Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
"PROXY" Einträge in der Registrierungsdatenbank

"PROXY" Einträge in der Registrierungsdatenbank


Plagegeister aller Art und deren Bekämpfung: "PROXY" Einträge in der Registrierungsdatenbank

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 04.05.2015, 11:43   #1
schrauber
/// the machine
/// TB-Ausbilder
 
"PROXY" Einträge in der Registrierungsdatenbank - Standard

"PROXY" Einträge in der Registrierungsdatenbank


Zitat:
ich bin jetzt mal nach dem Lösungsvorschlag von Jürgen gegangen.
Ich seh keinen

Abgesehen davon waren die identisch, bis auf die leeren Scopes.

Poste noch bitte ein frisches FRST Log.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 04.05.2015, 17:54   #2
Haselocke
 
"PROXY" Einträge in der Registrierungsdatenbank - Standard

"PROXY" Einträge in der Registrierungsdatenbank


Hallo,

ja das hab ich schon bemerkt

Hier das Log:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-05-2015
Ran by Sophie (administrator) on SOPHIE-PC on 04-05-2015 18:49:38
Running from C:\Users\Sophie\Downloads
Loaded Profiles: Sophie & UpdatusUser &  (Available profiles: Sophie & UpdatusUser)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) D:\Program Files\iTunes\iTunesHelper.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-01] (Avast Software s.r.o.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => D:\Program Files\iTunes\iTunesHelper.exe [157480 2015-02-13] (Apple Inc.)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-795088716-3225698515-1859665541-1000\...\MountPoints2: {52ebebad-b092-11e4-a55d-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-795088716-3225698515-1859665541-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {52ebebad-b092-11e4-a55d-806e6f6e6963} - E:\Autorun.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-05-01] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-795088716-3225698515-1859665541-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-795088716-3225698515-1859665541-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-795088716-3225698515-1859665541-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-795088716-3225698515-1859665541-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-795088716-3225698515-1859665541-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-795088716-3225698515-1859665541-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-13] (Avast Software s.r.o.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @Apple.com/iTunes,version=1.0 -> D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-31] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-31] (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-02] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-07]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-03-10]

Chrome: 
=======
CHR StartupUrls: Profile 1 -> "https://www.google.de/"
CHR Profile: C:\Users\Sophie\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Sophie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-02]
CHR Extension: (Google Docs) - C:\Users\Sophie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-02]
CHR Extension: (Google Drive) - C:\Users\Sophie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-02]
CHR Extension: (YouTube) - C:\Users\Sophie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-02]
CHR Extension: (Google Search) - C:\Users\Sophie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-02]
CHR Extension: (Google Sheets) - C:\Users\Sophie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-02]
CHR Extension: (Bookmark Manager) - C:\Users\Sophie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-03-11]
CHR Extension: (Avast Online Security) - C:\Users\Sophie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-03-07]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Sophie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-11]
CHR Extension: (Google Wallet) - C:\Users\Sophie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-07]
CHR Extension: (Gmail) - C:\Users\Sophie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-02]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-07]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-01] (Avast Software s.r.o.)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-05-01] (Avast Software)
R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-05-01] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-05-01] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55200 2015-05-01] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-05-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-05-01] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427992 2015-05-01] (Avast Software s.r.o.)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57888 2015-05-01] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-05-01] ()
R3 AtcL001; C:\Windows\System32\DRIVERS\atl01v32.sys [48128 2007-03-15] (Attansic Technology corporation.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [278728 2015-04-07] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25416 2015-04-07] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-05-04] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-05-01] (Avast Software)
R4 epp32; system32\DRIVERS\epp32.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-04 18:45 - 2015-05-04 18:45 - 00000000 ____D () C:\Program Files\ESET
2015-05-04 11:51 - 2015-05-04 11:51 - 00000000 ____D () C:\ProgramData\Panda Security
2015-05-04 10:09 - 2015-05-04 10:45 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-04 10:09 - 2015-05-04 10:09 - 00000899 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-05-04 10:09 - 2015-05-04 10:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-05-04 10:09 - 2015-05-04 10:09 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2015-05-04 10:09 - 2015-04-14 09:37 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-04 10:09 - 2015-04-14 09:37 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-04 10:09 - 2015-04-14 09:37 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-04 10:00 - 2015-05-04 10:00 - 00000665 _____ () C:\Users\Sophie\Desktop\JRT.txt
2015-05-04 09:52 - 2015-05-04 09:52 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-SOPHIE-PC-Windows-Vista-(TM)-Home-Premium-(32-bit).dat
2015-05-04 09:52 - 2015-05-04 09:52 - 00000000 ____D () C:\RegBackup
2015-05-03 17:33 - 2015-05-03 17:35 - 00025999 _____ () C:\Users\Sophie\Downloads\Addition.txt
2015-05-03 17:32 - 2015-05-04 18:49 - 00013278 _____ () C:\Users\Sophie\Downloads\FRST.txt
2015-05-03 17:32 - 2015-05-04 18:49 - 00000000 ____D () C:\FRST
2015-05-03 17:31 - 2015-05-03 17:31 - 01140736 _____ (Farbar) C:\Users\Sophie\Downloads\FRST.exe
2015-05-02 17:13 - 2015-05-04 09:51 - 00000000 ____D () C:\AdwCleaner
2015-05-02 16:21 - 2015-05-02 16:21 - 02204160 _____ () C:\Users\Sophie\Downloads\adwcleaner_4.203.exe
2015-05-02 15:39 - 2015-05-02 15:39 - 00001220 _____ () C:\EamClean.log
2015-05-02 15:34 - 2015-05-02 15:34 - 00000000 ____D () C:\ProgramData\Emsisoft
2015-05-02 12:32 - 2015-05-02 17:16 - 00000981 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-02 12:22 - 2015-05-04 12:00 - 00000000 ____D () C:\Program Files\Emsisoft Anti-Malware
2015-05-02 12:09 - 2015-05-02 12:11 - 170234744 _____ (Emsisoft Ltd. ) C:\Users\Sophie\Downloads\EmsisoftAntiMalwareSetup_9.0.0.5066.exe
2015-05-02 11:55 - 2006-09-18 23:41 - 00000761 _____ () C:\Windows\system32\Drivers\etc\hosts.20150502-115558.backup
2015-05-02 11:50 - 2015-05-04 10:33 - 00000644 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2015-05-02 11:50 - 2015-05-02 11:57 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-05-02 11:50 - 2015-05-02 11:50 - 00001970 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-05-02 11:50 - 2015-05-02 11:50 - 00001958 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-05-02 11:50 - 2015-05-02 11:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-05-02 11:50 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2015-05-02 11:49 - 2015-05-02 11:52 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2015-05-02 11:17 - 2015-05-02 15:46 - 00000000 ____D () C:\Users\Sophie\AppData\Local\DC8131B1-1430565470-4F9A-C680-001FC6136CD0
2015-05-01 09:51 - 2015-05-01 09:51 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-05-01 09:51 - 2015-05-01 09:51 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-04-27 11:28 - 2015-04-27 11:41 - 00000000 ____D () C:\Users\Sophie\Desktop\Untitled Export
2015-04-25 09:24 - 2015-05-03 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
2015-04-23 18:50 - 2015-03-25 22:01 - 00000000 _____ () C:\Users\Sophie\photothumb.db-2rma0zljhif6sagxfam2
2015-04-23 18:50 - 2014-12-01 00:00 - 00121787 _____ () C:\Users\Sophie\zebrastreifen-design-bad-badewanne-teppich-plüschhocker-extravagant - Kopie.jpeg
2015-04-23 18:50 - 2014-08-27 17:38 - 00032410 _____ () C:\Users\Sophie\Erfolg oder Ethik  - Medaillen oder Moral.odt
2015-04-23 18:50 - 2014-06-20 20:49 - 00014761 _____ () C:\Users\Sophie\da journal.odt
2015-04-23 18:49 - 2015-04-23 18:49 - 00000000 ____D () C:\Users\Sophie\ps 2014
2015-04-23 18:48 - 2015-04-23 18:48 - 00000000 ____D () C:\Users\Sophie\2014 - 1
2015-04-23 18:45 - 2015-04-23 18:45 - 00001115 _____ () C:\Users\Sophie\Desktop\PC Inspector File Recovery.lnk
2015-04-23 18:45 - 2015-04-23 18:45 - 00000000 ____D () C:\Users\Sophie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Convar
2015-04-23 18:45 - 2015-04-23 18:45 - 00000000 ____D () C:\Program Files\Convar
2015-04-22 22:33 - 2015-04-22 22:34 - 00000000 ____D () C:\Users\Sophie\Desktop\Fotos
2015-04-20 14:46 - 2015-04-20 14:46 - 00035840 ____H () C:\Users\Sophie\Downloads\photothumb.db
2015-04-20 12:33 - 2015-04-20 12:33 - 00004154 _____ () C:\Users\Sophie\AppData\Local\recently-used.xbel
2015-04-20 12:11 - 2015-05-03 18:12 - 00000000 ____D () C:\Users\Sophie\Desktop\D
2015-04-18 12:12 - 2015-04-18 12:12 - 00000000 ____D () C:\Windows\system32\Macromed
2015-04-18 12:12 - 2007-04-05 00:39 - 00442368 ____R (On2.com) C:\Windows\system32\vp6vfw.dll
2015-04-18 11:14 - 2015-04-18 11:14 - 00000000 ____D () C:\Users\Sophie\AppData\Roaming\My Baby Pet Hotel
2015-04-18 11:12 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-04-18 11:12 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-04-18 11:12 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-04-18 11:12 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-04-18 11:12 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-04-18 11:12 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-04-18 11:12 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-04-18 11:12 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-04-18 11:12 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2015-04-18 11:12 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2015-04-18 11:12 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2015-04-18 11:12 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-04-18 11:12 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2015-04-18 11:12 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2015-04-18 11:12 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-04-18 11:12 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2015-04-18 11:12 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2015-04-18 11:12 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-04-18 11:12 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-04-18 11:12 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2015-04-18 11:12 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2015-04-18 11:12 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2015-04-18 11:12 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2015-04-18 11:12 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2015-04-18 11:12 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2015-04-18 11:12 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2015-04-18 11:12 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-04-18 11:12 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2015-04-18 11:12 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-04-18 11:12 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-04-18 11:12 - 2008-10-10 04:52 - 04379984 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-04-18 11:12 - 2008-10-10 04:52 - 02036576 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-04-18 11:12 - 2008-10-10 04:52 - 00452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-04-18 11:12 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2015-04-18 11:12 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-04-18 11:12 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-04-18 11:12 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2015-04-18 11:12 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2015-04-18 11:12 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2015-04-18 11:12 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2015-04-18 11:12 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2015-04-18 11:12 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2015-04-18 11:12 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2015-04-18 11:12 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2015-04-18 11:12 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2015-04-18 11:12 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2015-04-18 11:12 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2015-04-18 11:12 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2015-04-18 11:12 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2015-04-18 11:12 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2015-04-18 11:12 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2015-04-18 11:12 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2015-04-18 11:12 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2015-04-18 11:12 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2015-04-18 11:12 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2015-04-18 11:12 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2015-04-18 11:12 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2015-04-18 11:12 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2015-04-18 11:12 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-04-18 11:12 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2015-04-18 11:12 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2015-04-18 11:12 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2015-04-18 11:12 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2015-04-18 11:12 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2015-04-18 11:12 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2015-04-18 11:12 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2015-04-18 11:12 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2015-04-18 11:12 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2015-04-18 11:12 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2015-04-18 11:12 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2015-04-18 11:12 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2015-04-18 11:12 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2015-04-18 11:12 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2015-04-18 11:12 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-04-18 11:12 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2015-04-18 11:12 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2015-04-18 11:12 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-04-18 11:12 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-04-18 11:12 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-04-18 11:12 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2015-04-18 11:12 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-04-18 11:12 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-04-18 11:12 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-04-18 11:12 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-04-18 11:12 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-04-18 11:12 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-04-18 11:10 - 2015-04-18 11:12 - 00000000 ____D () C:\Windows\system32\directx
2015-04-18 11:10 - 2015-04-18 11:11 - 00000000 ___HD () C:\Windows\msdownld.tmp
2015-04-16 08:32 - 2015-03-09 03:01 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-16 08:25 - 2015-03-05 04:24 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-16 08:24 - 2015-03-05 04:32 - 00244152 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-16 08:24 - 2015-03-05 04:23 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-16 08:23 - 2015-03-14 04:21 - 01205168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-16 08:23 - 2015-03-13 03:51 - 03604920 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-04-16 08:23 - 2015-03-13 03:51 - 03552184 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 07:13 - 2015-03-10 01:06 - 12377600 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 07:13 - 2015-03-10 01:03 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 07:13 - 2015-03-10 01:02 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 07:13 - 2015-03-10 01:00 - 09747968 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 07:13 - 2015-03-10 00:57 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 07:13 - 2015-03-10 00:57 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 07:13 - 2015-03-10 00:56 - 01803264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 07:13 - 2015-03-10 00:56 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 07:13 - 2015-03-10 00:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-15 07:13 - 2015-03-10 00:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 07:13 - 2015-03-10 00:56 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-04-15 07:13 - 2015-03-10 00:56 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 07:13 - 2015-03-10 00:55 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 07:13 - 2015-03-10 00:55 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 07:13 - 2015-03-10 00:55 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 07:13 - 2015-03-10 00:55 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 07:13 - 2015-03-10 00:55 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 07:13 - 2015-03-10 00:55 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 07:13 - 2015-03-10 00:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 07:13 - 2015-03-10 00:55 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-04-15 07:13 - 2015-03-10 00:55 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-04-15 07:13 - 2015-03-10 00:55 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-04-13 20:59 - 2015-04-13 21:00 - 00000000 ____D () C:\Windows\system32\vbox
2015-04-13 20:54 - 2015-04-13 20:54 - 00001829 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-04-13 11:03 - 2015-04-13 11:03 - 00000000 ____D () C:\Users\Sophie\AppData\Roaming\IsolatedStorage
2015-04-13 11:03 - 2015-04-13 11:03 - 00000000 ____D () C:\ProgramData\IsolatedStorage
2015-04-13 11:02 - 2015-04-13 11:02 - 00000000 ____D () C:\Spacekace
2015-04-12 15:45 - 2015-04-12 15:58 - 00000000 ____D () C:\ProgramData\eMule
2015-04-12 10:43 - 2015-04-12 10:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2015-04-09 10:41 - 1998-10-21 18:43 - 00328704 _____ (InstallShield Software Corporation ) C:\Windows\IsUn0407.exe
2015-04-08 20:52 - 2015-04-08 20:52 - 00000656 _____ () C:\Users\UpdatusUser\Desktop\Horsez - Abenteuer auf dem Reiterhof 5.lnk
2015-04-08 19:56 - 2015-04-08 19:56 - 00000566 _____ () C:\Users\UpdatusUser\Desktop\Abenteuer auf dem Reiterhof 4 - Die Meisterschule.lnk
2015-04-08 19:56 - 2015-04-08 19:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-04-07 20:38 - 2015-04-07 20:38 - 00000000 ____D () C:\Users\Sophie\AppData\Roaming\NVIDIA
2015-04-07 20:37 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-04-07 20:37 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-04-07 20:37 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-04-07 20:37 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-04-07 20:36 - 2015-04-07 20:36 - 00000000 ____D () C:\ProgramData\Abenteuer auf dem Reiterhof 6
2015-04-07 20:28 - 2015-04-07 20:28 - 00000000 ____D () C:\Users\Sophie\AppData\Roaming\InstallShield
2015-04-07 20:20 - 2003-03-15 23:15 - 00090112 _____ (MindVision Software) C:\Windows\unvise32.exe
2015-04-07 20:15 - 2015-05-03 13:16 - 00000000 ____D () C:\Users\Sophie\Desktop\Spiele
2015-04-07 10:22 - 2015-04-07 10:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-07 09:07 - 2015-04-07 09:07 - 00000000 ____D () C:\Program Files\Enigma Software Group
2015-04-07 09:06 - 2015-04-07 11:39 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
2015-04-07 09:06 - 2015-04-07 09:06 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2015-04-07 08:57 - 2015-04-07 08:57 - 00000000 ____D () C:\Users\Sophie\AppData\Local\GHISLER
2015-04-07 08:56 - 2015-04-07 08:56 - 00000000 ____D () C:\Users\Sophie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2015-04-07 08:56 - 2015-04-07 08:56 - 00000000 ____D () C:\Users\Sophie\AppData\Roaming\GHISLER
2015-04-07 08:56 - 2015-04-07 08:56 - 00000000 ____D () C:\totalcmd
2015-04-07 08:44 - 2015-05-02 17:16 - 00000577 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-04-07 08:44 - 2015-04-07 08:44 - 00000000 ____D () C:\Users\Sophie\AppData\Roaming\Opera Software
2015-04-07 08:44 - 2015-04-07 08:44 - 00000000 ____D () C:\Users\Sophie\AppData\Local\Skype
2015-04-07 08:44 - 2015-04-07 08:44 - 00000000 ____D () C:\Users\Sophie\AppData\Local\Opera Software
2015-04-07 08:43 - 2015-04-07 08:59 - 00000000 ____D () C:\Users\Sophie\AppData\Roaming\Skype
2015-04-07 08:42 - 2015-04-07 08:59 - 00000000 ____D () C:\ProgramData\Skype
2015-04-07 08:41 - 2015-04-07 08:41 - 00000045 _____ () C:\user.js
2015-04-07 08:27 - 2015-04-07 08:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-04-07 07:32 - 2015-04-18 11:33 - 00061832 _____ () C:\Windows\DirectX.log
2015-04-07 07:32 - 2015-04-07 07:32 - 00409600 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2015-04-07 07:32 - 2015-04-07 07:32 - 00278728 _____ () C:\Windows\system32\Drivers\atksgt.sys
2015-04-07 07:32 - 2015-04-07 07:32 - 00114688 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2015-04-07 07:32 - 2015-04-07 07:32 - 00025416 _____ () C:\Windows\system32\Drivers\lirsgt.sys
2015-04-07 07:32 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-04-06 16:59 - 2015-04-06 17:05 - 00000000 ____D () C:\Users\Sophie\AppData\Roaming\Notepad++
2015-04-06 16:59 - 2015-04-06 16:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-04-06 12:06 - 2015-04-06 12:06 - 00000759 _____ () C:\Users\UpdatusUser\Desktop\Mein Gestüt – Ein Leben für die Pferde.lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-04 18:33 - 2015-03-02 19:00 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-04 18:25 - 2015-03-02 19:00 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-04 18:24 - 2006-11-02 14:47 - 00003760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-04 18:24 - 2006-11-02 14:47 - 00003760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-04 11:43 - 2009-04-11 14:37 - 01738598 _____ () C:\Windows\WindowsUpdate.log
2015-05-04 10:39 - 2006-11-02 12:33 - 00758370 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-04 10:31 - 2015-02-09 22:25 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-04 10:31 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-04 10:30 - 2008-01-21 04:47 - 00176254 _____ () C:\Windows\PFRO.log
2015-05-04 10:30 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\IME
2015-05-04 10:29 - 2006-11-02 15:01 - 00032606 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-02 17:16 - 2015-03-02 19:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-02 17:16 - 2015-02-09 21:43 - 00000983 _____ () C:\Users\Sophie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-01 09:51 - 2015-03-07 13:19 - 00787760 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-05-01 09:51 - 2015-03-07 13:19 - 00427992 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-05-01 09:51 - 2015-03-07 13:19 - 00209048 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-05-01 09:51 - 2015-03-07 13:19 - 00074976 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-05-01 09:51 - 2015-03-07 13:19 - 00057888 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswTdi.sys
2015-05-01 09:51 - 2015-03-07 13:19 - 00055200 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr.sys
2015-05-01 09:51 - 2015-03-07 13:19 - 00049904 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-05-01 09:51 - 2015-03-07 13:19 - 00024144 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-04-24 21:12 - 2015-02-09 21:43 - 00000000 ____D () C:\Users\Sophie
2015-04-22 22:34 - 2015-03-11 12:35 - 00000000 ____D () C:\Users\Sophie\Desktop\Sonstiges
2015-04-22 21:16 - 2006-11-02 14:52 - 00038358 _____ () C:\Windows\setupact.log
2015-04-20 12:33 - 2015-03-13 22:45 - 00000000 ____D () C:\Users\Sophie\.gimp-2.8
2015-04-17 22:02 - 2015-02-09 21:43 - 00000000 ____D () C:\Users\Sophie\AppData\Local\VirtualStore
2015-04-16 11:41 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-04-16 08:32 - 2015-03-02 20:37 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-16 08:26 - 2006-11-02 12:24 - 125832184 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-04-13 20:56 - 2015-03-07 13:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-04-12 21:22 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\LiveKernelReports
2015-04-07 20:28 - 2015-02-09 22:21 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-04-07 11:01 - 2006-11-02 14:37 - 00000000 ____D () C:\Windows\DigitalLocker
2015-04-05 18:11 - 2015-03-13 23:00 - 00079872 ____H () C:\Users\Sophie\Desktop\photothumb.db

==================== Files in the root of some directories =======

2015-02-09 21:43 - 2015-02-09 22:03 - 0000680 _____ () C:\Users\Sophie\AppData\Local\d3d9caps.dat
2015-03-14 15:53 - 2015-04-03 12:46 - 0010240 _____ () C:\Users\Sophie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-04-20 12:33 - 2015-04-20 12:33 - 0004154 _____ () C:\Users\Sophie\AppData\Local\recently-used.xbel

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-04 10:41

==================== End Of Log ============================
--- --- ---





Habe zudem ein zweites Problem entdeckt, was mir etwas suspekt vorkommt.

Avast meldet mir zwei Funde "Win32:Evo-Gen[Susp]" & "Win32:Adware-ASG[PUP]".
die anderen Programme erkennen dies aber nicht. Diese Meldung kommt täglich. Avast schiebt das Zeug natürlich gleich in den Container. Hilfeee ..
__________________
Antwort

Themen zu "PROXY" Einträge in der Registrierungsdatenbank
antivirus, defender, fehlercode 28, fehlercode windows, iexplore.exe, installation, internet, internet explorer, photoshop, proxy adwcleaner, registry, safer networking, security, services.exe, software, spyhunter, spyhunter entfernen, svchost.exe, win32/adware.convertad.lj, win32/elex.bm, win32/elex.cy, win32/toolbar.tnt2.i, win32/toolbar.visicom.a


« Laptop unheimlich langsam und schwach | Erpresservirus, Help_Restore_Files.txt - RSA-2048 key - torproject.org, »


Ähnliche Themen: "PROXY" Einträge in der Registrierungsdatenbank


  1. AdwCleaner findet "PROXY" Einträge in der Registrierungsdatenbank
    Plagegeister aller Art und deren Bekämpfung - 26.04.2015 (15)
  2. Diverse Malware ("CoolSaleCoupon", "ddownlloaditkeep", "omiga-plus", "SaveSense", "SaleItCoupon"); lahmer PC & viel Werbung!
    Plagegeister aller Art und deren Bekämpfung - 11.01.2015 (16)
  3. Internet v. a. mit Firefox sehr langsam (versteckter "Proxy")
    Plagegeister aller Art und deren Bekämpfung - 29.03.2014 (11)
  4. SweetIM - Registrierungsdatenbank-Schlüssel "Software/Iminstaller"
    Log-Analyse und Auswertung - 26.02.2014 (1)
  5. "monstermarketplace.com" Infektion und ihre Folgen; "Anti-Virus-Blocker"," unsichtbare Toolbars" + "Browser-Hijacker" von selbst installiert
    Log-Analyse und Auswertung - 16.11.2013 (21)
  6. Firefox: "Proxy-Server verweigert die Verbindung"
    Log-Analyse und Auswertung - 01.09.2013 (9)
  7. Zusätzliche Einträge in "Dienste" - vermutlich verursacht durch Trojaner
    Plagegeister aller Art und deren Bekämpfung - 24.01.2013 (9)
  8. "The document has moved. Redirecting"+"Popup unten rechts"+"Nicht alle Links anklickbar"
    Plagegeister aller Art und deren Bekämpfung - 24.10.2012 (38)
  9. Öffentliches Netzwerk: Opera sendet/empfängt Daten an/von "Dani-PC", "Anne-PC", "PAULA-HP"...
    Netzwerk und Hardware - 02.05.2011 (14)
  10. MSN Virus erhalten "Guck mal dieses Bild" [...] Proxy Umleitung? :x
    Log-Analyse und Auswertung - 05.09.2010 (1)
  11. "sonderbare" Einträge in der Registry
    Plagegeister aller Art und deren Bekämpfung - 26.02.2009 (26)
  12. "Adware.Virtumonde"/"Downloader.MisleadApp"/"TR/VB.agt.4"/"NewDotNet.A.1350"/"Fakerec
    Plagegeister aller Art und deren Bekämpfung - 22.08.2008 (6)
  13. Trojaner: "TR/proxy.delf.CA"
    Log-Analyse und Auswertung - 06.06.2007 (2)
  14. Trojaner "TR/Proxy.Agent.DF.15"
    Antiviren-, Firewall- und andere Schutzprogramme - 02.03.2007 (1)
  15. HILFE: "Win32:HLLW.Gavir:5" und "Trojan.Proxy.Ranky
    Log-Analyse und Auswertung - 12.01.2007 (4)
  16. ">"">><meta http-equiv="Refresh" content="0;url=http://askimizsonsuza.com/code/">"">
    Plagegeister aller Art und deren Bekämpfung - 04.09.2006 (4)
  17. Einträge "fixen"
    Log-Analyse und Auswertung - 15.11.2005 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema "PROXY" Einträge in der Registrierungsdatenbank - Zitat: ich bin jetzt mal nach dem Lösungsvorschlag von Jürgen gegangen. Ich seh keinen Abgesehen davon waren die identisch, bis auf die leeren Scopes. Poste noch bitte ein frisches FRST - "PROXY" Einträge in der Registrierungsdatenbank...
Archiv
Du betrachtest: "PROXY" Einträge in der Registrierungsdatenbank auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131