| |
| |||||||
Log-Analyse und Auswertung: Windows 8: Für mich unbekannter Trojaner von Avira gefundenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
10.05.2016, 16:04
| #1 |
 |  Windows 8: Für mich unbekannter Trojaner von Avira gefunden Hallo zusammen! Heute habe ich einen Virenscan mit Avira gestartet und es wurde folgender Trojaner gefunden: TR/Crypt.EPACK.Gen8 (Cloud) Ich weiß jetzt nicht was ich unternehmen muss, da ich erstens ziemlich "neu" im Thema Viren bin und als ich den Virus in der Quarantäne entfernt habe, war der Virus im Nachhinein wieder gefunden worden! Den Log von Avira habe ich Momentan nicht. Ich bedanke mich bei jedem der mir bei diesem Problem helfen kann! Des weiteren entschuldige ich mich für jegliche Fehler meinerseits! MFG Chronos Hier nun die FRST Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:09-05-2016 durchgeführt von André (Administrator) auf ANDRÉ-PC (10-05-2016 16:33:48) Gestartet von C:\Users\André\Downloads Geladene Profile: André & (Verfügbare Profile: André) Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Bitsum LLC) C:\Program Files\ParkControl\ParkControl.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Activision Publishing Inc.) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\javaw.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_213.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_213.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Microsoft Corporation) C:\Windows\System32\SystemPropertiesProtection.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2013-11-20] (Hewlett-Packard ) HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-11-20] (IDT, Inc.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2396096 2016-03-30] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.) HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink) HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [807392 2016-03-15] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-03-18] (Apple Inc.) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-03-30] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [FireStormStartUpAutoRun] => C:\Program Files (x86)\ZotacFireStorm\FireStorm.exe [24278016 2015-03-11] (PC Partner Co.Ltd) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Spotify Web Helper] => C:\Users\André\AppData\Roaming\Spotify \SpotifyWebHelper.exe [1525360 2016-04-26] (Spotify Ltd) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Spotify] => C:\Users\André\AppData\Roaming\Spotify\Spotify.exe [6890608 2016- 04-26] (Spotify Ltd) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [51662464 2016-04-08] (Skype Technologies S.A.) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8813784 2016-03-11] (Piriform Ltd) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [scsi3-3] => C:\ProgramData\scsi3-36\scsi3-21.exe [818048 2016-05-10] () HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\RunOnce: [faraday-84] => C:\Users\André\AppData\Roaming\faraday-1\faraday-73.exe [777216 2016-05-10] () HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Policies\Explorer: [DisallowRun] 1 HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\MountPoints2: {4314a68d-f93b-11e3-bef5-b4b52fc7b10a} - "G:\setup.exe" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\MountPoints2: {8fad102a-54d2-11e2-be6d-806e6f6e6963} - "E:\ZToolBar.exe" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [132608 2014-11- 21] (Microsoft Corporation) HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation) HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users \André\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-04-26] (Spotify Ltd) HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify] => C:\Users\André\AppData \Roaming\Spotify\Spotify.exe [6890608 2016-04-26] (Spotify Ltd) HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [51662464 2016-04-08] (Skype Technologies S.A.) HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8813784 2016-03-11] (Piriform Ltd) HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [scsi3-3] => C:\ProgramData\scsi3- 36\scsi3-21.exe [818048 2016-05-10] () HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [faraday-84] => C:\Users\André \AppData\Roaming\faraday-1\faraday-73.exe [777216 2016-05-10] () HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [DisallowRun] 1 HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {4314a68d-f93b-11e3-bef5- b4b52fc7b10a} - "G:\setup.exe" HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {8fad102a-54d2-11e2-be6d- 806e6f6e6963} - "E:\ZToolBar.exe" HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C: \WINDOWS\system32\Ribbons.scr [132608 2014-11-21] (Microsoft Corporation) Startup: C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\scsi2-6.lnk [2016-05-10] ShortcutTarget: scsi2-6.lnk -> C:\Users\André\AppData\Roaming\scsi2-13\scsi2-7.exe (SkinSharp Inc.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2 Tcpip\..\Interfaces\{9A94A0F4-2D9B-45C3-9E0A-94ED23BCC2BF}: [DhcpNameServer] 192.168.0.1 192.168.0.2 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F %2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKLM -> {E9CF137E-FB25-49C6-A0D0-A0DE744D2C27} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb- 21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = SearchScopes: HKU\S-1-5-21-447048058-3512354665-2473454594-1001 -> DefaultScope {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout SearchScopes: HKU\S-1-5-21-447048058-3512354665-2473454594-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout SearchScopes: HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {D944BB61-2E34- 4DBF-A683-47E505C587DC} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout SearchScopes: HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {D944BB61-2E34-4DBF-A683- 47E505C587DC} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework \Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-02-25] (HP) BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin \IEDownloadMenuAndBtns64.dll [2014-11-07] (DVDVideoSoft Ltd.) BHO-x32: Kein Name -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> Keine Datei BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-19] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-19] (Oracle Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework \Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP) DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095} DPF: HKLM-x32 {784797A8-342D-4072-9486-03C8D0F2F0A1} hxxp://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.203.0.cab DPF: HKLM-x32 {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} hxxps://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.96.0.cab Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies) FireFox: ======== FF ProfilePath: C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-16] () FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [Keine Datei] FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-16] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-16] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] () FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [Keine Datei] FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-07-18] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT \npIntelWebAPIUpdater.dll [2012-07-18] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-19] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-19] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-03-08] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-03-08] (NVIDIA Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-447048058-3512354665-2473454594-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\André\AppData\LocalLow \Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\André\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-05-03] (Adobe Systems Inc.) FF Extension: WEB.DE MailCheck - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\extensions \mailcheck@web.de [2016-03-18] FF Extension: FoxyProxy Standard - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\Extensions \foxyproxy@eric.h.jung [2016-02-18] FF Extension: ProxTube - Unblock YouTube - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default- 1438960782100\Extensions\ich@maltegoetz.de.xpi [2016-01-25] FF Extension: Game Debate PC System Requirement Tool - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default- 1438960782100\Extensions\jid1-E6k1NoroBGfTwA@jetpack.xpi [2016-04-28] FF Extension: Adblock Plus - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\Extensions\{d10d0bf8- f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28] Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\André\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj \amazon-icon-2.crx <nicht gefunden> ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [955736 2016-03-15] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466504 2016-03-15] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466504 2016-03-15] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1424880 2016-03-15] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [272304 2016-03-30] (Avira Operations GmbH & Co. KG) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1860616 2016-04-04] () R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-03-23] (Digital Wave Ltd.) S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [243984 2016-03-22] (EasyAntiCheat Ltd) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-03-30] (NVIDIA Corporation) R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] (Hewlett-Packard) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26680 2016-02-18] (Hewlett-Packard Company) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert] R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07 -18] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-03-30] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-03-30] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-03-30] (NVIDIA Corporation) S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-02-26] (Electronic Arts) R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2015-03-26] () R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-11-20] (IDT, Inc.) [Datei ist nicht signiert] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2014-03-01] (Advanced Micro Devices, Inc.) S3 amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [13209088 2014-07-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert] S3 amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [626688 2014-07-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert] S3 athrusb; C:\Windows\system32\DRIVERS\athrxusb.sys [1075712 2008-07-29] (Atheros Communications, Inc.) S3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [102912 2015-07-15] (Advanced Micro Devices) [Datei ist nicht signiert] R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-03-15] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [137952 2016-03-15] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-15] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [68936 2016-03-15] (Avira Operations GmbH & Co. KG) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-05-10] (Malwarebytes) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-03-30] (NVIDIA Corporation) R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [47672 2016-03-08] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-03-21] (NVIDIA Corporation) S3 USBTINSP; C:\Windows\System32\drivers\tinspusb.sys [142848 2010-03-29] (Texas Instruments) U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [71680 2014-04-30] (Microsoft Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) S3 ZDCNDIS6a64; C:\windows\system32\ZDCNDIS6a64.sys [41280 2009-06-26] (Printing Communications Assoc., Inc. (PCAUSA)) S3 ZDCNDIS6a64; C:\windows\SysWOW64\ZDCNDIS6a64.sys [41280 2009-06-26] (Printing Communications Assoc., Inc. (PCAUSA)) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-05-10 16:33 - 2016-05-10 16:34 - 00026324 _____ C:\Users\André\Downloads\FRST.txt 2016-05-10 16:32 - 2016-05-10 16:33 - 00000000 ____D C:\FRST 2016-05-10 16:31 - 2016-05-10 16:31 - 02381312 _____ (Farbar) C:\Users\André\Downloads\FRST64.exe 2016-05-10 16:14 - 2016-05-10 16:14 - 00000094 ____H C:\Users\André\Downloads\.~lock.Hurricanes.pptx# 2016-05-10 16:12 - 2016-05-10 16:12 - 00000094 ____H C:\Users\André\Downloads\.~lock.Chemie.pptx# 2016-05-10 15:59 - 2016-05-10 15:59 - 00000000 ____D C:\Users\André\AppData\Roaming\scsi2-13 2016-05-10 15:56 - 2016-05-10 15:56 - 00000000 ____D C:\ProgramData\componet-66 2016-05-10 15:07 - 2016-05-10 15:07 - 03640384 _____ C:\Users\André\Downloads\adwcleaner_5.116.exe 2016-05-10 14:38 - 2016-05-10 14:39 - 129662736 _____ (Microsoft Corporation) C:\Users\André\Downloads\msert.exe 2016-05-10 14:28 - 2016-05-10 14:28 - 00001116 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-05-10 14:28 - 2016-05-10 14:28 - 00000000 ____D C:\Users\André\AppData\Roaming\faraday-1 2016-05-10 14:20 - 2016-05-10 14:20 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-05-10 14:20 - 2016-05-10 14:20 - 00002069 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk 2016-05-10 14:18 - 2016-05-10 14:18 - 00000000 ____D C:\ProgramData\scsi3-36 2016-05-10 14:17 - 2016-05-10 14:17 - 90330808 _____ (Adobe Systems Incorporated) C:\Users\André\Downloads\AcroRdrDC1501620039_de_DE.exe 2016-05-10 14:16 - 2016-05-10 15:02 - 00000000 ____D C:\ProgramData\uum 2016-05-09 21:41 - 2016-05-09 21:41 - 04489175 _____ C:\Users\André\Downloads\Hurricanes .pptx 2016-05-09 15:51 - 2016-05-09 15:51 - 00212133 _____ C:\Users\André\Desktop\WhatsApp-Image-20160509 2016-05-09 15:50 - 2016-05-09 15:51 - 00212133 _____ C:\Users\André\Downloads\WhatsApp-Image-20160509 2016-05-08 14:07 - 2016-05-08 14:07 - 00000222 _____ C:\Users\André\Desktop\Cosmic DJ.url 2016-05-08 14:07 - 2016-05-08 14:07 - 00000000 ____D C:\Users\André\AppData\LocalLow\GL33k 2016-05-08 12:08 - 2016-05-10 15:34 - 00003050 _____ C:\WINDOWS\System32\Tasks\ParkControl 2016-05-07 23:22 - 2016-05-07 23:22 - 00466456 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll 2016-05-07 23:22 - 2016-05-07 23:22 - 00444952 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll 2016-05-07 23:22 - 2016-05-07 23:22 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll 2016-05-07 23:22 - 2016-05-07 23:22 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll 2016-05-07 23:22 - 2016-05-07 23:22 - 00000000 ____D C:\Program Files (x86)\OpenAL 2016-05-06 18:17 - 2016-05-06 18:17 - 00000222 _____ C:\Users\André\Desktop\Hotline Miami 2 Wrong Number.url 2016-05-06 18:17 - 2016-05-06 18:17 - 00000137 _____ C:\Users\André\Desktop\Hotline Miami.url 2016-05-05 02:23 - 2016-05-05 02:23 - 00000000 ____D C:\Users\André\Documents\Overwatch 2016-05-05 01:08 - 2016-05-05 01:08 - 00001114 _____ C:\Users\Public\Desktop\Overwatch.lnk 2016-05-05 01:08 - 2016-05-05 01:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch 2016-05-05 01:00 - 2016-05-10 14:14 - 00000000 ____D C:\Program Files (x86)\Overwatch 2016-05-02 20:13 - 2016-05-02 20:15 - 85367756 _____ C:\Users\André\Downloads\Why Do We Fall - Motivational Video.mp4 2016-05-02 19:19 - 2016-04-30 21:42 - 04483870 _____ C:\Users\André\Desktop\Hurricanes.pptx 2016-05-02 19:14 - 2016-05-02 19:15 - 00477426 _____ C:\Users\André\Downloads\Chemie.pptx 2016-05-02 18:46 - 2016-05-02 18:46 - 00169110 _____ C:\Users\André\Downloads\WhatsApp-Image-20160502 2016-05-02 18:10 - 2016-05-02 18:10 - 00194857 _____ C:\Users\André\Downloads\WhatsApp-Image-20160430 2016-04-30 14:56 - 2016-04-30 14:56 - 00001644 _____ C:\Users\André\Desktop\Neues Textdokument.txt 2016-04-30 12:56 - 2016-04-30 12:56 - 04448793 _____ C:\Users\André\Downloads\Hurricanes.pptx 2016-04-26 20:11 - 2016-04-26 20:11 - 00121060 _____ C:\Users\André\Downloads\Cgco6leh.jpeg 2016-04-25 16:48 - 2016-04-25 16:48 - 00146693 _____ C:\Users\André\Downloads\GlSILUQj.jpeg 2016-04-24 20:55 - 2016-04-24 20:57 - 00000000 ____D C:\Users\André\AppData\Roaming\MediaPurge 2016-04-24 20:55 - 2016-04-24 20:55 - 00001945 _____ C:\Users\André\Desktop\Mediapurge.lnk 2016-04-24 20:55 - 2016-04-24 20:55 - 00000000 ____D C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mediapurge 2016-04-24 20:55 - 2016-04-24 20:55 - 00000000 ____D C:\Program Files (x86)\Mediapurge 2016-04-24 20:54 - 2016-04-24 20:54 - 01475080 _____ C:\Users\André\Downloads\MediaPurge - CHIP-Installer.exe 2016-04-24 20:44 - 2016-04-24 20:44 - 00001259 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk 2016-04-22 22:15 - 2016-04-22 22:15 - 74885612 _____ C:\Users\André\Downloads\3DM-MGS5-v1.005-Crack_only.rar 2016-04-21 10:01 - 2016-04-23 14:37 - 00000000 ____D C:\driver_memscan 2016-04-16 14:22 - 2016-04-16 14:22 - 00000222 _____ C:\Users\André\Desktop\Call of Duty Black Ops II - Zombies.url 2016-04-16 14:18 - 2016-04-16 14:18 - 00000222 _____ C:\Users\André\Desktop\Call of Duty Black Ops II - Multiplayer.url 2016-04-16 13:56 - 2016-04-16 13:56 - 00000222 _____ C:\Users\André\Desktop\Call of Duty Black Ops II.url 2016-04-14 16:11 - 2016-04-14 16:11 - 00000836 _____ C:\Users\Public\Desktop\CCleaner.lnk 2016-04-14 16:11 - 2016-04-14 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2016-04-14 16:07 - 2016-04-14 16:07 - 05683392 _____ (Piriform Ltd) C:\Users\André\Downloads\ccsetup516_slim.exe 2016-04-13 18:45 - 2016-04-13 18:49 - 00000518 _____ C:\Users\André\Documents\Neues Textdokument.txt 2016-04-13 13:58 - 2016-03-31 02:54 - 25817600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-04-13 13:58 - 2016-03-31 02:31 - 02892800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-04-13 13:58 - 2016-03-31 02:25 - 06052352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-04-13 13:58 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-04-13 13:58 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-04-13 13:58 - 2016-03-31 01:43 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2016-04-13 13:58 - 2016-03-31 01:43 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2016-04-13 13:58 - 2016-03-31 01:42 - 02131968 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2016-04-13 13:58 - 2016-03-31 01:39 - 15415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-04-13 13:58 - 2016-03-31 01:30 - 02596864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-04-13 13:58 - 2016-03-31 01:23 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2016-04-13 13:58 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-04-13 13:58 - 2016-02-02 20:16 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys 2016-04-13 13:57 - 2016-03-31 02:28 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2016-04-13 13:57 - 2016-03-31 02:17 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2016-04-13 13:57 - 2016-03-31 01:56 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2016-04-13 13:57 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2016-04-13 13:57 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2016-04-13 13:57 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2016-04-13 13:57 - 2016-03-31 01:50 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2016-04-13 13:57 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2016-04-13 13:57 - 2016-03-31 01:45 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2016-04-13 13:57 - 2016-03-31 01:43 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-04-13 13:57 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-04-13 13:57 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2016-04-13 13:57 - 2016-03-31 01:30 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2016-04-13 13:57 - 2016-03-31 01:27 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2016-04-13 13:57 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2016-04-13 13:57 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-04-13 13:57 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-04-13 13:57 - 2016-03-31 01:18 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-04-13 13:57 - 2016-03-31 01:06 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2016-04-13 13:57 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-04-13 13:57 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-04-13 13:57 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2016-04-13 13:56 - 2016-04-04 08:35 - 00046768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2016-04-13 13:56 - 2016-04-02 15:26 - 01386496 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-04-13 13:56 - 2016-04-02 15:26 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-04-13 13:56 - 2016-03-28 15:21 - 00698368 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2016-04-13 13:56 - 2016-03-28 15:21 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-04-13 13:56 - 2016-03-28 15:21 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-04-13 13:56 - 2016-03-28 15:21 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2016-04-13 13:56 - 2016-03-28 15:21 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-04-13 13:56 - 2016-03-16 01:00 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-04-13 13:56 - 2016-03-15 16:14 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-04-13 13:56 - 2016-03-11 16:48 - 00833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2016-04-13 13:56 - 2016-03-10 20:22 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2016-04-13 13:56 - 2016-03-10 20:21 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2016-04-13 13:56 - 2016-03-10 20:20 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2016-04-13 13:56 - 2016-03-10 19:44 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2016-04-13 13:56 - 2016-03-10 19:16 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2016-04-13 13:56 - 2016-03-10 19:03 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll 2016-04-13 13:56 - 2016-03-10 18:48 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll 2016-04-13 13:56 - 2016-03-03 18:47 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2016-04-13 13:56 - 2016-03-03 18:33 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2016-04-13 13:56 - 2016-03-03 03:39 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-04-13 13:56 - 2016-03-03 03:39 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-04-13 13:56 - 2016-02-09 03:31 - 22365472 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-04-13 13:56 - 2016-02-09 03:31 - 19794896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-04-13 13:56 - 2016-02-09 03:31 - 02757616 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2016-04-13 13:56 - 2016-02-09 03:31 - 02412576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2016-04-13 13:56 - 2016-02-09 03:31 - 00273264 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2016-04-13 13:56 - 2016-02-08 22:55 - 02712576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2016-04-13 13:56 - 2016-02-08 22:15 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll 2016-04-13 13:56 - 2016-02-08 22:02 - 01197056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll 2016-04-13 13:56 - 2016-02-08 21:48 - 12879360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-04-13 13:56 - 2016-02-08 21:43 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2016-04-13 13:56 - 2016-02-08 21:40 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll 2016-04-13 13:56 - 2016-02-08 21:39 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll 2016-04-13 13:56 - 2016-02-08 21:37 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll 2016-04-13 13:56 - 2016-02-08 21:35 - 00954880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2016-04-13 13:56 - 2016-02-08 21:34 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2016-04-13 13:56 - 2016-02-08 21:33 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll 2016-04-13 13:56 - 2016-02-08 20:50 - 03120640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2016-04-13 13:56 - 2016-02-08 19:55 - 02592256 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll 2016-04-13 13:56 - 2016-02-08 19:33 - 01278464 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll 2016-04-13 13:56 - 2016-02-08 19:12 - 14466560 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-04-13 13:56 - 2016-02-08 19:02 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2016-04-13 13:56 - 2016-02-08 19:00 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll 2016-04-13 13:56 - 2016-02-08 18:58 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll 2016-04-13 13:56 - 2016-02-08 18:55 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll 2016-04-13 13:56 - 2016-02-08 18:53 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll 2016-04-13 13:56 - 2016-02-08 18:53 - 01348096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-04-13 13:56 - 2016-02-08 18:50 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2016-04-13 13:56 - 2016-02-08 18:50 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2016-04-13 13:56 - 2016-02-08 18:48 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll 2016-04-13 13:56 - 2016-02-08 18:47 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2016-04-13 13:56 - 2016-02-08 18:44 - 00955392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2016-04-13 13:56 - 2016-02-05 16:46 - 01455104 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe 2016-04-13 13:56 - 2016-02-03 17:14 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys 2016-04-13 13:56 - 2016-02-03 17:11 - 01673728 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll 2016-04-13 13:56 - 2016-02-02 19:51 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll 2016-04-13 13:56 - 2016-02-02 19:19 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll 2016-04-13 13:56 - 2016-02-02 19:15 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll 2016-04-13 13:56 - 2016-02-02 19:01 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll 2016-04-13 13:56 - 2016-02-02 18:51 - 02609152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll 2016-04-13 13:56 - 2016-02-02 18:48 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll 2016-04-13 13:56 - 2016-02-02 18:46 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll 2016-04-13 13:56 - 2016-02-02 18:41 - 02170880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll 2016-04-13 13:56 - 2016-02-02 18:39 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll 2016-04-13 13:56 - 2016-01-27 17:18 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll 2016-04-13 13:56 - 2016-01-26 21:15 - 00072024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys 2016-04-13 13:56 - 2016-01-21 21:35 - 00952928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2016-04-13 13:56 - 2016-01-21 20:42 - 00786152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2016-04-13 13:56 - 2016-01-21 00:40 - 00099672 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys 2016-04-13 13:56 - 2014-11-08 04:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2016-04-13 13:56 - 2014-11-08 04:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2016-04-13 13:55 - 2016-03-29 16:05 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2016-04-13 13:55 - 2016-03-10 21:19 - 07452512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-04-13 13:55 - 2016-03-10 21:17 - 01663192 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2016-04-13 13:55 - 2016-03-10 21:17 - 01523216 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2016-04-13 13:55 - 2016-03-10 21:17 - 01490128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2016-04-13 13:55 - 2016-03-10 21:17 - 01358960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2016-04-13 13:55 - 2016-03-10 21:17 - 01133752 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2016-04-13 13:55 - 2016-03-10 19:48 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2016-04-13 13:55 - 2016-03-10 19:43 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll 2016-04-13 13:55 - 2016-03-10 18:55 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll 2016-04-13 13:55 - 2016-03-10 18:42 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll 2016-04-13 13:55 - 2016-03-03 18:13 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll 2016-04-13 13:55 - 2016-02-07 01:05 - 00551256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2016-04-13 13:55 - 2016-02-07 00:41 - 00316760 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys 2016-04-13 13:55 - 2016-02-05 21:07 - 00378712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2016-04-13 13:55 - 2016-02-05 17:11 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2016-04-13 13:55 - 2016-02-05 17:11 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL 2016-04-13 13:55 - 2016-02-05 17:07 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL 2016-04-13 13:55 - 2016-02-05 17:02 - 01083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2016-04-13 13:55 - 2016-02-04 20:07 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpsapi.dll 2016-04-13 13:55 - 2016-02-04 19:35 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpsapi.dll 2016-04-13 13:55 - 2016-02-04 18:23 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll 2016-04-13 13:55 - 2016-02-04 18:22 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll 2016-04-13 13:55 - 2016-02-02 19:18 - 01574912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe 2016-04-13 13:55 - 2016-01-31 19:17 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeui.exe 2016-04-13 13:55 - 2016-01-22 07:22 - 02487296 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll 2016-04-13 13:55 - 2016-01-22 07:11 - 01482240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-05-10 16:24 - 2013-01-03 16:09 - 00000000 ____D C:\Users\André\AppData\Roaming\Skype 2016-05-10 16:12 - 2015-02-22 21:08 - 00753152 ___SH C:\Users\André\Downloads\Thumbs.db 2016-05-10 16:12 - 2013-01-03 15:41 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-05-10 15:50 - 2013-02-18 14:36 - 00007667 _____ C:\Users\André\AppData\Local\resmon.resmoncfg 2016-05-10 15:43 - 2013-11-11 21:04 - 00000000 ____D C:\AdwCleaner 2016-05-10 15:36 - 2014-09-24 19:06 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-05-10 15:35 - 2013-02-02 18:30 - 00000000 ____D C:\Program Files (x86)\Steam 2016-05-10 15:34 - 2016-03-18 22:35 - 00000000 ____D C:\ProgramData\NVIDIA 2016-05-10 15:34 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-05-10 15:33 - 2014-09-24 19:06 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-05-10 15:33 - 2014-01-06 18:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-05-10 15:06 - 2013-01-02 14:08 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-447048058- 3512354665-2473454594-1001 2016-05-10 14:28 - 2014-09-24 19:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-05-10 14:21 - 2014-12-29 11:31 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2016-05-10 14:20 - 2013-01-05 14:01 - 00000000 ____D C:\Program Files (x86)\Adobe 2016-05-10 14:20 - 2013-01-03 15:39 - 00000000 ____D C:\ProgramData\Adobe 2016-05-10 14:15 - 2015-02-06 20:43 - 00003930 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E60977FA-3A81-4898-8919- E45EAAFEA251} 2016-05-10 14:13 - 2015-07-29 16:33 - 00000000 ____D C:\Users\André\AppData\Local\Battle.net 2016-05-10 14:13 - 2015-07-29 16:33 - 00000000 ____D C:\Program Files (x86)\Battle.net 2016-05-09 21:53 - 2014-11-21 05:35 - 01980998 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-05-09 21:53 - 2014-11-21 04:45 - 00841326 _____ C:\WINDOWS\system32\perfh007.dat 2016-05-09 21:53 - 2014-11-21 04:45 - 00191558 _____ C:\WINDOWS\system32\perfc007.dat 2016-05-09 21:53 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf 2016-05-09 21:44 - 2013-06-19 16:13 - 00000000 ____D C:\Users\André\AppData\Roaming\TS3Client 2016-05-09 20:47 - 2014-01-13 17:25 - 00000000 ____D C:\Users\André\AppData\Local\DayZ 2016-05-08 20:22 - 2015-10-01 18:48 - 00000000 ____D C:\Users\André\AppData\Roaming\Spotify 2016-05-08 20:17 - 2015-10-09 13:23 - 00000000 ____D C:\Users\André\AppData\Local\Spotify 2016-05-08 19:54 - 2015-04-02 12:38 - 00000000 ____D C:\Users\André\Downloads\Wallpaper 2016-05-08 12:15 - 2015-01-30 20:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-05-07 23:23 - 2013-07-06 14:35 - 00000000 ____D C:\Users\André\Documents\My Games 2016-05-06 14:25 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-05-06 14:23 - 2015-08-30 19:09 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX 2016-05-06 14:23 - 2015-08-30 19:09 - 00000000 ___SD C:\WINDOWS\system32\GWX 2016-05-06 14:23 - 2015-02-03 19:00 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-05-05 00:43 - 2016-03-26 00:19 - 00000000 ____D C:\Program Files (x86)\Hearthstone 2016-05-04 21:02 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps 2016-05-04 21:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-05-03 21:16 - 2013-08-22 15:25 - 01048576 ___SH C:\WINDOWS\system32\config\BBI 2016-05-02 21:00 - 2015-02-01 12:26 - 00601600 ___SH C:\Users\André\Desktop\Thumbs.db 2016-05-02 20:31 - 2013-01-12 14:43 - 00000000 ____D C:\Users\André\AppData\Local\ElevatedDiagnostics 2016-04-29 21:41 - 2016-02-18 20:30 - 00000000 ____D C:\Users\André\Documents\CCleaner Reg Backups! 2016-04-29 21:40 - 2016-03-19 15:32 - 00000000 ____D C:\Users\André\AppData\Local\CrashDumps 2016-04-29 07:31 - 2015-03-24 14:29 - 00000000 ____D C:\Users\André\Downloads\LUPO 2016-04-29 06:35 - 2013-01-11 20:49 - 00000000 ____D C:\Users\André\AppData\Roaming\DVDVideoSoft 2016-04-27 20:40 - 2014-08-16 14:13 - 00000000 ____D C:\ProgramData\Package Cache 2016-04-27 20:20 - 2013-09-06 14:40 - 00000000 ____D C:\Users\André\AppData\Roaming\OBS 2016-04-26 15:17 - 2016-02-17 15:39 - 00000000 ____D C:\Users\André\AppData\Local\TeamSpeak 3 Client 2016-04-26 13:01 - 2016-01-01 15:33 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-04-26 13:01 - 2013-01-03 16:09 - 00000000 ____D C:\ProgramData\Skype 2016-04-24 20:44 - 2016-03-25 15:57 - 00001416 _____ C:\Users\Public\Desktop\Free YouTube To MP3 Converter.lnk 2016-04-24 20:44 - 2013-08-18 13:28 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft 2016-04-24 20:44 - 2013-01-11 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2016-04-20 12:35 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache 2016-04-19 14:45 - 2013-05-04 10:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2016-04-16 21:16 - 2013-01-03 15:41 - 00003766 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2016-04-14 16:20 - 2013-01-02 14:01 - 00000000 ____D C:\Users\André\AppData\Local\Packages 2016-04-14 16:18 - 2012-11-22 11:37 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-04-14 16:17 - 2013-01-18 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ 2016-04-14 16:17 - 2013-01-18 20:38 - 00000000 ____D C:\Program Files (x86)\THQ 2016-04-14 16:15 - 2013-08-22 17:36 - 00000000 __SHD C:\Program Files\Windows Sidebar 2016-04-14 16:15 - 2013-08-22 17:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar 2016-04-14 16:12 - 2015-03-27 22:10 - 00000000 ____D C:\WINDOWS\Minidump 2016-04-14 14:43 - 2013-08-22 16:44 - 00405368 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-04-13 20:59 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData 2016-04-13 19:20 - 2013-08-15 12:24 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-04-13 19:17 - 2013-01-03 18:22 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-04-13 13:50 - 2016-01-13 13:43 - 00177488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2016-04-13 13:47 - 2016-03-09 15:30 - 01501488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-04-13 13:47 - 2016-03-09 15:30 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll 2016-04-13 13:46 - 2016-03-09 15:30 - 01737080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-09-14 19:20 - 2014-09-14 19:20 - 0000297 _____ () C:\Users\André\AppData\Roaming\BreakingPoint_Login.ini 2014-09-14 19:23 - 2014-09-14 19:23 - 0001370 _____ () C:\Users\André\AppData\Roaming\BreakingPoint_Options.ini 2014-02-15 10:22 - 2014-02-15 10:22 - 0000011 _____ () C:\Users\André\AppData\Roaming\Network Meter_Usage.ini 2013-08-21 13:54 - 2013-12-21 14:58 - 0000134 _____ () C:\Users\André\AppData\Roaming\Network Monitor II_Traffic.ini 2013-08-21 13:04 - 2013-08-21 13:04 - 0000725 _____ () C:\Users\André\AppData\Roaming\Ping Monitor_Settings.ini 2014-12-21 15:16 - 2014-12-21 15:16 - 0000000 _____ () C:\Users\André\AppData\Roaming\Stardockfences_debug_snapshot.dat 2014-06-19 18:50 - 2014-06-19 18:50 - 0000024 _____ () C:\Users\André\AppData\Roaming\temp.ini 2013-02-16 16:01 - 2013-02-19 18:05 - 0004608 _____ () C:\Users\André\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-03-13 21:16 - 2016-03-13 21:16 - 0007890 _____ () C:\Users\André\AppData\Local\recently-used.xbel 2013-02-18 14:36 - 2016-05-10 15:50 - 0007667 _____ () C:\Users\André\AppData\Local\resmon.resmoncfg 2013-11-25 18:04 - 2013-11-25 18:04 - 0000057 _____ () C:\ProgramData\Ament.ini 2013-01-02 14:02 - 2013-01-02 14:02 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\André\Arcanum4.dat C:\Users\André\Arcanum5.dat C:\Users\André\Arcanum6.dat Einige Dateien in TEMP: ==================== C:\Users\André\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-05-06 14:22 ==================== Ende von FRST.txt ============================ Geändert von Chronos5896 (10.05.2016 um 16:12 Uhr) Grund: Weitere Information |
| Themen zu Windows 8: Für mich unbekannter Trojaner von Avira gefunden |
| .dll, adobe, antivir, avira, ccsetup, defender, desktop, dnsapi.dll, explorer, firefox, flash player, installation, mozilla, mp3, problem, prozesse, registry, rojaner gefunden, rundll, scan, services.exe, software, svchost.exe, system, teamspeak, trojaner, trojaner 'tr/crypt.epack.gen', virus, windows |
Baum-Darstellung