| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: redirect Virus Windows 7Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
31.08.2015, 14:18
| #1 |
 |  redirect Virus Windows 7 hi, bei mir öffnet sich immer wieder eine neu Seite von redirect. Parallel dazu öffnet sich die Seite Seitensprungarea. habe bereits das erste mal FRST drüber laufen lassen. Hier die Logfiles Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:30-08-2015
durchgeführt von Filep (Administrator) auf FILEP-PC (31-08-2015 14:10:33)
Gestartet von C:\Users\Filep\Downloads
Geladene Profile: Filep (Verfügbare Profile: Filep & Gast)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Logitech, Inc.) C:\Program Files\Common Files\logishrd\Bluetooth\LBTServ.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\nis.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\NF.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\NF.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\nis.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeChat\LifeChat.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler64.exe
(Apple Inc.) F:\Programme\Program Files (x86)\iTunesHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Logitech Inc.) C:\Program Files\Logitech\SetPoint\LBTWiz.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\Filep\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Filep\AppData\Roaming\Spotify\Spotify.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Akamai Technologies, Inc.) C:\Users\Filep\AppData\Local\Akamai\netsession_win.exe
(GoPro) C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\Filep\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Akamai Technologies, Inc.) C:\Users\Filep\AppData\Local\Akamai\netsession_win.exe
() C:\Program Files (x86)\Word Explorer\Launch.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Dropbox, Inc.) C:\Users\Filep\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\netzmanager.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Spotify Ltd) C:\Users\Filep\AppData\Roaming\Spotify\Spotify.exe
(BitLeader) C:\Program Files (x86)\lg_fwupdate\fwupdate.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Bandoo Media, inc) C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe
() C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(MovieDea) C:\Program Files (x86)\MovieDea\MovieDea.exe
(Logitech, Inc.) C:\Program Files\Common Files\logishrd\KHAL2\KHALMNPR.exe
(Spotify Ltd) C:\Users\Filep\AppData\Roaming\Spotify\Spotify.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\nacl64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\conathst.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\nacl64.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmprph.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\coNatHstNF.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [LifeChat] => C:\Program Files\Microsoft LifeChat\LifeChat.exe [371712 2009-09-24] (Microsoft Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [104008 2010-11-16] (Logitech Inc.)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => F:\Programme\Program Files (x86)\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [Bluetooth Connection Assistant] => LBTWIZ.EXE -silent
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [UCam_Menu] => "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\1.0"
HKLM-x32\...\Run: [TotalMediaTVMonitor] => "C:\Program Files (x86)\ArcSoft\TotalMedia TV 1.0\TotalMediaTVMonitor.exe"
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [SSDMonitor] => C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [103896 2011-10-25] (PC Tools)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [LGODDFU] => C:\Program Files (x86)\lg_fwupdate\lgfw.exe [27760 2012-07-23] (Bitleader)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [36864 2009-10-19] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2472048 2010-08-11] (VIA)
HKLM-x32\...\Run: [DATAMNGR] => C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe [1546640 2011-06-01] (Bandoo Media, inc)
HKLM-x32\...\Run: [CLMLServer] => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2012-02-23] (Apple Inc.)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [GoPro Studio Importer] => C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe [3217672 2015-07-02] (GoPro)
HKLM-x32\...\Run: [MovieDea] => C:\Program Files (x86)\MovieDea\MovieDea.exe [3184640 2015-06-03] (MovieDea)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] C:\$Recycle.Bin\S-1-5-18\$6c5270fbd1f095797ae707850c85a183\n.ACHTUNG! ====> ZeroAccess?
HKLM\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [GoogleChromeAutoLaunch_D9414D4DFAD2C873EED3A19B298D3FAC] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-08-18] (Google Inc.)
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [Steam] => "C:\Program Files (x86)\Steam\steam.exe" -silent
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [Spotify Web Helper] => C:\Users\Filep\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-08-24] (Spotify Ltd)
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [Spotify] => C:\Users\Filep\AppData\Roaming\Spotify\Spotify.exe [7389752 2015-08-24] (Spotify Ltd)
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-07-24] (Sony)
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [Skype] => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [msnmsgr] => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [MobileDocuments] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2010-04-22] (Hewlett-Packard Company)
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [com.apple.dav.bookmarks.daemon] => C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Filep\AppData\Local\Akamai\netsession_win.exe [4691384 2015-07-23] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Run: [Dropbox Update] => C:\Users\Filep\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-26] (Dropbox, Inc.)
HKU\S-1-5-18\...\Run: [Norton Download Manager{NIS211018-SHPD-FSD40014}] => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe /m
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filep\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
Startup: C:\Users\Filep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-06-25]
ShortcutTarget: Dropbox.lnk -> C:\Users\Filep\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Filep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk [2015-06-25]
ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)
Startup: C:\Users\Filep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2015-06-25]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
ProxyEnable: [.DEFAULT] => Proxy ist aktiviert.
ProxyServer: [.DEFAULT] => http=127.0.0.1:49827;https=127.0.0.1:49827
Winsock: Catalog5 01 mswsock.dll Keine Datei ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll Keine Datei ACHTUNG: LibraryPath sollte sein "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5-x64 01 mswsock.dll Keine Datei ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 05 mswsock.dll Keine Datei ACHTUNG: LibraryPath sollte sein "%SystemRoot%\System32\mswsock.dll"
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{C2EBE2D5-7A37-4D2E-883C-3C7C966033DA}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{DAB167F1-50C2-4BC8-A4BD-8510C13A125F}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Internet Explorer:
==================
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1403267426&from=slbnew&uid=C300-CTFDDAC128MAG_00000000105103012EA7&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1403267426&from=slbnew&uid=C300-CTFDDAC128MAG_00000000105103012EA7&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1403267426&from=slbnew&uid=C300-CTFDDAC128MAG_00000000105103012EA7&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1403267426&from=slbnew&uid=C300-CTFDDAC128MAG_00000000105103012EA7&q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=21.7.0.11
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=21.7.0.11
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=21.7.0.11
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb72CvkIkeB4xTHE_NSNl4Bdfv_cPMZsFHLQoT8k6dCF2aXg-RItrRmpukGGzcd9oCMZ0TCMJf-8ZHOow0LM-fa_rBNcDH7q4uozLVzBSHe5Y7FaltbIssw4jvpCo56TAlz5nmABleI0pCRF0oWCT1srnx5cZ8AlA,,&q={searchTerms}
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb72CvkIkeB4xTHE_NSNl4Bdfv_cPMZsFHLQoT8k6dCF2aXg-RItrRmpukGGzcd9oCMZ0TCMJf-8ZHOow0LM-fa_rBNcDH7q4uozLVzBSHe5Y7FaltbIssw4jvpCo56TAlz5nmABleI0pCRF0oWCT1srnx5cZ8AlA,,&q={searchTerms}
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\Software\Microsoft\Internet Explorer\Main,Start Page Restore = hxxp://www.google.de/
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=21.7.0.11
URLSearchHook: HKLM-x32 - (Kein Name) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - Keine Datei
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=102&systemid=406&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb72CvkIkeB4xTHE_NSNl4Bdfv_cPMZsFHLQoT8k6dCF2aXg-RItrRmpukGGzcd9oCMZ0TCMJf-8ZHOow0LM-fa_rBNcDH7q4uozLVzBSHe5Y7FaltbIssw4jvpCo56TAlz5nmABleI0pCREBBb6WUQI4c2pBNDMA,,&q={searchTerms}
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb72CvkIkeB4xTHE_NSNl4Bdfv_cPMZsFHLQoT8k6dCF2aXg-RItrRmpukGGzcd9oCMZ0TCMJf-8ZHOow0LM-fa_rBNcDH7q4uozLVzBSHe5Y7FaltbIssw4jvpCo56TAlz5nmABleI0pCREBBb6WUQI4c2pBNDMA,,&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope 006ee092-9658-4fd6-bd8e-a21a348e59f5 URL =
SearchScopes: HKU\S-1-5-21-1820486185-2003612580-2916385394-1000 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb72CvkIkeB4xTHE_NSNl4Bdfv_cPMZsFHLQoT8k6dCF2aXg-RItrRmpukGGzcd9oCMZ0TCMJf-8ZHOow0LM-fa_rBNcDH7q4uozLVzBSHe5Y7FaltbIssw4jvpCo56TAlz5nmABleI0pCRF0oWCT1srnx5cZ8AlA,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1820486185-2003612580-2916385394-1000 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb72CvkIkeB4xTHE_NSNl4Bdfv_cPMZsFHLQoT8k6dCF2aXg-RItrRmpukGGzcd9oCMZ0TCMJf-8ZHOow0LM-fa_rBNcDH7q4uozLVzBSHe5Y7FaltbIssw4jvpCo56TAlz5nmABleI0pCRF0oWCT1srnx5cZ8AlA,,&q={searchTerms}
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
BHO: UrlHelper Class -> {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} -> C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\IEBHO.dll [2011-06-01] (Bandoo Media, inc)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO: Norton Family BHO -> {B8E07826-0971-4f16-B133-047B88034E89} -> C:\Program Files (x86)\Norton Family\Engine64\3.4.0.43\coIEPlg.dll [2015-08-12] (Symantec Corporation)
BHO: Toolbar 3.0 der Telekom Browserhilfsobjekt -> {C9603180-FA5C-4DB0-A013-ADC60309AF82} -> C:\Program Files\Deutsche Telekom\Toolbar3\ToToolbar.dll Keine Datei
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2015-07-13] (DVDVideoSoft Ltd.)
BHO-x32: Kein Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> Keine Datei
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: IEPlugin.BHO -> {2159cb25-ef9a-54c1-b43c-e30d1a4a8278} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-05] (Microsoft Corporation)
BHO-x32: Babylon toolbar helper -> {2EECD738-5844-4a99-B4B6-146BF802613B} -> C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll Keine Datei
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL Keine Datei
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll Keine Datei
BHO-x32: Searchqu Toolbar -> {99079a25-328f-4bd4-be04-00955acaa0a7} -> C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll [2015-07-22] ()
BHO-x32: UrlHelper Class -> {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} -> C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\IEBHO.dll [2011-06-01] (Bandoo Media, inc)
BHO-x32: DealPly -> {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} -> C:\Program Files (x86)\DealPly\DealPlyIE.dll Keine Datei
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Norton Family BHO -> {B8E07826-0971-4f16-B133-047B88034E89} -> C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\coIEPlg.dll [2015-08-12] (Symantec Corporation)
BHO-x32: Toolbar 3.0 der Telekom Browserhilfsobjekt -> {C9603180-FA5C-4DB0-A013-ADC60309AF82} -> C:\Program Files (x86)\Deutsche Telekom\Toolbar3\ToToolbar.dll Keine Datei
BHO-x32: Kein Name -> {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} -> Keine Datei
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll Keine Datei
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2015-07-13] (DVDVideoSoft Ltd.)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
Toolbar: HKLM - Toolbar 3.0 der Telekom - {2015C8D4-8534-48DB-B5FB-5C76291F080C} - C:\Program Files\Deutsche Telekom\Toolbar3\ToToolbar.dll Keine Datei
Toolbar: HKLM - Kein Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - Keine Datei
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
Toolbar: HKLM-x32 - Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll [2015-07-22] ()
Toolbar: HKLM-x32 - Toolbar 3.0 der Telekom - {2015C8D4-8534-48DB-B5FB-5C76291F080C} - C:\Program Files (x86)\Deutsche Telekom\Toolbar3\ToToolbar.dll Keine Datei
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
Toolbar: HKLM-x32 - Kein Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - Keine Datei
Toolbar: HKU\S-1-5-21-1820486185-2003612580-2916385394-1000 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei
Toolbar: HKU\S-1-5-21-1820486185-2003612580-2916385394-1000 -> Kein Name - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - Keine Datei
Toolbar: HKU\S-1-5-21-1820486185-2003612580-2916385394-1000 -> Toolbar 3.0 der Telekom - {2015C8D4-8534-48DB-B5FB-5C76291F080C} - C:\Program Files\Deutsche Telekom\Toolbar3\ToToolbar.dll Keine Datei
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {82E5DF24-51E8-47CD-864A-F4BD5005AA73} hxxps://www.icloud.com/system/iCloud.cab
DPF: HKLM-x32 {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://javadl-esd.sun.com/update/1.4.2/jinstall-1_4_2-windows-i586.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1403267426&from=slbnew&uid=C300-CTFDDAC128MAG_00000000105103012EA7
FireFox:
========
FF ProfilePath: C:\Users\Filep\AppData\Roaming\Mozilla\Firefox\Profiles\xv6aaryn.default
FF Homepage: about:home
FF NetworkProxy: "ftp", "proxyus.stealthy.co"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "http", "proxyus.stealthy.co"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "proxyus.stealthy.co"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "proxyus.stealthy.co"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll [2012-08-08] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [Keine Datei]
FF Plugin-x32: @innoplus.de/ino3DViewer -> C:\Program Files (x86)\innoplus\3D-Viewer-innoPlus\npIno3DViewer.dll [Keine Datei]
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [Keine Datei]
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll [2012-03-29] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2011-01-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2011-01-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: Adobe Reader -> F:\Programme\Program Files (x86)\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1820486185-2003612580-2916385394-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Filep\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll Keine Datei
FF Plugin HKU\S-1-5-21-1820486185-2003612580-2916385394-1000: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2013-08-22] (Sony Network Entertainment International LLC)
FF SearchPlugin: C:\Users\Filep\AppData\Roaming\Mozilla\Firefox\Profiles\xv6aaryn.default\searchplugins\safesearch.xml [2015-02-22]
FF Extension: Stealthy - C:\Users\Filep\AppData\Roaming\Mozilla\Firefox\Profiles\xv6aaryn.default\Extensions\stealthyextension@gmail.com.xpi [2015-02-21]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Filep\AppData\Roaming\Mozilla\Firefox\Profiles\xv6aaryn.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-07-28]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2015-03-04]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.0.124\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.0.124\coFFPlgn [2015-08-31]
FF HKLM-x32\...\Firefox\Extensions: [{6D5C8FC4-DE46-41bf-9092-93F0F78E9115}] - C:\ProgramData\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_3.4.0.43\coFFFw
FF Extension: Norton Family - C:\ProgramData\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_3.4.0.43\coFFFw [2015-08-31]
FF HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: Kein Name - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn [nicht gefunden]
StartMenuInternet: FIREFOX.EXE - F:\Programme\Program Files (x86)\firefox.exe
Chrome:
=======
CHR Profile: C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-02-21]
CHR Extension: (Norton Security Toolbar) - C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2015-07-12]
CHR Extension: (Stealthy) - C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieaebnkibonmpbhdaanjkmedikadnoje [2015-06-13]
CHR Extension: (eBay for Chrome) - C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default\Extensions\khhckppjhonfmcpegdjdibmngahahhck [2015-06-13]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-30]
CHR Extension: (Audio EQ) - C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfafdlnjaliaghpjdajmlcnnblkgcefh [2015-06-13]
CHR Extension: (Norton™ Family) - C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default\Extensions\napjheenlliimoedooldaalpjfidlidp [2015-08-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Filep\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-20]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\Exts\Chrome.crx [2015-07-26]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [napjheenlliimoedooldaalpjfidlidp] - C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\Extensions\Chrome.crx [2015-08-29]
CHR HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files (x86)\DealPly\DealPly.crx <nicht gefunden>
CHR HKU\S-1-5-21-1820486185-2003612580-2916385394-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam] - C:\Program Files (x86)\Amazon\ABB\AmazonChrome-bds-amzn.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\Exts\Chrome.crx [2015-07-26]
CHR HKLM-x32\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files (x86)\DealPly\DealPly.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [napjheenlliimoedooldaalpjfidlidp] - C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\Extensions\Chrome.crx [2015-08-29]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [Datei ist nicht signiert]
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [129440 2011-01-13] (Futuremark Corporation)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-20] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-04-22] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 mitsijm2014; C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [952608 2013-01-25] (Autodesk, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [Datei ist nicht signiert]
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\NIS.exe [282016 2015-07-16] (Symantec Corporation)
R2 NSM; C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\NF.exe [364416 2015-08-21] (Symantec Corporation)
R2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [793048 2011-10-25] (PC Tools)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert]
S2 TampMon; C:\Program Files (x86)\Norton Family\Engine\3.4.0.43\TampMon.exe [314680 2015-08-21] (Symantec Corporation)
S2 CLKMSVC10_9EC60124; "C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe" /svc [X]
S2 SkypeUpdate; "C:\Program Files (x86)\Skype\Updater\Updater.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-04-22] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\BASHDefs\20150821.001\BHDrvx64.sys [1650936 2015-07-23] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1605020.00F\ccSetx64.sys [173808 2015-07-11] (Symantec Corporation)
R1 ccSet_NSM; C:\Windows\system32\drivers\NSMx64\0304000.02B\ccSetx64.sys [165080 2015-06-04] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-07-28] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153936 2015-07-28] (Symantec Corporation)
S3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-22] (AVM GmbH)
S3 Huawei; C:\Windows\System32\DRIVERS\ewdcsc.sys [29696 2007-08-09] (Huawei Tech. Co., Ltd.)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\IPSDefs\20150828.001\IDSvia64.sys [767224 2015-08-29] (Symantec Corporation)
S3 mod7700; C:\Windows\System32\DRIVERS\mod7700.sys [691712 2008-04-14] (DiBcom SA)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\VirusDefs\20150830.020\ENG64.SYS [138488 2015-05-20] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\VirusDefs\20150830.020\EX64.SYS [2146040 2015-05-20] (Symantec Corporation)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [22528 2011-08-02] (Apple Inc.) [Datei ist nicht signiert]
S3 NvStUSB; C:\Windows\System32\DRIVERS\nvstusb.sys [63592 2010-06-07] ()
S3 PVUSB; C:\Windows\System32\DRIVERS\CESG64.sys [63808 2007-02-19] (CASIO COMPUTER CO.,LTD.)
R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1605020.00F\SRTSP64.SYS [926448 2015-07-11] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1605020.00F\SRTSPX64.SYS [50936 2015-07-11] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NISx64\1605020.00F\SYMEFASI64.SYS [1620720 2015-07-11] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-08-29] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1605020.00F\Ironx64.SYS [297720 2015-07-11] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1605020.00F\SYMNETS.SYS [576248 2015-07-11] (Symantec Corporation)
S3 SYMRDR_{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}; C:\Windows\System32\Drivers\NSMx64\0304000.02B\SymRdrS.SYS [243416 2015-08-19] (Symantec Corporation)
R3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X]
S3 EraserUtilDrv11310; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11310.sys [X]
S3 EraserUtilDrv11313; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11313.sys [X]
U2 SharedAccess; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-31 14:10 - 2015-08-31 14:10 - 00048004 _____ C:\Users\Filep\Downloads\FRST.txt
2015-08-31 14:10 - 2015-08-31 14:10 - 00000000 ____D C:\FRST
2015-08-31 14:09 - 2015-08-31 14:09 - 02188288 _____ (Farbar) C:\Users\Filep\Downloads\FRST64.exe
2015-08-31 14:09 - 2015-08-31 14:09 - 00000085 _____ C:\Windows\wininit.ini
2015-08-31 14:04 - 2015-08-31 14:04 - 00000791 _____ C:\Users\Filep\Desktop\[TV]Samsung LED46 - Verknüpfung.lnk
2015-08-31 13:59 - 2015-08-31 13:58 - 00000797 _____ C:\Windows\system32\Drivers\etc\hosts.20150831-135934.backup
2015-08-31 13:41 - 2015-08-31 14:09 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-08-31 13:41 - 2015-08-31 13:41 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2015-08-31 13:31 - 2015-08-31 13:31 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Filep\Downloads\spybot-2.4.exe
2015-08-31 13:18 - 2015-08-31 13:18 - 00000000 ____D C:\Users\Filep\AppData\Local\Microsoft Help
2015-08-22 18:50 - 2015-08-31 13:05 - 00000000 ____D C:\Windows\System32\Tasks\Norton Family
2015-08-22 18:49 - 2015-08-31 13:00 - 00000000 ____D C:\Windows\system32\Drivers\NSMx64
2015-08-22 18:49 - 2015-08-22 18:53 - 00000000 ____D C:\Users\Filep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2015-08-22 18:49 - 2015-08-22 18:49 - 01038368 _____ (Symantec Corporation) C:\Users\Filep\Downloads\NF_Installer.exe
2015-08-22 18:49 - 2015-08-22 18:49 - 00001227 _____ C:\Users\Filep\Desktop\Norton Installation Files.lnk
2015-08-22 18:49 - 2015-08-22 18:49 - 00000000 ____D C:\Program Files (x86)\Norton Family
2015-08-22 17:33 - 2015-08-22 17:33 - 00000000 ____D C:\games
2015-08-22 17:31 - 2015-08-31 13:13 - 00000000 ____D C:\Program Files (x86)\MovieDea
2015-08-22 17:31 - 2015-08-22 17:32 - 00000000 ____D C:\Users\Filep\AppData\Roaming\PDFConvert
2015-08-22 17:31 - 2015-08-22 17:32 - 00000000 ____D C:\Users\Filep\AppData\Roaming\Convertor
2015-08-22 17:31 - 2015-08-22 17:31 - 00536412 _____ C:\Users\Filep\Downloads\Icy Tower.zip
2015-08-22 17:31 - 2015-08-22 17:31 - 00003768 _____ C:\Windows\System32\Tasks\Convertor
2015-08-22 17:31 - 2015-08-22 17:31 - 00003292 _____ C:\Windows\System32\Tasks\Winsta Update
2015-08-22 17:31 - 2015-08-22 17:31 - 00003236 _____ C:\Windows\System32\Tasks\WinKit
2015-08-22 17:31 - 2015-08-22 17:31 - 00002726 _____ C:\claraInstaller.txt
2015-08-22 17:31 - 2015-08-22 17:31 - 00000000 ____D C:\Users\Filep\AppData\Roaming\Winsta
2015-08-22 17:31 - 2015-08-22 17:31 - 00000000 ____D C:\Users\Filep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MovieDea
2015-08-18 22:05 - 2015-08-16 12:15 - 1529124864 _____ C:\Users\Filep\Desktop\Heiratsantrag.MTS
2015-08-18 22:00 - 2015-08-18 22:03 - 105186437 _____ C:\Users\Filep\Desktop\Heiratsantrag gekürzt neu.mp4
2015-08-18 21:55 - 2015-08-18 21:58 - 48992010 _____ C:\Users\Filep\Desktop\Heiratsantrag gekürzt.mp4
2015-08-18 21:54 - 2015-08-18 21:54 - 00000000 ____D C:\Users\Filep\AppData\Roaming\Digiarty
2015-08-18 21:53 - 2015-08-18 21:53 - 36396504 _____ (Digiarty Software, Inc. ) C:\Users\Filep\Downloads\winx-hd-converter-deluxe.exe
2015-08-18 19:51 - 2015-08-18 19:51 - 00000000 ____D C:\Users\Filep\AppData\Local\Movavi
2015-08-18 19:45 - 2015-08-31 13:26 - 00000000 ____D C:\Program Files (x86)\Movavi Video Converter 15
2015-08-18 19:40 - 2015-08-18 19:40 - 39158440 _____ (Movavi) C:\Users\Filep\Downloads\MovaviVideoConverterSetupC.exe
2015-08-16 21:51 - 2015-08-16 21:51 - 00001646 _____ C:\Users\Public\Desktop\Aiseesoft AVCHD Video Converter.lnk
2015-08-16 21:51 - 2015-08-16 21:51 - 00000000 ____D C:\Users\Filep\Documents\Aiseesoft Studio
2015-08-16 21:51 - 2015-08-16 21:51 - 00000000 ____D C:\Users\Filep\AppData\Local\Aiseesoft Studio
2015-08-16 21:51 - 2015-08-16 21:51 - 00000000 ____D C:\Program Files (x86)\Aiseesoft Studio
2015-08-16 21:50 - 2015-08-16 21:50 - 24566856 _____ (Aiseesoft Studio ) C:\Users\Filep\Downloads\avchd-video-60converter.exe
2015-08-14 17:10 - 2015-08-14 17:10 - 00000000 ____D C:\Users\Filep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-12 16:53 - 2015-08-12 16:53 - 00000000 ____D C:\Users\Filep\AppData\Local\CEF
2015-08-11 16:59 - 2015-08-11 16:59 - 00160154 _____ C:\Users\Filep\Downloads\Ihr Besuch in Tripsdrill.zip
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-31 14:09 - 2009-07-14 06:45 - 00015360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-31 14:09 - 2009-07-14 06:45 - 00015360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-31 13:54 - 2015-06-26 15:44 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1820486185-2003612580-2916385394-1000UA.job
2015-08-31 13:20 - 2011-03-06 01:37 - 00000344 _____ C:\Windows\lgfwup.ini
2015-08-31 13:20 - 2011-02-27 18:20 - 00000000 ____D C:\Program Files (x86)\lg_fwupdate
2015-08-31 13:18 - 2011-03-16 01:36 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-31 13:16 - 2013-12-29 16:18 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-31 13:04 - 2009-07-14 19:58 - 00702980 _____ C:\Windows\system32\perfh007.dat
2015-08-31 13:04 - 2009-07-14 19:58 - 00150620 _____ C:\Windows\system32\perfc007.dat
2015-08-31 13:04 - 2009-07-14 07:13 - 01629334 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-31 13:02 - 2011-02-26 23:37 - 01282059 _____ C:\Windows\WindowsUpdate.log
2015-08-31 13:01 - 2015-04-20 20:50 - 00000000 ___RD C:\Users\Filep\iCloudDrive
2015-08-31 13:01 - 2015-02-21 10:19 - 00000000 ___RD C:\Users\Filep\Dropbox
2015-08-31 13:01 - 2015-02-17 20:37 - 00000000 ____D C:\Users\Filep\AppData\Local\Spotify
2015-08-31 13:01 - 2014-10-24 15:34 - 00000000 ____D C:\Users\Filep\AppData\Roaming\Dropbox
2015-08-31 13:01 - 2013-12-31 18:27 - 00000000 ____D C:\Users\Filep\AppData\Roaming\Spotify
2015-08-31 13:01 - 2011-03-16 01:36 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-31 13:00 - 2011-03-06 08:36 - 00405844 _____ C:\Windows\PFRO.log
2015-08-31 13:00 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-31 13:00 - 2009-07-14 06:51 - 00152607 _____ C:\Windows\setupact.log
2015-08-29 20:13 - 2011-03-16 01:36 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-29 20:13 - 2011-03-16 01:36 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-29 19:00 - 2011-12-10 15:00 - 00000286 _____ C:\Windows\Tasks\RMSchedule.job
2015-08-29 15:54 - 2015-06-26 15:44 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1820486185-2003612580-2916385394-1000Core.job
2015-08-29 14:57 - 2014-08-10 14:23 - 00111344 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2015-08-29 14:57 - 2014-08-10 14:23 - 00008214 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2015-08-24 20:07 - 2011-12-10 20:00 - 00000418 _____ C:\Windows\SysWOW64\AppLog.log
2015-08-22 20:28 - 2011-12-10 15:00 - 00000000 ____D C:\Program Files (x86)\PC Tools Registry Mechanic
2015-08-22 18:49 - 2015-07-11 18:41 - 00000000 ____D C:\Users\Public\Downloads\Norton
2015-08-22 18:49 - 2013-11-09 19:10 - 03020800 ___SH C:\Users\Filep\Desktop\Thumbs.db
2015-08-21 16:34 - 2015-07-10 15:21 - 00002002 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2015-08-21 16:34 - 2013-11-23 19:50 - 00376272 _____ C:\Windows\DPINST.LOG
2015-08-21 16:34 - 2011-02-26 23:40 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-19 20:08 - 2011-03-06 07:24 - 00000000 ____D C:\Program Files (x86)\avmwlanstick
2015-08-18 19:51 - 2011-02-26 23:37 - 00000000 ____D C:\Users\Filep
2015-08-12 16:54 - 2014-04-06 19:13 - 00000000 ____D C:\Users\Filep\AppData\Local\Akamai
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-03-14 20:18 - 2015-03-14 20:19 - 4286798 _____ () C:\Users\Filep\AppData\Local\5C5FDFC1_stp.CIS
2015-03-14 20:18 - 2015-03-14 20:19 - 0000326 _____ () C:\Users\Filep\AppData\Local\5C5FDFC1_stp.CIS.part
2015-03-14 20:18 - 2015-03-14 20:18 - 0385602 _____ () C:\Users\Filep\AppData\Local\5D515C96_stp.CIS
2015-03-14 20:18 - 2015-04-26 17:46 - 0000220 _____ () C:\Users\Filep\AppData\Local\5D515C96_stp.CIS.part
2015-03-14 20:18 - 2015-03-14 20:18 - 0193463 _____ () C:\Users\Filep\AppData\Local\62C2AAC5_stp.CIS
2015-03-14 20:18 - 2015-03-14 20:18 - 0000250 _____ () C:\Users\Filep\AppData\Local\62C2AAC5_stp.CIS.part
2013-05-04 12:08 - 2013-05-04 12:08 - 0000000 _____ () C:\ProgramData\as98213.txt
2012-07-21 10:34 - 2015-06-25 13:03 - 0015768 _____ () C:\ProgramData\hpzinstall.log
2015-08-18 19:45 - 2015-08-18 19:45 - 0000016 _____ () C:\ProgramData\mntemp
2013-05-04 12:08 - 2013-05-04 12:08 - 95023320 ____T () C:\ProgramData\otrheq.pad
ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-1820486185-2003612580-2916385394-1000\$6c5270fbd1f095797ae707850c85a183
ZeroAccess:
C:\$Recycle.Bin\S-1-5-18\$6c5270fbd1f095797ae707850c85a183
Einige Dateien in TEMP:
====================
C:\Users\Filep\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp7zlp1z.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
ACHTUNG: ==> Auf den BCD konnte nicht zugegriffen werden.
LastRegBack: 2015-08-22 11:32
==================== Ende von FRST.txt ============================
Danke im Voraus Gruß Alex |
| Themen zu redirect Virus Windows 7 |
| akamai, bonjour, computer, dnsapi.dll, ebay, explorer, flash player, ftp, google, iexplore.exe, installation, mozilla, mp3, prozesse, redirect, registry, rundll, scan, security, software, stick, symantec, system, temp, usb, virus, windows, windows 7 |
Baum-Darstellung