| |
| |||||||
Log-Analyse und Auswertung: Windows 7 - Befall mit Trojaner.Agent - Problem MalwarebytesWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
| |
14.04.2016, 20:19
| #1 |
 |  Windows 7 - Befall mit Trojaner.Agent - Problem Malwarebytes Hallo Zusammen, hat mir heute mehrere Dateien angezeigt mit einem Trojaner.Agent Befall. Ich habe die Dateien über Malwarebytes gelöscht aber der PC ist auffällig langsam und bei Malwarebytes fällt mir auf das sich der Schutz vor bösartigen Webseiten nicht mehr aktivieren lässt. Ich fürchte auch mein Malwarebytes ist befallen. Ich habe anschließend den PC im abgesicherten Modus neu gestartet und Malwarebytes noch einmal laufen lassen ohne Funde. Auch einer anschließender normaler Neustart und Scan blieb ohne Funde. Ein weiterer merkwürdiger Punkt ist das es in Malwarebyte Logfiles der letzten Tage und von heute Abend gibt aber ein Logfile mit den Funden gibt es nicht. Ich befürchte das ich (oder meine Freundin - benutzt den PC mit) mir (uns) da etwas eingefangen haben. Ich hoffe Ihr könnt helfen. FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:13-04-2016 durchgeführt von Miika (Administrator) auf PREDATOR (14-04-2016 20:42:11) Gestartet von C:\Users\Miika\Desktop Geladene Profile: Miika & (Verfügbare Profile: Miika) Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe () C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe (Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Arainia Solutions) C:\Program Files (x86)\Gizmo\gservice.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe () C:\Windows\SysWOW64\XSrvSetup.exe (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe () C:\Windows\SysWOW64\PnkBstrA.exe () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\AlarmClock.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\SmarThru Office\BackUpSvr.exe () C:\Program Files (x86)\Skiller Pro\Monitor.EXE (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe () C:\Program Files (x86)\SPEEDLINK\DECUS Gaming Mouse\Monitor.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (BitLeader) C:\Program Files (x86)\lg_fwupdate\fwupdate.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_21_0_0_213_ActiveX.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10135584 2010-03-26] (Realtek Semiconductor) HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [438784 2010-12-17] () HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2396096 2016-03-30] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.) HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-11-20] (NEC Electronics Corporation) HKLM-x32\...\Run: [EasyTuneVI] => C:\Program Files (x86)\GIGABYTE\ET6\ETcall.exe [20480 2007-07-26] () HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-17] (InstallShield Software Corporation) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-03-18] (Apple Inc.) HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.) HKLM-x32\...\Run: [MDS_Menu] => C:\Program Files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.) HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-12-15] (CyberLink) HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.) HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.) HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2010-05-14] (cyberlink) HKLM-x32\...\Run: [UpdatePPShortCut] => C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.) HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2009-02-17] (CyberLink Corp.) HKLM-x32\...\Run: [LGODDFU] => C:\Program Files (x86)\lg_fwupdate\lgfw.exe [27760 2013-01-19] (Bitleader) HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [222504 2010-06-02] (CyberLink Corp.) HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD) HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.) HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) HKLM-x32\...\Run: [Communicator] => C:\Program Files (x86)\Microsoft Lync\communicator.exe [12119872 2015-11-12] (Microsoft Corporation) HKLM-x32\...\Run: [STO Backup Service] => C:\Program Files (x86)\SmarThru Office\BackUpSvr.exe [199760 2012-01-13] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [STO Launcher Service] => C:\Program Files (x86)\SmarThru Office\x64\LegacyLauncher.exe [405584 2012-01-13] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [Skiller Pro] => C:\Program Files (x86)\Skiller Pro\Monitor.exe [475136 2014-02-26] () HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [220704 2015-09-14] (Geek Software GmbH) HKLM-x32\...\Run: [SL-6397 Gaming Mouse] => C:\Program Files (x86)\SPEEDLINK\DECUS Gaming Mouse\Monitor.exe [3587584 2014-07-17] () HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [807392 2016-03-11] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation) HKU\S-1-5-21-3481390821-1322619270-1783807865-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation) HKU\S-1-5-21-3481390821-1322619270-1783807865-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2010-04-22] (Hewlett-Packard Company) HKU\S-1-5-21-3481390821-1322619270-1783807865-1000\...\Run: [Dropbox Update] => "C:\Users\Miika\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c HKU\S-1-5-21-3481390821-1322619270-1783807865-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation) HKU\S-1-5-21-3481390821-1322619270-1783807865-1000\...\Run: [GizmoDriveDelegate] => C:\Program Files (x86)\Gizmo\gizmo.exe [223640 2012-02-08] (Arainia Solutions) HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation) HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2010-04-22] (Hewlett-Packard Company) HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Dropbox Update] => "C:\Users\Miika\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation) HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GizmoDriveDelegate] => C:\Program Files (x86)\Gizmo\gizmo.exe [223640 2012-02-08] (Arainia Solutions) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Miika\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Miika\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Miika\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Miika\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Miika\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll Keine Datei ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Miika\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll Keine Datei ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Miika\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll Keine Datei ShellIconOverlayIdentifiers-x32: [MemopalBackedUp] -> {8ED3CC2D-6BC2-43AD-8C43-F51FBB413AE6} => Keine Datei ShellIconOverlayIdentifiers-x32: [MemopalError] -> {B9CA6E12-7975-4997-B5BD-CA12ECE0FEAD} => Keine Datei ShellIconOverlayIdentifiers-x32: [MemopalPartiallyBackedUp] -> {95DDC869-FC98-4D47-BD34-2EDC9AA09C01} => Keine Datei ShellIconOverlayIdentifiers-x32: [MemopalToBackup] -> {2CDD871E-60EB-40BD-9721-A1CB57042F75} => Keine Datei ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{9CCF975E-079C-4D5B-BAED-1ADB534940E3}: [DhcpNameServer] 192.168.2.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {3459E061-1FA6-45C3-A325-9366D78F0DF2} URL = SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000 -> {3459E061-1FA6-45C3-A325-9366D78F0DF2} URL = SearchScopes: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = SearchScopes: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {3459E061-1FA6-45C3-A325-9366D78F0DF2} URL = SearchScopes: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_77\bin\ssv.dll [2016-04-12] (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-12] (Oracle Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Lync\OCHelper.dll [2010-11-03] (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-04-12] (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-12] (Oracle Corporation) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab FireFox: ======== FF ProfilePath: C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-07] () FF Plugin: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-12] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-12] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-07] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] () FF Plugin-x32: @canon.com/CCBPL -> C:\Program Files (x86)\Canon\APU\npCCBPLFirefox.dll [2010-08-20] (Canon Inc.) FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB) FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [2013-11-21] (EA Digital Illusions CE AB) FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-12] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-12] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [Keine Datei] FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-03-22] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-03-22] (NVIDIA Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-02-26] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3481390821-1322619270-1783807865-1000: @hola.org/vlc,version=1.8.649 -> C:\Users\Miika\AppData\Local\Hola\firefox\app\vlc [2015-07-19] () FF Plugin HKU\S-1-5-21-3481390821-1322619270-1783807865-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Miika\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-11-15] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-3481390821-1322619270-1783807865-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll [2012-10-30] (Amazon.com, Inc.) FF Plugin HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @hola.org/vlc,version=1.8.649 -> C:\Users\Miika\AppData\Local\Hola\firefox\app\vlc [2015-07-19] () FF Plugin HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Miika\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-11-15] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll [2012-10-30] (Amazon.com, Inc.) FF user.js: detected! => C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\user.js [2013-12-07] FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-12] () FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-02-26] (Adobe Systems Inc.) FF Extension: Web Developer - C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2015-05-29] FF Extension: Print Edit - C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\extensions\printedit@DW-dev.xpi [2016-03-14] FF Extension: Avira Browser Safety - C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\Extensions\abs@avira.com [2016-04-12] FF Extension: Firebug - C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\Extensions\firebug@software.joehewitt.com.xpi [2016-03-30] FF Extension: ProxTube - Unblock YouTube - C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\Extensions\ich@maltegoetz.de.xpi [2015-07-27] FF Extension: Youtube and more - Easy Video Downloader - C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\Extensions\vdpure@link64.xpi [2016-01-22] FF Extension: eBay for Firefox - C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\Extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}.xpi [2016-03-11] FF Extension: Adblock Plus - C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-23] FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff => nicht gefunden Chrome: ======= CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [955736 2016-03-11] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466504 2016-03-11] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466504 2016-03-11] (Avira Operations GmbH & Co. KG) R2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1424880 2016-03-11] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.) S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] () S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [246256 2010-05-14] (CyberLink) R2 DES2 Service; C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [68136 2009-06-17] () R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-24] (Digital Wave Ltd.) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-03-30] (NVIDIA Corporation) R2 Gizmo Central; C:\Program Files (x86)\Gizmo\gservice.exe [34728 2012-02-08] (Arainia Solutions) S2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2012-12-04] (Hi-Rez Studios) [Datei ist nicht signiert] S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert] R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72304 2010-01-19] () R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-04-22] (Hewlett-Packard Company) [Datei ist nicht signiert] R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation) S3 MSSQL$MSSMLBIZ; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [43044512 2015-04-03] (Microsoft Corporation) R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-03-30] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-03-30] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-03-30] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2016-04-02] (Electronic Arts) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-08-20] () R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-07-02] () [Datei ist nicht signiert] R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.) [Datei ist nicht signiert] S4 SQLAgent$MSSMLBIZ; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE [380064 2015-04-03] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [X] ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31968 2012-10-08] (Wondershare) R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21544 2010-04-22] () R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [154816 2016-03-11] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [133168 2016-03-11] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-12-03] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [69888 2016-03-11] (Avira Operations GmbH & Co. KG) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R1 GizmoDrv; C:\Windows\System32\Drivers\GizmoDrv.sys [34704 2012-02-08] (Arainia Solutions LLC) S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2016-04-14] () R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [140672 2016-03-10] (Malwarebytes) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-04-14] (Malwarebytes) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-03-30] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-03-21] (NVIDIA Corporation) S3 MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-04-14 20:42 - 2016-04-14 20:42 - 00029919 _____ C:\Users\Miika\Desktop\FRST.txt 2016-04-14 20:42 - 2016-04-14 20:42 - 00000000 ____D C:\FRST 2016-04-14 20:41 - 2016-04-14 20:41 - 02375168 _____ (Farbar) C:\Users\Miika\Desktop\FRST64.exe 2016-04-14 19:49 - 2016-04-14 19:50 - 00095038 _____ C:\Windows\ntbtlog.txt 2016-04-14 19:19 - 2016-03-30 03:06 - 01373680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2016-04-14 19:19 - 2016-03-30 03:05 - 01767248 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2016-04-14 19:18 - 2016-04-14 19:19 - 01380712 _____ C:\Users\Miika\Downloads\SteamSetup.exe 2016-04-14 19:18 - 2016-04-14 19:18 - 00001201 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk 2016-04-14 19:16 - 2016-04-14 19:16 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2016-04-14 19:15 - 2016-04-14 19:17 - 34809392 _____ (Mozilla) C:\Users\Miika\Downloads\Thunderbird Setup 45.0.exe 2016-04-14 19:14 - 2016-04-14 19:14 - 00242344 _____ C:\Users\Miika\Downloads\Firefox Setup Stub 45.0.2.exe 2016-04-14 18:58 - 2016-04-14 20:32 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-04-12 20:42 - 2016-04-14 19:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-04-12 18:47 - 2016-04-12 18:46 - 00110144 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-64.dll 2016-04-12 18:47 - 2016-04-12 18:46 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2016-04-09 15:50 - 2016-04-09 15:50 - 00000000 ____D C:\Users\Miika\AppData\Local\Focus Home Interactive 2016-04-08 21:34 - 2016-04-14 19:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2016-04-08 19:44 - 2016-04-08 19:44 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-04-08 19:41 - 2016-04-08 19:41 - 00000000 ____D C:\Windows\SysWOW64\Adobe 2016-03-29 21:23 - 2016-03-29 21:23 - 00060428 _____ C:\Users\Miika\Downloads\Perfekte-Kuechenausruestung.pdf 2016-03-29 19:05 - 2016-03-29 19:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 2016-03-29 19:05 - 2016-03-22 04:10 - 00112184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2016-03-29 19:01 - 2016-03-22 06:12 - 42923576 _____ C:\Windows\system32\nvcompiler.dll 2016-03-29 19:01 - 2016-03-22 06:12 - 37567424 _____ C:\Windows\SysWOW64\nvcompiler.dll 2016-03-29 19:01 - 2016-03-22 06:12 - 31555008 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2016-03-29 19:01 - 2016-03-22 06:12 - 25321408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2016-03-29 19:01 - 2016-03-22 06:12 - 21355248 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2016-03-29 19:01 - 2016-03-22 06:12 - 20897416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2016-03-29 19:01 - 2016-03-22 06:12 - 17748712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2016-03-29 19:01 - 2016-03-22 06:12 - 17342392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2016-03-29 19:01 - 2016-03-22 06:12 - 17248408 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2016-03-29 19:01 - 2016-03-22 06:12 - 12567608 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2016-03-29 19:01 - 2016-03-22 06:12 - 10550736 _____ C:\Windows\system32\nvptxJitCompiler.dll 2016-03-29 19:01 - 2016-03-22 06:12 - 08659472 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll 2016-03-29 19:01 - 2016-03-22 06:12 - 03235896 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2016-03-29 19:01 - 2016-03-22 06:12 - 02809280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2016-03-29 19:01 - 2016-03-22 06:12 - 01924152 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436472.dll 2016-03-29 19:01 - 2016-03-22 06:12 - 01573432 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436472.dll 2016-03-29 19:01 - 2016-03-22 06:12 - 00959544 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2016-03-29 19:01 - 2016-03-22 06:12 - 00889400 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2016-03-29 19:01 - 2016-03-22 06:12 - 00753208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2016-03-29 19:01 - 2016-03-22 06:12 - 00695864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2016-03-29 19:01 - 2016-03-22 06:12 - 00678520 _____ C:\Windows\system32\nvfatbinaryLoader.dll 2016-03-29 19:01 - 2016-03-22 06:12 - 00571912 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll 2016-03-29 19:01 - 2016-03-22 06:12 - 00501896 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2016-03-29 19:01 - 2016-03-22 06:12 - 00473592 ____N (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2016-03-29 19:01 - 2016-03-22 06:12 - 00425016 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2016-03-29 19:01 - 2016-03-22 06:12 - 00423080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2016-03-29 19:01 - 2016-03-22 06:12 - 00391632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2016-03-29 19:01 - 2016-03-22 06:12 - 00377792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2016-03-29 19:01 - 2016-03-22 06:12 - 00175368 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2016-03-29 19:01 - 2016-03-22 06:12 - 00153392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2016-03-29 19:01 - 2016-03-22 06:12 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2016-03-29 19:01 - 2016-03-22 06:12 - 00129208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2016-03-29 19:01 - 2016-03-22 06:12 - 00037091 _____ C:\Windows\system32\nvinfo.pb 2016-03-29 19:01 - 2016-03-22 06:12 - 00000139 _____ C:\Windows\SysWOW64\nv-vk32.json 2016-03-29 19:01 - 2016-03-22 06:12 - 00000139 _____ C:\Windows\system32\nv-vk64.json 2016-03-29 18:52 - 2016-03-29 18:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2016-03-29 18:50 - 2016-03-29 18:52 - 00000000 ____D C:\Program Files\iTunes 2016-03-29 18:50 - 2016-03-29 18:50 - 00000000 ____D C:\Program Files\iPod 2016-03-29 18:50 - 2016-03-29 18:50 - 00000000 ____D C:\Program Files (x86)\iTunes 2016-03-29 18:49 - 2016-03-21 22:01 - 00109632 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2016-03-29 18:49 - 2016-03-21 22:01 - 00100416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2016-03-29 18:49 - 2016-03-21 22:01 - 00056384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2016-03-28 14:47 - 2016-03-28 14:47 - 00000080 _____ C:\Users\Miika\AppData\Local剜捯獫慴慇敭屳呇⁁屖湥楴汴浥湥湩潦 2016-03-26 22:31 - 2016-03-26 22:33 - 135010334 _____ C:\Users\Miika\Downloads\117DerFinstereRivale.zip 2016-03-24 22:00 - 2016-03-24 22:00 - 00061901 _____ C:\Users\Miika\Downloads\Saisonkalender-Gemuese.pdf 2016-03-24 22:00 - 2016-03-24 22:00 - 00056316 _____ C:\Users\Miika\Downloads\Saisonkalender-Obst.pdf 2016-03-24 00:43 - 2016-03-24 00:43 - 00002790 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2016-03-24 00:43 - 2016-03-24 00:43 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk 2016-03-24 00:43 - 2016-03-24 00:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2016-03-24 00:42 - 2016-03-24 00:43 - 00000000 ____D C:\Program Files\CCleaner 2016-03-22 19:26 - 2016-03-22 19:26 - 00000000 ____D C:\Users\Miika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-03-22 12:20 - 2016-03-22 12:20 - 01963955 _____ C:\Users\Miika\Downloads\22bZhqg6.pdf 2016-03-19 22:31 - 2016-04-12 23:12 - 00000000 ____D C:\Users\Miika\Desktop\eBay 2016-03-18 21:28 - 2016-03-18 21:28 - 00000000 ____D C:\Users\Miika\Documents\DepthHunterDeepDive 2016-03-17 22:02 - 2016-03-17 22:02 - 00037417 _____ C:\Users\Miika\Downloads\Paleo-Lebensmittelliste.pdf 2016-03-17 22:01 - 2016-03-17 22:01 - 02257648 _____ C:\Users\Miika\Downloads\Paleo-Quick-Start-Guide-2.pdf 2016-03-17 22:01 - 2016-03-17 22:01 - 00728466 _____ C:\Users\Miika\Downloads\5-beliebte-Kochbuchrezepte.pdf 2016-03-17 22:01 - 2016-03-17 22:01 - 00433682 _____ C:\Users\Miika\Downloads\10-Gratis-Rezepte.pdf 2016-03-16 23:30 - 2016-03-16 23:30 - 00128792 _____ C:\Windows\SysWOW64\vulkan-1-1-0-5-1.dll 2016-03-16 23:29 - 2016-03-16 23:29 - 00127768 _____ C:\Windows\system32\vulkan-1-1-0-5-1.dll 2016-03-16 23:29 - 2016-03-16 23:29 - 00041752 _____ C:\Windows\SysWOW64\vulkaninfo-1-1-0-5-1.exe 2016-03-16 23:28 - 2016-03-16 23:28 - 00045848 _____ C:\Windows\system32\vulkaninfo-1-1-0-5-1.exe 2016-03-16 20:16 - 2016-03-16 20:16 - 00000000 ____D C:\Windows\System32\Tasks\Apple 2016-03-16 20:16 - 2016-03-16 20:16 - 00000000 ____D C:\Program Files (x86)\Apple Software Update ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-04-14 20:40 - 2009-07-14 06:45 - 00028912 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-04-14 20:40 - 2009-07-14 06:45 - 00028912 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-04-14 20:36 - 2011-12-20 00:56 - 00000000 ____D C:\Program Files (x86)\Steam 2016-04-14 20:32 - 2011-12-20 01:04 - 00030528 _____ C:\Windows\GVTDrv64.sys 2016-04-14 20:31 - 2011-12-20 01:03 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys 2016-04-14 20:31 - 2011-12-20 00:13 - 00000272 _____ C:\Windows\lgfwup.ini 2016-04-14 20:31 - 2011-12-20 00:13 - 00000000 ____D C:\Program Files (x86)\lg_fwupdate 2016-04-14 20:29 - 2011-12-20 00:47 - 00000000 ____D C:\ProgramData\NVIDIA 2016-04-14 20:29 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-04-14 19:49 - 2012-04-26 18:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-04-14 19:31 - 2011-12-20 00:56 - 00000967 _____ C:\Users\Public\Desktop\Steam.lnk 2016-04-14 19:24 - 2011-12-20 00:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2016-04-14 19:20 - 2015-06-21 14:05 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3481390821-1322619270-1783807865-1000UA.job 2016-04-14 19:20 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf 2016-04-14 19:18 - 2011-12-19 23:38 - 00001213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2016-04-14 19:18 - 2011-12-19 23:38 - 00000000 ____D C:\Users\Miika\AppData\Local\Thunderbird 2016-04-14 19:16 - 2011-12-19 23:35 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-04-14 19:09 - 2016-01-19 22:26 - 00000000 ____D C:\Users\Miika\AppData\Local\CrashDumps 2016-04-14 18:58 - 2012-03-31 18:57 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-04-14 18:10 - 2011-12-19 23:43 - 00000000 ____D C:\Program Files (x86)\Origin 2016-04-14 17:36 - 2013-12-07 15:22 - 00004208 _____ C:\Windows\System32\Tasks\Software Updater 2016-04-14 01:45 - 2010-11-21 05:27 - 00453280 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2016-04-13 21:43 - 2014-08-24 18:39 - 00000000 ____D C:\Users\Miika\AppData\Local\Deployment 2016-04-13 21:19 - 2012-01-11 21:07 - 00003930 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{3191028B-CEC3-47B8-868D-AD0B3B99EE93} 2016-04-13 20:20 - 2015-06-21 14:05 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3481390821-1322619270-1783807865-1000Core.job 2016-04-13 17:56 - 2013-02-17 17:33 - 00001036 _____ C:\Users\Miika\Desktop\Amazon WANTED.txt 2016-04-12 18:48 - 2014-10-18 08:50 - 00000000 ____D C:\Program Files (x86)\Java 2016-04-12 18:48 - 2013-09-17 21:45 - 00000000 ____D C:\ProgramData\Oracle 2016-04-12 18:47 - 2014-10-18 08:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-04-12 18:46 - 2015-08-29 08:57 - 00000000 ____D C:\Users\Miika\.oracle_jre_usage 2016-04-12 18:45 - 2014-10-18 08:50 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2016-04-11 23:23 - 2011-12-19 23:43 - 00000000 ____D C:\ProgramData\Origin 2016-04-11 20:30 - 2012-09-02 19:20 - 00024293 _____ C:\Users\Miika\Desktop\Kosten.txt 2016-04-09 16:41 - 2012-07-17 21:33 - 00000000 ____D C:\Program Files (x86)\Google 2016-04-09 16:16 - 2011-12-31 22:27 - 00000000 ___RD C:\Users\Miika\Desktop\Musik 2016-04-08 19:45 - 2015-04-16 16:59 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2016-04-08 19:45 - 2014-07-09 21:37 - 00000000 ____D C:\Users\Miika\AppData\Local\Adobe 2016-04-08 19:44 - 2015-04-16 16:58 - 00000000 ____D C:\Program Files (x86)\Adobe 2016-04-08 19:40 - 2011-12-19 23:42 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2016-04-08 19:37 - 2013-11-20 00:00 - 00000000 ____D C:\Program Files\Java 2016-04-07 21:58 - 2012-03-31 18:57 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-04-07 21:58 - 2012-03-31 18:57 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2016-04-07 21:58 - 2011-12-19 23:42 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-04-02 21:57 - 2011-12-31 22:30 - 00000000 ____D C:\Users\Miika\Documents\WB Games 2016-04-02 15:52 - 2011-12-20 00:47 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2016-03-30 03:06 - 2015-02-10 20:27 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2016-03-30 03:05 - 2015-11-21 20:56 - 00112216 _____ C:\Windows\system32\NvRtmpStreamer64.dll 2016-03-30 03:05 - 2015-02-10 20:27 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2016-03-29 22:37 - 2016-02-14 18:47 - 00000000 ____D C:\Users\Miika\Desktop\MRT - Befunde & CD 2016-03-29 20:36 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF 2016-03-29 19:24 - 2011-04-12 09:43 - 00775748 _____ C:\Windows\system32\perfh007.dat 2016-03-29 19:24 - 2011-04-12 09:43 - 00179114 _____ C:\Windows\system32\perfc007.dat 2016-03-29 19:24 - 2009-07-14 07:13 - 01834774 _____ C:\Windows\system32\PerfStringBackup.INI 2016-03-29 19:06 - 2012-09-01 11:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2016-03-29 19:06 - 2012-02-10 20:58 - 00000000 ____D C:\Temp 2016-03-29 19:05 - 2016-03-11 00:41 - 00000000 ____D C:\Program Files (x86)\VulkanRT 2016-03-29 19:03 - 2011-12-20 00:47 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2016-03-29 18:52 - 2013-10-05 23:06 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk 2016-03-29 18:50 - 2011-12-19 23:53 - 00000000 ____D C:\Program Files\Common Files\Apple 2016-03-28 14:47 - 2012-01-01 15:22 - 00000000 ____D C:\Program Files (x86)\Rockstar Games 2016-03-28 14:46 - 2015-04-14 20:15 - 00000000 ____D C:\Program Files\Rockstar Games 2016-03-24 00:04 - 2014-05-31 19:54 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-03-24 00:04 - 2014-05-16 18:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-03-24 00:04 - 2014-05-16 18:53 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-03-22 19:26 - 2012-01-02 19:51 - 00000000 ____D C:\Users\Miika\AppData\Roaming\Dropbox 2016-03-22 06:12 - 2011-12-20 01:14 - 19004040 ____N (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2016-03-22 06:12 - 2011-05-21 07:01 - 03714472 ____N (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2016-03-22 04:25 - 2015-12-21 21:44 - 00532536 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll 2016-03-22 04:25 - 2015-12-21 21:44 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll 2016-03-22 04:25 - 2011-12-20 00:47 - 06369728 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2016-03-22 04:25 - 2011-12-20 00:47 - 02993088 ____N (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2016-03-22 04:25 - 2011-12-20 00:47 - 02561472 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2016-03-22 04:25 - 2011-12-20 00:47 - 01264064 ____N (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2016-03-22 04:25 - 2011-12-20 00:47 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2016-03-22 04:25 - 2011-12-20 00:47 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2016-03-21 23:02 - 2016-02-22 20:46 - 00000000 ____D C:\Users\Miika\Desktop\Temp Copy 2016-03-18 20:10 - 2012-02-21 21:06 - 06253721 _____ C:\Windows\system32\nvcoproc.bin 2016-03-16 23:30 - 2016-03-11 00:41 - 00128792 _____ C:\Windows\SysWOW64\vulkan-1.dll 2016-03-16 23:29 - 2016-03-11 00:41 - 00127768 _____ C:\Windows\system32\vulkan-1.dll 2016-03-16 23:29 - 2016-03-11 00:41 - 00041752 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2016-03-16 23:28 - 2016-03-11 00:41 - 00045848 _____ C:\Windows\system32\vulkaninfo.exe 2016-03-16 20:18 - 2011-12-29 00:56 - 00000000 ____D C:\Users\Miika\Documents\Rechnungen 2016-03-16 20:16 - 2011-12-19 23:53 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2013-06-29 21:43 - 2013-06-29 21:43 - 0017472 ____T (Un4seen Developments) C:\Users\Miika\AppData\Roaming\Microsoft\1eaadjc.dll 2013-06-29 21:43 - 2013-06-29 21:43 - 0018724 ____T () C:\Users\Miika\AppData\Roaming\Microsoft\bass.dll 2013-06-29 21:43 - 2013-06-29 21:43 - 1758720 ____T () C:\Users\Miika\AppData\Roaming\Microsoft\engine_vx.dll 2013-06-29 21:43 - 2013-06-29 21:43 - 0016448 ____T (Un4seen Developments) C:\Users\Miika\AppData\Roaming\Microsoft\kfgresk.dll 2013-06-29 21:43 - 2013-06-29 21:43 - 0014456 ____T () C:\Users\Miika\AppData\Roaming\Microsoft\mjcriu.dll 2013-06-29 21:43 - 2013-06-29 21:43 - 0012352 ____T (Un4seen Developments) C:\Users\Miika\AppData\Roaming\Microsoft\peaadje.dll 2013-06-29 21:43 - 2013-06-29 21:43 - 0029784 ____T ((: JOBnik! :) [Arthur Aminov, ISRAEL]) C:\Users\Miika\AppData\Roaming\Microsoft\qwadjb.dll 2013-06-29 21:43 - 2013-06-29 21:43 - 0017472 ____T (Un4seen Developments) C:\Users\Miika\AppData\Roaming\Microsoft\rsaadjd.dll 2013-06-29 21:43 - 2013-06-29 21:43 - 0105016 ____T (Un4seen Developments) C:\Users\Miika\AppData\Roaming\Microsoft\~DFK38f72.tmp 2014-09-06 10:47 - 2014-09-06 10:47 - 0001978 _____ () C:\Users\Miika\AppData\Local\recently-used.xbel 2015-12-06 14:45 - 2015-12-06 14:45 - 0000000 _____ () C:\Users\Miika\AppData\Local\{8DD41FC6-B412-4A1A-88DD-700352DE6EFD} 2012-02-08 19:47 - 2012-02-08 19:47 - 0000000 _____ () C:\ProgramData\cmn_upld.log 2012-01-03 20:10 - 2012-01-03 20:10 - 0000252 _____ () C:\ProgramData\FastPics.log 2012-11-11 18:13 - 2012-11-11 18:13 - 0000256 _____ () C:\ProgramData\lxeb.log 2012-01-03 20:12 - 2012-02-08 19:45 - 0002288 _____ () C:\ProgramData\lxebJSW.log 2012-01-03 20:08 - 2012-11-11 18:13 - 0056229 _____ () C:\ProgramData\lxebscan.log 2012-02-08 19:47 - 2012-02-08 19:47 - 0000000 _____ () C:\ProgramData\LxWbGwLog.log 2012-01-03 20:07 - 2012-01-03 20:07 - 0000000 _____ () C:\ProgramData\UpdaterLog.txt Einige Dateien in TEMP: ==================== C:\Users\Miika\AppData\Local\Temp\avgnt.exe C:\Users\Miika\AppData\Local\Temp\jre-8u77-windows-au.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-04-08 20:40 ==================== Ende von FRST.txt ============================ |
| Themen zu Windows 7 - Befall mit Trojaner.Agent - Problem Malwarebytes |
| adobe, antivirus, avira, bonjour, defender, dnsapi.dll, ebay, flash player, home, langsam, lws.exe, mozilla, problem, prozesse, realtek, registry, rundll, scan, schutz, security, server, services.exe, software, svchost.exe, system, usb, windows |
Baum-Darstellung