| |
| |||||||
Log-Analyse und Auswertung: Facebook Link geposted von gehacktem Acc.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
16.11.2015, 13:58
| #1 |
| |  Facebook Link geposted von gehacktem Acc. Hallo Leute! Wie der Titel schon sagt, ich idiot hab auf diesen Link geklickt...  Mein Betriebsystem: Windows 8 64 bit Virenscann: Avira Bei GMER hatte ich die Fehlermeldung, dass er auf bestimmte Dateien (siehe anhang) nicht zu greifen kann, obwohl ich alles geschlossen habe was schließbar war .malware und spybot Scann habe ich schon gemacht. Die Dateien mit dem Namen Scan sind die Spybot txt Dateien. Ich hoffe ihr könnt mir helfen. MfG Paul PS: Avira Scan dauert noch wird noch nachgereicht und Addition.txt kann ich erst nach der ersten Antwort posten, weil ich mir doch nicht selbst antworten sollte. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
durchgeführt von Paul (Administrator) auf PAULSPC (16-11-2015 13:12:46)
Gestartet von E:\Download
Geladene Profile: Paul & Johanna (Verfügbare Profile: Paul & Johanna)
Platform: Windows 8.1 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\System32\PnkBstrA.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IvoSoft) E:\Class\ClassicStartMenu.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Spotify Ltd) C:\Users\Paul\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Paul\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\Paul\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Paul\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Paul\AppData\Roaming\Spotify\Spotify.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-12] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13538376 2013-05-21] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Classic Start Menu] => E:\Class\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [14601160 2015-07-02] (Logitech Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [788176 2015-11-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-01-20] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2011-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2904984 2011-09-05] (Adobe Systems Inc.)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-10-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1843580890-3302635565-1196697963-1001\...\Run: [Steam] => E:\Steam\steam.exe [3011152 2015-11-10] (Valve Corporation)
HKU\S-1-5-21-1843580890-3302635565-1196697963-1001\...\Run: [Clownfish] => E:\Clownfish\Clownfish.exe [1341192 2015-05-20] (Bogdan Sharkov)
HKU\S-1-5-21-1843580890-3302635565-1196697963-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-1843580890-3302635565-1196697963-1001\...\Run: [Spotify Web Helper] => C:\Users\Paul\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2030912 2015-10-19] (Spotify Ltd)
HKU\S-1-5-21-1843580890-3302635565-1196697963-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1843580890-3302635565-1196697963-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [57981568 2015-09-27] (Skype Technologies S.A.)
HKU\S-1-5-21-1843580890-3302635565-1196697963-1001\...\Run: [Spotify] => C:\Users\Paul\AppData\Roaming\Spotify\Spotify.exe [7736128 2015-10-19] (Spotify Ltd)
HKU\S-1-5-21-1843580890-3302635565-1196697963-1001\...\MountPoints2: {1689b5bd-90fb-11e3-be82-00224da7b19a} - "F:\LaunchU3.exe" -a
HKU\S-1-5-21-1843580890-3302635565-1196697963-1006\...\Run: [CitrixReceiver] => "C:\Users\Johanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk"
HKU\S-1-5-21-1843580890-3302635565-1196697963-1006\...\Run: [ConnectionCenter] => C:\Users\Johanna\AppData\Local\Citrix\ICA Client\concentr.exe [395656 2013-10-01] (Citrix Systems, Inc.)
HKU\S-1-5-21-1843580890-3302635565-1196697963-1006\...\MountPoints2: {39bbd1d7-4d3d-11e4-bedd-00224da7b19a} - "G:\autorun.exe"
HKU\S-1-5-21-1843580890-3302635565-1196697963-1006\...\MountPoints2: {a16fd3a8-270f-11e3-be66-806e6f6e6963} - "D:\asterix.exe"
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => E:\Class\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => E:\Class\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{142DF7BB-A94D-4138-8F40-9C781B712B29}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/
HKU\S-1-5-21-1843580890-3302635565-1196697963-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/
HKU\S-1-5-21-1843580890-3302635565-1196697963-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/
HKU\S-1-5-21-1843580890-3302635565-1196697963-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/
HKU\S-1-5-21-1843580890-3302635565-1196697963-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> E:\Class\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> E:\Class\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> E:\Class\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> E:\Programme\bin\ssv.dll [2015-04-16] (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> E:\Programme\bin\jp2ssv.dll [2015-04-16] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> E:\Class\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - E:\Class\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - E:\Class\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Toolbar: HKU\S-1-5-21-1843580890-3302635565-1196697963-1001 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\5vpb49af.default-1412610200372
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> E:\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-15] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-15] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> E:\Programme\bin\dtplugin\npDeployJava1.dll [2015-04-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> E:\Programme\bin\plugin2\npjp2.dll [2015-04-16] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-24] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-24] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2011-09-05] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> E:\Programme\Adobe\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1843580890-3302635565-1196697963-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Paul\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-08-27] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1843580890-3302635565-1196697963-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-1843580890-3302635565-1196697963-1006: @Citrix.com/npican -> C:\Users\Johanna\AppData\Local\Citrix\ICA Client\npicaN.dll [2013-10-01] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\5vpb49af.default-1412610200372\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-10-24]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-01-22] [ist nicht signiert]
Chrome:
=======
CHR Profile: C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-28]
CHR Extension: (Google Drive) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-23]
CHR Extension: (Google-Suche) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Avira Browserschutz) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-10-20]
CHR Extension: (Google Text & Tabellen Offline) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-02]
CHR Extension: (AdBlock) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-10-15]
CHR Extension: (agar.io server browser) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\hongpdkjnjhijmdnogoicadboadgllhi [2015-09-29]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-28]
CHR Extension: (Google Mail) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-28]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [936544 2015-11-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-11-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-11-14] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1105952 2015-11-14] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [243968 2015-10-14] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1225216 2015-10-01] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-12] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-15] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-15] (Intel Corporation)
S2 MBAMService; E:\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-12] (NVIDIA Corporation)
S3 Origin Client Service; E:\Origin\OriginClientService.exe [2099720 2015-11-12] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2015-11-12] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2015-11-09] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2015-01-08] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137800 2015-09-23] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-07-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [74440 2015-09-23] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-10-06] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
S2 hwpsgt; C:\Windows\SysWOW64\DRIVERS\hwpsgt.sys [137344 2014-11-07] () [Datei ist nicht signiert]
S3 LADF_DHP2; C:\Windows\system32\DRIVERS\ladfDHP2amd64.sys [62168 2010-09-29] (Logitech)
S3 LADF_SBVM; C:\Windows\system32\DRIVERS\ladfSBVMamd64.sys [377176 2010-09-29] (Logitech)
S2 lemsgt; C:\Windows\SysWOW64\DRIVERS\lemsgt.sys [9472 2014-11-07] () [Datei ist nicht signiert]
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2015-01-08] ()
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-10-23] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-10-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-16 13:11 - 2015-11-16 13:11 - 00000148 _____ C:\Users\Paul\defogger_reenable
2015-11-16 13:10 - 2015-11-16 13:12 - 00000000 ____D C:\FRST
2015-11-12 17:00 - 2015-11-13 00:09 - 00000000 ____D C:\Users\Paul\AppData\Roaming\dvdcss
2015-11-11 10:39 - 2015-10-15 17:08 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-11-11 10:39 - 2015-10-15 16:46 - 00803328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-11-11 10:39 - 2015-10-13 18:10 - 00559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-11-11 10:39 - 2015-10-13 18:10 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-11-11 10:39 - 2015-10-13 16:59 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2015-11-11 10:39 - 2015-10-13 16:59 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2015-11-11 10:39 - 2015-10-13 16:59 - 00137960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll
2015-11-11 10:39 - 2015-10-13 16:59 - 00120376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll
2015-11-11 10:39 - 2015-10-13 16:59 - 00106952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2015-11-11 10:39 - 2015-10-13 16:59 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2015-11-11 10:39 - 2015-10-11 07:36 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-11-11 10:39 - 2015-10-11 07:36 - 00177496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-11-11 10:39 - 2015-10-10 19:40 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2015-11-11 10:39 - 2015-10-10 19:39 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2015-11-11 10:39 - 2015-10-10 19:07 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-11-11 10:39 - 2015-10-10 18:33 - 01441280 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-11-11 10:39 - 2015-10-10 18:27 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-11-11 10:39 - 2015-10-10 18:11 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-11-11 10:39 - 2015-10-10 17:45 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-11-11 10:39 - 2015-09-12 14:47 - 00414559 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-11-11 10:38 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-11-11 10:38 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-11 10:38 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-11-11 10:38 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-11-11 10:38 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-11-11 10:38 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-11-11 10:38 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-11-11 10:38 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-11-11 10:38 - 2015-10-30 23:39 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-11-11 10:38 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-11-11 10:38 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-11-11 10:38 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-11-11 10:38 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-11-11 10:38 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-11-11 10:38 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-11-11 10:38 - 2015-10-30 23:14 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-11-11 10:38 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-11-11 10:38 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-11-11 10:38 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-11-11 10:38 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-11-11 10:38 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-11-11 10:38 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-11-11 10:38 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-11-11 10:38 - 2015-10-20 22:54 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-11-11 10:38 - 2015-10-20 15:53 - 03705856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-11-11 10:38 - 2015-10-20 15:36 - 02243072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-11-11 10:38 - 2015-10-20 15:35 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-11-11 10:38 - 2015-10-20 15:34 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-11-11 10:38 - 2015-10-20 15:34 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-11-11 10:38 - 2015-10-20 15:34 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-11-11 10:38 - 2015-10-20 15:33 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-11-11 10:38 - 2015-10-20 15:14 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-11-11 10:38 - 2015-10-20 15:13 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-11-11 10:38 - 2015-10-20 15:13 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-11-11 10:38 - 2015-10-20 15:13 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-11-11 10:38 - 2015-10-17 15:19 - 04176384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-11-11 10:38 - 2015-10-15 00:02 - 07455064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-11-11 10:38 - 2015-10-15 00:02 - 01659560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-11-11 10:38 - 2015-10-15 00:02 - 01519592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-11-11 10:38 - 2015-10-15 00:02 - 01487008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-11-11 10:38 - 2015-10-15 00:02 - 01355848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-11-11 10:38 - 2015-10-08 17:08 - 01083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-11-11 10:38 - 2015-09-29 13:24 - 00155480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2015-11-11 10:38 - 2015-09-07 17:22 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-11-11 10:38 - 2015-09-07 17:21 - 00825856 _____ (Microsoft Corporation) C:\WINDOWS\system32\pmcsnap.dll
2015-11-11 10:38 - 2015-09-07 17:17 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ppcsnap.dll
2015-11-11 10:38 - 2015-09-07 16:54 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-11-11 10:38 - 2015-09-07 16:30 - 01091584 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-11-11 10:38 - 2015-09-04 20:24 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2015-11-11 10:38 - 2015-08-28 23:20 - 00183368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2015-11-11 10:38 - 2015-08-20 21:45 - 01380048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-11-11 10:38 - 2015-08-20 18:48 - 01096704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-11-11 10:38 - 2015-08-10 19:15 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-11-11 10:38 - 2015-08-10 19:06 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2015-11-11 10:38 - 2015-08-10 18:49 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2015-11-11 10:38 - 2015-08-10 17:56 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2015-11-11 10:38 - 2015-08-10 17:46 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2015-11-11 10:38 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2015-11-11 10:38 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2015-11-11 10:38 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2015-11-11 00:43 - 2015-11-11 00:43 - 00003234 _____ C:\WINDOWS\System32\Tasks\{92573CE7-E290-4143-BAAA-20C2CADB6EBF}
2015-11-09 22:06 - 2015-11-09 21:32 - 03123272 _____ C:\WINDOWS\SysWOW64\pbsvc.exe
2015-11-06 00:14 - 2015-11-06 00:15 - 00000668 _____ C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iPadian.lnk
2015-10-29 00:54 - 2015-10-29 00:54 - 00000121 _____ C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2015-10-29 00:54 - 2015-10-29 00:54 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Fatshark
2015-10-28 12:07 - 2015-10-28 12:07 - 00000937 _____ C:\Users\Public\Desktop\Battlefield 4.lnk
2015-10-24 10:36 - 2015-11-12 14:41 - 00002195 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-24 10:36 - 2015-10-24 10:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-10-24 10:35 - 2015-11-16 12:40 - 00001122 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-24 10:35 - 2015-11-16 11:56 - 00001118 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-24 10:35 - 2015-10-24 10:35 - 00004094 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-10-24 10:35 - 2015-10-24 10:35 - 00003858 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-10-24 10:34 - 2015-10-24 10:34 - 00929872 _____ (Google Inc.) C:\Users\Paul\Downloads\ChromeSetup.exe
2015-10-23 19:32 - 2015-10-23 19:32 - 00002153 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-10-23 19:32 - 2015-10-03 03:18 - 00102520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-10-23 19:30 - 2015-10-03 06:06 - 42914096 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-10-23 19:30 - 2015-10-03 06:06 - 37882488 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-10-23 19:30 - 2015-10-03 06:06 - 22306936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-10-23 19:30 - 2015-10-03 06:06 - 18359928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-10-23 19:30 - 2015-10-03 06:06 - 16541040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-10-23 19:30 - 2015-10-03 06:06 - 15716648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-10-23 19:30 - 2015-10-03 06:06 - 14832968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-10-23 19:30 - 2015-10-03 06:06 - 13518496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-10-23 19:30 - 2015-10-03 06:06 - 12032200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-10-23 19:30 - 2015-10-03 06:06 - 11114616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-10-23 19:30 - 2015-10-03 06:06 - 02869880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-10-23 19:30 - 2015-10-03 06:06 - 02489976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-10-23 19:30 - 2015-10-03 06:06 - 01905456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435850.dll
2015-10-23 19:30 - 2015-10-03 06:06 - 01564976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435850.dll
2015-10-23 19:30 - 2015-10-03 06:06 - 00879000 _____ C:\WINDOWS\system32\nvmcumd.dll
2015-10-23 19:30 - 2015-10-03 06:06 - 00877176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-10-23 19:30 - 2015-10-03 06:06 - 00861816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-10-23 19:30 - 2015-10-03 06:06 - 00689456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-10-23 19:30 - 2015-10-03 06:06 - 00673912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-10-23 19:30 - 2015-10-03 06:06 - 00512720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-10-23 19:30 - 2015-10-03 06:06 - 00467912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-10-23 19:30 - 2015-10-03 06:06 - 00422240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-10-23 19:30 - 2015-10-03 06:06 - 00414000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-10-23 19:30 - 2015-10-03 06:06 - 00388024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-10-23 19:30 - 2015-10-03 06:06 - 00369272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-10-23 19:30 - 2015-10-03 06:06 - 00177416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-10-23 19:30 - 2015-10-03 06:06 - 00155976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-10-23 19:30 - 2015-10-03 06:06 - 00151368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-10-23 19:30 - 2015-10-03 06:06 - 00128696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-10-23 19:22 - 2015-08-11 05:52 - 00069416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2015-10-23 19:22 - 2015-08-11 05:52 - 00050472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2015-10-20 18:02 - 2015-10-20 18:02 - 00000000 ____D C:\Users\Paul\AppData\LocalLow\Steel Crate Games
2015-10-20 16:54 - 2015-10-20 16:54 - 00000649 _____ C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\osu!.lnk
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-16 13:12 - 2015-07-20 11:48 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Spotify
2015-11-16 13:12 - 2015-04-28 11:58 - 00000000 ____D C:\Users\Paul\AppData\Roaming\ClassicShell
2015-11-16 13:11 - 2014-11-05 23:03 - 00000000 ____D C:\Users\Paul
2015-11-16 13:09 - 2013-09-27 23:01 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Skype
2015-11-16 13:00 - 2015-08-04 11:16 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-16 13:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-16 12:59 - 2015-07-20 11:48 - 00000000 ____D C:\Users\Paul\AppData\Local\Spotify
2015-11-16 12:07 - 2014-11-05 22:57 - 01464414 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-16 12:04 - 2015-04-28 11:54 - 00000000 ____D C:\Users\Paul\AppData\Local\Battle.net
2015-11-16 11:56 - 2015-01-16 15:34 - 00003922 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{168FE5F2-641B-4B42-8652-526BD16DC5DF}
2015-11-16 02:00 - 2015-04-28 11:54 - 00000000 ____D C:\Users\Paul\AppData\Local\Adobe
2015-11-16 00:40 - 2014-09-24 07:16 - 01780340 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-16 00:40 - 2014-09-24 06:43 - 00765378 _____ C:\WINDOWS\system32\perfh007.dat
2015-11-16 00:40 - 2014-09-24 06:43 - 00159696 _____ C:\WINDOWS\system32\perfc007.dat
2015-11-16 00:33 - 2015-04-16 08:24 - 00040615 _____ C:\WINDOWS\setupact.log
2015-11-16 00:33 - 2014-11-05 22:57 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-16 00:33 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-16 00:33 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-11-15 18:26 - 2013-09-27 02:17 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1843580890-3302635565-1196697963-1001
2015-11-15 00:12 - 2015-04-28 12:01 - 00000000 ____D C:\Users\Paul\AppData\Roaming\TS3Client
2015-11-14 14:45 - 2013-09-27 23:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-11-13 04:06 - 2013-10-04 17:05 - 00000000 ____D C:\ProgramData\Origin
2015-11-13 00:09 - 2015-04-28 12:01 - 00000000 ____D C:\Users\Paul\AppData\Roaming\vlc
2015-11-12 20:46 - 2015-04-28 12:00 - 00000000 ____D C:\Users\Paul\AppData\Roaming\LolClient
2015-11-12 19:44 - 2014-06-30 20:21 - 00076152 _____ C:\WINDOWS\system32\PnkBstrA.exe
2015-11-12 19:44 - 2013-10-04 18:32 - 00226168 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2015-11-12 19:44 - 2013-10-04 18:32 - 00214392 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2015-11-11 21:14 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2015-11-11 19:39 - 2014-09-23 22:06 - 00233534 _____ C:\WINDOWS\PFRO.log
2015-11-11 19:39 - 2013-08-22 15:44 - 05099104 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-11-11 19:38 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-11-11 19:00 - 2015-08-04 11:16 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-11-11 17:03 - 2013-09-27 20:31 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-11-11 17:02 - 2013-09-27 20:30 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-11 17:02 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-11 16:57 - 2013-09-27 20:44 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-11 16:54 - 2013-09-27 20:44 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-11-11 16:54 - 2012-07-26 06:26 - 00000167 _____ C:\WINDOWS\win.ini
2015-11-10 13:29 - 2013-10-06 08:26 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-09 22:06 - 2013-12-30 21:23 - 00000000 ____D C:\ProgramData\Ubisoft
2015-11-09 22:06 - 2013-10-04 18:32 - 00075136 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2015-11-09 22:06 - 2013-09-28 17:35 - 00578718 _____ C:\WINDOWS\DirectX.log
2015-11-07 13:30 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-03 15:18 - 2015-02-05 08:53 - 00000000 ____D C:\Users\Paul\AppData\Local\Steam
2015-11-03 01:23 - 2014-09-24 08:43 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-11-03 01:23 - 2014-09-24 08:43 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-31 18:48 - 2014-12-26 19:58 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-10-24 10:36 - 2013-10-06 08:27 - 00000000 ____D C:\Program Files (x86)\Google
2015-10-23 19:35 - 2014-10-06 16:38 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-10-23 19:32 - 2014-11-05 22:57 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-10-23 19:32 - 2013-11-16 18:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-10-23 19:22 - 2015-02-16 18:45 - 00000643 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-10-23 19:22 - 2014-10-06 16:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-10-22 13:52 - 2013-09-27 23:01 - 00000000 ____D C:\ProgramData\Skype
2015-10-21 12:59 - 2015-04-28 12:01 - 00000000 ____D C:\Users\Paul\AppData\Roaming\uTorrent
2015-10-21 11:07 - 2015-10-15 17:50 - 00000000 ____D C:\Users\Paul\AppData\LocalLow\uTorrent
2015-10-17 12:21 - 2014-12-12 02:21 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-17 12:21 - 2014-09-24 08:41 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-04-28 11:58 - 2014-06-03 16:17 - 0003124 _____ () C:\Users\Paul\AppData\Roaming\PData.MM1
2015-04-28 11:58 - 2014-06-03 16:17 - 0003124 _____ () C:\Users\Paul\AppData\Roaming\PData.MMM
2015-07-09 23:46 - 2015-07-09 23:47 - 0001579 _____ () C:\Users\Paul\AppData\Roaming\SpeedRunnersLog.txt
2015-04-28 11:54 - 2013-09-27 22:46 - 0007604 _____ () C:\Users\Paul\AppData\Local\Resmon.ResmonCfg
2015-10-29 00:54 - 2015-10-29 00:54 - 0000121 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
Einige Dateien in TEMP:
====================
C:\Users\Johanna\AppData\Local\Temp\avgnt.exe
C:\Users\Johanna\AppData\Local\Temp\drm_dyndata_7360012.dll
C:\Users\Johanna\AppData\Local\Temp\drm_dyndata_7370014.dll
C:\Users\Johanna\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Paul\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-11-15 18:26
==================== Ende von FRST.txt ============================
|
| Themen zu Facebook Link geposted von gehacktem Acc. |
| .dll, administrator, adobe, antivir, avira, bluestacks, bonjour, defender, desktop, dnsapi.dll, explorer, fehlermeldung, flash player, geforce, google, mozilla, nvidia, prozesse, realtek, registry, rundll, scan, services.exe, software, svchost.exe, windows, winlogon.exe |
Baum-Darstellung