| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Facebook: "Dein Computer muss gereinigt werden" - Virus/Malware?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
11.06.2016, 12:35
| #1 |
| |  Facebook: "Dein Computer muss gereinigt werden" - Virus/Malware? Hallo, vorgestern warnte mich facebook, dass eine facebook-Veranstaltung, die ich teilen wollte, Malware enthielte. Da mehrere meiner Bekannten bereits daran teilnehmen/ sie geteilt haben, dachte ich, dass es eine fehlerhafte Meldung ist und habe es noch einmal probiert. Es erschien dieselbe Meldung und im Anschluss wurde ich von facebook ausgeloggt, allerdings ziemlich instabil, da mir erst gesagt wurde, ich sei ausgeloggt, ich dann nocheinmal auf eine Nachricht zugreifen konnte und dann endgültig ausgeloggt wurde. Jedes Mal, wenn ich jetzt versuche, mich von dem PC aus wieder einzuloggen, erscheint dieser Text: "Dein Computer muss gereinigt werden Offenbar ist dein Computer von Malware beeinträchtigt. Wir unterstützen dich bei dabei, das Problem zu beheben, um dein Konto zu schützen und zu verhindern, dass sich das Malware-Problem auch auf die Konten deiner Freunde überträgt. Bei Malware handelt es sich um eine Schadsoftware, die versucht, deine persönlichen Informationen zu stehlen und Probleme bei der Nutzung von Facebook zu verursachen. Durch das Klicken auf bzw. das Teilen von Links, die Spam enthalten, kann dein Computer mit Malware infiziert werden." Die Seite verlangt von mir, dass ich den ab jetzt von facebook zur Verfügung gestellten Anti-Malware/Virus-Scanner herunterlade, um meinen PC zu überprüfen. Alternativ kann ich mich nur Abmelden, ein Zugriff auf den Account ist nicht möglich. Mit einem kurzfristig erstellten Neuaccount konnte ich mich ohne Probleme auf dem PC einloggen. Der Zugang zum alten facebook-Account ist mir von meinem Handy aus möglich, ich konnte jedoch manchmal keine Beiträge teilen. Dann erschien ebenfalls eine Nachricht, dass mein PC möglicherweise infiziert sei und ich mich dort einloggen und den Anleitungsschritten folgen solle. In derselben Meldung wurde mir jedoch auch die Möglichkeit angeboten, mich zu beschweren, dass die Sperrung ungerechtfertigt sei, die ich genutzt habe. Eine Antwort kam bisher nicht. Den genauen Wortlaut der Fehlermeldung beim Beitrag teilen kann ich leider nicht mehr angeben, da es jetzt (vom Handy aus) bei allen Beiträgen funktioniert (letzte Fehlermeldung war vor ca. 20h). Am PC besteht das Einloggproblem weiterhin. Was kann ich jetzt tun? Den Virenscanner würde ich mir über facebook ungern aufzwingen lassen, selbst, wenn die Anzeige echt ist. Liebe Grüße & vielen Dank! Mira Hier sind die mit FRST erstellten Logfiles: (Edit: Addition als Anhang, da der Beitrag ansonsten zu groß war) Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:10-06-2016
durchgeführt von Mira (Administrator) auf JAMIE (11-06-2016 02:03:22)
Gestartet von C:\Users\Mira\Downloads
Geladene Profile: UpdatusUser & Mira (Verfügbare Profile: UpdatusUser & Mira & Mia & Administrator)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
() C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\n360.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\n360.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS VivoBook\VivoBook.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
() C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
() C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\conathst.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [22912 2012-10-01] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1804432 2015-11-17] (NVIDIA Corporation)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [562544 2016-05-10] ()
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [ATLauncher] => "C:\Program Files\McAfee\MSC\OOBE\ATLauncher.exe" /createshortcuts:1
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [975248 2015-10-05] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [23972712 2016-05-31] (Dropbox, Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [839648 2016-03-10] (DivX, LLC)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [adm_tray.exe] => C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe [470120 2011-02-24] ()
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [421768 2016-04-25] (Acronis International GmbH)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7377936 2016-05-10] ()
HKLM-x32\...\Run: [WDAppManager] => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe [14688 2015-03-19] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1761120 2015-03-22] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1890664 2015-03-24] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5564784 2015-02-12] (Western Digital Technologies, Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2226888768-1864803197-2813516363-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-2226888768-1864803197-2813516363-1002\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [43984 2016-04-18] (Glarysoft Ltd)
HKU\S-1-5-21-2226888768-1864803197-2813516363-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
HKU\S-1-5-21-2226888768-1864803197-2813516363-1002\...\MountPoints2: {7843c043-e6a7-11e4-8059-6c71d929bdb6} - "F:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-2226888768-1864803197-2813516363-1002\...\MountPoints2: {b41c3cc8-2ed9-11e6-825a-806e6f6e6963} - "F:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-2226888768-1864803197-2813516363-1002\...\MountPoints2: {e64af5b0-3905-11e5-80c4-6c71d929bdb6} - "F:\WD Drive Unlock.exe" autoplay=true
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [186136 2016-04-21] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [164696 2016-04-21] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\22.6.0.142\buShell.dll [2016-02-18] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\22.6.0.142\buShell.dll [2016-02-18] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\22.6.0.142\buShell.dll [2016-02-18] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => Keine Datei
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => Keine Datei
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => Keine Datei
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
Startup: C:\Users\Mira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8610.lnk [2016-06-11]
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet Pro 8610.lnk -> C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
BootExecute: autocheck autochk * BootDefrag.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: 0x0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Tcpip\..\Interfaces\{2C655153-8DA1-473A-912B-E3091839733C}: [NameServer] 139.30.8.7,139.30.8.8
Tcpip\..\Interfaces\{96684D29-698D-40F5-B943-F3B269F660E4}: [DhcpNameServer] 139.30.8.7 139.30.8.8
Tcpip\..\Interfaces\{AD674BBB-4BDC-4BF8-AAC6-C8116D423017}: [DhcpNameServer] 139.30.8.7 139.30.8.8
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-2226888768-1864803197-2813516363-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-2226888768-1864803197-2813516363-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-2226888768-1864803197-2813516363-1002\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2226888768-1864803197-2813516363-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-05-27] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-09-29] (Qualcomm Atheros Commnucations)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-05-27] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation)
IE Session Restore: HKU\S-1-5-21-2226888768-1864803197-2813516363-1002 -> ist aktiviert.
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\wl6e5j5j.default
FF DefaultSearchEngine: Ecosia
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-14] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-14] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2016-03-04] (DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-09-09] (Nero AG)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2226888768-1864803197-2813516363-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Keine Datei]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\wl6e5j5j.default\searchplugins\benefind.xml [2014-03-22]
FF SearchPlugin: C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\wl6e5j5j.default\searchplugins\google-images.xml [2014-11-26]
FF SearchPlugin: C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\wl6e5j5j.default\searchplugins\google-maps.xml [2014-11-26]
FF SearchPlugin: C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\wl6e5j5j.default\searchplugins\norton-safe-search.xml [2015-11-07]
FF Extension: NoScript - C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\wl6e5j5j.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-04-07]
FF Extension: Avira Browser Safety - C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\wl6e5j5j.default\Extensions\abs@avira.com [2016-05-14]
FF Extension: Ghostery - C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\wl6e5j5j.default\Extensions\firefox@ghostery.com.xpi [2016-05-04]
FF Extension: YouTube mp3 - C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\wl6e5j5j.default\Extensions\info@youtube-mp3.org.xpi [2016-04-27]
FF Extension: Video DownloadHelper - C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\wl6e5j5j.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-05-23]
FF Extension: Adblock Plus - C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\wl6e5j5j.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.4.24\coFFAddon
FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.4.24\coFFAddon [2016-03-15]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.4.24\coFFAddon
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\Exts\Chrome.crx [2016-03-14]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\Exts\Chrome.crx [2016-03-14]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1195840 2016-05-10] ()
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [4463592 2016-06-09] ()
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [220288 2012-09-29] (Qualcomm Atheros Commnucations) [Datei ist nicht signiert]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-14] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-14] (Dropbox, Inc.)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [30080 2012-10-01] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [31616 2012-10-01] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [37760 2012-10-01] (Intel Corporation)
R2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-03-30] (Diskeeper Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2012-07-30] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 McOobeSv2; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McSchedulerSvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4884064 2015-08-11] (Acronis)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\N360.exe [289080 2016-02-26] (Symantec Corporation)
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [9698296 2016-04-16] ()
R2 WakeupService; C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe [42336 2012-11-16] (ASUSTek Computer Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [306552 2015-03-22] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S3 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-09-29] (Atheros) [Datei ist nicht signiert]
S3 WD Backup Drive Helper; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B}
S3 WD Backup Snapshot; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD}
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3837440 2013-08-14] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [62848 2012-11-20] (ASUS Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\22.5.4.24\Definitions\BASHDefs\20160601.001\BHDrvx64.sys [1832176 2016-05-13] (Symantec Corporation)
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17600 2014-05-14] (Glarysoft Ltd)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-09-29] (Qualcomm Atheros)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1606000.08E\ccSetx64.sys [173808 2015-09-24] (Symantec Corporation)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [107328 2012-10-01] (Intel Corporation)
R3 DptfDevFan; C:\Windows\system32\DRIVERS\DptfDevFan.sys [42816 2012-10-01] (Intel Corporation)
R3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [64832 2012-10-01] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [96576 2012-10-01] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [229184 2012-10-01] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [363328 2012-10-01] (Intel Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-09-11] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497392 2016-05-04] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156912 2016-05-04] (Symantec Corporation)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-03-30] (Diskeeper Corporation)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [95024 2012-03-30] (Diskeeper Corporation)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [339800 2016-06-09] (Acronis International GmbH)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [20160 2015-05-30] (Glarysoft Ltd)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\22.5.4.24\Definitions\IPSDefs\20160609.001\IDSvia64.sys [876248 2016-05-25] (Symantec Corporation)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-30] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\22.5.4.24\Definitions\VirusDefs\20160610.001\ENG64.SYS [138456 2016-05-17] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\22.5.4.24\Definitions\VirusDefs\20160610.001\EX64.SYS [2148056 2016-05-17] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1606000.08E\SRTSP64.SYS [928504 2016-02-24] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1606000.08E\SRTSPX64.SYS [50936 2015-09-24] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\N360x64\1606000.08E\SYMEFASI64.SYS [1621232 2016-02-24] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1606000.08E\SymELAM.sys [24192 2015-09-24] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-11-06] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1606000.08E\Ironx64.SYS [295664 2016-02-24] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1606000.08E\SYMNETS.SYS [577768 2016-02-24] (Symantec Corporation)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1267552 2016-06-09] (Acronis International GmbH)
R2 tib_mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [193376 2016-06-09] (Acronis International GmbH)
S3 tnd; C:\Windows\system32\DRIVERS\tnd.sys [601432 2016-06-09] (Acronis International GmbH)
R2 virtual_file; C:\Windows\System32\DRIVERS\virtual_file.sys [279392 2016-06-09] (Acronis International GmbH)
R3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52592 2014-07-21] (Cisco Systems, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-06-11 02:03 - 2016-06-11 02:03 - 00034166 _____ C:\Users\Mira\Downloads\FRST.txt
2016-06-11 02:02 - 2016-06-11 02:03 - 00000000 ____D C:\FRST
2016-06-11 02:00 - 2016-06-11 02:00 - 02385408 _____ (Farbar) C:\Users\Mira\Downloads\FRST64.exe
2016-06-11 01:42 - 2016-06-11 01:43 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2016-06-11 01:42 - 2016-06-11 01:43 - 00000000 ____D C:\WINDOWS\system32\NV
2016-06-11 01:37 - 2016-06-11 01:37 - 00002715 _____ C:\Users\Public\Desktop\Skype.lnk
2016-06-11 01:37 - 2016-06-11 01:37 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-11 01:37 - 2016-06-11 01:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-06-11 01:32 - 2016-04-06 20:17 - 18825216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-06-11 01:32 - 2016-03-31 08:53 - 07446360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-06-11 01:31 - 2016-06-03 19:11 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2016-06-11 01:31 - 2016-06-03 15:38 - 01413120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-06-11 01:31 - 2016-06-02 19:51 - 00050352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-06-11 01:31 - 2016-05-29 17:04 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-06-11 01:31 - 2016-05-29 17:04 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-06-11 01:31 - 2016-05-29 17:04 - 00544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-06-11 01:31 - 2016-05-29 17:04 - 00276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-06-11 01:31 - 2016-05-29 17:04 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2016-06-11 01:31 - 2016-05-29 17:04 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-06-11 01:31 - 2016-04-14 17:25 - 02778624 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-06-11 01:31 - 2016-04-14 17:11 - 02464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-06-11 01:31 - 2016-04-12 17:46 - 14467584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-11 01:31 - 2016-04-12 17:30 - 12879872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-06-11 01:31 - 2016-04-10 07:35 - 00551256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-06-11 01:31 - 2016-04-10 00:15 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-06-11 01:31 - 2016-04-10 00:14 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Geolocation.dll
2016-06-11 01:31 - 2016-04-10 00:10 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2016-06-11 01:31 - 2016-04-10 00:09 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-06-11 01:31 - 2016-04-10 00:02 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2016-06-11 01:31 - 2016-04-09 23:59 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Geolocation.dll
2016-06-11 01:31 - 2016-04-09 23:59 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-06-11 01:31 - 2016-04-09 23:56 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-06-11 01:31 - 2016-04-09 23:55 - 00881152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-06-11 01:31 - 2016-04-09 23:52 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2016-06-11 01:31 - 2016-04-07 18:34 - 00987136 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-06-11 01:31 - 2016-04-07 18:06 - 00927744 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-06-11 01:31 - 2016-04-07 17:36 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-06-11 01:31 - 2016-04-06 23:21 - 00114528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2016-06-11 01:31 - 2016-04-06 20:20 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-06-11 01:31 - 2016-04-06 19:11 - 07074816 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-06-11 01:31 - 2016-04-06 18:40 - 07792640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-11 01:31 - 2016-04-06 18:25 - 15158272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-06-11 01:31 - 2016-04-06 18:02 - 05269504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-06-11 01:31 - 2016-04-06 17:29 - 05265408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-11 01:31 - 2016-04-06 00:37 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2016-06-11 01:31 - 2016-04-02 15:58 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-06-11 01:31 - 2016-04-01 19:40 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-06-11 01:31 - 2016-04-01 19:00 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-06-11 01:31 - 2016-04-01 18:53 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-06-11 01:31 - 2016-04-01 18:50 - 00737280 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-06-11 01:31 - 2016-04-01 18:42 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-11 01:31 - 2016-04-01 18:41 - 00696832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-06-11 01:31 - 2016-04-01 18:32 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-11 01:31 - 2016-03-31 08:51 - 01134776 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-06-11 01:31 - 2016-03-31 06:36 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-06-11 01:31 - 2016-02-04 18:57 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2016-06-11 01:31 - 2016-02-04 18:49 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2016-06-11 01:31 - 2016-02-04 18:39 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2016-06-10 12:19 - 2016-06-10 12:26 - 00000000 ____D C:\Users\Mira\Desktop\Hörbücher
2016-06-10 11:26 - 2016-06-10 11:27 - 00000000 ____D C:\Users\Mira\Documents\Sprachen
2016-06-10 10:46 - 2016-06-10 10:57 - 00000000 ____D C:\Users\Mira\Documents\Tests
2016-06-10 10:45 - 2016-06-10 10:45 - 00000000 ____D C:\Users\Mira\Documents\Von Papa Psychologie etc
2016-06-10 10:43 - 2016-06-10 11:51 - 00000000 ____D C:\Users\Mira\Desktop\Wichtige Dokumente
2016-06-09 23:27 - 2016-06-09 23:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
2016-06-09 23:27 - 2016-06-09 23:27 - 00002171 _____ C:\Users\Public\Desktop\WD Backup.lnk
2016-06-09 23:27 - 2016-06-09 23:27 - 00001190 _____ C:\Users\Public\Desktop\WD Security.lnk
2016-06-09 23:27 - 2016-06-09 23:27 - 00001135 _____ C:\Users\Public\Desktop\WD Drive Utilities.lnk
2016-06-09 23:27 - 2016-06-09 23:27 - 00000000 ____D C:\Users\Mira\AppData\Roaming\Western Digital
2016-06-09 23:27 - 2016-06-09 23:27 - 00000000 ____D C:\Program Files (x86)\Western Digital
2016-06-09 23:25 - 2016-06-09 23:25 - 00000000 ____D C:\Users\Mira\AppData\Local\Western Digital
2016-06-09 23:15 - 2016-06-09 23:15 - 01267552 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib.sys
2016-06-09 23:15 - 2016-06-09 23:15 - 00601432 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tnd.sys
2016-06-09 23:15 - 2016-06-09 23:15 - 00339800 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\file_tracker.sys
2016-06-09 23:15 - 2016-06-09 23:15 - 00279392 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\virtual_file.sys
2016-06-09 23:15 - 2016-06-09 23:15 - 00193376 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib_mounter.sys
2016-06-09 23:14 - 2016-06-09 23:14 - 00001231 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis True Image.lnk
2016-06-09 23:14 - 2016-06-09 23:14 - 00001219 _____ C:\Users\Public\Desktop\Acronis True Image.lnk
2016-06-09 23:13 - 2016-06-10 01:19 - 00000000 ____D C:\ProgramData\Acronis
2016-06-09 22:58 - 2016-06-09 22:58 - 00001164 _____ C:\Users\Public\Desktop\Acronis Drive Monitor.lnk
2016-06-09 22:55 - 2016-06-09 22:55 - 18992072 _____ C:\Users\Mira\Downloads\ADM_de-DE.exe
2016-06-09 22:54 - 2016-06-09 22:54 - 00001251 _____ C:\Users\Public\Desktop\Acronis Disk Director 12.lnk
2016-06-09 22:48 - 2016-06-09 23:04 - 00000000 ____D C:\Users\Mira\AppData\Roaming\Acronis
2016-06-09 22:47 - 2016-06-09 23:15 - 00340312 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\snapman.sys
2016-06-09 22:47 - 2016-06-09 23:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2016-06-09 22:47 - 2016-06-09 22:47 - 00163160 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv.sys
2016-06-09 22:46 - 2016-06-09 22:58 - 00000000 ____D C:\Program Files (x86)\Acronis
2016-06-09 16:38 - 2016-06-09 16:38 - 01473544 _____ C:\Users\Mira\Downloads\AntiVir Avira Free Antivirus - CHIP-Installer.exe
2016-06-09 16:35 - 2016-06-09 16:35 - 00001165 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-06-09 16:33 - 2016-06-09 16:33 - 00242344 _____ C:\Users\Mira\Downloads\Firefox Setup Stub 47.0.exe
2016-06-08 09:37 - 2016-06-08 09:37 - 32127420 _____ C:\Users\Mira\Downloads\KFT(2).pdf
2016-06-07 12:02 - 2016-06-07 12:02 - 00422043 _____ C:\Users\Mira\Downloads\7. Kapitel_ Sonderpadagogische Begutachtung(1).pdf
2016-06-07 11:55 - 2016-06-07 11:55 - 00712136 _____ C:\Users\Mira\Downloads\Fallbeispiel_Heidi(1).pdf
2016-06-07 11:53 - 2016-06-07 11:53 - 00079043 _____ C:\Users\Mira\Downloads\Fall Paul - Erarbeitete Ergebnisse im WiSem 14(1).pdf
2016-06-05 16:13 - 2016-06-05 16:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-06-01 19:55 - 2016-06-01 19:55 - 00044579 _____ C:\Users\Mira\Downloads\Forschungs-_und_Prüfungskolloquium_SoSe_2016.pdf
2016-05-31 18:13 - 2016-05-31 18:13 - 00051234 _____ C:\Users\Mira\Downloads\Modulplan 2016(1).xlsx
2016-05-30 22:44 - 2016-05-30 22:44 - 01512457 _____ C:\Users\Mira\Downloads\Drucker Rechnung.pdf
2016-05-30 22:08 - 2016-05-30 22:08 - 00922685 _____ C:\Users\Mira\Downloads\Drucker Rechnung Mira_1.pdf
2016-05-28 23:39 - 2016-05-28 23:40 - 00010233 _____ C:\Users\Mira\Documents\Sev.odt
2016-05-28 23:38 - 2016-05-28 23:38 - 02041978 _____ C:\Users\Mira\Downloads\Für_alle__drei_Sitzungen_Kapital_49-99.pdf
2016-05-28 19:15 - 2016-05-28 19:15 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2016-05-28 19:13 - 2016-06-05 16:11 - 00000000 ____D C:\Users\Mira\AppData\Roaming\HpUpdate
2016-05-28 19:13 - 2016-05-28 19:15 - 00000000 ____D C:\Program Files (x86)\HP
2016-05-28 19:13 - 2016-05-28 19:13 - 00002222 _____ C:\Users\Public\Desktop\HP Officejet Pro 8610.lnk
2016-05-28 19:13 - 2016-05-28 19:13 - 00000988 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk
2016-05-28 19:13 - 2016-05-28 19:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-05-28 19:13 - 2016-05-28 19:13 - 00000000 ____D C:\ProgramData\HP
2016-05-28 19:13 - 2016-05-28 19:13 - 00000000 ____D C:\Program Files\HP
2016-05-28 19:13 - 2014-03-06 12:51 - 00763912 ____N (Hewlett-Packard Co.) C:\WINDOWS\system32\HPDiscoPM7112.dll
2016-05-28 19:10 - 2016-05-28 19:10 - 00000057 _____ C:\ProgramData\Ament.ini
2016-05-25 20:39 - 2016-05-25 21:24 - 00020878 _____ C:\Users\Mira\Downloads\Kieler Leseaufbau_Morawiak.odp
2016-05-24 20:05 - 2016-05-24 20:05 - 00016085 _____ C:\Users\Mira\Downloads\Anleitung zur Erstellung des Portfolios (Modulprufung).pdf
2016-05-24 20:04 - 2016-05-24 20:04 - 00712136 _____ C:\Users\Mira\Downloads\Fallbeispiel_Heidi.pdf
2016-05-24 20:04 - 2016-05-24 20:04 - 00126402 _____ C:\Users\Mira\Downloads\Text zur Testtheorie.pdf
2016-05-24 20:04 - 2016-05-24 20:04 - 00124223 _____ C:\Users\Mira\Downloads\Einverstandniserklarung fur Eltern.pdf
2016-05-24 20:04 - 2016-05-24 20:04 - 00079043 _____ C:\Users\Mira\Downloads\Fall Paul - Erarbeitete Ergebnisse im WiSem 14.pdf
2016-05-24 20:04 - 2016-05-24 20:04 - 00013188 _____ C:\Users\Mira\Downloads\Ablaufschema zur Gutachtenerstellung.pdf
2016-05-24 20:04 - 2016-05-24 20:04 - 00005576 _____ C:\Users\Mira\Downloads\Bewertung der Portfolios.pdf
2016-05-23 22:36 - 2016-05-28 19:15 - 00000000 ____D C:\Users\Mira\AppData\Local\HP
2016-05-20 12:13 - 2016-05-20 12:13 - 38222710 _____ C:\Users\Mira\Downloads\download.zip
2016-05-20 12:02 - 2016-05-20 12:02 - 133294414 _____ C:\Users\Mira\Downloads\bundjugendnrw_skill-sharing-camp-mastamo-2016_72157668514772735.zip
2016-05-19 18:26 - 2016-05-19 18:26 - 00154621 _____ C:\Users\Mira\Downloads\Kieler_Leseaufbau-Handout.pdf
2016-05-18 21:50 - 2016-05-18 21:50 - 02348032 _____ C:\Users\Mira\Downloads\Kieler_Leseaufbau_+_Rechtschreibaufbau.ppt
2016-05-18 10:11 - 2016-05-18 10:11 - 01621996 _____ C:\Users\Mira\Downloads\PPP_Lese-_Rechtschreibförderung.pdf
2016-05-16 14:26 - 2016-05-16 14:26 - 00028003 _____ C:\Users\Mira\Documents\Thematisierung von Drogen mit Kindern und Jugendlichen.odt
2016-05-16 12:32 - 2016-05-16 12:32 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2226888768-1864803197-2813516363-1005
2016-05-16 12:26 - 2016-05-16 12:26 - 00000429 _____ C:\Users\Mia\AppData\Roaming\sp_data.sys
2016-05-16 12:25 - 2016-05-16 12:31 - 00000000 ____D C:\Users\Mia\AppData\Local\Packages
2016-05-16 12:25 - 2016-05-16 12:25 - 00001456 _____ C:\Users\Mia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-05-16 12:25 - 2016-05-16 12:25 - 00000020 ___SH C:\Users\Mia\ntuser.ini
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 _SHDL C:\Users\Mia\Vorlagen
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 _SHDL C:\Users\Mia\Startmenü
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 _SHDL C:\Users\Mia\Netzwerkumgebung
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 _SHDL C:\Users\Mia\Lokale Einstellungen
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 _SHDL C:\Users\Mia\Eigene Dateien
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 _SHDL C:\Users\Mia\Druckumgebung
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 _SHDL C:\Users\Mia\Documents\Eigene Videos
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 _SHDL C:\Users\Mia\Documents\Eigene Musik
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 _SHDL C:\Users\Mia\Documents\Eigene Bilder
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 _SHDL C:\Users\Mia\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 _SHDL C:\Users\Mia\AppData\Local\Verlauf
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 _SHDL C:\Users\Mia\AppData\Local\Anwendungsdaten
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 _SHDL C:\Users\Mia\Anwendungsdaten
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 ____D C:\Users\Mia\AppData\Roaming\Adobe
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 ____D C:\Users\Mia\AppData\Local\VirtualStore
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 ____D C:\Users\Mia\AppData\Local\NVIDIA
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 ____D C:\Users\Mia\AppData\Local\ASUS
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 ____D C:\Users\Mia
2016-05-16 12:25 - 2014-09-11 11:41 - 00000000 ____D C:\Users\Mia\AppData\Local\Microsoft Help
2016-05-16 12:25 - 2014-03-18 12:11 - 00000369 _____ C:\Users\Mia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2016-05-16 12:25 - 2014-03-18 12:11 - 00000369 _____ C:\Users\Mia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2016-05-15 22:09 - 2016-05-15 22:09 - 03679943 _____ C:\Users\Mira\Downloads\Falter_Campaufruf-2016.druck(1).pdf
2016-05-15 22:00 - 2016-05-15 22:00 - 00060974 _____ C:\Users\Mira\Downloads\Kontostand Sonderpädagogik (31.12.2015).pdf
2016-05-15 22:00 - 2016-05-15 22:00 - 00052254 _____ C:\Users\Mira\Downloads\Sonderpädagogik.pdf
2016-05-15 21:19 - 2016-05-15 21:19 - 00623769 _____ C:\Users\Mira\Downloads\S2016_04_16_taz_S27_Sachkunde.pdf
2016-05-15 21:19 - 2016-05-15 21:19 - 00456900 _____ C:\Users\Mira\Downloads\S2016_04_16_taz_S26_Sachkunde.pdf
2016-05-15 21:19 - 2016-05-15 21:19 - 00149302 _____ C:\Users\Mira\Downloads\S2016_04_16_taz_SIII_Kontext.pdf
2016-05-15 21:19 - 2016-05-15 21:19 - 00145248 _____ C:\Users\Mira\Downloads\S2016_04_16_taz_S25_Sachkunde.pdf
2016-05-15 20:52 - 2016-05-15 20:52 - 20723386 _____ C:\Users\Mira\Downloads\taz_2016_04_30.pdf
2016-05-15 20:37 - 2016-05-15 20:37 - 24846636 _____ C:\Users\Mira\Downloads\taz_2016_05_07.pdf
2016-05-15 19:31 - 2016-05-15 19:31 - 00051234 _____ C:\Users\Mira\Downloads\Modulplan 2016.xlsx
2016-05-14 20:09 - 2016-05-14 20:09 - 05995712 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-06-11 01:54 - 2014-03-23 21:18 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2226888768-1864803197-2813516363-1002
2016-06-11 01:49 - 2014-03-22 20:12 - 00000000 ____D C:\Users\Mira\AppData\Roaming\Skype
2016-06-11 01:49 - 2014-03-18 12:03 - 00338278 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-06-11 01:49 - 2014-03-18 11:25 - 12310652 _____ C:\WINDOWS\system32\perfh007.dat
2016-06-11 01:49 - 2014-03-18 11:25 - 04099916 _____ C:\WINDOWS\system32\perfc007.dat
2016-06-11 01:49 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2016-06-11 01:48 - 2014-03-20 23:54 - 00000408 _____ C:\Users\Mira\AppData\Roaming\sp_data.sys
2016-06-11 01:42 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-06-11 01:42 - 2013-01-23 19:42 - 00000000 ____D C:\ProgramData\NVIDIA
2016-06-11 01:40 - 2015-04-16 13:00 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-06-11 01:40 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-06-11 01:37 - 2014-03-22 20:12 - 00000000 ____D C:\Users\Mira\AppData\Local\Skype
2016-06-11 01:37 - 2014-03-22 20:12 - 00000000 ____D C:\ProgramData\Skype
2016-06-11 01:36 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-11 01:33 - 2013-01-23 19:41 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-06-11 01:26 - 2014-09-11 08:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-06-11 01:09 - 2014-09-21 22:05 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-06-11 01:07 - 2014-03-22 20:32 - 00000000 ____D C:\Users\Mira\AppData\Roaming\vlc
2016-06-10 23:54 - 2014-08-13 11:56 - 00000000 ____D C:\Users\Mira
2016-06-10 23:44 - 2014-07-12 18:16 - 00000000 ____D C:\Users\Mira\AppData\Local\ElevatedDiagnostics
2016-06-10 23:42 - 2014-03-22 18:16 - 00000000 ____D C:\Users\Mira\AppData\Roaming\GlarySoft
2016-06-10 23:38 - 2016-01-08 21:50 - 00000000 ____D C:\Users\Mira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2016-06-10 23:38 - 2014-08-28 10:19 - 00000000 ____D C:\WINDOWS\Minidump
2016-06-10 23:24 - 2014-05-29 09:01 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5
2016-06-10 23:23 - 2016-02-17 01:00 - 00000000 ____D C:\Users\Mira\AppData\Roaming\TS3Client
2016-06-10 11:47 - 2013-11-27 21:27 - 00000000 ____D C:\Users\Mira\Documents\Friri
2016-06-10 11:44 - 2015-11-07 20:14 - 00000000 ____D C:\Users\Mira\Documents\Unterrichtsmaterial
2016-06-10 11:27 - 2014-03-20 23:57 - 00000000 __RSD C:\Users\Mira\Desktop\ASUS
2016-06-10 11:27 - 2014-01-09 20:51 - 00000000 ____D C:\Users\Mira\Documents\ASUS
2016-06-10 11:01 - 2013-11-09 12:25 - 00000000 ____D C:\Users\Mira\Documents\Unfall
2016-06-10 09:05 - 2014-05-07 11:52 - 00000000 ____D C:\Program Files\WinRAR
2016-06-10 00:00 - 2015-12-30 16:51 - 00000000 ____D C:\Users\Mira\AppData\Local\Ubisoft Game Launcher
2016-06-10 00:00 - 2013-01-23 19:34 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-06-09 23:58 - 2015-04-05 22:55 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-06-09 23:55 - 2014-04-08 17:19 - 00000000 ____D C:\Users\Mira\AppData\Roaming\DVDVideoSoft
2016-06-09 23:29 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\registration
2016-06-09 23:27 - 2014-09-13 14:01 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-09 16:35 - 2016-05-04 14:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-09 16:35 - 2014-03-21 11:30 - 00001177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-06-09 15:51 - 2014-03-22 18:15 - 00000000 ____D C:\Users\Mira\AppData\Roaming\DiskDefrag
2016-06-08 14:49 - 2012-07-26 07:26 - 00000199 _____ C:\WINDOWS\win.ini
2016-06-07 19:13 - 2014-03-22 14:24 - 00000000 ____D C:\Users\Mira\AppData\Local\CrashDumps
2016-06-07 17:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-06-06 22:27 - 2015-09-02 02:59 - 00000000 ____D C:\Users\Mira\Documents\Sonderfall
2016-06-05 16:40 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-06-05 16:13 - 2015-10-14 09:36 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-06-05 16:07 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2016-05-31 18:02 - 2013-04-02 20:32 - 00000000 ____D C:\Users\Mira\AppData\Local\Packages
2016-05-30 21:17 - 2013-01-23 19:42 - 00000000 ____D C:\temp
2016-05-28 23:51 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-05-28 16:43 - 2015-04-06 10:40 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2016-05-28 16:43 - 2015-04-06 10:40 - 00000000 ___SD C:\WINDOWS\system32\GWX
2016-05-16 13:43 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-14 21:48 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2016-05-14 20:09 - 2014-09-21 22:05 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-05-12 21:19 - 2016-02-17 01:10 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2016-05-12 21:04 - 2013-08-22 16:44 - 00539912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-05-12 00:20 - 2014-03-23 15:33 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-05-12 00:13 - 2014-03-23 15:33 - 139319312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-10-22 13:22 - 2015-10-22 13:22 - 0159657 _____ () C:\Program Files\changelog.txt
2015-10-22 13:22 - 2015-10-22 13:22 - 0375544 _____ () C:\Program Files\createfileassoc.exe
2015-10-22 13:22 - 2015-10-22 13:22 - 0447464 _____ (TeamSpeak Systems GmbH) C:\Program Files\error_report.exe
2015-09-21 16:24 - 2015-09-21 16:24 - 1709056 _____ () C:\Program Files\libeay32.dll
2013-10-05 00:58 - 2013-10-05 00:58 - 0660128 _____ (Microsoft Corporation) C:\Program Files\msvcp120.dll
2013-10-05 00:58 - 2013-10-05 00:58 - 0963232 _____ (Microsoft Corporation) C:\Program Files\msvcr120.dll
2015-08-27 10:07 - 2015-08-27 10:07 - 1704176 _____ (Overwolf) C:\Program Files\OverwolfTeamSpeakInstaller.exe
2015-10-22 13:22 - 2015-10-22 13:22 - 0475112 _____ (TeamSpeak Systems GmbH) C:\Program Files\package_inst.exe
2015-10-22 11:20 - 2015-10-22 11:20 - 0000321 _____ () C:\Program Files\plugin_sdk.html
2015-09-21 16:47 - 2015-09-21 16:47 - 5626368 _____ (The Qt Company Ltd) C:\Program Files\Qt5Core.dll
2015-09-21 16:48 - 2015-09-21 16:48 - 3937280 _____ (The Qt Company Ltd) C:\Program Files\Qt5Gui.dll
2015-09-21 16:48 - 2015-09-21 16:48 - 1092608 _____ (The Qt Company Ltd) C:\Program Files\Qt5Network.dll
2015-09-21 16:47 - 2015-09-21 16:47 - 0216576 _____ (The Qt Company Ltd) C:\Program Files\Qt5Sql.dll
2015-09-21 16:50 - 2015-09-21 16:50 - 5424128 _____ (The Qt Company Ltd) C:\Program Files\Qt5Widgets.dll
2015-10-22 13:22 - 2015-10-22 13:22 - 0175080 _____ () C:\Program Files\quazip.dll
2015-09-21 16:24 - 2015-09-21 16:24 - 0317440 _____ () C:\Program Files\ssleay32.dll
2015-10-22 13:21 - 2015-10-22 13:21 - 11544552 _____ (TeamSpeak Systems GmbH) C:\Program Files\ts3client_win64.exe
2016-02-17 01:00 - 2016-02-17 01:00 - 0390800 _____ (TeamSpeak Systems GmbH) C:\Program Files\Uninstall.exe
2015-10-22 13:22 - 2015-10-22 13:22 - 1514984 _____ (TeamSpeak Systems GmbH) C:\Program Files\update.exe
2015-10-22 11:20 - 2015-10-22 11:20 - 0520934 _____ () C:\Program Files\usb.ids
2014-03-20 23:54 - 2016-06-11 01:48 - 0000408 _____ () C:\Users\Mira\AppData\Roaming\sp_data.sys
2014-06-30 12:39 - 2015-11-26 22:56 - 0005120 _____ () C:\Users\Mira\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-12-07 01:40 - 2015-12-07 01:41 - 0000000 _____ () C:\Users\Mira\AppData\Local\{25C194DB-0F40-47C9-8C89-1DBFE8ABDA98}
2015-11-16 16:51 - 2015-11-16 16:52 - 0000000 _____ () C:\Users\Mira\AppData\Local\{90A87F66-C76B-4B0F-A8C8-AAAA4D94149D}
2016-05-28 19:10 - 2016-05-28 19:10 - 0000057 _____ () C:\ProgramData\Ament.ini
2012-08-17 02:52 - 2012-07-30 08:03 - 0000217 _____ () C:\ProgramData\SetStretch.cmd
2012-08-17 02:52 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-06-10 21:13
==================== Ende von FRST.txt ============================
|
| Themen zu Facebook: "Dein Computer muss gereinigt werden" - Virus/Malware? |
| antivir, antivirus, computer, desktop, dllhost.exe, dnsapi.dll, einlogproblem, facebook, fehlermeldung, firefox, flash player, homepage, installation, malware, malwaremeldung, mozilla, mp3, officejet, problem, prozesse, registry, rundll, security, services.exe, spam, svchost.exe, symantec, system, teamspeak, werden", windows, wlan |
Baum-Darstellung