| |
| |||||||
Log-Analyse und Auswertung: laptop sehr langsam, definitiver befall von plagegeisternWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
30.06.2014, 22:11
| #1 | |
| |  laptop sehr langsam, definitiver befall von plagegeistern Guten Abend, mein Laptop ist befallen mit vielen Plagegeistern. Deswegen bitte ich hier um Hilfe. Laut einer Anleitung aus dem Thread "Laptop wird immer langsamer" habe ich jetzt einen Scan mit FRST durchgeführt. Hier der Log: Additional.txt Zitat:
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:28-06-2014 02
Ran by DESIDERABILIS (administrator) on DESIDERABILIS83 on 16-06-2014 23:43:15
Running from C:\Users\DESIDERABILIS\Downloads
Platform: Microsoft Windows 7 Starter Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Processes (Whitelisted) =================
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Handle) C:\Users\DESIDERABILIS\AppData\Roaming\Win System\handle.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Oceanis) C:\Program Files\Oceanis\SystemSetting\WallPaperAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-01-16] (AVAST Software)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7703072 2009-09-08] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1557800 2009-10-13] (Synaptics Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Winlogon\Notify\VESWinlogon: C:\Windows\system32\VESWinlogon.dll (Sony Corporation)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [280576 2013-06-06] (Microsoft Corporation)
HKU\S-1-5-21-2398524569-3030390016-3527150408-1000\...\Winlogon: [Shell] C:\Program Files\Oceanis\SystemSetting\WallPaperAgent.exe [115888 2009-12-10] (Oceanis) <==== ATTENTION
IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
BootExecute: autocheck autochk * autocheck iolorgdf32 C:\Users\DESIDERABILIS\AppData\Roaming\iolo\
==================== Internet (Whitelisted) ====================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1402954425&from=tugs&uid=TOSHIBAXMK2565GSX_6028C0FPTXX6028C0FPT&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - {05022ED8-5124-48F2-85CA-357D1195F5C6} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=56eaeaf3-91b5-453c-90dc-cef74b84b753&apn_sauid=0D34198F-312C-4816-A2CB-50680207FA46
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.iminent.com/?appId=03FBFF9F-5F8B-488E-A978-2FF5E7DD4413&ref=toolbox&q={searchTerms}
SearchScopes: HKCU - {2B271B78-8101-48CD-86EC-D7B768B7BDB5} URL = Shopping.com Deutschland - der große Produkt- und Preisvergleich
SearchScopes: HKCU - {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity
SearchScopes: HKCU - {9DCF2AF7-6CD0-4EC0-BA4B-279DC8D92715} URL = hxxp://www.zinio.com/search/index.jsp?s={searchTerms}&rf=sonyie8search
SearchScopes: HKCU - {CA312EE5-C420-4FF0-98BA-9C748B74695E} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-0/4?satitle={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows 7 Starter Helper - {D381FF29-7CFB-4D4E-B92A-C4EDDC696614} - C:\Program Files\Oceanis\SystemSetting\StarterHelper.dll (Oceanis)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\DESIDERABILIS\AppData\Roaming\Mozilla\Firefox\Profiles\c6vll6tw.default-1402954302832
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: webssearches
FF SelectedSearchEngine: webssearches
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\Sony\MSS\3.8.130\npMcAfeeMss.dll No File
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\DESIDERABILIS\AppData\Roaming\Mozilla\Firefox\Profiles\c6vll6tw.default-1402954302832\user.js
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Foxy Secure - C:\Users\DESIDERABILIS\AppData\Roaming\Mozilla\Firefox\Profiles\c6vll6tw.default-1402954302832\Extensions\admin@foxysecure.com [2014-06-16]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-16]
========================== Services (Whitelisted) =================
ATTENTION: => Could not perform signature verification. Cryptographic Service is not running.
S3 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-02-06] (ArcSoft Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-16] (AVAST Software)
S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [350120 2013-05-29] (Intel Corporation)
R2 HandleService; C:\Users\DESIDERABILIS\AppData\Roaming\Win System\handle.exe [637952 2014-06-10] (Handle)
S3 McComponentHostServiceSony; C:\Program Files\Sony\MSS\3.8.130\McCHSvc.exe [235216 2013-10-16] (McAfee, Inc.)
R3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [350120 2013-05-29] (Intel Corporation)
R3 VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [513392 2009-11-30] (Sony Corporation)
R3 VCService; C:\Program Files\Sony\VAIO Care\VCService.exe [60504 2014-02-20] (Sony Corporation)
R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [708608 2010-08-11] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1228336 2014-02-27] (Sony Corporation)
==================== Drivers (Whitelisted) ====================
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-01-16] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-01-16] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-01-16] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-01-16] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [777488 2014-01-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411680 2014-01-16] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [68312 2014-01-16] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180632 2014-01-16] ()
R2 rimspci; C:\Windows\system32\drivers\rimssne86.sys [73216 2009-10-29] (REDC)
R2 risdsnpe; C:\Windows\system32\drivers\risdsne86.sys [46592 2009-10-29] (REDC)
S4 MpKslf3e71aee; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CF850DEE-C819-42D6-A3AD-2150FEF0034E}\MpKslf3e71aee.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-16 23:57 - 2014-06-16 23:57 - 00002008 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oceanis Change Background W7.lnk
2014-06-16 23:57 - 2014-06-16 23:57 - 00000000 ____D () C:\Program Files\Oceanis
2014-06-16 23:54 - 2014-06-16 23:54 - 00000000 __SHD () C:\Users\DESIDERABILIS\AppData\Local\EmieUserList
2014-06-16 23:54 - 2014-06-16 23:54 - 00000000 __SHD () C:\Users\DESIDERABILIS\AppData\Local\EmieSiteList
2014-06-16 23:54 - 2014-06-16 23:54 - 00000000 ____D () C:\Users\DESIDERABILIS\AppData\Roaming\Win System
2014-06-16 23:54 - 2014-06-16 23:31 - 00000000 ____D () C:\Program Files\Common Files\Umbrella
2014-06-16 23:54 - 2014-06-16 23:31 - 00000000 ____D () C:\Program Files\Common Files\IMGUpdater
2014-06-16 23:53 - 2014-06-16 23:54 - 00000000 ____D () C:\Users\DESIDERABILIS\AppData\Roaming\Security Systems
2014-06-16 23:43 - 2014-06-16 23:44 - 00010467 _____ () C:\Users\DESIDERABILIS\Downloads\FRST.txt
2014-06-16 23:42 - 2014-06-16 23:43 - 00000000 ____D () C:\FRST
2014-06-16 23:42 - 2014-06-16 23:42 - 00078760 _____ () C:\Users\DESIDERABILIS\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-16 23:42 - 2014-06-16 23:40 - 00000030 _____ () C:\AVScanner.ini
2014-06-16 23:41 - 2014-06-16 23:41 - 02083328 _____ (Farbar) C:\Users\DESIDERABILIS\Downloads\FRST64.exe
2014-06-16 23:40 - 2014-06-16 23:40 - 01073664 _____ (Farbar) C:\Users\DESIDERABILIS\Downloads\FRST.exe
2014-06-16 23:40 - 2014-06-16 23:40 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-16 23:40 - 2014-06-16 23:31 - 00000000 ____D () C:\Program Files\Bench
2014-06-16 23:38 - 2014-06-16 23:38 - 00013566 _____ () C:\Users\DESIDERABILIS\Desktop\msconfig - Verknüpfung.lnk
2014-06-16 23:38 - 2014-06-16 23:38 - 00000000 ____D () C:\Users\DESIDERABILIS\AppData\Local\com
2014-06-16 23:38 - 2014-06-16 23:36 - 00202204 _____ () C:\Windows\WindowsUpdate.log
2014-06-16 23:36 - 2014-06-16 23:37 - 00004192 _____ () C:\Users\DESIDERABILIS\Documents\cc_20140616_233642.reg
2014-06-16 23:36 - 2014-06-16 23:36 - 00001063 _____ () C:\Users\Public\Desktop\NewPlayer.lnk
2014-06-16 23:36 - 2014-06-16 23:36 - 00000000 ____D () C:\Users\DESIDERABILIS\AppData\Roaming\SupTab
2014-06-16 23:36 - 2014-06-16 23:36 - 00000000 ____D () C:\Users\DESIDERABILIS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-06-16 23:36 - 2014-06-16 23:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewPlayer
2014-06-16 23:36 - 2014-06-16 23:31 - 00000000 ____D () C:\Users\DESIDERABILIS\AppData\Roaming\VOPackage
2014-06-16 23:35 - 2014-06-16 23:35 - 00013341 _____ () C:\Users\DESIDERABILIS\Desktop\Festplatte defragmentieren - Verknüpfung.lnk
2014-06-16 23:32 - 2014-06-16 23:32 - 00000000 _____ () C:\END
2014-06-16 23:31 - 2014-06-16 23:31 - 00332264 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-16 23:31 - 2014-06-16 23:31 - 00046396 _____ () C:\Windows\PFRO.log
2014-06-16 23:31 - 2014-06-16 23:31 - 00000056 _____ () C:\Windows\setupact.log
2014-06-16 23:31 - 2014-06-16 23:31 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-16 23:10 - 2014-06-16 23:10 - 00002108 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care.lnk
2014-06-16 23:10 - 2014-06-16 23:10 - 00000000 __RHD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care
2014-06-16 22:55 - 2014-06-16 22:55 - 00001145 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
2014-06-16 22:50 - 2014-06-16 22:50 - 00000000 ___SD () C:\Windows\system32\CompatTel
==================== One Month Modified Files and Folders =======
2014-06-17 00:10 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-06-17 00:06 - 2009-07-14 04:04 - 00000537 _____ () C:\Windows\win.ini
2014-06-16 23:57 - 2014-06-16 23:57 - 00002008 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oceanis Change Background W7.lnk
2014-06-16 23:57 - 2014-06-16 23:57 - 00000000 ____D () C:\Program Files\Oceanis
2014-06-16 23:54 - 2014-06-16 23:54 - 00000000 __SHD () C:\Users\DESIDERABILIS\AppData\Local\EmieUserList
2014-06-16 23:54 - 2014-06-16 23:54 - 00000000 __SHD () C:\Users\DESIDERABILIS\AppData\Local\EmieSiteList
2014-06-16 23:54 - 2014-06-16 23:54 - 00000000 ____D () C:\Users\DESIDERABILIS\AppData\Roaming\Win System
2014-06-16 23:54 - 2014-06-16 23:53 - 00000000 ____D () C:\Users\DESIDERABILIS\AppData\Roaming\Security Systems
2014-06-16 23:52 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public
2014-06-16 23:49 - 2013-11-17 20:39 - 00000000 ____D () C:\Windows\pss
2014-06-16 23:48 - 2009-11-27 00:11 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-16 23:47 - 2013-05-27 09:58 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-16 23:44 - 2014-06-16 23:43 - 00010467 _____ () C:\Users\DESIDERABILIS\Downloads\FRST.txt
2014-06-16 23:43 - 2014-06-16 23:42 - 00000000 ____D () C:\FRST
2014-06-16 23:42 - 2014-06-16 23:42 - 00078760 _____ () C:\Users\DESIDERABILIS\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-16 23:41 - 2014-06-16 23:41 - 02083328 _____ (Farbar) C:\Users\DESIDERABILIS\Downloads\FRST64.exe
2014-06-16 23:41 - 2014-01-16 18:49 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-16 23:40 - 2014-06-16 23:42 - 00000030 _____ () C:\AVScanner.ini
2014-06-16 23:40 - 2014-06-16 23:40 - 01073664 _____ (Farbar) C:\Users\DESIDERABILIS\Downloads\FRST.exe
2014-06-16 23:40 - 2014-06-16 23:40 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-16 23:40 - 2013-05-27 09:58 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-06-16 23:40 - 2013-05-27 09:58 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-06-16 23:39 - 2009-07-14 06:34 - 00010464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-16 23:39 - 2009-07-14 06:34 - 00010464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-16 23:38 - 2014-06-16 23:38 - 00013566 _____ () C:\Users\DESIDERABILIS\Desktop\msconfig - Verknüpfung.lnk
2014-06-16 23:38 - 2014-06-16 23:38 - 00000000 ____D () C:\Users\DESIDERABILIS\AppData\Local\com
2014-06-16 23:38 - 2013-07-31 22:15 - 00000000 ____D () C:\Users\DESIDERABILIS\Desktop\Untermietvertrag
2014-06-16 23:38 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-06-16 23:37 - 2014-06-16 23:36 - 00004192 _____ () C:\Users\DESIDERABILIS\Documents\cc_20140616_233642.reg
2014-06-16 23:36 - 2014-06-16 23:38 - 00202204 _____ () C:\Windows\WindowsUpdate.log
2014-06-16 23:36 - 2014-06-16 23:36 - 00001063 _____ () C:\Users\Public\Desktop\NewPlayer.lnk
2014-06-16 23:36 - 2014-06-16 23:36 - 00000000 ____D () C:\Users\DESIDERABILIS\AppData\Roaming\SupTab
2014-06-16 23:36 - 2014-06-16 23:36 - 00000000 ____D () C:\Users\DESIDERABILIS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-06-16 23:36 - 2014-06-16 23:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewPlayer
2014-06-16 23:36 - 2013-07-31 00:44 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-16 23:35 - 2014-06-16 23:35 - 00013341 _____ () C:\Users\DESIDERABILIS\Desktop\Festplatte defragmentieren - Verknüpfung.lnk
2014-06-16 23:34 - 2013-05-26 18:20 - 00001335 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-16 23:34 - 2013-05-26 18:17 - 00001627 _____ () C:\Users\DESIDERABILIS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-16 23:32 - 2014-06-16 23:32 - 00000000 _____ () C:\END
2014-06-16 23:32 - 2013-05-26 17:31 - 00000000 ____D () C:\Update
2014-06-16 23:31 - 2014-06-16 23:54 - 00000000 ____D () C:\Program Files\Common Files\Umbrella
2014-06-16 23:31 - 2014-06-16 23:54 - 00000000 ____D () C:\Program Files\Common Files\IMGUpdater
2014-06-16 23:31 - 2014-06-16 23:40 - 00000000 ____D () C:\Program Files\Bench
2014-06-16 23:31 - 2014-06-16 23:36 - 00000000 ____D () C:\Users\DESIDERABILIS\AppData\Roaming\VOPackage
2014-06-16 23:31 - 2014-06-16 23:31 - 00332264 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-16 23:31 - 2014-06-16 23:31 - 00046396 _____ () C:\Windows\PFRO.log
2014-06-16 23:31 - 2014-06-16 23:31 - 00000056 _____ () C:\Windows\setupact.log
2014-06-16 23:31 - 2014-06-16 23:31 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-16 23:31 - 2013-05-26 18:20 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-06-16 23:31 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-16 23:31 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-06-16 23:10 - 2014-06-16 23:10 - 00002108 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care.lnk
2014-06-16 23:10 - 2014-06-16 23:10 - 00000000 __RHD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care
2014-06-16 23:08 - 2014-01-16 18:29 - 00000000 ____D () C:\ProgramData\Sony
2014-06-16 22:56 - 2013-03-22 21:55 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-06-16 22:55 - 2014-06-16 22:55 - 00001145 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
2014-06-16 22:54 - 2013-03-22 21:49 - 00000000 ____D () C:\Program Files\Sony
2014-06-16 22:54 - 2009-11-27 00:55 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-06-16 22:50 - 2014-06-16 22:50 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-08 10:48 - 2014-01-16 18:44 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 10:43 - 2014-01-16 18:44 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-01 18:18 - 2013-07-31 22:00 - 92708840 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-30 11:18 - 2014-01-16 18:50 - 17271296 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 11:02 - 2014-01-16 18:50 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 11:02 - 2014-01-16 18:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 10:44 - 2014-01-16 18:50 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 10:43 - 2014-01-16 18:50 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 10:42 - 2014-01-16 18:50 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 10:38 - 2014-01-16 18:50 - 02179072 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 10:34 - 2014-01-16 18:50 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 10:33 - 2014-01-16 18:50 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 10:30 - 2014-01-16 18:50 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 10:28 - 2014-01-16 18:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 10:28 - 2014-01-16 18:50 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 10:27 - 2014-01-16 18:50 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 10:21 - 2014-01-16 18:50 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 10:16 - 2014-01-16 18:50 - 00368128 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 10:10 - 2014-01-16 18:50 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 10:06 - 2014-01-16 18:50 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 10:04 - 2014-01-16 18:50 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 10:02 - 2014-01-16 18:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 09:57 - 2014-01-16 18:50 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 09:56 - 2014-01-16 18:50 - 04244992 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 09:54 - 2014-01-16 18:50 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 09:50 - 2014-01-16 18:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 09:49 - 2014-01-16 18:50 - 01964544 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 09:40 - 2014-01-16 18:50 - 11725312 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 09:21 - 2014-01-16 18:50 - 01790976 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 09:15 - 2014-01-16 18:50 - 01143296 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 09:13 - 2014-01-16 18:50 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
Some content of TEMP:
====================
C:\Users\DESIDERABILIS\AppData\Local\Temp\BackupSetup.exe
C:\Users\DESIDERABILIS\AppData\Local\Temp\FoxySecure_IE_FF_12-02-2014_Version_5_Setup.exe
C:\Users\DESIDERABILIS\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Gast\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-06-17 00:02
==================== End Of Log ============================
--- --- --- |
Baum-Darstellung