| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: AdWare installiert sich immer wieder selber (Win8.1)Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
01.03.2016, 14:59
| #1 |
| |  AdWare installiert sich immer wieder selber (Win8.1) Hi, Ich habe ein kleines Problem mit meinem (neuen) Rechner. Seit dem ich eine Seite mit dem Namen Springfiles besucht habe und eine Datei heruntergeladen habe kommt andauernd Werbung in meinen Browsern. Außerdem druckt mein Drucker sobald er an dem PC angeschlossen ist pausenlos irgendwas über Homosexuelle. Ich will nicht wissen was der "Virus sonst noch alles gemacht hat. Mein Problem ist dass ich Chrome und Firefox garnicht mehr nutzen kann da dort nur Werbung ist, und in Internet Explorer kann ich nur Google oder dieses Forum besuchen. Ich habe schon bestimmt 5 Anleitungen abgearbeitet bevor ich auf dieses Forum gestoßen bin, (Malwarebytes, ADWCleaner, Revo, ...). Alle haben Ad- und Malware gefunden, jedoch "installiert" sich diese Werbung (by capricornus) immer und immer wieder.) Die Ausgangsdatei habe ich selbstverständlich wieder gelöscht, doch das Problem tritt immernoch auf. Solange ich nicht zu 100% sicher sein kann dass ich keine Viren mehr auf meinem PC habe kann ich ihn leider auch nicht mehr für PayPal oder ähnliche Dienste nutzen. FRST Logs: FRST.txt: [Spoiler] Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:27-02-2016
durchgeführt von German (Administrator) auf HENDRYK (01-03-2016 14:42:19)
Gestartet von C:\Users\German\Downloads
Geladene Profile: German & (Verfügbare Profile: admin & German & Papa)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\System32\PnkBstrA.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Gainward Co. Ltd.) C:\Program Files (x86)\EXPERTool\TBPanel.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(© 2015 Microsoft Corporation) C:\Users\German\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.92.21.0\OverwolfHelper.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.92.21.0\OverwolfHelper64.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.92.21.0\Purplizer\Purplizer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.92.21.0\OverwolfBrowser.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.92.21.0\OverwolfBrowser.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\German\Downloads\adwcleaner_5.037.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-02-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15003256 2015-09-19] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-09-04] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2292912 2015-09-17] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [917112 2015-10-08] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [804168 2016-02-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [330176 2014-08-19] (Hewlett-Packard Company)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\Run: [TBPanel] => C:\Program Files (x86)\EXPERTool\TBPanel.exe [2195416 2015-05-29] (Gainward Co. Ltd.)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3639280 2016-02-02] (Electronic Arts)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\Run: [BingSvc] => C:\Users\German\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-11] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [61200 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [45296 2016-02-11] (Overwolf LTD)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\Run: [CyberGhost] => "C:\Program Files\CyberGhost 5\CyberGhost.exe" /autostart /min
HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\Run: [Dexpot] => G:\Dexpot\dexpot.exe [1845296 2014-09-04] (Dexpot GbR)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50615936 2016-01-18] (Skype Technologies S.A.)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\Run: [MurGee.com Auto Clicker] => G:\Auto Clicker\AutoClicker.exe [124072 2016-01-14] (MurGee.com)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [TBPanel] => C:\Program Files (x86)\EXPERTool\TBPanel.exe [2195416 2015-05-29] (Gainward Co. Ltd.)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3639280 2016-02-02] (Electronic Arts)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [BingSvc] => C:\Users\German\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-11] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [61200 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [45296 2016-02-11] (Overwolf LTD)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CyberGhost] => "C:\Program Files\CyberGhost 5\CyberGhost.exe" /autostart /min
HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Dexpot] => G:\Dexpot\dexpot.exe [1845296 2014-09-04] (Dexpot GbR)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50615936 2016-01-18] (Skype Technologies S.A.)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [MurGee.com Auto Clicker] => G:\Auto Clicker\AutoClicker.exe [124072 2016-01-14] (MurGee.com)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\German\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\German\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\German\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Keine Datei
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\SysWow64\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7D799B41-54F3-47C6-AE88-26F3C57B6DC2}: [NameServer] 10.0.0.1
Tcpip\..\Interfaces\{8718928D-CBEB-45EA-A621-800A9249001D}: [NameServer] 10.0.0.1
Tcpip\..\Interfaces\{951E8EDF-B09B-4639-977F-2857679E2F0A}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{B8FD05E0-44B9-4037-AEFB-3A369EE66CC2}: [NameServer] 10.0.0.1
Tcpip\..\Interfaces\{bbed3e08-0b41-11e3-8249-806e6f6e6963}: [NameServer] 10.0.0.1
Tcpip\..\Interfaces\{D48B96C9-F2FC-40F4-96B8-7BC7A17A7EC9}: [NameServer] 10.0.0.1
Tcpip\..\Interfaces\{D48B96C9-F2FC-40F4-96B8-7BC7A17A7EC9}: [DhcpNameServer] 8.8.8.8
Internet Explorer:
==================
HKU\S-1-5-21-4250030646-1501493049-109087217-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4250030646-1501493049-109087217-1002 -> {27B3153F-C6B6-4AC8-A300-25EA0AE6E6E1} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-4250030646-1501493049-109087217-1002 -> {92EE6304-7779-4A2B-BF23-4BF4DB1AD39E} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-4250030646-1501493049-109087217-1002 -> {A2A1DE56-07DD-46DB-A2E2-FFD328CCB63E} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-4250030646-1501493049-109087217-1002 -> {C736CDB4-2297-4972-B35C-3C02C11F285A} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-4250030646-1501493049-109087217-1002 -> {E688550F-FD47-4F80-A2F2-DD4AEF500166} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {27B3153F-C6B6-4AC8-A300-25EA0AE6E6E1} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {92EE6304-7779-4A2B-BF23-4BF4DB1AD39E} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {A2A1DE56-07DD-46DB-A2E2-FFD328CCB63E} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {C736CDB4-2297-4972-B35C-3C02C11F285A} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {E688550F-FD47-4F80-A2F2-DD4AEF500166} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_71\bin\ssv.dll [2016-01-30] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-30] (Oracle Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll => Keine Datei
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-10-15] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-15] (Oracle Corporation)
BHO-x32: Kein Name -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> Keine Datei
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\German\AppData\Roaming\Mozilla\Firefox\Profiles\AoEQNFUc.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-30] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-09-17] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-29] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-29] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-10-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-15] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-09-17] (Adobe Systems)
FF Plugin HKU\S-1-5-21-4250030646-1501493049-109087217-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\German\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\German\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
FF Extension: Flash and Video Download - C:\Users\German\AppData\Roaming\Mozilla\Firefox\Profiles\AoEQNFUc.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2016-01-26]
FF Extension: Greasemonkey - C:\Users\German\AppData\Roaming\Mozilla\Firefox\Profiles\AoEQNFUc.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-01-26]
FF Extension: Kein Name - C:\Users\German\AppData\Roaming\Mozilla\Firefox\Profiles\AoEQNFUc.default\extensions\yahooprotected@gmail.com [nicht gefunden]
FF Extension: Avira Browser Safety - C:\Users\German\AppData\Roaming\Mozilla\Firefox\Profiles\AoEQNFUc.default\Extensions\abs@avira.com [2016-02-18]
FF Extension: MEGA - C:\Users\German\AppData\Roaming\Mozilla\Firefox\Profiles\AoEQNFUc.default\Extensions\firefox@mega.co.nz.xpi [2016-02-18]
FF Extension: Oasis Space 1.0.1 - C:\Users\German\AppData\Roaming\Mozilla\Firefox\Profiles\AoEQNFUc.default\Extensions\{307918f0-0f35-499c-953c-5e64815cd976}.xpi [2016-02-29] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\German\AppData\Roaming\Mozilla\Firefox\Profiles\AoEQNFUc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-20]
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.de/
CHR Profile: C:\Users\German\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-15]
CHR Extension: (Google Docs) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-15]
CHR Extension: (Google Drive) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-26]
CHR Extension: (YouTube) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-15]
CHR Extension: (Adblock Plus) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-06]
CHR Extension: (Google-Suche) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tampermonkey) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-12-19]
CHR Extension: (Google Tabellen) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-15]
CHR Extension: (iCloud-Lesezeichen) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2015-10-16]
CHR Extension: (Avira Browserschutz) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-02-18]
CHR Extension: (Google Docs Offline) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19]
CHR Extension: (Norton Identity Safe) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-10-16]
CHR Extension: (BitGo) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlgeogaipkoajobchncghcojanffjfhl [2015-12-02]
CHR Extension: (Skype) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-12-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-15]
CHR Extension: (Google Mail) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-15]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [669872 2015-09-15] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2020056 2016-02-09] (Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2016-02-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2016-02-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2016-02-18] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1417592 2016-02-18] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-28] ()
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1345056 2016-02-11] ()
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [437880 2015-10-08] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [417400 2015-10-08] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [855672 2015-10-08] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1164672 2016-02-17] (NVIDIA Corporation)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2014-06-24] (HP) [Datei ist nicht signiert]
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2048720 2015-11-13] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [96600 2015-11-13] ()
R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [851152 2015-11-13] (AnchorFree Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-04-29] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [192120 2015-09-19] (Logitech Inc.)
S2 MBAMService; G:\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1880960 2016-02-17] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6474112 2016-02-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2609024 2016-02-17] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-02-02] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1009904 2016-02-11] (Overwolf LTD)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2016-01-18] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-01-17] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [10752 2015-10-15] () [Datei ist nicht signiert]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 Gittuiu; "C:\Users\German\AppData\Roaming\AodoJamp\Feklaf.exe" -cms [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-13] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146704 2016-02-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-13] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-13] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [146040 2015-10-08] (BlueStack Systems)
R3 cbfs3; C:\Windows\System32\drivers\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
S3 csrusbfilter; C:\Windows\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Limited)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [118272 2014-04-29] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28032 2016-02-17] (NVIDIA Corporation)
S3 NVSWCFilter; C:\Windows\System32\drivers\nvswcfilter.sys [19616 2015-06-17] (Windows (R) Win 7 DDK provider)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [47672 2016-02-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [3860224 2015-08-05] (Realtek Semiconductor Corporation )
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2015-10-27] (Scarlet.Crush Productions)
R3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42088 2015-11-13] (Anchorfree Inc.)
R3 VBAudioVACMME; C:\Windows\system32\DRIVERS\vbaudio_cable64_win7.sys [41192 2013-07-11] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 CsrBtPort; \SystemRoot\system32\DRIVERS\CsrBtPort.sys [X]
S3 csrpan; \SystemRoot\system32\DRIVERS\csrpan.sys [X]
S3 csrserial; \SystemRoot\system32\DRIVERS\csrserial.sys [X]
S3 csrusb; \SystemRoot\System32\Drivers\csrusb.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 IntcAzAudAddService; \SystemRoot\system32\drivers\RTKVHD64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-03-01 14:42 - 2016-03-01 14:42 - 00037207 _____ C:\Users\German\Downloads\FRST.txt
2016-03-01 14:41 - 2016-03-01 14:42 - 00000000 ____D C:\FRST
2016-03-01 14:41 - 2016-03-01 14:41 - 02371072 _____ (Farbar) C:\Users\German\Downloads\FRST64.exe
2016-03-01 14:34 - 2016-03-01 14:34 - 00002628 _____ C:\Windows\System32\Tasks\ParetoLogic Registration3
2016-03-01 14:34 - 2016-03-01 14:34 - 00000438 _____ C:\Windows\Tasks\ParetoLogic Registration3.job
2016-03-01 14:33 - 2016-03-01 14:33 - 00000000 ____D C:\Users\German\AppData\Roaming\ParetoLogic
2016-03-01 14:33 - 2016-03-01 14:33 - 00000000 ____D C:\Users\German\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic
2016-03-01 14:33 - 2016-03-01 14:33 - 00000000 ____D C:\Users\German\AppData\Roaming\DriverCure
2016-03-01 14:33 - 2016-03-01 14:33 - 00000000 ____D C:\ProgramData\ParetoLogic
2016-03-01 14:32 - 2016-03-01 14:32 - 05964208 _____ (ParetoLogic Inc.) C:\Users\German\Downloads\ParetoLogic PC Health Advisor.exe
2016-03-01 08:32 - 2016-03-01 08:32 - 00263142 _____ C:\Users\Papa\Downloads\Husar_OD_11563_091115_9.pdf
2016-02-29 19:30 - 2016-03-01 14:25 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-29 19:30 - 2016-02-29 19:30 - 22908888 _____ (Malwarebytes ) C:\Users\German\Downloads\mbam-setup-2.2.0.1024.exe
2016-02-29 19:30 - 2016-02-29 19:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-02-29 19:30 - 2016-02-29 19:30 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-02-29 19:30 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-02-29 19:30 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-02-29 19:30 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-02-29 19:19 - 2016-02-29 19:19 - 00000000 ____D C:\Windows\system32\lut
2016-02-29 19:13 - 2016-03-01 14:35 - 00000000 ____D C:\AdwCleaner
2016-02-29 19:13 - 2016-02-29 19:13 - 01518592 _____ C:\Users\German\Downloads\adwcleaner_5.037.exe
2016-02-29 18:42 - 2016-02-29 19:40 - 00000000 ____D C:\Users\German\AppData\LocalLow\Company
2016-02-29 18:42 - 2016-02-29 18:42 - 00003344 _____ C:\Windows\System32\Tasks\Aviel
2016-02-29 18:42 - 2016-02-29 18:42 - 00000000 ____D C:\Users\German\AppData\Local\Tempfolder
2016-02-29 18:42 - 2016-02-29 18:42 - 00000000 ____D C:\uninst
2016-02-29 18:41 - 2014-11-24 22:09 - 00020872 _____ (Phoenix Technologies) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
2016-02-29 18:40 - 2016-02-29 18:40 - 04255744 _____ C:\Users\German\Downloads\remouse_standard_3.4_crack.iso
2016-02-29 18:28 - 2016-02-29 18:28 - 00000000 ____D C:\Users\German\Documents\AutomaticSolution Software
2016-02-29 18:28 - 2016-02-29 18:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReMouse Standard
2016-02-29 18:27 - 2016-02-29 18:27 - 01162728 _____ (AutomaticSolution Software ) C:\Users\German\Downloads\ReMouseStandard-Setup.exe
2016-02-28 15:12 - 2016-02-28 15:12 - 00000419 _____ C:\Users\German\Downloads\listen-dsl.pls
2016-02-28 11:49 - 2016-02-28 11:49 - 00093222 _____ C:\Users\German\Downloads\Husar®+Plus+(Husar®+Plus+%2b+Mero®).pdf
2016-02-28 10:43 - 2016-02-28 10:43 - 00000042 _____ C:\Windows\SysWOW64\AK083E209605E394C.lie
2016-02-28 10:42 - 2016-02-28 10:43 - 02670160 _____ (www.PerfectUninstaller.com ) C:\Users\German\Downloads\PerfectUninstaller_Setup.exe
2016-02-27 15:35 - 2016-02-27 15:35 - 00137728 _____ C:\Users\German\Downloads\ZombieHack (1).exe
2016-02-27 15:24 - 2016-02-27 15:24 - 00137728 _____ C:\Users\German\Downloads\ZombieHack.exe
2016-02-26 17:53 - 2016-02-26 17:53 - 00000257 _____ C:\Users\Papa\Desktop\Renault Top-Angebote.url
2016-02-26 12:33 - 2016-02-26 12:33 - 01855998 _____ C:\Users\Papa\Desktop\Duster.pdf
2016-02-24 21:11 - 2016-02-24 21:11 - 00030377 _____ C:\Users\German\Downloads\Leer 6.pdf
2016-02-24 17:59 - 2016-02-24 17:59 - 00128595 _____ C:\Users\German\Downloads\Leer 6.pages
2016-02-22 18:18 - 2016-02-24 14:46 - 00000000 ____D C:\Users\German\Desktop\Französisch
2016-02-22 14:45 - 2016-02-22 14:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auto Clicker
2016-02-22 14:44 - 2016-02-22 14:44 - 00855448 _____ (MurGee.com ) C:\Users\German\Downloads\setup.exe
2016-02-19 22:04 - 2016-02-29 19:40 - 00000642 _____ C:\Users\Public\Desktop\Flixster.lnk
2016-02-19 22:04 - 2016-02-29 19:40 - 00000642 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flixster.lnk
2016-02-19 22:04 - 2016-02-19 22:04 - 00000000 ____D C:\Users\German\AppData\Roaming\com.wb.DC2
2016-02-19 22:04 - 2016-02-19 22:04 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2016-02-19 22:04 - 2016-02-19 22:04 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2016-02-19 21:54 - 2016-02-19 21:54 - 00000000 ____D C:\Users\German\AppData\Roaming\dvdcss
2016-02-19 19:32 - 2016-02-19 19:32 - 00000278 _____ C:\Users\German\Downloads\wspam-illuminati.zip
2016-02-19 18:45 - 2016-02-19 18:45 - 00000300 _____ C:\Users\German\Downloads\wspam-bob.zip
2016-02-19 10:37 - 2016-02-09 09:39 - 42982336 _____ C:\Windows\system32\nvcompiler.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 37616696 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 31081920 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 24916536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 21193032 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 20733832 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 17625136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 17218792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 12383288 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-02-19 10:37 - 2016-02-09 09:39 - 03145272 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 02722872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 01924152 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436191.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 01571776 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436191.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 00880576 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 00878816 _____ C:\Windows\system32\nvmcumd.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 00747064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 00691256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 00469144 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 00423360 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 00423080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 00388560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 00379448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 00175368 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 00153208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 00124352 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcaparm.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 00047672 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvadarm.sys
2016-02-19 10:34 - 2016-02-19 10:36 - 00000000 ____D C:\Users\German\Desktop\EndeavourPC
2016-02-19 10:31 - 2016-02-19 10:31 - 00000000 ____D C:\Users\German\AppData\Roaming\Mael
2016-02-19 10:28 - 2016-02-19 10:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HxD Hex Editor
2016-02-19 10:27 - 2016-02-19 10:31 - 00000000 ____D C:\Users\German\Desktop\uzhz78uh8uz7huh8
2016-02-19 10:27 - 2016-01-29 10:52 - 00792576 _____ (Alexander Blade) C:\Users\German\Desktop\ScriptHookV.dll.bak
2016-02-18 15:32 - 2016-02-18 15:32 - 00242312 _____ C:\Users\German\Downloads\Firefox Setup Stub 44.0.2.exe
2016-02-18 14:37 - 2016-02-18 14:37 - 00000640 _____ C:\Users\German\Desktop\asdasdasdasd.txt
2016-02-18 14:35 - 2016-02-18 14:35 - 02391038 _____ C:\Users\German\Downloads\ApocalypseBot.jar
2016-02-18 10:36 - 2016-02-18 10:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-02-17 20:10 - 2016-02-17 20:10 - 00375451 _____ C:\Users\German\Downloads\Biologie_LP_SekII.pdf
2016-02-17 20:07 - 2016-02-17 20:07 - 00326271 _____ C:\Users\German\Downloads\physik-gym-oberstufe.pdf
2016-02-17 07:58 - 2016-02-17 07:58 - 00059548 _____ C:\Users\Papa\Downloads\Konto_117581439-Auszug_2015_010.PDF
2016-02-17 07:58 - 2016-02-17 07:58 - 00059234 _____ C:\Users\Papa\Downloads\Konto_117581439-Auszug_2015_011.PDF
2016-02-15 12:24 - 2016-02-15 12:24 - 00000000 ____D C:\Users\Papa\AppData\Roaming\HpUpdate
2016-02-15 06:56 - 2016-02-15 06:56 - 00058322 _____ C:\Users\Papa\Downloads\Konto_117581439-Auszug_2016_001.PDF
2016-02-14 10:32 - 2016-02-14 10:32 - 00424544 _____ C:\Users\Papa\Downloads\mainradweg--weisser-main.gpx
2016-02-13 16:02 - 2016-02-13 16:02 - 00011510 _____ C:\Users\German\Desktop\Arma3Launcher_Exception_20160213T150213.txt
2016-02-13 16:02 - 2016-02-09 06:41 - 00530368 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-02-13 16:02 - 2016-02-09 06:41 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-02-13 16:01 - 2016-01-23 04:42 - 01924152 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436175.dll
2016-02-13 16:01 - 2016-01-23 04:42 - 01573432 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436175.dll
2016-02-13 15:05 - 2016-02-13 15:05 - 00000000 ____D C:\Users\German\Documents\Mein Garmin
2016-02-13 11:03 - 2016-02-13 15:06 - 00000000 ____D C:\Users\German\AppData\Roaming\Garmin
2016-02-13 11:03 - 2016-02-13 11:03 - 00000000 ____D C:\Users\German\AppData\Local\GARMIN_Corp
2016-02-13 11:03 - 2016-02-13 11:03 - 00000000 ____D C:\Users\German\AppData\Local\Garmin
2016-02-13 11:03 - 2016-02-13 11:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2016-02-13 11:03 - 2016-02-13 11:03 - 00000000 ____D C:\Program Files (x86)\Garmin
2016-02-13 11:02 - 2016-02-13 11:02 - 104822528 _____ C:\Users\German\Downloads\BaseCamp_462.exe
2016-02-13 10:03 - 2016-02-13 10:03 - 01615659 _____ C:\Users\Papa\Downloads\Expert_UV_40B.pdf
2016-02-12 01:01 - 2016-02-12 01:01 - 00963009 _____ C:\Users\German\Documents\Präsentation 3 (2).pptx
2016-02-11 10:35 - 2016-02-06 11:48 - 25839104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-11 10:35 - 2016-02-06 11:24 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-11 10:35 - 2016-02-06 11:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-02-11 10:35 - 2016-02-06 10:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-02-11 10:35 - 2016-02-06 10:32 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-11 10:35 - 2016-02-06 10:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-02-11 10:35 - 2016-02-06 10:09 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-11 10:35 - 2016-02-06 09:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-02-11 10:01 - 2016-01-22 09:01 - 22365992 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-02-11 10:01 - 2016-01-22 08:11 - 19794896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-02-11 10:01 - 2016-01-22 07:40 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-11 10:01 - 2016-01-22 07:29 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-11 10:01 - 2016-01-22 07:28 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-02-11 10:01 - 2016-01-22 07:27 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-11 10:01 - 2016-01-22 07:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-02-11 10:01 - 2016-01-22 06:55 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-02-11 10:01 - 2016-01-22 06:52 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-02-11 10:01 - 2016-01-22 06:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-02-11 10:01 - 2016-01-22 06:50 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-02-11 10:01 - 2016-01-22 06:48 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-02-11 10:01 - 2016-01-22 06:48 - 00372224 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-02-11 10:01 - 2016-01-22 06:47 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-11 10:01 - 2016-01-22 06:46 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-11 10:01 - 2016-01-22 06:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-02-11 10:01 - 2016-01-22 06:31 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-11 10:01 - 2016-01-22 06:31 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-02-11 10:01 - 2016-01-22 06:28 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-02-11 10:01 - 2016-01-22 06:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-02-11 10:01 - 2016-01-22 06:25 - 14467072 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-02-11 10:01 - 2016-01-22 06:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-02-11 10:01 - 2016-01-22 06:25 - 00325632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-02-11 10:01 - 2016-01-22 06:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-02-11 10:01 - 2016-01-22 06:14 - 12879360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-02-11 10:01 - 2016-01-22 06:08 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-02-11 10:01 - 2016-01-22 06:07 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-02-11 10:01 - 2016-01-22 06:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-02-11 10:01 - 2016-01-22 06:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-02-11 10:01 - 2016-01-22 05:58 - 02464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-02-11 10:01 - 2016-01-19 20:14 - 07453024 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-11 10:01 - 2016-01-19 20:13 - 02175008 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2016-02-11 10:01 - 2016-01-19 20:13 - 01063464 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2016-02-11 10:01 - 2016-01-19 20:12 - 01737088 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-11 10:01 - 2016-01-19 20:12 - 01133744 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-11 10:01 - 2016-01-19 19:23 - 01564496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2016-02-11 10:01 - 2016-01-19 19:23 - 01501496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-02-11 10:01 - 2016-01-19 19:23 - 00548024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2016-02-11 10:01 - 2016-01-19 19:15 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-02-11 10:01 - 2016-01-19 18:30 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-02-11 10:01 - 2016-01-19 17:37 - 00267776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2016-02-11 10:01 - 2016-01-15 02:42 - 00033472 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-02-11 10:01 - 2016-01-14 21:44 - 01362944 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-02-11 10:01 - 2016-01-14 21:44 - 01162240 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-02-11 10:01 - 2016-01-14 21:44 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-02-11 10:01 - 2016-01-14 21:44 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-02-11 10:01 - 2016-01-14 21:44 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-02-11 10:01 - 2016-01-14 21:44 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-02-11 10:01 - 2016-01-10 20:37 - 00442720 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-11 10:01 - 2016-01-10 20:37 - 00136912 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-02-11 10:01 - 2016-01-10 19:39 - 00332640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-02-11 10:01 - 2016-01-10 19:15 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-02-11 10:01 - 2016-01-10 19:15 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-02-11 10:01 - 2016-01-10 18:50 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\cfgbkend.dll
2016-02-11 10:01 - 2016-01-10 18:43 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-02-11 10:01 - 2016-01-10 18:31 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-02-11 10:01 - 2016-01-10 18:16 - 00898048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-02-11 10:01 - 2016-01-10 18:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgbkend.dll
2016-02-11 10:01 - 2016-01-10 18:12 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-11 10:01 - 2016-01-10 18:09 - 01442304 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-11 10:01 - 2016-01-10 18:09 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-02-11 10:01 - 2016-01-10 18:02 - 00987648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-11 10:01 - 2016-01-10 17:58 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-11 10:01 - 2016-01-10 17:56 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2016-02-11 10:01 - 2016-01-10 17:51 - 03707392 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-02-11 10:01 - 2016-01-10 17:51 - 00702976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-02-11 10:01 - 2016-01-10 17:49 - 00443392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-02-11 10:01 - 2016-01-10 17:43 - 00801792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-02-11 10:01 - 2016-01-10 17:40 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-02-11 10:01 - 2016-01-10 17:39 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-02-11 10:01 - 2016-01-10 17:38 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-02-11 10:01 - 2016-01-10 17:36 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2016-02-11 10:01 - 2016-01-10 17:36 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-02-11 10:01 - 2016-01-10 17:35 - 02243584 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-02-11 10:01 - 2016-01-10 17:35 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-02-11 10:01 - 2016-01-10 17:29 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-02-11 10:01 - 2016-01-10 17:29 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-02-11 10:01 - 2016-01-10 17:27 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-02-11 10:01 - 2016-01-10 17:26 - 00726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-02-11 10:01 - 2016-01-07 19:34 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-11 10:01 - 2016-01-06 19:25 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-11 10:01 - 2015-12-29 16:45 - 07783936 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-02-11 10:01 - 2015-12-29 16:45 - 07075328 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2016-02-11 10:01 - 2015-12-29 16:43 - 05267968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2016-02-11 10:01 - 2015-12-29 16:42 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-02-11 10:01 - 2015-12-28 22:42 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\WinSync.dll
2016-02-11 10:01 - 2015-12-28 21:31 - 00578048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSync.dll
2016-02-11 10:01 - 2015-12-17 19:29 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-02-11 10:01 - 2015-12-17 17:17 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-02-08 17:59 - 2016-02-08 17:59 - 00000000 ____D C:\Program Files\VB
2016-02-08 17:59 - 2013-07-11 07:57 - 00041192 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\vbaudio_cable64_win7.sys
2016-02-03 07:57 - 2016-02-03 07:57 - 00000000 ____D C:\Users\Papa\AppData\Roaming\OpenOffice
2016-02-02 12:00 - 2016-02-02 12:00 - 02945801 _____ C:\Users\Papa\Desktop\Star_C_Br2_Avant_C_Br3.pdf
2016-02-02 11:20 - 2016-02-02 11:20 - 00006144 ___SH C:\Users\Papa\Desktop\Thumbs.db
2016-02-02 10:54 - 2016-02-02 10:54 - 00741839 _____ C:\Users\Papa\Desktop\Scan.pdf
2016-02-02 00:09 - 2016-02-02 00:10 - 238347814 _____ C:\Users\German\Documents\Orca Kaput.MP4
2016-02-02 00:09 - 2016-02-02 00:09 - 00000580 _____ C:\Users\German\Documents\Orca KaputM01.xml
2016-02-01 19:25 - 2016-02-01 19:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-02-01 12:17 - 2016-02-02 10:53 - 00000000 ____D C:\Users\Papa\AppData\Local\HP
2016-01-31 20:40 - 2016-01-31 20:50 - 423791802 _____ C:\Users\German\Documents\YouTube-0964d7cfa0f7407cae02543a4af0ff93.mp4
2016-01-31 20:14 - 2016-01-31 20:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\H.264 Encoder
2016-01-31 20:14 - 2016-01-31 20:14 - 00000000 ____D C:\Program Files (x86)\H.264 Encoder
2016-01-31 20:09 - 2016-01-31 20:18 - 868391142 _____ C:\Users\German\Documents\DeutschFilmBP.MP4
2016-01-31 19:53 - 2016-01-31 20:02 - 982700592 _____ C:\Users\German\Documents\DeutschFilmBP.mxf
2016-01-31 19:52 - 2016-01-31 19:52 - 00107216 _____ C:\Users\German\Documents\DeutschFilmBP.veg
2016-01-31 18:23 - 2016-01-31 18:32 - 1212161960 _____ C:\Users\German\Documents\Deutsch Film.MP4
2016-01-31 17:54 - 2016-01-31 17:54 - 00130412 _____ C:\Users\German\Desktop\WhatsApp Web.html
2016-01-31 17:54 - 2016-01-31 17:54 - 00000000 ____D C:\Users\German\Desktop\WhatsApp Web_files
2016-01-31 16:54 - 2016-01-31 16:54 - 02839085 _____ C:\Users\German\Downloads\wasted template chroma keyer 2.mp4
2016-01-31 15:24 - 2016-01-31 15:24 - 00253996 _____ C:\Users\German\Downloads\Ding.wav
2016-01-31 11:51 - 2016-01-31 11:51 - 00003704 _____ C:\Windows\System32\Tasks\Java Update Scheduler
2016-01-31 11:51 - 2016-01-31 11:51 - 00003676 _____ C:\Windows\System32\Tasks\HP-Online-Aktualisierungsprogramm
2016-01-31 10:40 - 2016-01-31 10:40 - 00000000 ____D C:\Users\Papa\AppData\Roaming\TuneUp Software
2016-01-31 10:40 - 2016-01-31 10:40 - 00000000 ____D C:\Users\Papa\AppData\Local\TuneUp Software
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-03-01 14:41 - 2015-12-02 07:34 - 00000000 ____D C:\Users\German\AppData\Roaming\NetSpeedMonitor
2016-03-01 14:36 - 2015-10-15 14:57 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4250030646-1501493049-109087217-1002
2016-03-01 14:32 - 2015-10-16 23:40 - 00000000 ____D C:\Users\German\AppData\Local\Adobe
2016-03-01 14:32 - 2015-10-15 14:57 - 00003930 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{7B856562-478F-4AFD-8FA6-E60951A31F09}
2016-03-01 14:31 - 2016-01-30 10:20 - 00000000 ____D C:\Program Files (x86)\HP
2016-03-01 14:31 - 2014-11-21 04:35 - 01780340 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-01 14:31 - 2014-11-21 03:45 - 00765378 _____ C:\Windows\system32\perfh007.dat
2016-03-01 14:31 - 2014-11-21 03:45 - 00159696 _____ C:\Windows\system32\perfc007.dat
2016-03-01 14:31 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2016-03-01 14:26 - 2015-10-27 06:52 - 00000000 ____D C:\Users\German\AppData\Local\Purplizer
2016-03-01 14:25 - 2015-10-26 17:43 - 00000464 _____ C:\Windows\Tasks\Nero TuneItUp PRO (Tray).job
2016-03-01 14:25 - 2015-10-17 20:57 - 00000000 ____D C:\Users\German\AppData\Local\Overwolf
2016-03-01 14:25 - 2015-10-16 14:16 - 00000000 ___RD C:\Users\German\iCloudDrive
2016-03-01 14:25 - 2015-10-15 15:30 - 00001130 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-01 14:25 - 2015-10-15 14:54 - 00000000 ___RD C:\Users\German\OneDrive
2016-03-01 14:25 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-01 10:47 - 2015-10-26 13:10 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-01 10:45 - 2015-10-15 15:30 - 00001134 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-01 08:42 - 2015-10-30 10:55 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4250030646-1501493049-109087217-1005
2016-03-01 08:42 - 2015-10-30 10:51 - 00000000 ___RD C:\Users\Papa\OneDrive
2016-03-01 08:16 - 2015-12-09 14:54 - 00003922 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{9275927A-58A3-40C5-8624-534B2628CDF7}
2016-03-01 08:12 - 2015-10-30 10:51 - 00000000 ____D C:\Users\Papa\AppData\Local\NVIDIA Corporation
2016-02-29 20:02 - 2016-01-21 19:00 - 00001125 _____ C:\Users\German\Desktop\nativelog.txt
2016-02-29 19:54 - 2015-10-15 17:07 - 00000000 ____D C:\Users\German\AppData\Roaming\.minecraft
2016-02-29 19:41 - 2013-08-22 15:45 - 00000000 ____D C:\Windows\Setup
2016-02-29 19:40 - 2016-01-13 18:41 - 00000417 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dying Light.lnk
2016-02-29 19:40 - 2016-01-03 21:38 - 00003065 _____ C:\Users\German\Desktop\BrokenBot.lnk
2016-02-29 19:40 - 2015-12-12 13:57 - 00001391 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-02-29 19:40 - 2015-11-12 22:37 - 00001387 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-02-29 19:40 - 2015-10-26 08:04 - 00001759 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-02-29 19:40 - 2015-10-17 15:47 - 00000967 _____ C:\Users\Public\Desktop\Minecraft.lnk
2016-02-29 19:40 - 2015-10-16 23:53 - 00001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.lnk
2016-02-29 19:40 - 2015-10-16 23:43 - 00001229 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2016-02-29 19:40 - 2015-10-16 22:33 - 00001051 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-02-29 19:40 - 2015-10-16 21:37 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-02-29 19:40 - 2015-10-16 10:37 - 00001019 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2016-02-29 19:40 - 2015-10-15 16:13 - 00002523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-02-29 19:40 - 2015-10-15 15:30 - 00002212 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-29 19:40 - 2015-10-15 15:30 - 00002189 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-29 19:40 - 2015-10-15 14:52 - 00001450 _____ C:\Users\German\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-02-29 19:40 - 2015-10-15 14:51 - 00000469 _____ C:\Users\German\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2016-02-29 19:40 - 2015-10-15 14:51 - 00000467 _____ C:\Users\German\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2016-02-29 19:40 - 2013-08-22 14:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2016-02-29 19:33 - 2015-10-15 14:52 - 00000000 ____D C:\Users\German\AppData\Local\NVIDIA
2016-02-29 19:15 - 2015-10-14 09:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-02-29 19:15 - 2015-10-14 09:05 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-02-29 18:48 - 2013-08-22 14:25 - 00000194 _____ C:\Windows\win.ini
2016-02-29 18:43 - 2015-10-17 00:14 - 00000000 ____D C:\Users\German\AppData\Local\CrashDumps
2016-02-29 18:41 - 2015-10-13 18:07 - 00000000 ____D C:\Users\admin
2016-02-29 18:39 - 2016-01-30 23:08 - 00000000 ____D C:\Users\German\Desktop\BukkitPlugin
2016-02-29 15:18 - 2015-10-15 16:33 - 00000000 ____D C:\Users\German\AppData\Roaming\Skype
2016-02-29 15:17 - 2016-01-30 19:13 - 00000000 ____D C:\Users\German\AppData\Roaming\Dexpot
2016-02-29 15:16 - 2015-10-15 16:24 - 00000000 ____D C:\Program Files (x86)\Steam
2016-02-29 15:16 - 2015-10-15 16:06 - 00000000 ____D C:\ProgramData\Origin
2016-02-29 14:21 - 2015-10-30 10:48 - 00000000 ____D C:\Users\Papa
2016-02-28 10:35 - 2015-10-14 09:05 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-02-28 10:33 - 2015-10-14 09:05 - 00000000 ____D C:\ProgramData\NVIDIA
2016-02-27 22:09 - 2015-10-15 16:27 - 00000000 ____D C:\Users\German\AppData\Roaming\TS3Client
2016-02-27 20:48 - 2015-10-28 00:46 - 00000000 ____D C:\Users\German\AppData\Local\Arma 3
2016-02-27 20:12 - 2015-10-15 17:51 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2016-02-27 18:51 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2016-02-27 18:50 - 2015-10-15 14:51 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-02-27 18:50 - 2015-10-15 14:51 - 00000000 ___SD C:\Windows\system32\GWX
2016-02-27 15:46 - 2015-10-15 17:51 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2016-02-27 15:44 - 2015-10-16 12:57 - 01355264 ___SH C:\Users\German\Desktop\Thumbs.db
2016-02-26 22:25 - 2015-10-16 10:37 - 00000000 ____D C:\Users\German\AppData\Roaming\Audacity
2016-02-26 17:55 - 2015-10-17 15:47 - 00000000 ____D C:\Program Files (x86)\Minecraft
2016-02-25 20:10 - 2015-10-26 08:22 - 00000080 _____ C:\Users\German\AppData\Local剜捯獫慴慇敭屳呇⁁屖湥楴汴浥湥湩潦
2016-02-25 19:35 - 2015-10-16 22:33 - 00003866 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1445031224
2016-02-25 19:35 - 2015-10-16 22:33 - 00000000 ____D C:\Program Files (x86)\Opera
2016-02-24 18:06 - 2015-10-30 16:47 - 00523776 ___SH C:\Users\German\Downloads\Thumbs.db
2016-02-22 13:43 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2016-02-19 22:04 - 2015-10-16 23:42 - 00000000 ____D C:\ProgramData\Adobe
2016-02-19 22:04 - 2015-10-16 23:42 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-02-19 22:03 - 2015-10-15 14:52 - 00000000 ____D C:\Users\German\AppData\Roaming\Adobe
2016-02-19 21:59 - 2015-11-19 16:21 - 00000000 ____D C:\Users\German\AppData\Roaming\vlc
2016-02-19 15:08 - 2016-01-19 15:17 - 00000000 ____D C:\Users\German\Downloads\[www.OldSchoolHack.me]_FORAPT2.0_packed
2016-02-19 10:39 - 2015-10-14 09:05 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-02-18 20:01 - 2015-10-16 21:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-18 15:32 - 2015-11-09 21:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-18 13:27 - 2015-10-26 19:48 - 00000000 ____D C:\Users\German\.ssh
2016-02-18 12:00 - 2015-10-28 00:45 - 00000000 ____D C:\Users\German\AppData\Local\Arma 3 Launcher
2016-02-18 11:51 - 2015-10-28 00:46 - 00000000 ____D C:\Users\German\Documents\Arma 3
2016-02-18 11:35 - 2015-12-14 21:10 - 00000000 ____D C:\Users\German\AppData\Local\fabi.me
2016-02-18 11:32 - 2015-10-17 20:57 - 00000000 ____D C:\Program Files (x86)\Overwolf
2016-02-18 10:36 - 2015-10-15 15:43 - 00146704 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2016-02-17 07:40 - 2015-11-19 20:39 - 00112216 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-02-17 07:40 - 2015-10-14 09:06 - 01903344 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-02-17 07:40 - 2015-10-14 09:06 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-02-17 07:40 - 2015-10-14 09:06 - 01571624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-02-17 07:40 - 2015-10-14 09:06 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-02-15 10:24 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2016-02-13 16:02 - 2015-10-14 09:04 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-02-13 09:17 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2016-02-11 11:43 - 2013-08-22 15:44 - 00368832 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-11 11:09 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ToastData
2016-02-11 10:39 - 2015-10-17 01:41 - 00000000 ____D C:\Windows\system32\appraiser
2016-02-11 10:39 - 2015-10-17 01:39 - 00000000 ____D C:\Windows\system32\MRT
2016-02-11 10:39 - 2014-11-21 04:13 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-11 10:36 - 2015-10-17 01:39 - 146614896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-11 10:01 - 2015-11-11 15:22 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-02-11 10:01 - 2015-11-11 15:22 - 00177496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-02-11 10:00 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-10 19:38 - 2016-01-30 23:10 - 00000000 ____D C:\Users\German\.eclipse
2016-02-10 19:18 - 2016-01-30 23:13 - 00000000 ____D C:\Users\German\AppData\Local\Eclipse
2016-02-10 19:18 - 2016-01-30 23:10 - 00000000 ____D C:\Users\German\.p2
2016-02-10 14:47 - 2015-10-26 13:10 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-02-09 09:39 - 2015-11-12 22:43 - 16995576 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-02-09 09:39 - 2015-11-12 22:43 - 00950328 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-02-09 09:39 - 2015-11-12 22:43 - 00502080 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-02-09 09:39 - 2015-10-15 15:34 - 14016576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-02-09 09:39 - 2015-10-15 15:34 - 03259688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-02-09 09:39 - 2015-10-14 09:05 - 18758400 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-02-09 09:39 - 2015-10-14 09:05 - 16327896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-02-09 09:39 - 2015-10-14 09:05 - 03684072 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-02-09 09:39 - 2015-10-14 09:05 - 01571776 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcvadgenco64.dll
2016-02-09 09:39 - 2015-10-14 09:05 - 00034905 _____ C:\Windows\system32\nvinfo.pb
2016-02-09 06:41 - 2015-10-14 09:05 - 06368824 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-02-09 06:41 - 2015-10-14 09:05 - 02993720 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-02-09 06:41 - 2015-10-14 09:05 - 02563128 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-02-09 06:41 - 2015-10-14 09:05 - 01264696 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-02-09 06:41 - 2015-10-14 09:05 - 00392128 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-02-09 06:41 - 2015-10-14 09:05 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-02-08 11:29 - 2016-01-30 10:23 - 00000000 ____D C:\Users\German\AppData\Roaming\HpUpdate
2016-02-06 02:49 - 2015-10-14 09:05 - 06154909 _____ C:\Windows\system32\nvcoproc.bin
2016-02-05 20:57 - 2015-10-26 07:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
2016-02-05 20:57 - 2015-10-26 07:55 - 00000000 ____D C:\Program Files (x86)\TP-LINK
2016-02-05 20:57 - 2015-10-14 07:56 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-02-05 14:09 - 2016-01-06 17:03 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2016-02-04 17:48 - 2015-12-01 21:33 - 00000000 ____D C:\Users\German\AppData\Roaming\Bitcoin
2016-02-02 15:40 - 2015-10-15 15:30 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-02 15:40 - 2015-10-15 15:30 - 00003870 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-02 14:40 - 2015-10-15 16:06 - 00000000 ____D C:\Program Files (x86)\Origin
2016-02-02 03:37 - 2014-11-21 12:01 - 00828920 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-02 03:37 - 2014-11-21 12:01 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-02 00:10 - 2015-12-03 18:01 - 00100352 ___SH C:\Users\German\Documents\Thumbs.db
2016-02-01 19:25 - 2015-10-15 16:33 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-02-01 19:25 - 2015-10-15 16:33 - 00000000 ____D C:\Users\German\AppData\Local\Skype
2016-02-01 19:25 - 2015-10-15 16:33 - 00000000 ____D C:\ProgramData\Skype
2016-01-31 20:30 - 2015-10-15 16:15 - 00000000 ____D C:\Users\German\AppData\Local\Apple Computer
2016-01-31 19:52 - 2016-01-30 23:04 - 00107216 _____ C:\Users\German\Documents\Deutsch Film.veg
2016-01-31 19:00 - 2015-10-16 23:36 - 00000000 ____D C:\Users\German\AppData\Roaming\Publish Providers
2016-01-31 18:42 - 2016-01-30 23:04 - 00107312 _____ C:\Users\German\Documents\Deutsch Film.veg.bak
2016-01-31 17:44 - 2016-01-30 17:34 - 00000000 ____D C:\Users\German\Desktop\Deutsch
2016-01-31 10:40 - 2015-10-30 10:56 - 00000000 ____D C:\Users\Papa\.oracle_jre_usage
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-01-16 18:08 - 2016-01-16 18:08 - 0001655 _____ () C:\Users\German\AppData\Roaming\SvcTraceViewer.exe.settings
2015-10-17 07:16 - 2015-10-17 23:09 - 0000087 _____ () C:\Users\German\AppData\Local\BrokenBot.org.ini
2015-10-17 17:42 - 2015-12-14 18:11 - 0000600 _____ () C:\Users\German\AppData\Local\PUTTY.RND
2015-10-14 07:57 - 2015-10-14 07:57 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-11-29 16:42 - 2015-11-29 16:42 - 0010255 _____ () C:\ProgramData\regid.2011-06.com.youtubebyclick_3C521B99-9ACE-47EA-AC9F-26075467D03B.swidtag
Einige Dateien in TEMP:
====================
C:\Users\admin\AppData\Local\Temp\avgnt.exe
C:\Users\German\AppData\Local\Temp\185ff11bc1bc45f0b3adf866101289c6.exe
C:\Users\German\AppData\Local\Temp\43a5ef3.exe
C:\Users\German\AppData\Local\Temp\4a6c27b8c86440dfb3a4450952eb6209.exe
C:\Users\German\AppData\Local\Temp\avgnt.exe
C:\Users\German\AppData\Local\Temp\Bass.dll
C:\Users\German\AppData\Local\Temp\Bass.Net.dll
C:\Users\German\AppData\Local\Temp\c2768aa736f041e9a3d374d9ea0efa74.exe
C:\Users\German\AppData\Local\Temp\cpuz165.exe
C:\Users\German\AppData\Local\Temp\d9f94363b99741998ca3f265740fe17f.exe
C:\Users\German\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\German\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\German\AppData\Local\Temp\jansi-64-2477795994535661137.dll
C:\Users\German\AppData\Local\Temp\jansi-64-5142327881927093400.dll
C:\Users\German\AppData\Local\Temp\jansi-64-git-Bukkit-930a59c-1816995455672836149.dll
C:\Users\German\AppData\Local\Temp\jansi-64-git-Bukkit-930a59c-877272298836347272.dll
C:\Users\German\AppData\Local\Temp\NetBalancerSetup.exe
C:\Users\German\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\German\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\German\AppData\Local\Temp\nvStInst.exe
C:\Users\German\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\German\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\German\AppData\Local\Temp\sonarinst.exe
C:\Users\German\AppData\Local\Temp\sqlite3.dll
C:\Users\German\AppData\Local\Temp\Updater.exe
C:\Users\German\AppData\Local\Temp\WDFx7DdLYY.exe
C:\Users\Papa\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-02-20 15:15
==================== Ende von FRST.txt ============================
ADDITION.txt (Angehängt da zu lang) Ich wäre suuper dankbar wenn mir jemand helfen kann   |
| Themen zu AdWare installiert sich immer wieder selber (Win8.1) |
| antivirus, avira, bluestacks, bonjour, browser, desktop, dnsapi.dll, firefox, flash player, google, homepage, hotspot, installation, internet, internet explorer, launch, mozilla, object, problem, realtek, rundll, scan, software, svchost.exe, system, viren, virus, werbung, whatsapp, windows, windowsapps |
Baum-Darstellung