Trojaner-Board - Viren, Avira rastet förmlich aus

Code:

ESETSmartInstaller@High as downloader log:

all ok

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# EOSSerial=2777dd870c7066439d35192e95bac94b

# end=init

# utc_time=2015-11-29 04:06:34

# local_time=2015-11-29 05:06:34 (+0100, Mitteleuropäische Zeit)

# country="Germany"

# osver=6.2.9200 NT 

Update Init

Update Download

Update Finalize

Updated modules version: 26958

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# EOSSerial=2777dd870c7066439d35192e95bac94b

# end=updated

# utc_time=2015-11-29 04:08:09

# local_time=2015-11-29 05:08:09 (+0100, Mitteleuropäische Zeit)

# country="Germany"

# osver=6.2.9200 NT 

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.7777

# api_version=3.1.1

# EOSSerial=2777dd870c7066439d35192e95bac94b

# engine=26958

# end=finished

# remove_checked=false

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2015-11-29 08:37:56

# local_time=2015-11-29 09:37:56 (+0100, Mitteleuropäische Zeit)

# country="Germany"

# lang=1031

# osver=6.2.9200 NT 

# compatibility_mode_1=''

# compatibility_mode=5893 16776573 100 94 26161 12303488 0 0

# scanned=521578

# found=9

# cleaned=0

# scan_time=16186

sh=5E8159FFE16704091C1BB044F002CBAAAAEC2A0A ft=1 fh=9b9d5d486d889ca9 vn="Variante von Win32/Packed.Themida verdÃ¤chtige Datei" ac=I fn="C:\Program Files (x86)\Dragonball Online Global\DBOG.exe"

sh=987B6E474DF11C993091615CC361A93EF950DF31 ft=1 fh=fbbf8a3a0672c2b5 vn="Variante von Win32/Packed.Themida verdÃ¤chtige Datei" ac=I fn="C:\Users\Gast\Desktop\Floral Flyff Client\Neuz.exe"

sh=60927CAE0F6284672519681A9AFA6B4E80C0EF49 ft=1 fh=4edb20a755cc6bce vn="Variante von Win32/Adware.ConvertAd.ACA.gen Anwendung" ac=I fn="C:\Users\Margit\AppData\Local\Microsoft\Windows\INetCache\IE\B1YTPEIT\oW2dA[1]"

sh=D5354D4EC3AF2A9E02C27B46226140DBAC500C27 ft=1 fh=3359452a26deca7f vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Margit\AppData\Local\Microsoft\Windows\INetCache\IE\K3I6IGBL\setupfa_7198[1].exe"

sh=EAFE66F18B061AD2F47726D7E93A381DDD15F673 ft=1 fh=eb65ea13568a82f7 vn="Win32/TrojanClicker.Agent.NXU Trojaner" ac=I fn="C:\Users\Margit\AppData\Local\Microsoft\Windows\INetCache\IE\PDPY77HK\AC6Yeqe[1].exe"

sh=EAFE66F18B061AD2F47726D7E93A381DDD15F673 ft=1 fh=eb65ea13568a82f7 vn="Win32/TrojanClicker.Agent.NXU Trojaner" ac=I fn="C:\Users\Margit\AppData\Local\Temp\nslB539.tmp"

sh=EAFE66F18B061AD2F47726D7E93A381DDD15F673 ft=1 fh=eb65ea13568a82f7 vn="Win32/TrojanClicker.Agent.NXU Trojaner" ac=I fn="C:\Users\Margit\AppData\Local\Temp\nswB74C.tmp"

sh=6777606D43D3736F709530606C2C91992C7335DA ft=1 fh=9dd44b0f626a2ac2 vn="Variante von Win32/AdkDLLWrapper.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Margit\AppData\Roaming\uTorrent\updates\3.3.1_30017.exe"

sh=8AFF59554510881EC42D00D6674A3A470EAD71EC ft=1 fh=911990c2c0670922 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Margit\Downloads\BlueStacks App Player - CHIP-Installer.exe"

Code:

 Results of screen317's Security Check version 1.009  

   x64 (UAC is enabled)  

 Internet Explorer 11  
 ``````````````Antivirus/Firewall Check:`````````````` 

Avira Antivirus    

Windows Defender   

 Antivirus up to date!  (On Access scanning disabled!) 
 `````````Anti-malware/Other Utilities Check:````````` 

 TuneUp Utilities 2014 (de-DE)  

 TuneUp Utilities 2014   

 Adobe Flash Player         19.0.0.245  

 Adobe Reader XI  

 Google Chrome (46.0.2490.80) 

 Google Chrome (46.0.2490.86) 

 Google Chrome (dmlconf.dat..) 
 ````````Process Check: objlist.exe by Laurent````````  

 Windows Defender MSMpEng.exe 

 Avira Antivir avgnt.exe 

 Avira Antivir avguard.exe 

 ESET ESET Online Scanner OnlineScannerApp.exe  

 Windows Defender MpCmdRun.exe   
 `````````````````System Health check````````````````` 

 Total Fragmentation on Drive C:  % 
 ````````````````````End of Log``````````````````````

Code:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:29-11-2015

durchgeführt von Margit (Administrator) auf JUSTIN-PC (29-11-2015 22:11:20)

Gestartet von C:\Users\Margit\Desktop

Geladene Profile: Margit & Gast & DefaultAppPool (Verfügbare Profile: Margit & Gast & DefaultAppPool)

Platform: Windows 10 Pro (X64) Sprache: Deutsch (Deutschland)

Internet Explorer Version 11 (Standard-Browser: Chrome)

Start-Modus: Normal

Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Prozesse (Nicht auf der Ausnahmeliste) =================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
 

(AMD) C:\WINDOWS\System32\atiesrxx.exe

(AMD) C:\WINDOWS\System32\atieclxx.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe

(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe

(Microsoft Corporation) C:\WINDOWS\System32\mqsvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe

(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe

(Microsoft Corporation) C:\WINDOWS\System32\SettingSyncHost.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Akamai Technologies, Inc.) C:\Users\Margit\AppData\Local\Akamai\netsession_win.exe

(Akamai Technologies, Inc.) C:\Users\Margit\AppData\Local\Akamai\netsession_win.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

() C:\Program Files (x86)\Drakonia Configurator\hid.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe

() C:\Program Files (x86)\Drakonia Configurator\trayicon.exe

(Spotify Ltd) C:\Users\Margit\AppData\Roaming\Spotify\SpotifyWebHelper.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe

(Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.23.23.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe

() C:\Users\Margit\Downloads\SecurityCheck.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(TeamSpeak Systems GmbH) C:\Users\Margit\AppData\Local\TeamSpeak 3 Client\ts3client_win32.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe

(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
 
 

==================== Registry (Nicht auf der Ausnahmeliste) ===========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
 

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [12697368 2014-10-14] (Logitech Inc.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch

HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [788176 2015-11-13] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\Run: [Skiller Pro] => "C:\Program Files (x86)\Monitor.exe"

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Configurator\hid.exe [246784 2012-06-07] ()

HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-10-14] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.)

HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\...\Run: [BingSvc] => C:\Users\Margit\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation)

HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8551848 2015-10-19] (Piriform Ltd)

HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Margit\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)

HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\...\Run: [Spotify Web Helper] => C:\Users\Margit\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2345584 2015-11-29] (Spotify Ltd)

HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\...\Run: [Spotify] => C:\Users\Margit\AppData\Roaming\Spotify\Spotify.exe [8270448 2015-11-29] (Spotify Ltd)

HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000

HKU\S-1-5-21-3413827966-1155256820-1680526860-501\...\Run: [Akamai NetSession Interface] => C:\Users\Gast\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)

HKU\S-1-5-21-3413827966-1155256820-1680526860-501\...\Run: [appnhost] => C:\Users\Gast\AppData\Local\Mixesoft\AppNHost\appnhost.exe [453176 2014-08-08] (Mixesoft Project)

HKU\S-1-5-21-3413827966-1155256820-1680526860-501\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8551848 2015-10-19] (Piriform Ltd)

HKU\S-1-5-21-3413827966-1155256820-1680526860-501\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-07-10] (Microsoft Corporation)

HKU\S-1-5-21-3413827966-1155256820-1680526860-501\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1

HKU\S-1-5-18\...\Run: [Plugin Follow] => C:\WINDOWS\system32\rundll32.exe ",#3

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Margit\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll [2014-11-06] (Microsoft Corporation)

ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  Keine Datei

ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  Keine Datei

ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Margit\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll [2014-11-06] (Microsoft Corporation)

ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Margit\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll [2014-11-06] (Microsoft Corporation)

ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  Keine Datei

ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  Keine Datei

ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  Keine Datei

ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Margit\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll [2014-11-06] (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  Keine Datei

ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  Keine Datei

ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Margit\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll [2014-11-06] (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Margit\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll [2014-11-06] (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  Keine Datei

ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  Keine Datei

ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  Keine Datei

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\bcbinit.vbs [2013-05-05] ()
 

==================== Internet (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
 

Tcpip\..\Interfaces\{d9368699-de9d-4a66-84ba-5ea19020baaa}: [DhcpNameServer] 192.168.178.1
 

Internet Explorer:

==================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130932981273757626&GUID=2440916F-4C5B-4A8F-AE39-2D0BA5C5F336

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130932981273763607&GUID=2440916F-4C5B-4A8F-AE39-2D0BA5C5F336

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=

HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=

HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=

HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130932981273769451&GUID=2440916F-4C5B-4A8F-AE39-2D0BA5C5F336

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-21-3413827966-1155256820-1680526860-501 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-05-28] (Oracle Corporation)

BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-05-28] (Oracle Corporation)

BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab

Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)

Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
 

FireFox:

========

FF ProfilePath: C:\Users\Margit\AppData\Roaming\Mozilla\Firefox\Profiles\qmvnd1sk.default

FF Homepage: hxxps://www.malwarebytes.org/restorebrowser//?type=hp&ts=1448119276&z=1f5ebd0e43a7bb64d10a33bgbzezdbbg1g3tao8m2t&from=tt4u&uid=HitachiXHDS721050CLA360_JP1572FR1P92PK1P92PKX

FF NetworkProxy: "type", 0

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] ()

FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)

FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-05-28] (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-05-28] (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1215155.dll [2014-12-02] (Adobe Systems, Inc.)

FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)

FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)

FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll [Keine Datei]

FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll [2014-09-20] (Nexon)

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-3413827966-1155256820-1680526860-1000: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll [Keine Datei]

FF Plugin HKU\S-1-5-21-3413827966-1155256820-1680526860-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Keine Datei]

FF Plugin HKU\S-1-5-21-3413827966-1155256820-1680526860-501: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Gast\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-06-10] (Unity Technologies ApS)

FF Extension: Kein Name - C:\Users\Margit\AppData\Roaming\Mozilla\Firefox\Profiles\qmvnd1sk.default\extensions\defsearchp@gmail.com [nicht gefunden]

FF Extension: Kein Name - C:\Users\Margit\AppData\Roaming\Mozilla\Firefox\Profiles\qmvnd1sk.default\extensions\deskCutv2@gmail.com [nicht gefunden]

FF Extension: Amazon-Icon - C:\Users\Margit\AppData\Roaming\Mozilla\Firefox\Profiles\qmvnd1sk.default\Extensions\amazon-icon@giga.de [2014-02-02] [ist nicht signiert]

FF Extension: Bing Search - C:\Users\Margit\AppData\Roaming\Mozilla\Firefox\Profiles\qmvnd1sk.default\Extensions\bingsearch.full@microsoft.com [2015-11-28] [ist nicht signiert]

FF Extension: Firefox Update Hotfix - C:\Users\Margit\AppData\Roaming\Mozilla\Firefox\Profiles\qmvnd1sk.default\Extensions\firefox-hotfix@mozilla.org [2013-10-20] [ist nicht signiert]

FF Extension: Firefox Update Hotfix - C:\Users\Margit\AppData\Roaming\Mozilla\Firefox\Profiles\qmvnd1sk.default\Extensions\firefox-hotfix@mozilla.org.xpi [2013-10-20] [ist nicht signiert]

FF Extension: qualitink - C:\Users\Margit\AppData\Roaming\Mozilla\Firefox\Profiles\qmvnd1sk.default\Extensions\firefox@qualitink.net [2013-11-15] [ist nicht signiert]
 

Chrome: 

=======

CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=de-de

CHR StartupUrls: Default -> "hxxp://google.com/"

CHR Profile: C:\Users\Margit\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Drive) - C:\Users\Margit\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]

CHR Extension: (YouTube) - C:\Users\Margit\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]

CHR Extension: (ImprovedTube - YouTube Extension) - C:\Users\Margit\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnomihfieiccainjcjblhegjgglakjdd [2015-11-24]

CHR Extension: (Adblock Plus) - C:\Users\Margit\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-11-24]

CHR Extension: (Google-Suche) - C:\Users\Margit\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-27]

CHR Extension: (Little Alchemy) - C:\Users\Margit\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2015-09-28]

CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Margit\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-31]

CHR Extension: (Google Mail) - C:\Users\Margit\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-09]

CHR HKU\S-1-5-21-3413827966-1155256820-1680526860-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
 

==================== Dienste (Nicht auf der Ausnahmeliste) ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-29] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [936544 2015-11-13] (Avira Operations GmbH & Co. KG)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-11-13] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-11-13] (Avira Operations GmbH & Co. KG)

S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1105952 2015-11-13] (Avira Operations GmbH & Co. KG)

R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [96896 2009-12-29] (ASUSTeK Computer Inc.)

S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [243968 2015-10-14] (Avira Operations GmbH & Co. KG)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)

R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)

R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-11-12] (LogMeIn, Inc.)

S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)

R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-08-05] (Microsoft Corporation)

R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-03-06] ()

R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)

R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
 

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-25] ()

R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-07] ()

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137800 2015-09-22] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-08-05] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-02-14] (Avira Operations GmbH & Co. KG)

R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [74440 2015-09-22] (Avira Operations GmbH & Co. KG)

S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-30] (Windows (R) Win 7 DDK provider)

R3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)

S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-07-15] ()

S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)

R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)

S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)

R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()

R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )

S3 taphss6; C:\Windows\System32\drivers\taphss6.sys [42088 2015-10-12] (Anchorfree Inc.)

S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()

S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)

R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)

R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)

S3 xhunter1; C:\WINDOWS\xhunter1.sys [35880 2015-11-28] (Wellbia.com Co., Ltd.)

S3 XSplit_Dummy; C:\Windows\System32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)

S3 cpuz138; \??\C:\Users\Margit\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X]

U3 idsvc; kein ImagePath

S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

U3 wpcsvc; kein ImagePath
 

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 

==================== Ein Monat: Erstellte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2015-11-29 22:00 - 2015-11-29 22:01 - 00852720 _____ C:\Users\Margit\Downloads\SecurityCheck.exe

2015-11-29 20:08 - 2015-11-29 20:08 - 00016148 _____ C:\WINDOWS\system32\JUSTIN-PC_Margit_HistoryPrediction.bin

2015-11-29 17:06 - 2015-11-29 17:06 - 00000000 ____D C:\Program Files (x86)\ESET

2015-11-29 17:04 - 2015-11-29 17:06 - 02870984 _____ (ESET) C:\Users\Margit\Downloads\esetsmartinstaller_deu.exe

2015-11-29 16:02 - 2015-11-29 16:02 - 00005165 _____ C:\Users\Margit\Desktop\Weltkunde lerntext.txt

2015-11-28 21:09 - 2015-11-29 21:14 - 00000000 ____D C:\Users\Margit\AppData\Roaming\Spotify

2015-11-28 21:09 - 2015-11-28 21:09 - 00232872 _____ (Spotify Ltd) C:\Users\Margit\Downloads\SpotifySetup.exe

2015-11-28 21:09 - 2015-11-28 21:09 - 00001894 _____ C:\Users\Margit\Desktop\Spotify.lnk

2015-11-28 21:09 - 2015-11-28 21:09 - 00001880 _____ C:\Users\Margit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk

2015-11-28 18:50 - 2015-11-29 22:11 - 00024349 _____ C:\Users\Margit\Desktop\FRST.txt

2015-11-28 18:50 - 2015-11-29 22:11 - 00000000 ____D C:\Users\Margit\Desktop\FRST-OlderVersion

2015-11-28 18:48 - 2015-11-28 18:48 - 00002848 _____ C:\Users\Margit\Desktop\JRT.txt

2015-11-28 18:46 - 2015-11-28 18:46 - 00011300 _____ C:\Users\Margit\Desktop\Neues Textdokument.txt

2015-11-28 18:44 - 2015-11-28 18:44 - 01599336 _____ (Malwarebytes) C:\Users\Margit\Downloads\JRT.exe

2015-11-28 18:34 - 2015-11-28 18:38 - 00000000 ____D C:\AdwCleaner

2015-11-28 18:32 - 2015-11-28 18:32 - 01733632 _____ C:\Users\Margit\Downloads\AdwCleaner_5.022.exe

2015-11-28 18:27 - 2015-11-28 18:27 - 00001544 _____ C:\Users\Margit\Desktop\mbamlog.txt

2015-11-28 17:40 - 2015-11-28 17:40 - 00156058 _____ C:\Users\Margit\Downloads\mbam-log-2015-11-28 (16-19-28).xml

2015-11-24 19:59 - 2015-11-24 19:59 - 00064594 _____ C:\Users\Margit\Downloads\TDSSKiller.3.1.0.6_24.11.2015_19.38.42_log.rar

2015-11-24 19:55 - 2015-11-24 19:55 - 00064594 _____ C:\Users\Margit\Desktop\TDSSKiller.3.1.0.6_24.11.2015_19.38.42_log.rar

2015-11-24 19:53 - 2015-11-24 19:55 - 00391645 _____ C:\Users\Margit\Desktop\TDSSKiller.3.1.0.6_24.11.2015_19.38.42_log.txt

2015-11-24 19:38 - 2015-11-24 19:53 - 00783292 _____ C:\TDSSKiller.3.1.0.6_24.11.2015_19.38.42_log.txt

2015-11-24 19:09 - 2015-11-24 19:09 - 03318160 _____ C:\Users\Margit\Downloads\v_18_3419.pdf

2015-11-24 16:22 - 2015-11-24 16:22 - 00031726 _____ C:\TDSSKiller.3.1.0.6_24.11.2015_16.22.37_log.txt

2015-11-24 16:17 - 2015-11-24 16:17 - 00005480 _____ C:\TDSSKiller.3.1.0.6_24.11.2015_16.17.15_log.txt

2015-11-24 16:11 - 2015-11-24 16:17 - 04397752 _____ (Kaspersky Lab ZAO) C:\Users\Margit\Downloads\tdsskiller.exe

2015-11-24 13:30 - 2015-11-24 13:30 - 00000000 ____D C:\Users\Margit\AppData\LocalLow\Freak Storm Games

2015-11-24 13:25 - 2015-11-24 13:26 - 277664256 _____ C:\Users\Margit\Downloads\ChristmasShopperSimulator_v1.0.msi

2015-11-23 21:54 - 2015-11-24 15:50 - 00000000 ____D C:\Users\Margit\Desktop\mbar

2015-11-23 21:54 - 2015-11-23 21:54 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Margit\Downloads\mbar-1.09.3.1001.exe

2015-11-23 21:46 - 2015-11-28 18:23 - 00001341 _____ C:\Users\Margit\Desktop\Revo Uninstaller.lnk

2015-11-23 21:46 - 2015-11-23 21:46 - 00000000 ____D C:\Users\Margit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller

2015-11-23 21:45 - 2015-11-23 21:45 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Margit\Downloads\revosetup95.exe

2015-11-22 15:29 - 2015-11-22 15:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Christmas Shopper Simulator 2

2015-11-22 15:18 - 2015-11-22 15:18 - 00000000 ____D C:\Users\Margit\AppData\LocalLow\GAME

2015-11-22 15:14 - 2015-11-22 15:15 - 436326943 _____ (GAME ) C:\Users\Margit\Downloads\css2_setup.exe

2015-11-22 14:08 - 2015-11-29 22:11 - 00000000 ____D C:\FRST

2015-11-21 19:28 - 2015-11-29 22:11 - 02350080 _____ (Farbar) C:\Users\Margit\Desktop\FRST64.exe

2015-11-21 17:08 - 2015-11-21 19:11 - 00000382 _____ C:\WINDOWS\SysWOW64\data.bin

2015-11-21 16:27 - 2015-11-21 16:27 - 00003160 _____ C:\WINDOWS\System32\Tasks\kol3015

2015-11-21 16:21 - 2015-11-21 19:11 - 00000098 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

2015-11-21 16:16 - 2015-11-21 16:16 - 00000187 _____ C:\Users\Margit\AppData\Local\Salttex.exe.config

2015-11-21 16:15 - 2014-05-27 14:13 - 00000027 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak

2015-11-21 16:14 - 2015-11-21 16:14 - 00000000 ____D C:\Users\Public\Documents\Baidu

2015-11-20 13:12 - 2015-11-20 13:12 - 13155552 _____ (Microsoft Corporation) C:\Users\Margit\Downloads\Silverlight_x64.exe

2015-11-20 13:09 - 2015-11-27 19:53 - 00000000 ____D C:\WINDOWS\Panther

2015-11-20 13:08 - 2015-11-20 18:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi

2015-11-20 13:08 - 2015-11-20 13:08 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi

2015-11-20 12:55 - 2015-11-20 12:55 - 03933496 _____ (Logitech, Inc.) C:\WINDOWS\system32\LogiLDA.DLL

2015-11-20 12:55 - 2015-11-20 12:55 - 02458936 _____ (Logitech, Inc.) C:\WINDOWS\system32\LdaCx2.dll

2015-11-20 12:55 - 2015-11-20 12:55 - 00828872 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr110.dll

2015-11-20 12:55 - 2015-11-20 12:55 - 00661448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp110.dll

2015-11-20 12:55 - 2015-11-20 12:55 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vccorlib110.dll

2015-11-15 22:21 - 2015-11-15 22:21 - 00002586 _____ C:\Users\Margit\Downloads\mbam-log-2015-11-15 (21-16-59).xml

2015-11-15 21:15 - 2015-11-28 18:24 - 00001169 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2015-11-15 21:14 - 2015-11-15 21:14 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\363311CC.sys

2015-11-15 21:11 - 2015-11-15 21:11 - 00000000 ____D C:\Users\Margit\Documents\HyperCam3

2015-11-15 21:09 - 2010-10-22 02:00 - 00480632 _____ (AVM Berlin) C:\WINDOWS\instwcli.dex

2015-11-15 21:08 - 2015-11-15 21:08 - 00003338 _____ C:\WINDOWS\System32\Tasks\{6EDE68AE-2F35-48DE-A0D1-64AA7BA7708B}

2015-11-15 19:48 - 2015-11-15 19:48 - 01466656 _____ C:\Users\Margit\Downloads\BlueStacks App Player - CHIP-Installer.exe

2015-11-15 01:25 - 2015-11-15 01:25 - 00000000 ____D C:\Users\Margit\Documents\Nikopol

2015-11-14 06:19 - 2015-11-14 06:19 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys

2015-11-14 06:19 - 2015-11-14 06:19 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys

2015-11-14 00:48 - 2015-11-14 00:48 - 00000000 ____D C:\Users\Margit\AppData\Local\Kingosoft

2015-11-14 00:41 - 2015-11-14 00:42 - 15647776 _____ C:\Users\Margit\Downloads\Mashup_Root_Tool.rar

2015-11-14 00:38 - 2015-11-14 00:38 - 00000000 ____D C:\Users\Margit\AppData\Roaming\KingRoot

2015-11-14 00:37 - 2015-11-14 00:37 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf

2015-11-11 13:32 - 2015-11-05 06:15 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2015-11-11 13:32 - 2015-11-05 06:15 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll

2015-11-11 13:32 - 2015-11-05 06:14 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys

2015-11-11 13:32 - 2015-11-05 06:13 - 00577888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys

2015-11-11 13:32 - 2015-11-05 06:11 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll

2015-11-11 13:32 - 2015-11-05 06:06 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2015-11-11 13:32 - 2015-11-05 06:06 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll

2015-11-11 13:32 - 2015-11-05 06:01 - 00607408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe

2015-11-11 13:32 - 2015-11-05 05:56 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll

2015-11-11 13:32 - 2015-11-05 05:56 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys

2015-11-11 13:32 - 2015-11-05 05:56 - 00025280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe

2015-11-11 13:32 - 2015-11-05 05:30 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll

2015-11-11 13:32 - 2015-11-05 05:24 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2015-11-11 13:32 - 2015-11-05 05:23 - 00762888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll

2015-11-11 13:32 - 2015-11-05 05:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll

2015-11-11 13:32 - 2015-11-05 05:20 - 21873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll

2015-11-11 13:32 - 2015-11-05 05:18 - 24597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2015-11-11 13:32 - 2015-11-05 05:18 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll

2015-11-11 13:32 - 2015-11-05 05:18 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe

2015-11-11 13:32 - 2015-11-05 05:17 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll

2015-11-11 13:32 - 2015-11-05 05:12 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll

2015-11-11 13:32 - 2015-11-05 05:11 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll

2015-11-11 13:32 - 2015-11-05 05:10 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2015-11-11 13:32 - 2015-11-05 05:10 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll

2015-11-11 13:32 - 2015-11-05 05:07 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll

2015-11-11 13:32 - 2015-11-05 05:06 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll

2015-11-11 13:32 - 2015-11-05 05:05 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2015-11-11 13:32 - 2015-11-05 05:05 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll

2015-11-11 13:32 - 2015-11-05 05:03 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll

2015-11-11 13:32 - 2015-11-05 05:03 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll

2015-11-11 13:32 - 2015-11-05 05:01 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll

2015-11-11 13:32 - 2015-11-05 05:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll

2015-11-11 13:32 - 2015-11-05 05:01 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe

2015-11-11 13:32 - 2015-11-05 04:59 - 03587072 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys

2015-11-11 13:32 - 2015-11-05 04:59 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll

2015-11-11 13:32 - 2015-11-05 04:58 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys

2015-11-11 13:32 - 2015-11-05 04:58 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll

2015-11-11 13:32 - 2015-11-05 04:56 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll

2015-11-11 13:32 - 2015-11-05 04:55 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll

2015-11-11 13:32 - 2015-11-05 04:54 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll

2015-11-11 13:32 - 2015-11-05 04:47 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2015-11-11 13:32 - 2015-11-05 04:42 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll

2015-11-11 13:32 - 2015-11-05 04:40 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll

2015-11-11 13:32 - 2015-11-05 04:35 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll

2015-11-11 13:32 - 2015-11-05 04:35 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll

2015-11-11 13:32 - 2015-11-05 04:34 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll

2015-11-11 13:32 - 2015-11-05 04:33 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2015-11-11 13:32 - 2015-11-05 04:33 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll

2015-11-11 13:32 - 2015-11-05 04:30 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll

2015-11-11 13:32 - 2015-11-05 04:28 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2015-11-11 13:32 - 2015-11-05 04:27 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll

2015-11-11 13:32 - 2015-11-05 04:27 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll

2015-11-11 13:32 - 2015-11-05 04:23 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll

2015-11-07 23:05 - 2015-11-28 01:05 - 00035880 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys

2015-11-07 22:57 - 2015-11-28 18:23 - 00000802 _____ C:\Users\Margit\Desktop\S4 League.lnk

2015-11-07 22:47 - 2015-11-07 22:47 - 00578584 _____ (Aeria Games & Entertainment) C:\Users\Margit\Downloads\s4league_us_downloader.exe

2015-11-07 17:36 - 2015-11-07 17:36 - 42323732 _____ C:\Users\Margit\Downloads\Z0rker (2).zip

2015-11-07 03:08 - 2015-11-07 03:08 - 39142820 _____ C:\Users\Margit\Downloads\Z0rker (1).zip

2015-11-07 02:23 - 2015-11-07 02:24 - 38506512 _____ C:\Users\Margit\Downloads\Z0rker.zip

2015-11-07 00:10 - 2015-11-07 00:11 - 00000000 ____D C:\Users\Margit\AppData\Roaming\.technic

2015-11-07 00:04 - 2015-11-07 00:05 - 04757856 _____ () C:\Users\Margit\Downloads\TechnicLauncher.exe

2015-11-06 23:27 - 2015-11-29 20:43 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{39CEFE7A-F250-4B65-BCCC-93CBD8E6567C}

2015-11-06 23:25 - 2015-11-06 23:25 - 00000000 ____D C:\Users\Margit\Downloads\Gameforge Live

2015-11-06 07:23 - 2015-11-07 23:00 - 00000000 ____D C:\WINDOWS\Minidump

2015-11-06 07:20 - 2015-11-20 13:01 - 00000000 ___HD C:\$SysReset

2015-10-31 21:34 - 2015-10-31 21:36 - 00000000 ____D C:\Users\Margit\Documents\GTA San Andreas User Files

2015-10-31 16:24 - 2015-10-31 16:24 - 00000221 _____ C:\Users\Margit\Desktop\Call of Duty Modern Warfare 2 - Multiplayer.url

2015-10-31 15:19 - 2015-10-31 15:19 - 00000000 ____D C:\ProgramData\FlyVPN

2015-10-30 20:28 - 2015-11-27 19:47 - 00000000 ___HD C:\$WINDOWS.~BT
 

==================== Ein Monat: Geänderte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2015-11-29 22:10 - 2012-12-21 10:27 - 00000000 ____D C:\Users\Margit\AppData\Roaming\TS3Client

2015-11-29 22:08 - 2014-04-17 19:56 - 00000000 ____D C:\Program Files (x86)\Steam

2015-11-29 22:08 - 2012-12-21 11:53 - 00000000 ____D C:\Users\Margit\AppData\Roaming\Skype

2015-11-29 21:58 - 2014-10-22 21:21 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2015-11-29 21:18 - 2012-12-17 13:21 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2015-11-29 21:13 - 2013-04-15 20:52 - 00000000 ____D C:\Users\Margit\AppData\Local\Spotify

2015-11-29 18:58 - 2014-10-22 21:21 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2015-11-29 14:29 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness

2015-11-29 14:20 - 2015-08-05 01:34 - 02077126 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2015-11-29 14:20 - 2015-07-10 17:34 - 00883752 _____ C:\WINDOWS\system32\perfh007.dat

2015-11-29 14:20 - 2015-07-10 17:34 - 00195886 _____ C:\WINDOWS\system32\perfc007.dat

2015-11-29 14:20 - 2015-07-10 12:02 - 00000000 ____D C:\WINDOWS\INF

2015-11-29 14:16 - 2015-08-05 13:29 - 00000000 ____D C:\Users\DefaultAppPool

2015-11-29 14:16 - 2015-08-05 01:36 - 00000000 ____D C:\Users\Gast

2015-11-29 14:14 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2015-11-28 18:40 - 2015-07-10 10:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI

2015-11-28 18:38 - 2014-03-22 21:38 - 00000008 __RSH C:\ProgramData\ntuser.pol

2015-11-28 18:25 - 2015-08-05 01:44 - 00001540 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2015-11-28 18:25 - 2015-01-10 18:41 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2015-11-28 18:25 - 2014-12-31 23:16 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

2015-11-28 18:25 - 2014-11-06 16:12 - 00001293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk

2015-11-28 18:25 - 2014-11-06 16:11 - 00001446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk

2015-11-28 18:25 - 2014-11-06 16:11 - 00001362 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk

2015-11-28 18:25 - 2014-11-06 16:10 - 00002474 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk

2015-11-28 18:24 - 2014-10-22 21:22 - 00002246 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2015-11-28 18:24 - 2014-05-26 10:05 - 00000901 _____ C:\Users\Public\Desktop\CCleaner.lnk

2015-11-28 18:23 - 2015-09-05 17:46 - 00001742 _____ C:\Users\Margit\AppData\Roaming\Microsoft\Windows\Start Menu\BlueStacks.lnk

2015-11-28 18:23 - 2015-08-05 02:23 - 00001051 _____ C:\Users\Margit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk

2015-11-28 18:23 - 2014-12-20 18:30 - 00001313 _____ C:\Users\Margit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaminfeuer Comprehensive Edition 1080.LNK

2015-11-28 18:23 - 2013-10-11 19:45 - 00001226 _____ C:\Users\Margit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Create Amazing Presentations.lnk

2015-11-28 18:23 - 2013-07-24 23:33 - 00002160 _____ C:\Users\Margit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Angry Birds.lnk

2015-11-28 18:21 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\ModemLogs

2015-11-28 17:38 - 2012-12-21 10:09 - 00000000 ____D C:\Users\Margit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

2015-11-28 17:38 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

2015-11-28 16:16 - 2015-07-10 12:04 - 00000000 ___HD C:\Program Files\WindowsApps

2015-11-25 13:56 - 2014-05-26 12:16 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2015-11-24 16:22 - 2015-08-13 13:39 - 00000000 ____D C:\Users\Margit\AppData\Local\CrashDumps

2015-11-24 16:09 - 2014-10-22 21:26 - 00000000 __SHD C:\Users\Margit\AppData\LocalLow\EmieUserList

2015-11-24 16:09 - 2014-10-22 21:26 - 00000000 __SHD C:\Users\Margit\AppData\LocalLow\EmieSiteList

2015-11-24 13:18 - 2015-01-10 18:40 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys

2015-11-23 21:46 - 2014-05-26 09:24 - 00000000 ____D C:\Program Files (x86)\VS Revo Group

2015-11-23 15:08 - 2015-10-25 20:05 - 71953029 _____ C:\Users\Margit\Desktop\Z0rker (3).zip

2015-11-23 15:08 - 2015-07-10 10:05 - 00000000 ____D C:\WINDOWS

2015-11-23 14:26 - 2015-08-05 02:20 - 00000000 __RHD C:\Users\Public\AccountPictures

2015-11-23 14:24 - 2015-08-05 01:36 - 00000000 ____D C:\Users\Margit

2015-11-21 18:24 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF

2015-11-21 17:27 - 2014-10-22 21:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2015-11-21 16:35 - 2015-08-05 16:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2015-11-21 16:19 - 2015-08-05 02:20 - 00000000 ____D C:\Users\Margit\AppData\Local\Packages

2015-11-20 18:39 - 2015-08-24 12:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

2015-11-20 18:39 - 2015-08-18 02:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragonball Online Global

2015-11-20 18:39 - 2015-08-14 18:16 - 00000000 ____D C:\Users\Margit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client

2015-11-20 18:39 - 2015-08-08 21:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2

2015-11-20 18:39 - 2015-08-05 01:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start

2015-11-20 18:39 - 2015-07-30 12:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2015-11-20 18:39 - 2015-07-10 22:48 - 00000000 ____D C:\Users\Margit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software

2015-11-20 18:39 - 2015-07-10 17:34 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep

2015-11-20 18:39 - 2015-07-10 14:19 - 00000000 ____D C:\WINDOWS\DigitalLocker

2015-11-20 18:39 - 2015-07-10 12:04 - 00000000 __SHD C:\Program Files\Windows Sidebar

2015-11-20 18:39 - 2015-07-10 12:04 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar

2015-11-20 18:39 - 2015-07-10 12:04 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files

2015-11-20 18:39 - 2015-07-10 12:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog

2015-11-20 18:39 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz

2015-11-20 18:39 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed

2015-11-20 18:39 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\SysWOW64\IME

2015-11-20 18:39 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy

2015-11-20 18:39 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\spool

2015-11-20 18:39 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\IME

2015-11-20 18:39 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\schemas

2015-11-20 18:39 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\Resources

2015-11-20 18:39 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\PolicyDefinitions

2015-11-20 18:39 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports

2015-11-20 18:39 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\Help

2015-11-20 18:39 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\Cursors

2015-11-20 18:39 - 2015-07-10 12:04 - 00000000 ____D C:\ProgramData\USOPrivate

2015-11-20 18:39 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared

2015-11-20 18:39 - 2015-06-27 19:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends

2015-11-20 18:39 - 2015-02-06 21:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHARKOON Drakonia

2015-11-20 18:39 - 2015-01-24 14:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Craften Terminal

2015-11-20 18:39 - 2015-01-10 18:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2015-11-20 18:39 - 2014-12-31 13:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skiller Pro

2015-11-20 18:39 - 2014-12-09 22:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX

2015-11-20 18:39 - 2014-11-11 14:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech

2015-11-20 18:39 - 2014-11-06 16:13 - 00000000 ____D C:\WINDOWS\de

2015-11-20 18:39 - 2014-11-06 16:09 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live

2015-11-20 18:39 - 2014-08-10 22:45 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 11

2015-11-20 18:39 - 2014-06-27 19:24 - 00000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin

2015-11-20 18:39 - 2014-06-19 17:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam

2015-11-20 18:39 - 2014-05-28 20:58 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.0

2015-11-20 18:39 - 2014-05-28 20:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2015-11-20 18:39 - 2014-04-17 20:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimDrivers

2015-11-20 18:39 - 2014-02-20 16:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

2015-11-20 18:39 - 2014-01-18 18:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Adobe

2015-11-20 18:39 - 2014-01-17 22:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam

2015-11-20 18:39 - 2013-12-26 15:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S4League

2015-11-20 18:39 - 2013-10-29 12:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LGMobile Support Tool

2015-11-20 18:39 - 2013-07-13 02:09 - 00000000 ____D C:\WINDOWS\system32\MRT

2015-11-20 18:39 - 2013-06-23 19:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter

2015-11-20 18:39 - 2013-06-23 19:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DirectVobSub

2015-11-20 18:39 - 2013-05-10 09:28 - 00000000 ____D C:\Users\Margit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

2015-11-20 18:39 - 2013-04-22 14:55 - 00000000 ____D C:\WINDOWS\system32\appmgmt

2015-11-20 18:39 - 2013-04-22 14:21 - 00000000 ____D C:\WINDOWS\system32\world_the_end

2015-11-20 18:39 - 2013-04-22 14:21 - 00000000 ____D C:\WINDOWS\system32\world_nether

2015-11-20 18:39 - 2013-04-22 14:21 - 00000000 ____D C:\WINDOWS\system32\world

2015-11-20 18:39 - 2013-04-21 13:55 - 00000000 ____D C:\WINDOWS\SysWOW64\world_the_end

2015-11-20 18:39 - 2013-04-21 13:55 - 00000000 ____D C:\WINDOWS\SysWOW64\world_nether

2015-11-20 18:39 - 2013-04-21 13:55 - 00000000 ____D C:\WINDOWS\SysWOW64\world

2015-11-20 18:39 - 2013-04-18 17:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++

2015-11-20 18:39 - 2013-02-15 12:42 - 00000000 ____D C:\Users\Margit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

2015-11-20 18:39 - 2013-02-15 12:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

2015-11-20 18:39 - 2012-12-17 10:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3

2015-11-20 18:39 - 2010-11-21 08:16 - 00000000 ___RD C:\Users\Public\Recorded TV

2015-11-20 18:38 - 2015-07-05 13:31 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

2015-11-20 18:38 - 2014-12-07 12:23 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client

2015-11-20 13:42 - 2015-07-10 10:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM

2015-11-20 13:38 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\Registration

2015-11-20 13:37 - 2015-08-05 00:46 - 00016164 _____ C:\WINDOWS\diagerr.xml

2015-11-20 13:37 - 2015-08-05 00:46 - 00015243 _____ C:\WINDOWS\diagwrn.xml

2015-11-18 14:40 - 2013-01-01 21:51 - 00000000 ____D C:\Users\Margit\AppData\Local\ElevatedDiagnostics

2015-11-17 16:10 - 2012-12-21 11:53 - 00000000 ____D C:\ProgramData\Skype

2015-11-16 13:22 - 2013-04-06 01:31 - 00000000 ____D C:\Program Files (x86)\HyperCam 3

2015-11-15 21:15 - 2015-01-10 18:39 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware

2015-11-15 21:12 - 2013-04-06 01:42 - 00000000 ____D C:\Users\Margit\AppData\Roaming\Solveig Multimedia

2015-11-15 21:09 - 2015-07-10 12:04 - 00000000 __RHD C:\Users\Public\Libraries

2015-11-15 21:09 - 2013-05-14 18:01 - 00000000 ____D C:\Program Files (x86)\avmwlanstick

2015-11-15 21:08 - 2014-07-31 00:37 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.4

2015-11-15 21:07 - 2015-08-10 22:57 - 00000000 ____D C:\Program Files (x86)\GameforgeLive

2015-11-15 21:07 - 2015-02-23 16:08 - 00000000 ____D C:\Users\Margit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MKJogo

2015-11-15 21:07 - 2014-11-11 14:45 - 00000000 ____D C:\Program Files\Common Files\Logitech

2015-11-14 04:40 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache

2015-11-14 02:12 - 2013-12-05 15:23 - 00000000 ____D C:\Users\Margit\.android

2015-11-12 18:09 - 2015-09-17 15:03 - 00000190 _____ C:\Users\Margit\Desktop\Neues Textdokument (2).txt

2015-11-12 16:29 - 2015-03-08 00:31 - 00000000 ____D C:\Users\Margit\AppData\Local\Steam

2015-11-12 14:46 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser

2015-11-11 18:15 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp

2015-11-11 18:05 - 2012-12-17 12:29 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2015-11-10 13:10 - 2013-12-14 14:37 - 00000000 ____D C:\ProgramData\Package Cache

2015-11-07 23:02 - 2015-05-26 17:07 - 00000000 ____D C:\Users\Margit\AppData\Local\LogMeIn Hamachi

2015-11-07 22:52 - 2015-07-10 21:09 - 00000000 ____D C:\AeriaGames

2015-11-07 22:48 - 2014-05-03 21:34 - 00000000 ____D C:\Users\Margit\AppData\Local\Akamai

2015-11-07 17:50 - 2013-07-25 10:19 - 00000000 ____D C:\Users\Margit\AppData\Local\TeamSpeak 3 Client

2015-11-03 19:20 - 2015-10-10 11:10 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2015-11-03 19:20 - 2015-10-10 11:10 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2015-10-31 21:34 - 2015-07-10 11:59 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll

2015-10-31 21:34 - 2015-07-10 11:59 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll

2015-10-31 21:34 - 2015-07-10 11:59 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll

2015-10-31 21:34 - 2015-07-10 11:59 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll

2015-10-31 21:34 - 2015-07-10 11:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll

2015-10-31 21:34 - 2015-07-10 11:59 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll

2015-10-31 21:34 - 2015-07-10 11:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe

2015-10-31 21:34 - 2015-07-10 11:59 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll

2015-10-31 21:34 - 2015-07-10 11:59 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe

2015-10-31 21:34 - 2015-07-10 11:59 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe

2015-10-31 21:34 - 2015-07-10 11:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll

2015-10-31 21:34 - 2015-07-10 11:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll

2015-10-31 21:34 - 2015-07-10 11:59 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll

2015-10-31 21:34 - 2015-07-10 11:59 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll

2015-10-31 21:34 - 2015-07-10 11:59 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll

2015-10-31 21:34 - 2015-07-10 11:59 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll

2015-10-31 21:34 - 2015-07-10 11:59 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll

2015-10-31 21:34 - 2015-07-10 11:59 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll

2015-10-31 16:28 - 2013-04-28 19:23 - 00000000 ____D C:\Program Files\CCleaner
 

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
 

2015-10-19 16:52 - 2015-07-05 19:10 - 0000002 _____ () C:\Program Files\config.ini

2015-10-18 18:23 - 2015-10-18 18:23 - 8019081 _____ () C:\Program Files\data.res

2015-10-08 11:58 - 2015-10-08 11:58 - 8443515 _____ () C:\Program Files\dataSub1.res

2015-10-18 18:23 - 2015-10-18 18:23 - 5929934 _____ () C:\Program Files\dataSub2.res

2015-10-19 16:42 - 2011-07-13 12:46 - 1213200 _____ (Microsoft Corporation) C:\Program Files\dbghelp.dll

2015-10-19 16:42 - 2002-12-10 10:58 - 0060416 _____ (Microsoft Corporation) C:\Program Files\DSETUP.dll

2015-10-19 16:42 - 2010-04-28 05:43 - 0000370 _____ () C:\Program Files\FlyffEng.ini

2015-10-19 16:42 - 2010-05-19 07:45 - 0000351 _____ () C:\Program Files\FlyffEngTest.ini

2015-10-19 16:42 - 2015-10-20 23:37 - 0086017 _____ () C:\Program Files\list.txt

2015-10-19 16:42 - 2011-05-13 18:04 - 1101824 _____ (Microsoft Corporation) C:\Program Files\mfc80.dll

2015-10-19 16:42 - 2011-05-13 18:04 - 1093120 _____ (Microsoft Corporation) C:\Program Files\mfc80u.dll

2015-10-19 16:42 - 2011-05-14 00:18 - 0069632 _____ (Microsoft Corporation) C:\Program Files\mfcm80.dll

2015-10-19 16:42 - 2011-05-14 00:17 - 0057856 _____ (Microsoft Corporation) C:\Program Files\mfcm80u.dll

2015-10-19 16:42 - 2011-05-13 15:59 - 0001870 _____ () C:\Program Files\Microsoft.VC80.CRT.manifest

2015-10-19 16:42 - 2011-05-13 18:04 - 0002372 _____ () C:\Program Files\Microsoft.VC80.MFC.manifest

2015-10-19 16:42 - 2015-09-08 23:12 - 0933956 _____ () C:\Program Files\Mitshi Flyff v18 Launcher.exe

2015-10-19 16:42 - 2010-04-20 09:20 - 0366080 _____ (RAD Game Tools, Inc.) C:\Program Files\mss32.dll

2015-10-19 16:42 - 2010-03-22 13:26 - 0041472 _____ () C:\Program Files\mssogg.asi

2015-10-19 16:42 - 2011-05-14 00:17 - 0479232 _____ (Microsoft Corporation) C:\Program Files\msvcm80.dll

2015-10-19 16:42 - 2011-05-14 00:17 - 0554832 _____ (Microsoft Corporation) C:\Program Files\msvcp80.dll

2015-10-19 16:42 - 2011-05-14 00:17 - 0632656 _____ (Microsoft Corporation) C:\Program Files\msvcr80.dll

2015-09-30 12:37 - 2015-09-30 12:37 - 7344128 _____ (Aeonsoft ) C:\Program Files\Neuz.exe

2015-10-19 16:42 - 2015-10-20 23:43 - 0000830 _____ () C:\Program Files\neuz.ini

2015-10-19 16:42 - 2004-07-13 20:18 - 0032828 _____ (MSDN Magazine Bugslayer Column and the book "Debugging Applications") C:\Program Files\NeuzD.dll

2015-10-19 16:42 - 2015-10-20 23:43 - 0000877 _____ () C:\Program Files\regInfo.dat

2015-10-19 16:42 - 2015-10-20 23:43 - 0000008 _____ () C:\Program Files\resolution

2015-10-19 16:42 - 2013-07-01 10:45 - 0000027 _____ () C:\Program Files\Starter.bat

2015-10-19 16:42 - 2013-07-02 16:33 - 1773035 _____ () C:\Program Files\unins000.dat

2015-10-19 16:42 - 2013-07-02 16:26 - 0695642 _____ () C:\Program Files\unins000.exe

2015-10-19 16:42 - 2004-05-19 01:49 - 0045056 _____ () C:\Program Files\Updater.exe

2014-12-31 13:53 - 2014-12-31 14:00 - 0000944 _____ () C:\Program Files (x86)\Config.ini

2014-12-31 13:53 - 2012-08-14 22:41 - 0061440 _____ () C:\Program Files (x86)\hiddriver.dll

2014-12-31 13:53 - 2013-09-12 14:15 - 0331510 _____ () C:\Program Files (x86)\Icon.ico

2014-12-31 13:53 - 2014-09-03 15:58 - 0057344 _____ () C:\Program Files (x86)\lan.dll

2014-12-31 13:53 - 2006-08-22 15:05 - 0002238 _____ () C:\Program Files (x86)\Uninstall.ico

2015-08-08 21:38 - 2015-08-08 21:47 - 0000608 _____ () C:\Users\Margit\AppData\Roaming\burnaware.ini

2013-08-18 12:44 - 2013-08-18 12:46 - 0047104 ___SH () C:\Users\Margit\AppData\Roaming\Thumbs.db

2014-02-20 21:57 - 2014-03-14 12:56 - 0000053 _____ () C:\Users\Margit\AppData\Roaming\WB.CFG

2015-08-08 21:47 - 2015-08-08 21:47 - 0000031 _____ () C:\Users\Margit\AppData\Local\burnaware.ini

2012-12-20 17:46 - 2013-04-06 03:00 - 0007680 _____ () C:\Users\Margit\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2015-08-05 19:30 - 2015-08-05 19:30 - 0007599 _____ () C:\Users\Margit\AppData\Local\Resmon.ResmonCfg

2015-11-21 16:16 - 2015-11-21 16:16 - 0000187 _____ () C:\Users\Margit\AppData\Local\Salttex.exe.config

2015-08-05 01:31 - 2015-08-05 01:31 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

2015-02-28 22:55 - 2015-02-28 22:56 - 0001160 _____ () C:\ProgramData\HirezPipeError.txt

2015-11-21 16:21 - 2015-11-21 19:11 - 0000098 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
 

Dateien, die verschoben oder gelöscht werden sollten:

====================

C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

C:\Users\Margit\Desktopasdasd.exe
 
 

Einige Dateien in TEMP:

====================

C:\Users\Margit\AppData\Local\Temp\645ed830181eabec729ed97fcc9dc4f4.dll

C:\Users\Margit\AppData\Local\Temp\avgnt.exe

C:\Users\Margit\AppData\Local\Temp\fb1d5c12ab65a33663c67a42c8bf47b2.dll

C:\Users\Margit\AppData\Local\Temp\sqlite3.dll

C:\Users\Margit\AppData\Local\Temp\UninstallModule.exe
 
 

==================== Bamital & volsnap =================
 

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
 

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert

C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert

C:\WINDOWS\explorer.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert

C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert

C:\WINDOWS\system32\services.exe => Datei ist digital signiert

C:\WINDOWS\system32\User32.dll => Datei ist digital signiert

C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert

C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert

C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert

C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert

C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert

C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
 
 

LastRegBack: 2015-11-20 19:12
 

==================== Ende von FRST.txt ============================