD0C0BzyyByC2Q&cr=1522903628&ir= [C:\Users\NukNukHase\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://myhome.vi-view.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=TOSHIBAXMQ01ABF050_Y4GJW7DQTXXY4GJW7DQT&ts=1423838408&type=default&q={searchTerms} [C:\Users\NukNukHase\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3330130&octid=EB_ORIGINAL_CTID&ISID=MBAA99E30-E97C-4CFE-8154-5934452F2BA4&SearchSource=58&CUI=&UM=8&UP=SP1AE73458-09E9-4294-92A5-067EEEA01C08&q={searchTerms}&SSPV= ************************* AdwCleaner[R0].txt - [10962 Bytes] - [12/07/2015 20:36:54] AdwCleaner[S0].txt - [9491 Bytes] - [12/07/2015 20:39:08] ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9550 Bytes] ########## Code:
ATTFilter # AdwCleaner v4.208 - Bericht erstellt 28/07/2015 um 22:16:31 # Aktualisiert 09/07/2015 von Xplode # Datenbank : 2015-07-26.2 [Server] # Betriebssystem : Windows 8.1 (x64) # Benutzername : NukNukHase - TINAPEER # Gestarted von : C:\Users\NukNukHase\Downloads\adwcleaner_4.208.exe # Option : Suchlauf ***** [ Dienste ] ***** ***** [ Dateien / Ordner ] ***** Ordner Gefunden : C:\ProgramData\giccpnemidhccdkoboopkcehpolcgndn Ordner Gefunden : C:\ProgramData\kgabeoecpiobhjopelddllanaldjmnmb Ordner Gefunden : C:\Users\NukNukHase\AppData\Local\Google\Chrome\User Data\Default\Extensions\clgenfnodoocmhnlnpknojdbjjnmecff Ordner Gefunden : C:\Users\NukNukHase\AppData\Local\Google\Chrome\User Data\Default\Extensions\gceeodfjmkoilhaoehbnhofdpobaohnm ***** [ Geplante Tasks ] ***** ***** [ Verknüpfungen ] ***** ***** [ Registrierungsdatenbank ] ***** Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{38BAB45F-0A8A-48B5-8C46-F2A8C7EEFAEE} Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5E03DFA7-51FC-7C12-CEE5-4D75FBB01E8F} ***** [ Internetbrowser ] ***** -\\ Internet Explorer v11.0.9600.17840 -\\ Google Chrome v [C:\Users\NukNukHase\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gefunden [Extension] : clgenfnodoocmhnlnpknojdbjjnmecff [C:\Users\NukNukHase\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gefunden [Extension] : gceeodfjmkoilhaoehbnhofdpobaohnm [C:\Users\NukNukHase\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gefunden [Extension] : giccpnemidhccdkoboopkcehpolcgndn [C:\Users\NukNukHase\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gefunden [Extension] : kgabeoecpiobhjopelddllanaldjmnmb ************************* AdwCleaner[R0].txt - [10962 Bytes] - [12/07/2015 20:36:54] AdwCleaner[R1].txt - [925 Bytes] - [12/07/2015 20:49:09] AdwCleaner[R2].txt - [1929 Bytes] - [28/07/2015 22:16:31] AdwCleaner[S0].txt - [9658 Bytes] - [12/07/2015 20:39:08] ########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [2047 Bytes] ########## Code:
ATTFilter # AdwCleaner v4.208 - Bericht erstellt 06/08/2015 um 21:16:46 # Aktualisiert 09/07/2015 von Xplode # Datenbank : 2015-08-01.1 [Server] # Betriebssystem : Windows 8.1 (x64) # Benutzername : NukNukHase - TINAPEER # Gestarted von : C:\Users\NukNukHase\Downloads\adwcleaner_4.208.exe # Option : Suchlauf ***** [ Dienste ] ***** Dienst Gefunden : 4aad814a Dienst Gefunden : 5965d0db ***** [ Dateien / Ordner ] ***** Ordner Gefunden : C:\Program Files (x86)\JoNiCouupon Ordner Gefunden : C:\Program Files (x86)\PrriNiceCoupOn Ordner Gefunden : C:\ProgramData\aegpkokhhoddoaeoaempefeamkogdjpb Ordner Gefunden : C:\ProgramData\fdanibbolbilhmmhjhipohladgnimpgc Ordner Gefunden : C:\Users\NukNukHase\AppData\Local\Google\Chrome\User Data\Default\Extensions\egclcjdpndeoioimlbbbmdhcaopnedkp Ordner Gefunden : C:\Users\NukNukHase\AppData\Local\Google\Chrome\User Data\Default\Extensions\epojjbofkhffmihobdncmbhdocjljhpi Ordner Gefunden : C:\Users\NukNukHase\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkakfimgbmogkpmjokgnbbanmmemcdij Ordner Gefunden : C:\Users\NukNukHase\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbacbcfdfaapbcnlnbmciiaakomhkbkb ***** [ Geplante Tasks ] ***** ***** [ Verknüpfungen ] ***** ***** [ Registrierungsdatenbank ] ***** Schlüssel Gefunden : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81} Schlüssel Gefunden : HKLM\SOFTWARE\95a719bd-5880-5e3a-f729-4ac05378f5e8 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{4aad814a} Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{5965d0db} Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{51417852-174C-88D4-34A0-D0FE7858BE47} Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CA8C94BE-9F47-1B2E-90F8-D8C07119BD96} Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D86C82B0-1F02-816A-5F3D-6466F6A67566} ***** [ Internetbrowser ] ***** -\\ Internet Explorer v11.0.9600.17840 Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxps://safesearch.avira.com/ Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxps://safesearch.avira.com/ Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxps://safesearch.avira.com/ Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxps://safesearch.avira.com/ Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxps://safesearch.avira.com/ Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxps://safesearch.avira.com/ Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxps://safesearch.avira.com/ Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxps://safesearch.avira.com/ Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxps://safesearch.avira.com/ Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxps://safesearch.avira.com/ Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxps://safesearch.avira.com/ -\\ Google Chrome v |
11.08.2015, 21:08 | #6 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Frantic Steal/ Inintiative 1. Schritt: Malwarebytes (MBAM) Downloade Dir bitte Malwarebytes Anti-Malware
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ --> Frantic Steal/ Inintiative |
01.09.2015, 19:42 | #7 |
| Frisches Log Hallo, Anbei das Log mit frst. Das Log ist vom 28.08. Schritt 1 MBAM ausgeführt. Schritt 2 JRT durchlaufen lassen. Schritt 3 Log mit FRST. Heute habe ich das erste mal seit dem 28.ten meinen Rechner benutzt. Direkt Meldungen von Avira und Defender bekommen. Zudem dann MBAM durchlaufen lassen. MBAM hat nichts erkannt. Danach ADWCleaner laufen lassen. 2 Meldungen. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:28-08-2015 durchgeführt von NukNukHase (Administrator) auf TINAPEER (28-08-2015 21:27:59) Gestartet von C:\Users\NukNukHase\Downloads Geladene Profile: NukNukHase & (Verfügbare Profile: NukNukHase) Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: IE) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Alle) ========================= (Microsoft Corporation) C:\Windows\System32\smss.exe (Microsoft Corporation) C:\Windows\System32\csrss.exe (Microsoft Corporation) C:\Windows\System32\wininit.exe (Microsoft Corporation) C:\Windows\System32\csrss.exe (Microsoft Corporation) C:\Windows\System32\services.exe (Microsoft Corporation) C:\Windows\System32\lsass.exe (Microsoft Corporation) C:\Windows\System32\winlogon.exe (Microsoft Corporation) C:\Windows\System32\svchost.exe (Microsoft Corporation) C:\Windows\System32\svchost.exe (Microsoft Corporation) C:\Windows\System32\dwm.exe (Microsoft Corporation) C:\Windows\System32\svchost.exe (Microsoft Corporation) C:\Windows\System32\svchost.exe (Microsoft Corporation) C:\Windows\System32\svchost.exe (Microsoft Corporation) C:\Windows\System32\svchost.exe (Microsoft Corporation) C:\Windows\System32\svchost.exe (Microsoft Corporation) C:\Windows\System32\spoolsv.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Microsoft Corporation) C:\Windows\System32\svchost.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Microsoft Corporation) C:\Windows\System32\svchost.exe (Microsoft Corporation) C:\Windows\System32\svchost.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Microsoft Corporation) C:\Windows\System32\svchost.exe (Microsoft Corporation) C:\Windows\System32\svchost.exe (Microsoft Corporation) C:\Windows\System32\svchost.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (Microsoft Corporation) C:\Windows\System32\svchost.exe (Microsoft Corporation) C:\Windows\System32\svchost.exe (Microsoft Corporation) C:\Windows\System32\svchost.exe (Microsoft Corporation) C:\Windows\explorer.exe (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnetwk.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\audiodg.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Farbar) C:\Users\NukNukHase\Downloads\FRST64.exe ==================== Registry (Alle) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7659224 2015-05-31] (Realtek Semiconductor) HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Hewlett-Packard) HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Hewlett-Packard) HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Hewlett-Packard) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818800 2014-06-04] (Synaptics Incorporated) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-06-06] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-04-01] (Hewlett-Packard Company) HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [506680 2014-06-06] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782008 2015-08-28] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation) HKLM\...\Winlogon: [Userinit] C:\Windows\System32\Userinit.exe, [26112 2014-10-29] (Microsoft Corporation) HKLM-x32\...\Winlogon: [Userinit] C:\Windows\sysWOW64\userinit.exe [22528 2014-10-29] (Microsoft Corporation) HKLM\...\Winlogon: [Shell] explorer.exe [2501368 2015-01-28] (Microsoft Corporation) HKLM-x32\...\Winlogon: [Shell] explorer.exe [2207488 2015-01-28] (Microsoft Corporation) HKLM\...\Policies\Explorer: [ForceActiveDesktopOn] 0 HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1 HKLM\...\Policies\Explorer: [NoActiveDesktop] 1 Lsa: [Authentication Packages] msv1_0 Lsa: [Notification Packages] scecli SecurityProviders: credssp.dll Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-07-16] ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - Keine Datei SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - Keine Datei ShellIconOverlayIdentifiers: [EnhancedStorageShell] -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => C:\Windows\System32\EhStorShell.dll [2014-10-29] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft) ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft) BootExecute: autocheck autochk * AlternateShell: cmd.exe GroupPolicy: Gruppenrichtline auf Chrome erkannt <======= ACHTUNG CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ACHTUNG ==================== Internet (Alle) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT14/4 HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPNOT14/4 HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4 HKU\S-1-5-21-825403379-3483643477-1751255415-1002\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm HKU\S-1-5-21-825403379-3483643477-1751255415-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKU\S-1-5-21-825403379-3483643477-1751255415-1002\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\S-1-5-21-825403379-3483643477-1751255415-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKU\S-1-5-21-825403379-3483643477-1751255415-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ HKU\S-1-5-21-825403379-3483643477-1751255415-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm HKU\S-1-5-21-825403379-3483643477-1751255415-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKU\S-1-5-21-825403379-3483643477-1751255415-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\S-1-5-21-825403379-3483643477-1751255415-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKU\S-1-5-21-825403379-3483643477-1751255415-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ URLSearchHook: HKU\S-1-5-21-825403379-3483643477-1751255415-1002 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation) URLSearchHook: HKU\S-1-5-21-825403379-3483643477-1751255415-1002 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation) URLSearchHook: HKU\S-1-5-21-825403379-3483643477-1751255415-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation) URLSearchHook: HKU\S-1-5-21-825403379-3483643477-1751255415-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation) SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {DF74B544-A92E-4414-9C2A-BFFE58538D60} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-825403379-3483643477-1751255415-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 SearchScopes: HKU\S-1-5-21-825403379-3483643477-1751255415-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 SearchScopes: HKU\S-1-5-21-825403379-3483643477-1751255415-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 SearchScopes: HKU\S-1-5-21-825403379-3483643477-1751255415-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 BHO: PrriNiceCoupOn -> {FB5F9ED8-7133-4D14-9C3D-F52334512A2A} -> C:\Program Files (x86)\PrriNiceCoupOn\8CRXT5tsPUK6kq.x64.dll Keine Datei BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-31] (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-31] (Oracle Corporation) Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft) Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft) Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2015-08-11] (Microsoft Corporation) Handler-x32: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2015-08-11] (Microsoft Corporation) Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll [2015-07-16] (Microsoft Corporation) Handler-x32: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll [2015-07-16] (Microsoft Corporation) Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll [2014-10-29] (Microsoft Corporation) Handler-x32: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll [2014-10-29] (Microsoft Corporation) Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2015-07-16] (Microsoft Corporation) Handler-x32: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2015-07-16] (Microsoft Corporation) Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2015-07-16] (Microsoft Corporation) Handler-x32: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2015-07-16] (Microsoft Corporation) Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2015-07-16] (Microsoft Corporation) Handler-x32: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2015-07-16] (Microsoft Corporation) Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2015-07-16] (Microsoft Corporation) Handler-x32: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2015-07-16] (Microsoft Corporation) Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll [2014-10-29] (Microsoft Corporation) Handler-x32: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll [2014-10-29] (Microsoft Corporation) Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2015-08-11] (Microsoft Corporation) Handler-x32: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2015-08-11] (Microsoft Corporation) Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2015-07-16] (Microsoft Corporation) Handler-x32: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2015-07-16] (Microsoft Corporation) Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2015-08-11] (Microsoft Corporation) Handler-x32: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2015-08-11] (Microsoft Corporation) Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll [2015-07-16] (Microsoft Corporation) Handler-x32: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll [2015-07-16] (Microsoft Corporation) Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2015-07-16] (Microsoft Corporation) Handler-x32: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2015-07-16] (Microsoft Corporation) Handler-x32: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll [2012-11-10] (Microsoft Corporation) Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll [2014-10-29] (Microsoft Corporation) Handler-x32: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll [2014-10-29] (Microsoft Corporation) Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2015-08-11] (Microsoft Corporation) Handler-x32: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2015-08-11] (Microsoft Corporation) Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll [2014-10-29] (Microsoft Corporation) Handler-x32: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\msvidctl.dll [2014-10-29] (Microsoft Corporation) Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2015-08-11] (Microsoft Corporation) Handler-x32: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2015-08-11] (Microsoft Corporation) Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll [2013-08-22] (Microsoft Corporation) Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll [2013-08-22] (Microsoft Corporation) Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll [2013-08-22] (Microsoft Corporation) Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll [2013-08-22] (Microsoft Corporation) Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll [2013-08-22] (Microsoft Corporation) Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll [2013-08-22] (Microsoft Corporation) Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL [2010-02-28] (Microsoft Corporation) Filter-x32: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL [2012-10-31] (Microsoft Corporation) Winsock: Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [55296 2015-05-21] (Microsoft Corporation) Winsock: Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [70144 2015-05-21] (Microsoft Corporation) Winsock: Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [70144 2015-05-21] (Microsoft Corporation) Winsock: Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [65536 2015-02-21] (Microsoft Corporation) Winsock: Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [286208 2015-05-21] (Microsoft Corporation) Winsock: Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [23040 2015-05-21] (Microsoft Corporation) Winsock: Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [50688 2015-05-21] (Microsoft Corporation) Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.) Winsock: Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [286208 2015-05-21] (Microsoft Corporation) Winsock: Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [286208 2015-05-21] (Microsoft Corporation) Winsock: Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [286208 2015-05-21] (Microsoft Corporation) Winsock: Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [286208 2015-05-21] (Microsoft Corporation) Winsock: Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [286208 2015-05-21] (Microsoft Corporation) Winsock: Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [286208 2015-05-21] (Microsoft Corporation) Winsock: Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [286208 2015-05-21] (Microsoft Corporation) Winsock: Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [286208 2015-05-21] (Microsoft Corporation) Winsock: Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [286208 2015-05-21] (Microsoft Corporation) Winsock: Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [286208 2015-05-21] (Microsoft Corporation) Winsock: Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [286208 2015-05-21] (Microsoft Corporation) Winsock: Catalog5-x64 01 C:\Windows\system32\napinsp.dll [69120 2015-05-21] (Microsoft Corporation) Winsock: Catalog5-x64 02 C:\Windows\system32\pnrpnsp.dll [88576 2015-05-21] (Microsoft Corporation) Winsock: Catalog5-x64 03 C:\Windows\system32\pnrpnsp.dll [88576 2015-05-21] (Microsoft Corporation) Winsock: Catalog5-x64 04 C:\Windows\system32\NLAapi.dll [86016 2015-02-21] (Microsoft Corporation) Winsock: Catalog5-x64 05 C:\Windows\System32\mswsock.dll [339456 2015-05-21] (Microsoft Corporation) Winsock: Catalog5-x64 06 C:\Windows\System32\winrnr.dll [30720 2015-05-21] (Microsoft Corporation) Winsock: Catalog5-x64 07 C:\Windows\system32\wshbth.dll [63488 2015-05-21] (Microsoft Corporation) Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc.) Winsock: Catalog9-x64 01 C:\Windows\system32\mswsock.dll [339456 2015-05-21] (Microsoft Corporation) Winsock: Catalog9-x64 02 C:\Windows\system32\mswsock.dll [339456 2015-05-21] (Microsoft Corporation) Winsock: Catalog9-x64 03 C:\Windows\system32\mswsock.dll [339456 2015-05-21] (Microsoft Corporation) Winsock: Catalog9-x64 04 C:\Windows\system32\mswsock.dll [339456 2015-05-21] (Microsoft Corporation) Winsock: Catalog9-x64 05 C:\Windows\system32\mswsock.dll [339456 2015-05-21] (Microsoft Corporation) Winsock: Catalog9-x64 06 C:\Windows\system32\mswsock.dll [339456 2015-05-21] (Microsoft Corporation) Winsock: Catalog9-x64 07 C:\Windows\system32\mswsock.dll [339456 2015-05-21] (Microsoft Corporation) Winsock: Catalog9-x64 08 C:\Windows\system32\mswsock.dll [339456 2015-05-21] (Microsoft Corporation) Winsock: Catalog9-x64 09 C:\Windows\system32\mswsock.dll [339456 2015-05-21] (Microsoft Corporation) Winsock: Catalog9-x64 10 C:\Windows\system32\mswsock.dll [339456 2015-05-21] (Microsoft Corporation) Winsock: Catalog9-x64 11 C:\Windows\system32\mswsock.dll [339456 2015-05-21] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{3CC82C11-7088-4DF5-8E80-4A3DD823AC7F}: [DhcpNameServer] 40.27.1.201 Tcpip\..\Interfaces\{BD31436B-F0EC-4A7A-954D-7146FAEC9B20}: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] () FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-31] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-31] (Oracle Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) Chrome: ======= CHR dev: Chrome dev build erkannt! <======= ACHTUNG CHR StartupUrls: Default -> "hxxp://www.google.de/" CHR Profile: C:\Users\NukNukHase\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\NukNukHase\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-02-20] CHR Extension: (YouTube) - C:\Users\NukNukHase\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-20] CHR Extension: (Google Search) - C:\Users\NukNukHase\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-20] CHR Extension: (Google Wallet) - C:\Users\NukNukHase\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-20] CHR Extension: (Gmail) - C:\Users\NukNukHase\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-20] ==================== Dienste (Alle) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [140288 2014-06-05] () [Datei ist nicht signiert] R3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [214528 2014-10-29] (Microsoft Corporation) S3 ALG; C:\Windows\System32\alg.exe [96768 2014-10-29] (Microsoft Corporation) S2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [240128 2014-06-06] (AMD) S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-06-05] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert] S4 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [887128 2015-07-15] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-08-28] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-08-28] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1213072 2015-08-28] (Avira Operations GmbH & Co. KG) R2 AppHostSvc; C:\Windows\system32\inetsrv\apphostsvc.dll [66048 2014-04-03] (Microsoft Corporation) S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [39424 2014-10-29] (Microsoft Corporation) R3 Appinfo; C:\Windows\System32\appinfo.dll [110080 2014-10-29] (Microsoft Corporation) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.) S3 AppReadiness; C:\Windows\system32\AppReadiness.dll [562688 2014-10-29] (Microsoft Corporation) S3 AppXSvc; C:\Windows\system32\appxdeploymentserver.dll [1348096 2014-10-29] (Microsoft Corporation) S3 aspnet_state; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [50784 2013-08-10] (Microsoft Corporation) R2 AudioEndpointBuilder; C:\Windows\System32\AudioEndpointBuilder.dll [230400 2015-05-30] (Microsoft Corporation) R2 Audiosrv; C:\Windows\System32\Audiosrv.dll [911360 2015-05-30] (Microsoft Corporation) S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [111104 2014-10-29] (Microsoft Corporation) S3 BDESVC; C:\Windows\System32\bdesvc.dll [348672 2014-10-29] (Microsoft Corporation) R2 BFE; C:\Windows\System32\bfe.dll [845312 2014-10-29] (Microsoft Corporation) R2 BITS; C:\Windows\System32\qmgr.dll [933376 2014-10-29] (Microsoft Corporation) S2 Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [462184 2011-08-30] (Apple Inc.) R2 BrokerInfrastructure; C:\Windows\System32\bisrv.dll [270336 2014-10-29] (Microsoft Corporation) R3 Browser; C:\Windows\System32\browser.dll [135168 2014-10-29] (Microsoft Corporation) S2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [88064 2014-03-05] () [Datei ist nicht signiert] S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation) R3 bthserv; C:\Windows\system32\bthserv.dll [94720 2014-10-29] (Microsoft Corporation) S3 CertPropSvc; C:\Windows\System32\certprop.dll [156160 2014-10-29] (Microsoft Corporation) R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [131584 2014-10-29] (Microsoft Corporation) R2 DcomLaunch; C:\Windows\system32\rpcss.dll [817664 2014-10-29] (Microsoft Corporation) S3 defragsvc; C:\Windows\System32\defragsvc.dll [524288 2014-10-29] (Microsoft Corporation) R2 DeviceAssociationService; C:\Windows\system32\das.dll [407040 2014-10-29] (Microsoft Corporation) S3 DeviceInstall; C:\Windows\system32\umpnpmgr.dll [116736 2014-10-29] (Microsoft Corporation) R2 Dhcp; C:\Windows\system32\dhcpcore.dll [365056 2014-10-29] (Microsoft Corporation) R2 Dhcp; C:\Windows\SysWOW64\dhcpcore.dll [292864 2014-10-29] (Microsoft Corporation) R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1430528 2015-05-25] (Microsoft Corporation) R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [252416 2014-10-29] (Microsoft Corporation) S3 dot3svc; C:\Windows\System32\dot3svc.dll [262144 2014-10-29] (Microsoft Corporation) R2 DPS; C:\Windows\system32\dps.dll [174080 2014-10-29] (Microsoft Corporation) S3 DsmSvc; C:\Windows\System32\DeviceSetupManager.dll [206848 2014-10-29] (Microsoft Corporation) S3 Eaphost; C:\Windows\System32\eapsvc.dll [110592 2014-10-29] (Microsoft Corporation) S3 EFS; C:\Windows\system32\efssvc.dll [41472 2014-10-29] (Microsoft Corporation) R2 EventLog; C:\Windows\System32\wevtsvc.dll [1696256 2015-03-06] (Microsoft Corporation) R2 EventSystem; C:\Windows\system32\es.dll [516608 2014-10-29] (Microsoft Corporation) R2 EventSystem; C:\Windows\SysWOW64\es.dll [367616 2014-10-29] (Microsoft Corporation) S3 Fax; C:\Windows\system32\fxssvc.exe [658944 2014-10-29] (Microsoft Corporation) R3 fdPHost; C:\Windows\system32\fdPHost.dll [22016 2014-10-29] (Microsoft Corporation) R3 FDResPub; C:\Windows\system32\fdrespub.dll [34816 2014-10-29] (Microsoft Corporation) S3 fhsvc; C:\Windows\system32\fhsvc.dll [121856 2014-10-29] (Microsoft Corporation) R2 FontCache; C:\Windows\system32\FntCache.dll [1381888 2015-07-29] (Microsoft Corporation) R3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [43696 2014-03-18] (Microsoft Corporation) S2 gpsvc; C:\Windows\System32\gpsvc.dll [1360896 2014-10-29] (Microsoft Corporation) S3 hidserv; C:\Windows\system32\hidserv.dll [33792 2014-10-29] (Microsoft Corporation) S3 hidserv; C:\Windows\SysWOW64\hidserv.dll [30720 2014-10-29] (Microsoft Corporation) S3 hkmsvc; C:\Windows\system32\kmsvc.dll [101376 2014-10-29] (Microsoft Corporation) R3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [275968 2014-10-29] (Microsoft Corporation) R3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [445952 2014-10-29] (Microsoft Corporation) R3 HomeGroupProvider; C:\Windows\SysWOW64\provsvc.dll [366080 2014-10-29] (Microsoft Corporation) R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [99128 2015-05-19] (Hewlett-Packard Company) R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [254824 2011-09-20] (Hewlett-Packard Co.) R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [138600 2011-04-29] (Hewlett-Packard Co.) S3 hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [1129760 2014-05-19] (Hewlett-Packard Company) R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [Datei ist nicht signiert] S2 hpsrv; C:\Windows\system32\Hpservice.exe [43320 2013-07-23] (Hewlett-Packard Company) S2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [475960 2014-06-06] (Hewlett-Packard Development Company, L.P.) S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [114688 2014-10-31] (Microsoft Corporation) R2 IKEEXT; C:\Windows\System32\ikeext.dll [1084416 2014-10-29] (Microsoft Corporation) R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [926208 2014-10-29] (Microsoft Corporation) S3 iPod Service; C:\Program Files\iPod\bin\iPodService.exe [643880 2015-04-07] (Apple Inc.) R3 KeyIso; C:\Windows\system32\keyiso.dll [62464 2014-10-29] (Microsoft Corporation) R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [46592 2014-10-29] (Microsoft Corporation) S3 KtmRm; C:\Windows\system32\msdtckrm.dll [373248 2014-10-29] (Microsoft Corporation) R2 LanmanServer; C:\Windows\system32\srvsvc.dll [329216 2014-10-29] (Microsoft Corporation) R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [289280 2014-10-29] (Microsoft Corporation) S3 lfsvc; C:\Windows\System32\GeofenceMonitorService.dll [522240 2015-05-07] (Microsoft Corporation) S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [367104 2015-05-07] (Microsoft Corporation) S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [279040 2014-10-29] (Microsoft Corporation) R2 lmhosts; C:\Windows\System32\lmhsvc.dll [24576 2014-10-29] (Microsoft Corporation) R2 LSM; C:\Windows\System32\lsm.dll [780800 2015-02-21] (Microsoft Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) R2 MMCSS; C:\Windows\system32\mmcss.dll [71168 2014-10-29] (Microsoft Corporation) R2 MpsSvc; C:\Windows\system32\mpssvc.dll [880640 2014-10-29] (Microsoft Corporation) S3 MSDTC; C:\Windows\System32\msdtc.exe [144384 2014-10-29] (Microsoft Corporation) S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [151040 2014-10-29] (Microsoft Corporation) S3 msiserver; C:\Windows\System32\msiexec.exe [65024 2015-06-16] (Microsoft Corporation) S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [59904 2015-06-15] (Microsoft Corporation) S3 napagent; C:\Windows\system32\qagentRT.dll [446464 2014-10-29] (Microsoft Corporation) S3 NcaSvc; C:\Windows\System32\ncasvc.dll [166400 2014-10-29] (Microsoft Corporation) R3 NcbService; C:\Windows\System32\ncbservice.dll [154112 2014-10-29] (Microsoft Corporation) R3 NcdAutoSetup; C:\Windows\System32\NcdAutoSetup.dll [74752 2014-10-29] (Microsoft Corporation) R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert] S3 Netlogon; C:\Windows\system32\netlogon.dll [838656 2014-10-29] (Microsoft Corporation) S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [695296 2014-10-29] (Microsoft Corporation) S3 Netman; C:\Windows\System32\netman.dll [266752 2014-10-29] (Microsoft Corporation) R3 netprofm; C:\Windows\System32\netprofmsvc.dll [550912 2014-10-29] (Microsoft Corporation) S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139856 2013-08-10] (Microsoft Corporation) R2 NlaSvc; C:\Windows\System32\nlasvc.dll [391680 2014-12-06] (Microsoft Corporation) R2 nsi; C:\Windows\system32\nsisvc.dll [28672 2014-10-29] (Microsoft Corporation) S2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [Datei ist nicht signiert] S3 ose; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [149352 2010-01-09] (Microsoft Corporation) S3 osppsvc; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [4925184 2010-01-09] (Microsoft Corporation) R3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [380416 2014-10-29] (Microsoft Corporation) R3 p2psvc; C:\Windows\system32\p2psvc.dll [440832 2014-10-29] (Microsoft Corporation) R2 PcaSvc; C:\Windows\System32\pcasvc.dll [474112 2014-10-29] (Microsoft Corporation) S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [21504 2013-08-22] (Microsoft Corporation) S3 pla; C:\Windows\system32\pla.dll [1526784 2014-10-29] (Microsoft Corporation) S3 pla; C:\Windows\SysWOW64\pla.dll [1534464 2014-10-29] (Microsoft Corporation) R3 PlugPlay; C:\Windows\system32\umpnpmgr.dll [116736 2014-10-29] (Microsoft Corporation) R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert] S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [26624 2014-10-29] (Microsoft Corporation) R3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [380416 2014-10-29] (Microsoft Corporation) S3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [397312 2014-10-29] (Microsoft Corporation) R2 Power; C:\Windows\system32\umpo.dll [80384 2014-10-29] (Microsoft Corporation) S3 PrintNotify; C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll [2899968 2014-08-16] (Microsoft Corporation) R2 ProfSvc; C:\Windows\system32\profsvc.dll [227328 2015-05-03] (Microsoft Corporation) S3 QWAVE; C:\Windows\system32\qwave.dll [303104 2014-10-29] (Microsoft Corporation) S3 RasAuto; C:\Windows\System32\rasauto.dll [102912 2014-10-29] (Microsoft Corporation) S3 RasMan; C:\Windows\System32\rasmans.dll [542208 2014-10-29] (Microsoft Corporation) S4 RemoteAccess; C:\Windows\System32\mprdim.dll [226816 2014-10-29] (Microsoft Corporation) S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [183296 2014-10-29] (Microsoft Corporation) S4 RemoteRegistry; C:\Windows\system32\regsvc.dll [166400 2014-10-29] (Microsoft Corporation) S2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] () R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [80896 2014-10-29] (Microsoft Corporation) S3 RpcLocator; C:\Windows\system32\locator.exe [10240 2014-10-29] (Microsoft Corporation) R2 RpcSs; C:\Windows\system32\rpcss.dll [817664 2014-10-29] (Microsoft Corporation) S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [292568 2015-05-31] (Realtek Semiconductor) R2 SamSs; C:\Windows\system32\lsass.exe [47024 2014-10-29] (Microsoft Corporation) S4 SCardSvr; C:\Windows\System32\SCardSvr.dll [194048 2014-10-29] (Microsoft Corporation) S3 ScDeviceEnum; C:\Windows\System32\ScDeviceEnum.dll [131072 2014-10-29] (Microsoft Corporation) R2 Schedule; C:\Windows\system32\schedsvc.dll [1265152 2014-10-29] (Microsoft Corporation) S3 SCPolicySvc; C:\Windows\System32\certprop.dll [156160 2014-10-29] (Microsoft Corporation) S3 seclogon; C:\Windows\system32\seclogon.dll [31744 2014-10-29] (Microsoft Corporation) R2 SENS; C:\Windows\System32\sens.dll [73728 2014-10-29] (Microsoft Corporation) S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [243200 2014-10-29] (Microsoft Corporation) S3 SessionEnv; C:\Windows\system32\sessenv.dll [339968 2014-10-29] (Microsoft Corporation) S3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [296448 2014-10-29] (Microsoft Corporation) S4 SharedAccess; C:\Windows\System32\ipnathlp.dll [452608 2014-10-29] (Microsoft Corporation) R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [640000 2014-10-29] (Microsoft Corporation) R2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [576512 2014-10-29] (Microsoft Corporation) S3 smphost; C:\Windows\System32\smphost.dll [13312 2014-10-29] (Microsoft Corporation) S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2014-10-29] (Microsoft Corporation) S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14848 2014-10-29] (Microsoft Corporation) R2 Spooler; C:\Windows\System32\spoolsv.exe [827392 2014-10-29] (Microsoft Corporation) S2 sppsvc; C:\Windows\system32\sppsvc.exe [6353960 2014-03-18] (Microsoft Corporation) R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [249344 2014-10-29] (Microsoft Corporation) S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [142848 2014-10-29] (Microsoft Corporation) R2 stisvc; C:\Windows\System32\wiaservc.dll [670720 2014-10-29] (Microsoft Corporation) S3 StorSvc; C:\Windows\system32\storsvc.dll [20480 2014-10-29] (Microsoft Corporation) S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [17920 2014-10-29] (Microsoft Corporation) S3 svsvc; C:\Windows\system32\svsvc.dll [13312 2014-10-29] (Microsoft Corporation) S3 swprv; C:\Windows\System32\swprv.dll [706048 2014-10-29] (Microsoft Corporation) S2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [191728 2014-06-04] (Synaptics Incorporated) R2 SysMain; C:\Windows\system32\sysmain.dll [1217024 2015-07-10] (Microsoft Corporation) R2 SystemEventsBroker; C:\Windows\System32\SystemEventsBrokerServer.dll [294912 2015-05-12] (Microsoft Corporation) S3 TabletInputService; C:\Windows\System32\TabSvc.dll [154624 2014-10-29] (Microsoft Corporation) S3 TapiSrv; C:\Windows\System32\tapisrv.dll [313344 2014-10-29] (Microsoft Corporation) S3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [254464 2014-10-29] (Microsoft Corporation) S2 tbaseprovisioning; C:\Windows\SysWOW64\tbaseprovisioning.exe [51712 2014-04-17] (Advanced Micro Devices, Inc.) S3 TermService; C:\Windows\System32\termsrv.dll [1114624 2014-10-29] (Microsoft Corporation) R2 Themes; C:\Windows\system32\themeservice.dll [59392 2014-10-29] (Microsoft Corporation) S3 THREADORDER; C:\Windows\system32\mmcss.dll [71168 2014-10-29] (Microsoft Corporation) R3 TimeBroker; C:\Windows\System32\TimeBrokerServer.dll [262656 2014-10-29] (Microsoft Corporation) R2 TrkWks; C:\Windows\System32\trkwks.dll [124416 2014-10-29] (Microsoft Corporation) S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [106496 2014-10-29] (Microsoft Corporation) S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [41984 2014-10-29] (Microsoft Corporation) S3 UmRdpService; C:\Windows\System32\umrdp.dll [300032 2014-10-29] (Microsoft Corporation) R3 upnphost; C:\Windows\System32\upnphost.dll [457728 2014-10-29] (Microsoft Corporation) R3 upnphost; C:\Windows\SysWOW64\upnphost.dll [331776 2014-10-29] (Microsoft Corporation) R3 VaultSvc; C:\Windows\System32\vaultsvc.dll [260608 2014-10-29] (Microsoft Corporation) S3 vds; C:\Windows\System32\vds.exe [1313792 2014-10-29] (Microsoft Corporation) S3 vmicguestinterface; C:\Windows\System32\ICSvc.dll [524800 2014-10-29] (Microsoft Corporation) S3 vmicheartbeat; C:\Windows\System32\ICSvc.dll [524800 2014-10-29] (Microsoft Corporation) S3 vmickvpexchange; C:\Windows\System32\ICSvc.dll [524800 2014-10-29] (Microsoft Corporation) S3 vmicrdv; C:\Windows\System32\ICSvc.dll [524800 2014-10-29] (Microsoft Corporation) S3 vmicshutdown; C:\Windows\System32\ICSvc.dll [524800 2014-10-29] (Microsoft Corporation) S3 vmictimesync; C:\Windows\System32\ICSvc.dll [524800 2014-10-29] (Microsoft Corporation) S3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-10-29] (Microsoft Corporation) S3 VSS; C:\Windows\system32\vssvc.exe [1454080 2014-10-29] (Microsoft Corporation) S3 W32Time; C:\Windows\system32\w32time.dll [411648 2014-10-29] (Microsoft Corporation) S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-04-03] (Microsoft Corporation) S3 WAS; C:\Windows\system32\inetsrv\iisw3adm.dll [546304 2014-04-03] (Microsoft Corporation) S3 wbengine; C:\Windows\system32\wbengine.exe [1571328 2014-10-29] (Microsoft Corporation) S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [465920 2014-10-29] (Microsoft Corporation) R2 Wcmsvc; C:\Windows\System32\wcmsvc.dll [374784 2014-10-29] (Microsoft Corporation) S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [465920 2014-10-29] (Microsoft Corporation) S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [43520 2014-10-29] (Microsoft Corporation) S3 WcsPlugInService; C:\Windows\SysWOW64\WcsPlugInService.dll [34304 2014-10-29] (Microsoft Corporation) R3 WdiServiceHost; C:\Windows\system32\wdi.dll [95744 2014-10-29] (Microsoft Corporation) R3 WdiServiceHost; C:\Windows\SysWOW64\wdi.dll [84992 2014-10-29] (Microsoft Corporation) R3 WdiSystemHost; C:\Windows\system32\wdi.dll [95744 2014-10-29] (Microsoft Corporation) R3 WdiSystemHost; C:\Windows\SysWOW64\wdi.dll [84992 2014-10-29] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WebClient; C:\Windows\System32\webclnt.dll [228864 2015-07-02] (Microsoft Corporation) S3 WebClient; C:\Windows\SysWOW64\webclnt.dll [198656 2015-07-01] (Microsoft Corporation) S3 Wecsvc; C:\Windows\system32\wecsvc.dll [209408 2014-10-29] (Microsoft Corporation) S3 WEPHOSTSVC; C:\Windows\system32\wephostsvc.dll [26112 2014-10-29] (Microsoft Corporation) S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [84992 2014-10-29] (Microsoft Corporation) S3 WerSvc; C:\Windows\System32\WerSvc.dll [108544 2014-10-29] (Microsoft Corporation) S3 WiaRpc; C:\Windows\System32\wiarpc.dll [67584 2014-10-29] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) R3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [802816 2014-10-29] (Microsoft Corporation) R3 WinHttpAutoProxySvc; C:\Windows\SysWOW64\winhttp.dll [631808 2014-10-29] (Microsoft Corporation) R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [230400 2014-10-29] (Microsoft Corporation) S3 WinRM; C:\Windows\system32\WsmSvc.dll [2608640 2014-10-29] (Microsoft Corporation) S3 WinRM; C:\Windows\SysWOW64\WsmSvc.dll [2170368 2014-10-29] (Microsoft Corporation) R2 WlanSvc; C:\Windows\System32\wlansvc.dll [1547264 2014-10-29] (Microsoft Corporation) S3 wlidsvc; C:\Windows\system32\wlidsvc.dll [1639424 2014-10-29] (Microsoft Corporation) S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [201728 2014-10-29] (Microsoft Corporation) R2 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1478144 2014-10-29] (Microsoft Corporation) S3 workfolderssvc; C:\Windows\system32\workfolderssvc.dll [1668096 2014-10-29] (Microsoft Corporation) S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2014-10-29] (Microsoft Corporation) S3 WPCSvc; C:\Windows\SysWOW64\wpcsvc.dll [10240 2014-10-29] (Microsoft Corporation) S3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [86528 2014-10-29] (Microsoft Corporation) R2 wscsvc; C:\Windows\System32\wscsvc.dll [146944 2014-10-29] (Microsoft Corporation) R2 WSearch; C:\Windows\system32\SearchIndexer.exe [903168 2015-04-01] (Microsoft Corporation) R2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [710144 2015-04-01] (Microsoft Corporation) S3 WSService; C:\Windows\System32\WSService.dll [3460472 2014-10-29] (Microsoft Corporation) S3 wuauserv; C:\Windows\system32\wuaueng.dll [3704320 2015-07-18] (Microsoft Corporation) R3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [104960 2014-10-29] (Microsoft Corporation) S3 WwanSvc; C:\Windows\System32\wwansvc.dll [513536 2014-10-29] (Microsoft Corporation) S2 cipexogy; C:\Users\NukNukHase\AppData\Roaming\VOPackage\nsb4552.tmpfs [X] S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} S2 Frantic Initiative; "C:\Program Files (x86)\Frantic Initiative\Frantic Initiative.exe" [X] ==================== Treiber (Alle) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 1394ohci; C:\Windows\System32\drivers\1394ohci.sys [231424 2013-08-22] (Microsoft Corporation) S0 3ware; C:\Windows\System32\drivers\3ware.sys [108896 2013-08-22] (LSI) R3 Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [43320 2013-07-23] (Hewlett-Packard) R0 ACPI; C:\Windows\System32\drivers\ACPI.sys [533824 2014-10-07] (Microsoft Corporation) R0 acpiex; C:\Windows\System32\Drivers\acpiex.sys [79712 2013-08-22] (Microsoft Corporation) S3 acpipagr; C:\Windows\System32\drivers\acpipagr.sys [10240 2013-08-22] (Microsoft Corporation) S3 AcpiPmi; C:\Windows\System32\drivers\acpipmi.sys [12288 2013-08-22] (Microsoft Corporation) S3 acpitime; C:\Windows\System32\drivers\acpitime.sys [10752 2013-08-22] (Microsoft Corporation) S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra) R1 AFD; C:\Windows\system32\drivers\afd.sys [563200 2014-05-30] (Microsoft Corporation) S0 agp440; C:\Windows\System32\drivers\agp440.sys [62304 2013-08-22] (Microsoft Corporation) R1 ahcache; C:\Windows\System32\DRIVERS\ahcache.sys [80384 2015-03-20] (Microsoft Corporation) R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17640 2013-10-24] (Advanced Micro Devices, INC.) S3 AmdK8; C:\Windows\System32\drivers\amdk8.sys [95744 2013-08-22] (Microsoft Corporation) S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [85704 2014-04-17] (Advanced Micro Devices, Inc. ) R3 amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [13943296 2014-06-06] (Advanced Micro Devices, Inc.) R3 amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [630784 2014-06-06] (Advanced Micro Devices, Inc.) R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-14] (Advanced Micro Devices, Inc.) R3 AmdPPM; C:\Windows\System32\drivers\amdppm.sys [98816 2013-08-22] (Microsoft Corporation) R0 amdpsp; C:\Windows\System32\DRIVERS\amdpsp.sys [230088 2014-04-17] (Advanced Micro Devices, Inc. ) R0 amdsata; C:\Windows\System32\drivers\amdsata.sys [79200 2013-08-22] (Advanced Micro Devices) S0 amdsbs; C:\Windows\System32\drivers\amdsbs.sys [259424 2013-08-22] (AMD Technologies Inc.) R0 amdxata; C:\Windows\System32\drivers\amdxata.sys [25952 2013-08-22] (Advanced Micro Devices) S3 AppID; C:\Windows\system32\drivers\appid.sys [82944 2014-10-29] (Microsoft Corporation) S0 arcsas; C:\Windows\System32\drivers\arcsas.sys [114016 2013-08-22] (PMC-Sierra, Inc.) S3 AsyncMac; C:\Windows\system32\DRIVERS\asyncmac.sys [26624 2013-08-22] (Microsoft Corporation) S0 atapi; C:\Windows\System32\drivers\atapi.sys [26464 2013-08-22] (Microsoft Corporation) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2014-03-12] (Advanced Micro Devices) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137288 2015-07-15] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-07-15] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-07-15] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-07-15] (Avira Operations GmbH & Co. KG) S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [531296 2013-08-22] (Broadcom Corporation) R1 BasicDisplay; C:\Windows\System32\drivers\BasicDisplay.sys [50688 2013-08-22] (Microsoft Corporation) R1 BasicRender; C:\Windows\System32\drivers\BasicRender.sys [33280 2014-03-18] (Microsoft Corporation) U5 BattC; C:\Windows\System32\Drivers\BattC.sys [35168 2013-08-22] (Microsoft Corporation) S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider) R1 Beep; C:\Windows\System32\Drivers\Beep.sys [7680 2013-08-22] (Microsoft Corporation) R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [102912 2013-08-22] (Microsoft Corporation) S3 BthAvrcpTg; C:\Windows\System32\drivers\BthAvrcpTg.sys [36992 2013-08-22] (Microsoft Corporation) R3 BthEnum; C:\Windows\System32\drivers\BthEnum.sys [53248 2014-10-29] (Microsoft Corporation) S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [57856 2015-03-09] (Microsoft Corporation) S3 bthhfhid; C:\Windows\System32\drivers\BthHFHid.sys [30720 2013-08-22] (Microsoft Corporation) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation) S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [64000 2014-03-18] (Microsoft Corporation) R3 BthPan; C:\Windows\System32\drivers\bthpan.sys [118272 2014-07-24] (Microsoft Corporation) S3 BTHPORT; C:\Windows\System32\Drivers\BTHport.sys [1201664 2015-05-11] (Microsoft Corporation) R3 BTHUSB; C:\Windows\System32\Drivers\BTHUSB.sys [81920 2014-10-29] (Microsoft Corporation) S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [88576 2013-08-22] (Microsoft Corporation) R1 cdrom; C:\Windows\System32\drivers\cdrom.sys [164352 2013-08-22] (Microsoft Corporation) S3 circlass; C:\Windows\System32\drivers\circlass.sys [44032 2013-08-22] (Microsoft Corporation) R0 CLFS; C:\Windows\System32\drivers\CLFS.sys [377152 2015-03-04] (Microsoft Corporation) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink) R3 clwvd; C:\Windows\system32\DRIVERS\clwvd.sys [41704 2014-01-28] (CyberLink Corporation) R3 CmBatt; C:\Windows\System32\drivers\CmBatt.sys [25472 2013-08-22] (Microsoft Corporation) R0 CNG; C:\Windows\System32\Drivers\cng.sys [561928 2015-03-30] (Microsoft Corporation) R3 CompositeBus; C:\Windows\System32\drivers\CompositeBus.sys [36352 2013-08-22] (Microsoft Corporation) R3 condrv; C:\Windows\System32\drivers\condrv.sys [43008 2013-08-22] (Microsoft Corporation) S1 dam; C:\Windows\System32\drivers\dam.sys [57696 2013-08-22] (Microsoft Corporation) R1 Dfsc; C:\Windows\System32\Drivers\dfsc.sys [134144 2014-07-11] (Microsoft Corporation) R0 disk; C:\Windows\System32\drivers\disk.sys [100192 2013-08-22] (Microsoft Corporation) S3 dmvsc; C:\Windows\System32\drivers\dmvsc.sys [29696 2013-08-22] (Microsoft Corporation) R3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider) R3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider) R3 dot4usb; C:\Windows\system32\DRIVERS\dot4usb.sys [49056 2012-10-19] (Microsoft Corporation) S3 drmkaud; C:\Windows\system32\drivers\drmkaud.sys [14528 2014-10-29] (Microsoft Corporation) R3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [1552704 2014-10-29] (Microsoft Corporation) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R0 EhStorClass; C:\Windows\System32\drivers\EhStorClass.sys [82784 2013-08-22] (Microsoft Corporation) S0 EhStorTcgDrv; C:\Windows\System32\drivers\EhStorTcgDrv.sys [114016 2013-08-22] (Microsoft Corporation) S3 ErrDev; C:\Windows\System32\drivers\errdev.sys [10240 2013-08-22] (Microsoft Corporation) S3 exfat; C:\Windows\System32\Drivers\exfat.sys [200704 2013-08-22] (Microsoft Corporation) R3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [217952 2013-08-22] (Microsoft Corporation) S3 fdc; C:\Windows\System32\drivers\fdc.sys [30720 2013-08-22] (Microsoft Corporation) R0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [79192 2014-03-18] (Microsoft Corporation) S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34816 2013-08-22] (Microsoft Corporation) S3 flpydisk; C:\Windows\System32\drivers\flpydisk.sys [25088 2013-08-22] (Microsoft Corporation) R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [354112 2014-08-26] (Microsoft Corporation) S3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [61248 2014-10-15] (Microsoft Corporation) U0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [30048 2013-08-22] (Microsoft Corporation) R0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [589656 2014-07-11] (Microsoft Corporation) S3 FxPPM; C:\Windows\System32\drivers\fxppm.sys [27136 2013-08-22] (Microsoft Corporation) S0 gagp30kx; C:\Windows\System32\drivers\gagp30kx.sys [65888 2013-08-22] (Microsoft Corporation) R3 GEARAspiWDM; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [33240 2012-10-03] (GEAR Software Inc.) S3 gencounter; C:\Windows\System32\drivers\vmgencounter.sys [11264 2013-08-22] (Microsoft Corporation) S3 GPIOClx0101; C:\Windows\System32\Drivers\msgpioclx.sys [146752 2014-08-15] (Microsoft Corporation) S3 HdAudAddService; C:\Windows\system32\drivers\HdAudio.sys [395776 2013-08-22] (Microsoft Corporation) R3 HDAudBus; C:\Windows\System32\drivers\HDAudBus.sys [76800 2014-07-24] (Microsoft Corporation) S3 HidBatt; C:\Windows\System32\drivers\HidBatt.sys [26624 2013-08-22] (Microsoft Corporation) S3 HidBth; C:\Windows\System32\drivers\hidbth.sys [97792 2015-01-30] (Microsoft Corporation) S3 hidi2c; C:\Windows\System32\drivers\hidi2c.sys [41472 2013-08-22] (Microsoft Corporation) S3 HidIr; C:\Windows\System32\drivers\hidir.sys [45568 2013-08-22] (Microsoft Corporation) S3 HidUsb; C:\Windows\System32\drivers\hidusb.sys [33280 2014-07-11] (Microsoft Corporation) R0 hpdskflt; C:\Windows\System32\DRIVERS\hpdskflt.sys [30520 2013-07-23] (Hewlett-Packard) S0 HpSAMD; C:\Windows\System32\drivers\HpSAMD.sys [64352 2013-08-22] (Hewlett-Packard Company) R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [991552 2015-02-24] (Microsoft Corporation) S0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [24416 2013-08-22] (Microsoft Corporation) S3 hyperkbd; C:\Windows\System32\drivers\hyperkbd.sys [13824 2013-08-22] (Microsoft Corporation) S3 HyperVideo; C:\Windows\system32\DRIVERS\HyperVideo.sys [22016 2013-08-22] (Microsoft Corporation) R3 i8042prt; C:\Windows\System32\drivers\i8042prt.sys [108544 2014-11-04] (Microsoft Corporation) S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation) S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation) S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation) S0 iaStorV; C:\Windows\System32\drivers\iaStorV.sys [412000 2013-08-22] (Intel Corporation) R3 IntcAzAudAddService; C:\Windows\system32\drivers\RTKVHD64.sys [4270424 2015-05-31] (Realtek Semiconductor Corp.) S0 intelide; C:\Windows\System32\drivers\intelide.sys [18272 2013-08-22] (Microsoft Corporation) R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39744 2014-10-13] (Microsoft Corporation) S3 intelppm; C:\Windows\System32\drivers\intelppm.sys [98816 2013-08-22] (Microsoft Corporation) S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [84992 2013-08-22] (Microsoft Corporation) S3 IPMIDRV; C:\Windows\System32\drivers\IPMIDrv.sys [79872 2014-07-24] (Microsoft Corporation) S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [142848 2014-03-18] (Microsoft Corporation) S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2013-08-22] (Microsoft Corporation) S0 isapnp; C:\Windows\System32\drivers\isapnp.sys [21856 2013-08-22] (Microsoft Corporation) S3 iScsiPrt; C:\Windows\System32\drivers\msiscsi.sys [275800 2014-07-11] (Microsoft Corporation) R3 kbdclass; C:\Windows\System32\drivers\kbdclass.sys [59712 2014-11-04] (Microsoft Corporation) S3 kbdhid; C:\Windows\System32\drivers\kbdhid.sys [32256 2014-11-04] (Microsoft Corporation) R3 kdnic; C:\Windows\system32\DRIVERS\kdnic.sys [19456 2013-08-22] (Microsoft Corporation) R0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [100672 2014-10-29] (Microsoft Corporation) R0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [178008 2015-06-28] (Microsoft Corporation) R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [21248 2013-08-22] (Microsoft Corporation) R2 lltdio; C:\Windows\system32\DRIVERS\lltdio.sys [59392 2013-08-22] (Microsoft Corporation) S0 LSI_SAS; C:\Windows\System32\drivers\lsi_sas.sys [109408 2013-08-22] (LSI Corporation) S0 LSI_SAS2; C:\Windows\System32\drivers\lsi_sas2.sys [93536 2013-08-22] (LSI Corporation) S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation) S0 LSI_SSS; C:\Windows\System32\drivers\lsi_sss.sys [82784 2013-08-22] (LSI Corporation) R2 luafv; C:\Windows\system32\drivers\luafv.sys [124416 2014-03-18] (Microsoft Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-28] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation) S0 megasas; C:\Windows\System32\drivers\megasas.sys [56672 2013-08-22] (LSI Corporation) S0 megasr; C:\Windows\System32\drivers\megasr.sys [575840 2013-08-22] (LSI Corporation, Inc.) S3 Modem; C:\Windows\System32\drivers\modem.sys [40960 2013-08-22] (Microsoft Corporation) R3 monitor; C:\Windows\System32\drivers\monitor.sys [30208 2013-08-22] (Microsoft Corporation) R3 mouclass; C:\Windows\System32\drivers\mouclass.sys [51008 2014-11-04] (Microsoft Corporation) S3 mouhid; C:\Windows\System32\drivers\mouhid.sys [30208 2014-11-04] (Microsoft Corporation) R0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [101720 2015-07-16] (Microsoft Corporation) R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [74240 2014-10-29] (Microsoft Corporation) S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [140800 2014-12-19] (Microsoft Corporation) R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [401408 2015-06-27] (Microsoft Corporation) R2 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [284672 2015-06-27] (Microsoft Corporation) R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [202240 2015-06-27] (Microsoft Corporation) S3 MsBridge; C:\Windows\system32\DRIVERS\bridge.sys [115712 2014-10-29] (Microsoft Corporation) R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [30208 2013-08-22] (Microsoft Corporation) S3 msgpiowin32; C:\Windows\System32\drivers\msgpiowin32.sys [41824 2013-08-22] (Microsoft Corporation) S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2013-08-22] (Microsoft Corporation) S3 mshidumdf; C:\Windows\System32\drivers\mshidumdf.sys [9728 2013-08-22] (Microsoft Corporation) R0 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [17248 2013-08-22] (Microsoft Corporation) S3 MSKSSRV; C:\Windows\system32\drivers\MSKSSRV.sys [10624 2013-08-22] (Microsoft Corporation) S3 MsLldp; C:\Windows\system32\DRIVERS\mslldp.sys [66560 2014-10-29] (Microsoft Corporation) S3 MSPCLOCK; C:\Windows\system32\drivers\MSPCLOCK.sys [7040 2013-08-22] (Microsoft Corporation) S3 MSPQM; C:\Windows\system32\drivers\MSPQM.sys [6784 2013-08-22] (Microsoft Corporation) S3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [366432 2013-08-22] (Microsoft Corporation) R1 mssmbios; C:\Windows\System32\drivers\mssmbios.sys [37728 2013-08-22] (Microsoft Corporation) S3 MSTEE; C:\Windows\system32\drivers\MSTEE.sys [7936 2013-08-22] (Microsoft Corporation) S3 MTConfig; C:\Windows\System32\drivers\MTConfig.sys [13312 2013-08-22] (Microsoft Corporation) R0 Mup; C:\Windows\System32\Drivers\mup.sys [78688 2013-08-22] (Microsoft Corporation) S0 mvumis; C:\Windows\System32\drivers\mvumis.sys [63840 2013-08-22] (Marvell Semiconductor, Inc.) R2 NativeWifiP; C:\Windows\system32\DRIVERS\nwifi.sys [445440 2014-10-29] (Microsoft Corporation) R0 NDIS; C:\Windows\System32\drivers\ndis.sys [1113944 2015-07-14] (Microsoft Corporation) S3 NdisCap; C:\Windows\system32\DRIVERS\ndiscap.sys [43008 2014-10-29] (Microsoft Corporation) S3 NdisImPlatform; C:\Windows\system32\DRIVERS\NdisImPlatform.sys [126464 2014-10-29] (Microsoft Corporation) S3 NdisTapi; C:\Windows\system32\DRIVERS\ndistapi.sys [24576 2014-10-29] (Microsoft Corporation) R3 Ndisuio; C:\Windows\system32\DRIVERS\ndisuio.sys [60416 2013-08-22] (Microsoft Corporation) R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation) S3 NdisWan; C:\Windows\system32\DRIVERS\ndiswan.sys [220672 2013-08-22] (Microsoft Corporation) S3 NdisWanLegacy; C:\Windows\system32\DRIVERS\ndiswan.sys [220672 2013-08-22] (Microsoft Corporation) S3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [72192 2014-10-29] (Microsoft Corporation) R2 Ndu; C:\Windows\System32\drivers\Ndu.sys [103424 2014-10-29] (Microsoft Corporation) R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [48128 2014-10-29] (Microsoft Corporation) R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [282624 2013-08-22] (Microsoft Corporation) S3 netvsc; C:\Windows\System32\drivers\netvsc63.sys [87040 2014-10-29] (Microsoft Corporation) R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [58880 2013-08-22] (Microsoft Corporation) R1 npsvctrig; C:\Windows\System32\drivers\npsvctrig.sys [23040 2013-08-22] (Microsoft Corporation) R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [39424 2014-10-29] (Microsoft Corporation) R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [2025792 2014-10-15] (Microsoft Corporation) R1 Null; C:\Windows\System32\Drivers\Null.sys [5632 2013-08-22] (Microsoft Corporation) S0 nvraid; C:\Windows\System32\drivers\nvraid.sys [150368 2013-08-22] (NVIDIA Corporation) S0 nvstor; C:\Windows\System32\drivers\nvstor.sys [168288 2013-08-22] (NVIDIA Corporation) S0 nv_agp; C:\Windows\System32\drivers\nv_agp.sys [124768 2013-08-22] (Microsoft Corporation) S3 Parport; C:\Windows\System32\drivers\parport.sys [94208 2013-08-22] (Microsoft Corporation) R0 partmgr; C:\Windows\System32\drivers\partmgr.sys [88896 2014-10-15] (Microsoft Corporation) R0 pci; C:\Windows\System32\drivers\pci.sys [280384 2014-07-24] (Microsoft Corporation) S0 pciide; C:\Windows\System32\drivers\pciide.sys [14688 2013-08-22] (Microsoft Corporation) S0 pcmcia; C:\Windows\System32\drivers\pcmcia.sys [114528 2013-08-22] (Microsoft Corporation) R0 pcw; C:\Windows\System32\drivers\pcw.sys [50016 2013-08-22] (Microsoft Corporation) R0 pdc; C:\Windows\System32\drivers\pdc.sys [86336 2014-10-13] (Microsoft Corporation) R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [663040 2014-03-18] (Microsoft Corporation) S3 PptpMiniport; C:\Windows\system32\DRIVERS\raspptp.sys [107520 2013-08-22] (Microsoft Corporation) S3 Processor; C:\Windows\System32\drivers\processr.sys [92160 2013-08-22] (Microsoft Corporation) R1 Psched; C:\Windows\system32\DRIVERS\pacer.sys [151040 2014-10-29] (Microsoft Corporation) S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [47104 2014-10-29] (Microsoft Corporation) S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [17408 2014-10-29] (Microsoft Corporation) S3 RasAgileVpn; C:\Windows\system32\DRIVERS\AgileVpn.sys [96768 2014-10-29] (Microsoft Corporation) S3 Rasl2tp; C:\Windows\system32\DRIVERS\rasl2tp.sys [120832 2013-08-22] (Microsoft Corporation) S3 RasPppoe; C:\Windows\system32\DRIVERS\raspppoe.sys [84992 2013-08-22] (Microsoft Corporation) S3 RasSstp; C:\Windows\system32\DRIVERS\rassstp.sys [93696 2014-10-29] (Microsoft Corporation) R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [408576 2014-03-18] (Microsoft Corporation) R3 rdpbus; C:\Windows\System32\drivers\rdpbus.sys [22528 2013-08-22] (Microsoft Corporation) S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [195584 2014-03-18] (Microsoft Corporation) S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [27456 2014-10-29] (Microsoft Corporation) R0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [249688 2014-03-18] (Microsoft Corporation) S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [921920 2014-10-15] (Microsoft Corporation) R3 RFCOMM; C:\Windows\System32\drivers\rfcomm.sys [167424 2015-01-30] (Microsoft Corporation) R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [291544 2014-01-04] (Realtek Semiconductor Corp.) R2 rspndr; C:\Windows\system32\DRIVERS\rspndr.sys [80384 2013-08-22] (Microsoft Corporation) R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [559832 2014-02-26] (Realtek Semiconductor Corporation) R3 RTL8168; C:\Windows\system32\DRIVERS\Rt630x64.sys [839896 2013-12-18] (Realtek ) R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3468504 2014-05-23] (Realtek Semiconductor Corporation ) S3 s3cap; C:\Windows\System32\drivers\vms3cap.sys [7168 2013-08-22] (Microsoft Corporation) S0 sbp2port; C:\Windows\System32\drivers\sbp2port.sys [107872 2013-08-22] (Microsoft Corporation) S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [40960 2014-10-29] (Microsoft Corporation) S3 sdbus; C:\Windows\System32\drivers\sdbus.sys [239424 2015-03-13] (Microsoft Corporation) S3 sdstor; C:\Windows\System32\drivers\sdstor.sys [79192 2014-03-18] (Microsoft Corporation) R2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2013-08-22] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) S3 SerCx; C:\Windows\System32\drivers\SerCx.sys [69472 2013-08-22] (Microsoft Corporation) S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-03-18] (Microsoft Corporation) S3 Serenum; C:\Windows\System32\drivers\serenum.sys [23040 2013-08-22] (Microsoft Corporation) S3 Serial; C:\Windows\System32\drivers\serial.sys [83456 2013-08-22] (Microsoft Corporation) S3 sermouse; C:\Windows\System32\drivers\sermouse.sys [26112 2014-11-04] (Microsoft Corporation) S3 sfloppy; C:\Windows\System32\drivers\sfloppy.sys [17408 2013-08-22] (Microsoft Corporation) S0 SiSRaid2; C:\Windows\System32\drivers\SiSRaid2.sys [44896 2013-08-22] (Silicon Integrated Systems Corp.) S0 SiSRaid4; C:\Windows\System32\drivers\sisraid4.sys [81760 2013-08-22] (Silicon Integrated Systems) R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [30448 2014-06-04] (Synaptics Incorporated) S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [31472 2014-06-04] (Synaptics Incorporated) R0 spaceport; C:\Windows\System32\drivers\spaceport.sys [415040 2014-10-29] (Microsoft Corporation) S3 SpbCx; C:\Windows\System32\drivers\SpbCx.sys [72032 2013-08-22] (Microsoft Corporation) R2 srv; C:\Windows\System32\DRIVERS\srv.sys [412160 2014-07-24] (Microsoft Corporation) R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [678400 2014-10-08] (Microsoft Corporation) R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [246272 2014-06-27] (Microsoft Corporation) S0 stexstor; C:\Windows\System32\drivers\stexstor.sys [31072 2013-08-22] (Promise Technology, Inc.) S0 storahci; C:\Windows\System32\drivers\storahci.sys [107872 2013-08-22] (Microsoft Corporation) S0 storflt; C:\Windows\System32\drivers\vmstorfl.sys [49944 2014-10-29] (Microsoft Corporation) S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2014-03-18] (Microsoft Corporation) S0 storvsc; C:\Windows\System32\drivers\storvsc.sys [45888 2013-08-22] (Microsoft Corporation) R3 swenum; C:\Windows\System32\drivers\swenum.sys [14144 2014-10-29] (Microsoft Corporation) R3 SynTP; C:\Windows\system32\DRIVERS\SynTP.sys [546032 2014-06-04] (Synaptics Incorporated) R0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [2476376 2015-06-11] (Microsoft Corporation) S3 TCPIP6; C:\Windows\system32\DRIVERS\tcpip.sys [2476376 2015-06-11] (Microsoft Corporation) R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [49152 2014-07-11] (Microsoft Corporation) R1 tdx; C:\Windows\system32\DRIVERS\tdx.sys [107520 2013-08-22] (Microsoft Corporation) S3 terminpt; C:\Windows\System32\drivers\terminpt.sys [37216 2014-03-18] (Microsoft Corporation) S3 TPM; C:\Windows\system32\drivers\tpm.sys [159584 2013-08-22] (Microsoft Corporation) S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [56320 2013-08-22] (Microsoft Corporation) S3 TsUsbGD; C:\Windows\System32\drivers\TsUsbGD.sys [29696 2014-10-29] (Microsoft Corporation) S3 tunnel; C:\Windows\system32\DRIVERS\tunnel.sys [154112 2013-08-22] (Microsoft Corporation) S0 uagp35; C:\Windows\System32\drivers\uagp35.sys [64864 2013-08-22] (Microsoft Corporation) S3 UASPStor; C:\Windows\System32\drivers\uaspstor.sys [74080 2013-08-22] (Microsoft Corporation) R3 UCX01000; C:\Windows\System32\drivers\ucx01000.sys [189248 2014-10-07] (Microsoft Corporation) S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [316416 2015-03-13] (Microsoft Corporation) R3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation) S0 uliagpkx; C:\Windows\System32\drivers\uliagpkx.sys [65888 2013-08-22] (Microsoft Corporation) R3 umbus; C:\Windows\System32\drivers\umbus.sys [46080 2013-08-22] (Microsoft Corporation) R3 UmPass; C:\Windows\System32\drivers\umpass.sys [11776 2013-08-22] (Microsoft Corporation) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Apple, Inc.) R3 usbccgp; C:\Windows\System32\drivers\usbccgp.sys [143680 2014-07-24] (Microsoft Corporation) S3 usbcir; C:\Windows\System32\drivers\usbcir.sys [98304 2014-10-29] (Microsoft Corporation) R3 usbehci; C:\Windows\System32\drivers\usbehci.sys [89944 2014-05-31] (Microsoft Corporation) R3 usbhub; C:\Windows\System32\drivers\usbhub.sys [419648 2014-07-24] (Microsoft Corporation) R3 USBHUB3; C:\Windows\System32\drivers\UsbHub3.sys [467776 2015-03-17] (Microsoft Corporation) S3 usbohci; C:\Windows\System32\drivers\usbohci.sys [30208 2013-08-22] (Microsoft Corporation) R3 usbprint; C:\Windows\System32\drivers\usbprint.sys [26112 2013-08-22] (Microsoft Corporation) R3 usbscan; C:\Windows\system32\DRIVERS\usbscan.sys [44544 2014-10-29] (Microsoft Corporation) S3 USBSTOR; C:\Windows\System32\drivers\USBSTOR.SYS [148800 2014-08-31] (Microsoft Corporation) S3 usbuhci; C:\Windows\System32\drivers\usbuhci.sys [37376 2014-05-31] (Microsoft Corporation) R3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [212736 2014-06-21] (Microsoft Corporation) R3 USBXHCI; C:\Windows\System32\drivers\USBXHCI.SYS [325464 2015-04-16] (Microsoft Corporation) R0 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [37728 2013-08-22] (Microsoft Corporation) S3 VerifierExt; C:\Windows\System32\drivers\VerifierExt.sys [175960 2014-03-18] (Microsoft Corporation) S3 vhdmp; C:\Windows\System32\drivers\vhdmp.sys [551232 2014-10-15] (Microsoft Corporation) S0 viaide; C:\Windows\System32\drivers\viaide.sys [19808 2013-08-22] (VIA Technologies, Inc.) S0 vmbus; C:\Windows\System32\drivers\vmbus.sys [97048 2014-10-29] (Microsoft Corporation) S3 VMBusHID; C:\Windows\System32\drivers\VMBusHID.sys [21760 2013-08-22] (Microsoft Corporation) R0 volmgr; C:\Windows\System32\drivers\volmgr.sys [73568 2013-08-22] (Microsoft Corporation) R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [377696 2013-08-22] (Microsoft Corporation) R0 volsnap; C:\Windows\System32\drivers\volsnap.sys [310080 2014-06-19] (Microsoft Corporation) S3 vpci; C:\Windows\System32\drivers\vpci.sys [69952 2014-10-07] (Microsoft Corporation) S0 vsmraid; C:\Windows\System32\drivers\vsmraid.sys [168800 2013-08-22] (VIA Technologies Inc.,Ltd) S0 VSTXRAID; C:\Windows\System32\drivers\vstxraid.sys [305504 2013-08-22] (VIA Corporation) R3 vwifibus; C:\Windows\System32\drivers\vwifibus.sys [24576 2013-08-22] (Microsoft Corporation) R1 vwififlt; C:\Windows\system32\DRIVERS\vwififlt.sys [71680 2014-10-13] (Microsoft Corporation) R3 vwifimp; C:\Windows\system32\DRIVERS\vwifimp.sys [38912 2014-10-13] (Microsoft Corporation) S3 WacomPen; C:\Windows\System32\drivers\wacompen.sys [26752 2013-08-22] (Microsoft Corporation) S3 Wanarp; C:\Windows\system32\DRIVERS\wanarp.sys [80896 2014-10-29] (Microsoft Corporation) R1 Wanarpv6; C:\Windows\system32\DRIVERS\wanarp.sys [80896 2014-10-29] (Microsoft Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) R0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [839488 2013-08-22] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) R0 WFPLWFS; C:\Windows\System32\DRIVERS\wfplwfs.sys [136512 2014-10-29] (Microsoft Corporation) S3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [33600 2014-10-29] (Microsoft Corporation) S3 WinUsb; C:\Windows\System32\drivers\WinUsb.sys [78848 2013-08-22] (Microsoft Corporation) R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.) R3 WmiAcpi; C:\Windows\System32\drivers\wmiacpi.sys [16384 2013-08-22] (Microsoft Corporation) R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-07-11] (Microsoft Corporation) S3 wpcfltr; C:\Windows\System32\DRIVERS\wpcfltr.sys [54784 2014-10-29] (Microsoft Corporation) S3 WpdUpFltr; C:\Windows\System32\drivers\WpdUpFltr.sys [26976 2013-08-22] (Microsoft Corporation) S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2013-08-22] (Microsoft Corporation) R3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [113664 2014-10-29] (Microsoft Corporation) S3 WUDFRd; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation) S3 WUDFWpdFs; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation) S3 WUDFWpdMtp; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation) S3 GENERICDRV; \??\C:\Users\ADMINI~1\AppData\Local\Temp\pft5976.tmp\amifldrv64.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-28 21:27 - 2015-08-28 21:28 - 00077531 _____ C:\Users\NukNukHase\Downloads\FRST.txt 2015-08-28 21:21 - 2015-08-28 21:21 - 01605632 _____ C:\Users\NukNukHase\Downloads\adwcleaner_5.003.exe 2015-08-28 21:13 - 2015-08-28 21:28 - 00000000 ____D C:\FRST 2015-08-28 21:10 - 2015-08-28 21:11 - 02186752 _____ (Farbar) C:\Users\NukNukHase\Downloads\FRST64.exe 2015-08-28 20:39 - 2015-08-28 20:39 - 00001500 _____ C:\Users\NukNukHase\Desktop\JRT.txt 2015-08-28 20:35 - 2015-08-28 20:35 - 01798576 _____ (Malwarebytes Corporation) C:\Users\NukNukHase\Downloads\JRT.exe 2015-08-28 20:35 - 2015-08-28 03:24 - 01798640 _____ (Malwarebytes Corporation) C:\Users\NukNukHase\Desktop\JRT.exe 2015-08-28 18:32 - 2015-08-28 21:25 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-08-28 18:32 - 2015-08-28 18:32 - 00001081 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-08-28 18:32 - 2015-08-28 18:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-08-28 18:32 - 2015-08-28 18:32 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-08-28 18:32 - 2015-08-28 18:32 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-08-28 18:32 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-08-28 18:32 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-08-28 18:32 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-08-28 18:31 - 2015-08-28 18:31 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\NukNukHase\Downloads\mbam-setup-2.1.8.1057.exe 2015-08-28 17:57 - 2015-08-28 17:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-08-28 17:46 - 2015-08-28 17:46 - 00022174 _____ C:\Windows\System32\Tasks\DNSKINGSTON 2015-08-19 16:16 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-08-19 16:16 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-08-11 21:30 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2015-08-11 21:30 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-08-11 20:31 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-08-11 20:31 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-08-11 20:31 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-08-11 20:31 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-08-11 20:31 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-08-11 20:31 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2015-08-11 20:31 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-08-11 20:31 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-08-11 20:31 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-08-11 20:31 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-08-11 20:31 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-08-11 20:31 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-08-11 20:30 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-08-11 20:30 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-08-11 20:30 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-08-11 20:30 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-08-11 20:30 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-08-11 20:30 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-08-11 20:30 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2015-08-11 20:30 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-08-11 20:30 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-08-11 20:30 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-08-11 20:30 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2015-08-11 20:30 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-08-11 20:30 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-08-11 20:30 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-08-11 20:30 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-08-11 20:30 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-08-11 20:30 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-08-11 20:30 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2015-08-11 20:30 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2015-08-11 20:30 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-08-11 20:30 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-08-11 20:30 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-08-11 20:30 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-08-11 20:30 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-08-11 20:30 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll 2015-08-11 20:30 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-08-11 20:30 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-08-11 20:30 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-08-11 20:30 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-08-11 20:30 - 2015-06-09 20:27 - 00411133 _____ C:\Windows\system32\ApnDatabase.xml 2015-08-11 20:29 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2015-08-11 20:29 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-08-11 20:29 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-08-11 20:29 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-08-11 20:29 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-08-11 20:29 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-08-11 20:29 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-08-11 20:29 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-08-11 20:29 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-08-11 20:29 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2015-08-11 20:29 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-08-11 20:29 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2015-08-11 20:29 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll 2015-08-11 20:29 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll 2015-08-11 20:29 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2015-08-11 20:29 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2015-08-11 20:29 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-08-11 20:29 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll 2015-08-11 20:29 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll 2015-08-11 20:29 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll 2015-08-11 20:29 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2015-08-11 20:29 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll 2015-08-11 20:29 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2015-08-11 20:29 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2015-08-11 20:29 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2015-08-11 20:29 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe 2015-08-11 20:29 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\notepad.exe 2015-08-11 20:29 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe 2015-08-11 20:29 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys 2015-08-11 20:29 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys 2015-08-11 20:29 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys 2015-08-11 20:29 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2015-08-11 20:29 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2015-08-11 20:29 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll 2015-08-11 20:29 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll 2015-08-11 20:29 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll 2015-08-11 20:29 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2015-08-11 20:29 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2015-08-11 20:29 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2015-08-11 20:29 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll 2015-08-11 20:28 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-08-11 20:28 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-08-11 20:28 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2015-08-11 20:28 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-08-11 20:28 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-08-11 20:28 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-08-11 20:28 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2015-08-11 20:28 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2015-08-06 18:41 - 2015-08-09 20:19 - 00000000 ____D C:\Program Files (x86)\SegmentAssister 2015-07-31 18:31 - 2015-07-31 18:34 - 00000000 ____D C:\ProgramData\Oracle 2015-07-31 18:31 - 2015-07-31 18:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-07-31 18:31 - 2015-07-31 18:34 - 00000000 ____D C:\Program Files (x86)\Java 2015-07-31 18:31 - 2015-07-31 18:33 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-07-31 18:31 - 2015-07-31 18:31 - 00000000 ____D C:\ProgramData\Sun ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-28 21:25 - 2015-02-20 23:32 - 00000000 ____D C:\Users\NukNukHase\AppData\Roaming\ClassicShell 2015-08-28 21:22 - 2015-07-12 20:36 - 00000000 ____D C:\AdwCleaner 2015-08-28 21:18 - 2015-02-13 16:12 - 00000000 ____D C:\Users\NukNukHase 2015-08-28 21:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru 2015-08-28 20:52 - 2015-02-13 16:02 - 01995946 _____ C:\Windows\WindowsUpdate.log 2015-08-28 20:36 - 2014-10-13 13:14 - 01814621 _____ C:\Windows\SysWOW64\rootpa.e2e 2015-08-28 20:32 - 2015-02-13 16:15 - 00000000 ____D C:\Users\NukNukHase\Documents\Youcam 2015-08-28 20:30 - 2013-08-22 16:46 - 00037359 _____ C:\Windows\setupact.log 2015-08-28 20:30 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-08-28 20:29 - 2015-07-22 22:05 - 00000000 ____D C:\Program Files (x86)\Successful Frame 2015-08-28 20:29 - 2015-07-09 22:54 - 00000000 ____D C:\Program Files (x86)\Precious Forever 2015-08-28 20:29 - 2014-10-13 13:01 - 00065536 _____ C:\Windows\system32\spu_storage.bin 2015-08-28 20:29 - 2014-03-18 11:44 - 00246092 _____ C:\Windows\PFRO.log 2015-08-28 20:29 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\Speech 2015-08-28 20:29 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2015-08-28 19:54 - 2015-07-25 19:54 - 00003194 _____ C:\Windows\System32\Tasks\HPCeeScheduleForNukNukHase 2015-08-28 19:54 - 2015-07-25 19:54 - 00000370 _____ C:\Windows\Tasks\HPCeeScheduleForNukNukHase.job 2015-08-28 19:04 - 2015-02-13 16:18 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-825403379-3483643477-1751255415-1002 2015-08-28 18:24 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache 2015-08-28 18:17 - 2015-02-21 00:55 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-08-28 17:57 - 2015-07-28 22:23 - 00001935 _____ C:\Users\Public\Desktop\Avira Antivirus.lnk 2015-08-24 23:30 - 2015-02-20 22:39 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log 2015-08-19 16:19 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp 2015-08-18 21:03 - 2014-07-11 16:39 - 00800954 _____ C:\Windows\system32\perfh007.dat 2015-08-18 21:03 - 2014-07-11 16:39 - 00174458 _____ C:\Windows\system32\perfc007.dat 2015-08-18 21:03 - 2014-03-18 11:53 - 01921090 _____ C:\Windows\system32\PerfStringBackup.INI 2015-08-11 21:09 - 2013-08-22 16:44 - 00426256 _____ C:\Windows\system32\FNTCACHE.DAT 2015-08-11 21:05 - 2015-05-21 23:22 - 00000000 ____D C:\Windows\system32\appraiser 2015-08-11 21:05 - 2015-05-21 23:21 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-08-11 21:05 - 2015-02-21 00:16 - 00000000 ____D C:\Windows\system32\MRT 2015-08-11 21:05 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-08-11 21:05 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-08-11 21:05 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-08-11 21:05 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-08-11 21:05 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender 2015-08-11 21:05 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2015-08-11 21:01 - 2015-02-21 00:16 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-08-09 18:17 - 2015-05-17 15:17 - 00000000 ____D C:\Eigene Dateien 2015-08-08 15:55 - 2015-05-22 19:43 - 00794088 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-08-08 15:55 - 2015-05-22 19:43 - 00179688 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-08-07 00:04 - 2014-04-03 01:51 - 00000000 ____D C:\Windows\Panther 2015-08-06 23:31 - 2015-07-10 19:28 - 00000000 ___HD C:\$Windows.~BT 2015-08-06 21:33 - 2015-02-21 00:04 - 00000000 ____D C:\Users\NukNukHase\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2015-08-06 19:52 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness 2015-08-03 21:17 - 2014-07-11 07:46 - 00000000 ____D C:\ProgramData\Package Cache ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-02-21 00:16 - 2015-07-01 20:16 - 0000167 _____ () C:\Users\NukNukHase\AppData\Roaming\WB.CFG 2015-04-14 23:37 - 2015-04-14 23:37 - 0274045 _____ () C:\Users\NukNukHase\AppData\Local\dsi1.dat 2015-04-14 23:37 - 2015-04-14 23:37 - 0161916 _____ () C:\Users\NukNukHase\AppData\Local\dsi2.dat 2015-06-07 16:24 - 2015-06-07 16:24 - 0000000 _____ () C:\Users\NukNukHase\AppData\Local\Temp.dat 2015-07-16 12:30 - 2015-07-16 12:50 - 0001260 _____ () C:\ProgramData\hpzinstall.log Einige Dateien in TEMP: ==================== C:\Users\NukNukHase\AppData\Local\Temp\37CDA313-96F8-424B-27C3-A5A61CF956C5.dll C:\Users\NukNukHase\AppData\Local\Temp\avgnt.exe C:\Users\NukNukHase\AppData\Local\Temp\Extract.exe C:\Users\NukNukHase\AppData\Local\Temp\FoxitUpdater.exe C:\Users\NukNukHase\AppData\Local\Temp\Hibiki.dll C:\Users\NukNukHase\AppData\Local\Temp\mccspuninstall.exe C:\Users\NukNukHase\AppData\Local\Temp\ose00000.exe C:\Users\NukNukHase\AppData\Local\Temp\Quarantine.exe C:\Users\NukNukHase\AppData\Local\Temp\SP69738.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-08-19 03:16 ==================== Ende von FRST.txt ============================ |
01.09.2015, 20:07 | #8 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Frantic Steal/ Inintiative Logs von adwCleaner, JRT und Avira fehlen
__________________ Logfiles bitte immer in CODE-Tags posten |
03.09.2015, 20:24 | #9 |
| Zusätzliche Logs Logs von JRT und ADW. Avira habe ich leider nicht. Code:
ATTFilter # AdwCleaner v5.003 - Bericht erstellt 01/09/2015 um 19:22:06 # Aktualisiert 20/08/2015 von Xplode # Datenbank : 2015-08-31.2 [Server] # Betriebssystem : Windows 8.1 (x64) # Benutzername : NukNukHase - TINAPEER # Gestarted von : C:\AdwCleaner\adwcleaner_5.003.exe # Option : Suchlauf ***** [ Dienste ] ***** ***** [ Ordner ] ***** ***** [ Dateien ] ***** ***** [ Verknüpfungen ] ***** ***** [ Geplante Tasks ] ***** Task Gefunden : DNSKINGSTON ***** [ Registrierungsdatenbank ] ***** Schlüssel Gefunden : HKLM\SOFTWARE\5da059a482fd494db3f252126fbc3d5b ***** [ Internetbrowser ] ***** ########## EOF - C:\AdwCleaner\AdwCleaner[S10].txt - [629 Bytes] ########## Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 7.6.0 (08.31.2015:1) OS: Windows 8.1 x64 Ran by NukNukHase on 01.09.2015 at 20:27:48,67 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Tasks ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{DF74B544-A92E-4414-9C2A-BFFE58538D60} ~~~ Files ~~~ Folders ~~~ Chrome [C:\Users\NukNukHase\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset [C:\Users\NukNukHase\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted: [C:\Users\NukNukHase\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset [C:\Users\NukNukHase\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted: [] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 01.09.2015 at 20:34:33,87 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
03.09.2015, 21:22 | #10 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Frantic Steal/ Inintiative adwCleaner neu runterladen und nochmal ausführen. Anleitung richtig lesen und umsetzen
__________________ Logfiles bitte immer in CODE-Tags posten |
Themen zu Frantic Steal/ Inintiative |
avira, dateien, erkenne, erkennen, frantic; adware, gefunde, hinweise, immer wieder, initiative, installier, installierte, namens, ordner, problematisch, probleme, programm, schütze, steal, steal; pup, tagen, viren, web, Ähnliche |