Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
C:\Windows\SysWOW64\rundll32.exe "C:\Users\Admin\AppData\Roaming\BabSolution\Shared\enhancedNT.dll

C:\Windows\SysWOW64\rundll32.exe "C:\Users\Admin\AppData\Roaming\BabSolution\Shared\enhancedNT.dll


Log-Analyse und Auswertung: C:\Windows\SysWOW64\rundll32.exe "C:\Users\Admin\AppData\Roaming\BabSolution\Shared\enhancedNT.dll

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 30.09.2014, 07:39   #1
jackyd
 
C:\Windows\SysWOW64\rundll32.exe "C:\Users\Admin\AppData\Roaming\BabSolution\Shared\enhancedNT.dll - Standard

C:\Windows\SysWOW64\rundll32.exe "C:\Users\Admin\AppData\Roaming\BabSolution\Shared\enhancedNT.dll


addition.txt.


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-09-2014 02
Ran by Admin at 2014-09-29 13:00:01
Running from \\zentrale\software\Malware
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky PURE 3.0 (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky PURE 3.0 (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky PURE 3.0 (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
ALL16820x Utility (HKLM-x32\...\{BE6DF37F-8D64-4CAA-8028-3671FDAA94DF}) (Version: 3.0.902 - ALLNET GmbH)
Allway Sync version 14.2.1 (HKLM-x32\...\Allway Sync_is1) (Version:  - Botkind Inc)
AMD Accelerated Video Transcoding (Version: 13.30.100.40417 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0417.2226.38446 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AudioGenie (HKLM-x32\...\AudioGenie_is1) (Version:  - msi, Inc.)
Auerswald COMfortel Melody 1.3.0 (HKLM-x32\...\{527BB01E-3067-4608-BF7F-EFEF0920C203}) (Version: 1.3.0 - Auerswald GmbH & Co.KG)
Auerswald COMfortel Set 3.4.00 (HKLM-x32\...\{CF833168-AF32-4254-9751-BF91C0570828}) (Version: 3.4.00 - Auerswald GmbH & Co.KG)
Auerswald COMlist 2.5.2 (HKLM-x32\...\{F7B74F3E-8B6C-4826-802E-B907BAAE4E4B}) (Version: 2.5.2 - Auerswald GmbH & Co.KG)
Auerswald COMset 2.7.2 (HKLM-x32\...\{B1D2A138-D53E-4D3F-B547-EA2277007746}) (Version: 2.7.2 - Auerswald GmbH & Co.KG)
Auerswald COMtools 2.3.2 (HKLM-x32\...\{CEDE5E8A-37C3-40C7-8F9C-7D0E70DA0C9E}) (Version: 2.3.2 - Auerswald GmbH & Co.KG)
Auerswald Mult-Core Patch (HKLM-x32\...\{16F8DE17-DC0B-4D03-AF06-90AE05B3D34E}) (Version: 1.0.0 - Auerswald GmbH & Co KG)
Auerswald SoftLCR 3.4.2 (HKLM-x32\...\{CD7DCE24-598D-49BF-A7AE-A019F9804A84}) (Version: 3.4.2 - Auerswald GmbH & Co.KG)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.1.7 - EA Digital Illusions CE AB)
Bing-Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.174.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BRAdmin Professional 3 (HKLM-x32\...\{75C885D4-C758-4896-A3B4-90DA34B44C31}) (Version: 3.53.0004 - Brother)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.13.20.0 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.13.20.0 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.13.20.0 - Canon Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0423.449.6734 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CheckDrive (HKLM-x32\...\{B83513EC-2E4D-4621-816D-4CCF397BE702}_is1) (Version: 4.4 - Abelssoft)
CLICKBIOSII (HKLM-x32\...\{EBCB111F-4907-4B28-BD03-F5BD901106D2}_is1) (Version: 1.0.123 - MSI)
ControlCenter (HKLM-x32\...\{AF14F0CD-5307-4134-BDFA-15974473C1EE}_is1) (Version: 2.5.060 - MSI)
CPUID CPU-Z 1.63.0 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CrystalDiskInfo 5.6.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 5.6.2 - Crystal Dew World)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Debug Diagnostics 2 Update 1 (HKLM\...\{7A94F4D3-AC7B-48EB-866E-BBA62AEFFA4A}) (Version: 2.1.0.7 - Microsoft Corporation)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
dreamboxEDIT -- The one and only settings editor for your Dreambox (HKLM-x32\...\dreamboxEDIT) (Version:  - )
EasyViewer (HKLM-x32\...\InstallShield_{EECD7B96-1416-4D3A-B12D-0D2512120C36}) (Version: 1.3.0.9 - MSI)
EasyViewer (x32 Version: 1.3.0.9 - MSI) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Feuerwehrverwaltung FWVV 20.0 (HKLM-x32\...\FWVV_is1) (Version: 20.0 - UH-SOFTWARE)
FileZilla Client 3.9.0.5 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse)
FM PDF To JPG Converter Free 2.5 (HKLM-x32\...\FM PDF To JPG Converter Free_is1) (Version: 2.5 - )
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free MP4 Video Converter version 5.0.36.319 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.36.319 - DVDVideoSoft Ltd.)
Free Studio version 2013 (HKLM-x32\...\Free Studio_is1) (Version: 6.2.0.1029 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.30.319 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.30.319 - DVDVideoSoft Ltd.)
FRITZ!Powerline (HKLM-x32\...\{F88975C1-C182-4A51-BEDE-E333AB89F5D4}) (Version: 01.00.57 - AVM Berlin)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GoogleClean (HKLM-x32\...\{4281435C-AD1D-4C8A-B9C0-3961C08EF142}_is1) (Version: 5.0.000 - Abelssoft)
GPL Ghostscript 8.71 Lite (HKLM-x32\...\GPL Ghostscript 8.71 Lite_is1) (Version: 8.71 - )
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
HDR projects elements (64-Bit) (HKLM\...\HDR projects elements_is1) (Version: 1.22 - Franzis Verlag GmbH)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Smart Connect Technology 3.0 x64 (HKLM\...\{F9384F65-8BCA-46FA-ABD0-6C7CD31D267F}) (Version: 3.0.42.1767 - Intel)
Intel® Trusted Connect Service Client (Version: 1.31.8.1 - Intel Corporation) Hidden
ISO Workshop 4.3 (HKLM-x32\...\ISO Workshop_is1) (Version:  - Glorylogic)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
JRE 1.6.1 (HKLM-x32\...\{B256C380-AC47-4681-8342-7F42E4F0F434}) (Version: 1.6.1 - Auerswald GmbH & Co.KG)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Kaspersky PURE 3.0 (HKLM-x32\...\InstallWIX_{D0702EE9-9DE4-419A-9C6C-4730B1C985BA}) (Version: 13.0.2.558 - Kaspersky Lab)
Kaspersky PURE 3.0 (x32 Version: 13.0.2.558 - Kaspersky Lab) Hidden
LAV Filters 0.62.0 (HKLM-x32\...\lavfilters_is1) (Version: 0.62.0 - Hendrik Leppkes)
M3U-List Creator V1.3 (HKLM-x32\...\M3U-List Creator V1.3_is1) (Version:  - )
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Medieval CUE Splitter (HKLM-x32\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software)
Microsoft Access database engine 2010 (German) (HKLM-x32\...\{90140000-00D1-0407-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4649.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
MiniTool Partition Wizard Home Edition 8.1.1 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
Motorola Pager Programmiersoftware (HKLM-x32\...\{E5C1617B-4BB9-45F6-A669-189089D1FF80}) (Version: 2.00.0021 - Oelmann Elektronik GmbH)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSI Live Update (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.0.009 - MSI)
MSI SUITE (HKLM-x32\...\{1F025E3A-3074-48A3-A8F3-78E735739491}_is1) (Version: 1.0.036 - MSI)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.1.11.2678 - Electronic Arts, Inc.)
paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF481A}) (Version: 4.0.3 - dotPDN LLC)
PC Auto Backup (HKLM-x32\...\InstallShield_{662548BC-3506-4843-B7AA-F44D352F76A8}) (Version: 1.1.1.21 - Samsung Electronics Co,. Ltd.)
PC Auto Backup (x32 Version: 1.1.1.21 - Samsung Electronics Co,. Ltd.) Hidden
Philips Channel Editor (HKLM-x32\...\{A33473C4-3AD5-449B-9EF5-CD45D0048BCC}) (Version: 3.2.30 - Philips)
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PowerLine Utility (HKLM-x32\...\{82AF9E7C-B592-44BB-914E-EC7653889058}) (Version: 2.0.1446 - TP-LINK)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QNAP Finder (HKLM-x32\...\QNAP_FINDER) (Version: 1.1.0.06280 - QNAP Systems, Inc.)
QNAP NetBak Replicator (HKLM-x32\...\NetBak) (Version: 4.3.2.0611 - QNAP Systems, Inc.)
QNAP Qget (HKLM-x32\...\Qget) (Version: 3.1.4.1125 - QNAP Systems, Inc.)
QNAP Qsync (HKLM-x32\...\Qsync) (Version: 1.3.0.0702 - QNAP Systems, Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
ROCCAT Kone Mouse Driver (HKLM-x32\...\{9733747E-E53D-4C17-977E-3A872AFB93E1}) (Version: 1.0 - ROCCAT)
ROCCAT Power-Grid Version 0.459 (HKLM-x32\...\{953CF6E6-4EC8-4E55-A263-720CEBD591FE}_is1) (Version: 0.459 - ROCCAT GmbH)
RW_Tools V4 (HKCU\...\RW_Tools V4) (Version:  - )
Samsung i-Launcher 1.0.1.54 (HKLM-x32\...\Samsung i-Launcher) (Version: 1.0.1.54 - Samsung Electronics Co., Ltd.)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 2.0.0.0 - Electronic Arts)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
STRATO HiDrive (remove only) (HKLM-x32\...\STRATO HiDrive) (Version:  - STRATO AG)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.31064 - TeamViewer)
THX TruStudio Pro (HKLM-x32\...\{4FA6CB9A-2972-4AAF-A36E-3C40FCC22395}) (Version: 1.04.03 - Creative Technology Limited)
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Train Simulator 2013 (HKLM-x32\...\Steam App 24010) (Version:  - RailSimulator.com)
TSDoctor (HKLM-x32\...\{41472BA5-E017-4413-BA13-67FF9DDAADEB}) (Version: 1.2.134 - Cypheros)
Turbo Lister 2 (HKLM-x32\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.6 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.6.2.0 - Intel)
UKTS Freeware Pack - Blocks-Lofts-Bridges #1 (HKLM-x32\...\{07BB63A6-188D-4447-A0B6-8ED8B2075B81}) (Version: 1.0.9 - UKTrainSim)
UKTS Freeware Pack - Clutter #1 (HKLM-x32\...\{F355333F-795E-4593-ACAA-5C0F9D719D49}) (Version: 1.0.6 - UKTrainSim)
UKTS Freeware Pack - Commercial #1 (HKLM-x32\...\{64C9CBEC-1260-44F1-9304-F0CF9EFF9951}) (Version: 1.0.3 - UKTrainSim)
UKTS Freeware Pack - Foliage #1 (HKLM-x32\...\{E7B3D305-0229-4720-81A5-811E2E23DE43}) (Version: 1.0.2 - UKTrainSim)
UKTS Freeware Pack - Housing #1 (HKLM-x32\...\{AAEA1063-229A-406B-9962-864AEFBBD82F}) (Version: 1.1.1 - UKTrainSim)
UKTS Freeware Pack - Industrial #1 (HKLM-x32\...\{B19E2B7A-745D-4B67-B21B-C97F727F3923}) (Version: 1.0.3 - UKTrainSim)
UKTS Freeware Pack - Railway Buildings #1 (HKLM-x32\...\{13969A12-BC34-42DB-906D-D55FA9675EC2}) (Version: 1.0.4 - UKTrainSim)
UKTS Freeware Pack - UK Wagons #1 (HKLM-x32\...\{2CEDFC42-C1AC-443D-A11D-4BA201CC2C84}) (Version: 1.1.3 - UKTrainSim)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Winki (HKLM-x32\...\{81CF5153-38CF-41e2-AC3C-3D477C987D96}_is1) (Version: 3.2.125 - MSI)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
Wireshark 1.10.5 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.10.5 - The Wireshark developer community, hxxp://www.wireshark.org)
WISO Einliegerwohnung (HKLM-x32\...\WISO Einliegerwohnung) (Version:  - Buhl Data Service GmbH)
WISO Einliegerwohnung (x32 Version: 3.0.1.83 - Buhl) Hidden
WISO Hausverwalter 2012 (HKLM-x32\...\{642308AE-ADD6-4046-8CA5-7B93B6C51913}) (Version: 6.00.7549 - Buhl Data Service GmbH)
WISO Hausverwalter 2013 (HKLM-x32\...\{BAA9D87C-DA6A-48D0-BC07-135E5B2DE5A2}) (Version: 7.00.7718 - Buhl Data Service GmbH)
WISO Hausverwalter 2014 (HKLM-x32\...\{F7DA791F-5149-4520-92F9-69379E72436F}) (Version: 8.00.8332 - Buhl Data Service GmbH)
WISO Hausverwalter 2015 (HKLM-x32\...\{E821384E-D24C-4316-9D86-872F95ED92F0}) (Version: 9.00.8468 - Buhl Data Service GmbH)
XBMC (HKCU\...\XBMC) (Version:  - Team XBMC)
X-Lite 4 (HKLM-x32\...\{E2429B81-5993-4C86-AF2E-51AB2377A9E9}) (Version: 45.6.9607 - CounterPath Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2108137100-1421275735-2102073434-1001_Classes\CLSID\{004B49B7-11B9-5058-FF22-08DD093ADC4B}\InprocServer32 -> {1F799383-9468-D082-D503-08EE85889A47} No File
CustomCLSID: HKU\S-1-5-21-2108137100-1421275735-2102073434-1001_Classes\CLSID\{DD0822FF-3A09-4BDC-B749-4B00B9115850}\InprocServer32 -> {5EAB88C9-9468-D082-9F18-DAAF85889A47} No File
CustomCLSID: HKU\S-1-5-21-2108137100-1421275735-2102073434-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Frank_000\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll No File
CustomCLSID: HKU\S-1-5-21-2108137100-1421275735-2102073434-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Frank_000\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll No File
CustomCLSID: HKU\S-1-5-21-2108137100-1421275735-2102073434-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Frank_000\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll No File
CustomCLSID: HKU\S-1-5-21-2108137100-1421275735-2102073434-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Frank_000\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll No File
CustomCLSID: HKU\S-1-5-21-2108137100-1421275735-2102073434-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Frank_000\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2108137100-1421275735-2102073434-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Frank_000\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2108137100-1421275735-2102073434-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Frank_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2108137100-1421275735-2102073434-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Frank_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2108137100-1421275735-2102073434-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Frank_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2108137100-1421275735-2102073434-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Frank_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2108137100-1421275735-2102073434-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Frank_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2108137100-1421275735-2102073434-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Frank_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2108137100-1421275735-2102073434-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Frank_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2108137100-1421275735-2102073434-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Frank_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

09-09-2014 13:07:46 Geplanter Prüfpunkt
17-09-2014 08:02:28 Geplanter Prüfpunkt
24-09-2014 13:11:16 Windows Update
28-09-2014 14:22:16 Installed VG JPEG-Repair Online
29-09-2014 07:42:47 2014-09-29
29-09-2014 08:03:50 Wiederherstellungsvorgang

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0BB8828A-1677-4C10-A9C2-6546485C4FA5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-11] (Google Inc.)
Task: {1E8805CA-4FA2-4B1F-915E-4C127E89602C} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {243DADD5-D910-41AE-82D4-60EC90A41BB0} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {272E98C3-DF25-46D5-8A03-BBC7E57A4E79} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {37570C31-44FC-4EFE-B8CB-8834A82D5B33} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-09-11] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {41B8BFEC-241C-4AD4-9586-EF983BAA7E76} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {55DD7B0D-0615-42E7-9AFF-474F4858D539} - System32\Tasks\2BrightSparks\SyncBackFree\OSTERWELLE-Frank_000\SyncBackFree sicherung usb stick => d:\SyncBackFree\SyncBackFree.exe
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {88EB5912-7EBE-4D5B-A4C8-4FD3CF133A29} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-08-12] (Microsoft Corporation)
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8ED54AAB-E96A-4821-9C27-012F641D9A04} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2108137100-1421275735-2102073434-1002 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe
Task: {8FFE6B6F-7508-4FE3-8FAD-6DE8A25E396B} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {956046F6-0915-4501-AA3B-E09E58CBF056} - System32\Tasks\NetBak-Osterwelle-Admin-AutoStartup => D:\QNAP\NetBak\NetBak.exe [2014-06-11] (QNAP Systems, Inc.)
Task: {982C67A7-7D09-406D-B62D-7332BC1FB81E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-11] (Adobe Systems Incorporated)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {B22A094D-2AA0-4012-9E48-51050093F9EE} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {C8FF2B03-A730-411F-9380-47808D60FDA0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CF6F3A46-7655-46F7-A27B-1C883B5B443B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-11] (Google Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F5C812D2-0BC5-4A5A-831D-6103433C7AC1} - System32\Tasks\Microsoft Office 15 Sync Maintenance for OSTERWELLE-Frank_000 Osterwelle => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-09-25] (Microsoft Corporation)
Task: {F84F68AF-95A4-4A7B-BBF6-399533143C9D} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {F9D007C8-2904-4793-BAC8-378A01530E31} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-09-25] (Microsoft Corporation)
Task: {FF0ED3E9-ACFC-4C8A-8CBE-25877990727D} - System32\Tasks\Abelssoft\CheckDriveBackgroundGuard => C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe [2014-01-28] (Abelssoft)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-08-10 17:13 - 2013-10-17 17:32 - 00020472 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll
2013-04-16 15:45 - 2014-06-24 12:04 - 00182784 _____ () d:\Allway Sync\Bin\SyncService.exe
2013-09-02 15:10 - 2014-02-19 14:49 - 00099328 ____N () C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe
2014-03-25 09:39 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2012-10-22 11:55 - 2012-10-22 11:55 - 00149032 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2012-10-22 11:55 - 2012-10-22 11:55 - 00058920 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2010-09-03 13:11 - 2010-09-03 13:11 - 00520295 _____ () C:\Program Files (x86)\Samsung\PC Auto Backup\http_ss_win_pro.exe
2014-04-29 10:33 - 2014-04-29 10:33 - 00297680 _____ () D:\QNAP\Qsync\QsyncExt.dll
2014-05-01 21:29 - 2014-05-01 21:29 - 00098304 _____ () D:\FileZilla FTP Client\fzshellext_64.dll
2014-05-12 11:49 - 2014-05-12 11:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2013-03-11 13:07 - 2010-05-04 12:00 - 00237056 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
2014-07-21 10:28 - 2014-06-26 09:52 - 00094416 _____ () D:\Allway Sync\Bin\syncappw.exe
2014-09-09 17:33 - 2014-09-09 17:33 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\ErrorReporting.dll
2014-08-13 16:54 - 2014-01-28 17:33 - 00019744 _____ () C:\Program Files (x86)\CheckDrive\AbStartManager.dll
2014-08-13 16:54 - 2014-01-28 17:33 - 00014112 _____ () C:\Program Files (x86)\CheckDrive\AbMessages.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-12-20 19:19 - 2012-12-20 19:19 - 00479752 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\dblite.dll
2012-12-20 19:19 - 2012-12-20 19:19 - 01310728 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\kpcengine.2.2.dll
2014-09-04 08:38 - 2005-07-18 13:43 - 00160256 _____ () C:\MSI\Live Update\unrar.dll
2010-04-30 14:02 - 2010-04-30 14:02 - 00057344 _____ () C:\Program Files (x86)\Samsung\PC Auto Backup\lang.dll
2014-06-20 10:26 - 2014-09-25 08:49 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2014-09-29 12:28 - 2014-09-29 12:28 - 00098816 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\win32api.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00110080 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\pywintypes27.dll
2014-09-29 12:28 - 2014-09-29 12:28 - 00364544 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\pythoncom27.dll
2014-09-29 12:28 - 2014-09-29 12:28 - 00045568 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\_socket.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 01160704 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\_ssl.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00320512 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\win32com.shell.shell.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00713216 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\_hashlib.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 01175040 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\wx._core_.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00805888 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\wx._gdi_.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00811008 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\wx._windows_.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 01062400 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\wx._controls_.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00735232 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\wx._misc_.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00128512 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\_elementtree.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00127488 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\pyexpat.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00557056 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\pysqlite2._sqlite.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00007168 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\hashobjs_ext.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00087552 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\_ctypes.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00119808 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\win32file.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00108544 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\win32security.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00018432 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\win32event.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00038912 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\win32inet.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00070656 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\wx._html2.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00167936 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\win32gui.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00011264 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\win32crypt.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00027136 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\_multiprocessing.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00686080 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\unicodedata.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00122368 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\wx._wizard.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00010240 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\select.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00024064 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\win32pipe.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00025600 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\win32pdh.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00525640 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\windows._lib_cacheinvalidation.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00035840 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\win32process.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00017408 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\win32profile.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00022528 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\win32ts.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00078336 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\wx._animate.pyd
2014-07-21 10:28 - 2014-06-24 12:04 - 08567808 _____ () D:\Allway Sync\Bin\syncapp.dll
2014-06-20 10:25 - 2014-09-25 08:48 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2014-08-28 11:24 - 2013-09-17 03:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-09-29 12:28 - 2014-09-29 12:28 - 00043008 _____ () c:\Users\Frank_000\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnoafiu.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Frank_000\AppData\Roaming\Dropbox\bin\libcef.dll
2014-06-18 10:43 - 2014-06-18 10:43 - 00151552 _____ () D:\QNAP\Qsync\IOTCAPIs.dll
2014-06-18 10:43 - 2014-06-18 10:43 - 00086016 _____ () D:\QNAP\Qsync\P2PTunnelAPIs.dll
2014-06-18 10:44 - 2014-06-18 10:44 - 00116224 _____ () D:\QNAP\Qsync\RdiffDll.dll
2014-06-18 10:43 - 2014-06-18 10:43 - 00098304 _____ () D:\QNAP\Qsync\RDTAPIs.dll
2012-12-20 19:19 - 2012-12-20 19:19 - 00093192 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avpapplication.dll
2014-09-06 18:44 - 2014-09-06 18:44 - 00035328 _____ () D:\FileZilla FTP Client\fzshellext.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00091648 _____ () D:\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00892416 _____ () D:\FileZilla FTP Client\libstdc++-6.dll
2014-09-25 09:08 - 2014-09-23 06:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
2014-09-25 09:08 - 2014-09-23 06:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll
2014-09-25 09:08 - 2014-09-23 06:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll
2014-09-25 09:08 - 2014-09-23 06:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
2014-09-25 09:08 - 2014-09-23 06:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll
2014-09-25 09:08 - 2014-09-23 06:07 - 14891848 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\PepperFlash\pepflashplayer.dll
2014-08-05 13:44 - 2014-08-05 13:44 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Frank_000\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Frank_000\Desktop\1.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Frank_000\Desktop\1.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Frank_000\Desktop\2.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Frank_000\Desktop\2.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: MSI_FastBoot => 2
HKLM\...\StartupApproved\StartupFolder: => "iSCTsysTray.lnk"
HKLM\...\StartupApproved\Run32: => "Live Update 5"

========================= Accounts: ==========================

Admin (S-1-5-21-2108137100-1421275735-2102073434-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-2108137100-1421275735-2102073434-500 - Administrator - Disabled)
Frank_000 (S-1-5-21-2108137100-1421275735-2102073434-1002 - Limited - Enabled) => C:\Users\Frank_000
Gast (S-1-5-21-2108137100-1421275735-2102073434-501 - Limited - Disabled)
Tanja (S-1-5-21-2108137100-1421275735-2102073434-1005 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (09/29/2014 00:52:00 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40.

Error: (09/29/2014 00:52:00 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 112.

Error: (09/29/2014 00:50:28 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40.

Error: (09/29/2014 00:50:28 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 112.

Error: (09/29/2014 00:26:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Bing Desktop Update service erreicht.

Error: (09/29/2014 00:24:39 PM) (Source: DCOM) (EventID: 10010) (User: Osterwelle)
Description: {3EEF301F-B596-4C0B-BD92-013BEAFCE793}

Error: (09/29/2014 00:24:09 PM) (Source: DCOM) (EventID: 10010) (User: Osterwelle)
Description: {3EEF301F-B596-4C0B-BD92-013BEAFCE793}


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-02-07 12:06:31.113
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\fus2base.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-02-07 09:42:37.246
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\fus2base.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-02-07 09:42:34.811
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avmcowan.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-02-06 11:45:28.762
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\fus2base.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-02-06 11:45:26.405
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avmcowan.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-02-06 11:44:02.380
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-02-06 11:44:02.357
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-02-06 11:44:02.257
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-02-06 11:44:02.240
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-02-06 11:44:02.222
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Percentage of memory in use: 39%
Total physical RAM: 8141.68 MB
Available physical RAM: 4950.55 MB
Total Pagefile: 9421.68 MB
Available Pagefile: 4999.57 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: (SSD) (Fixed) (Total:111.45 GB) (Free:19.73 GB) NTFS
Drive d: (SATA) (Fixed) (Total:233.76 GB) (Free:142.95 GB) NTFS
Drive i: (Sicherungsplatte) (Fixed) (Total:233.76 GB) (Free:56.09 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: BD3ADAC5)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 233.8 GB) (Disk ID: 71AC5D87)
Partition 1: (Active) - (Size=233.8 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 233.8 GB) (Disk ID: F741A295)
Partition 1: (Not Active) - (Size=233.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================
GELÖST

MBAM (als Admin laufen lassen) hatte noch zweimal was gefunden und danach war es gut.

DANKE für die Mühe
Antwort

Themen zu C:\Windows\SysWOW64\rundll32.exe "C:\Users\Admin\AppData\Roaming\BabSolution\Shared\enhancedNT.dll
canon, defender, ebanking, explorer, fehlercode 0x80070057, fehlercode 112, fehlercode 40, fehlercode windows, flash player, homepage, kaspersky, launch, msil/toolbar.linkury.d, msil/toolbar.linkury.e, msil/toolbar.linkury.f, msil/toolbar.linkury.g, problem, services.exe, software, svchost.exe, system, win32/adware.speedingupmypc.g, win32/downloadsponsor.a, win32/installcore.by, win32/toolbar.linkury.d, win32/trojandownloader.wauchos.af, windows, wscript.exe


« PC Langsam Hab ich einen Virus ? | Virenfund bei Avira Scan »


Ähnliche Themen: C:\Windows\SysWOW64\rundll32.exe "C:\Users\Admin\AppData\Roaming\BabSolution\Shared\enhancedNT.dll


  1. Windows 7: Trojaner z.B. in C:\Users\Admin\AppData\Local
    Log-Analyse und Auswertung - 14.02.2015 (20)
  2. Windows7 141861-problem-beim-starten-c-users-benutzer-appdata-roaming-babsolution-shared-enhancednt-dll.html
    Plagegeister aller Art und deren Bekämpfung - 01.02.2015 (16)
  3. C:\Users\name\AppData\Roaming\Microsoft\Windows\Recent\wmpnetwk.dll - nicht gefunden
    Log-Analyse und Auswertung - 14.09.2014 (13)
  4. Windows 8 Trojaner Zbot.gen gefunden in C:\Users\*****\Appdata\Roaming\Cuyfzy\piutfas.exe
    Log-Analyse und Auswertung - 22.08.2014 (6)
  5. Windows 8: Verdacht auf Virus, c:\users\*******\appdata\roaming\newnext.me\nenginge.dll
    Log-Analyse und Auswertung - 07.04.2014 (9)
  6. Problem beim Starten. C:\Users\Benutzer\AppData\Roaming\BabSolution\Shared\EnhancedNT.dll
    Plagegeister aller Art und deren Bekämpfung - 18.10.2013 (15)
  7. Fehlermeldung: RunDLL - Problem beim Starten von C:\Users\C..\AppData\...\enhancedNT.dll Das angegebene Modul wurde nicht gefunden.
    Log-Analyse und Auswertung - 02.10.2013 (6)
  8. Trojaner "TR/Crypt.ZPACK.Gen8" in C:\Users\johanna\AppData\Roaming\skype.dat via Avira gefunden
    Plagegeister aller Art und deren Bekämpfung - 20.09.2013 (7)
  9. Windows 7: Virenfund mit AVIRA C:\Users\*****\AppData\Roaming\OpenCandy\0353524FC3A84BC188BDC2A76B84F948\Softonic_chr_p1v3.exe
    Log-Analyse und Auswertung - 16.09.2013 (9)
  10. Windows 7: Beim Hochfahren "Problem beim Starten von...Babsolution\shared enhancedNT.dll"
    Log-Analyse und Auswertung - 07.09.2013 (11)
  11. Online- Banking gesperrt! Trojan.FakeAlert.Gen & Trojan.ZbotR.Gen in (C:\Users\\AppData\Temp & C:\Users\\AppData\Roaming\Osje\rutaap.exe)
    Log-Analyse und Auswertung - 06.02.2013 (1)
  12. BDS/Delf.MN.19 in C:\Users\admin\AppData\Roaming\Microsoft\Windows\unicode2.nls und weitere...
    Plagegeister aller Art und deren Bekämpfung - 15.01.2013 (2)
  13. RunDLL Probleme beim Starten von C:\users\***\AppData\Roaming\pndeb.dll & AppData\Local\powstak.dll
    Plagegeister aller Art und deren Bekämpfung - 22.10.2012 (5)
  14. "AcroIEHelpe163.dll" in C:\Users\Hendrik\AppData\Roaming\, TR/Rogue.kdv.666318
    Log-Analyse und Auswertung - 08.08.2012 (5)
  15. "Trojan-Spy.Win32.Zbot.dnei" in "C:\Users\Default.Default-PC\AppData\Roaming"
    Plagegeister aller Art und deren Bekämpfung - 12.03.2012 (11)
  16. TR/Offend.kdv.495935 | C:\Users\****\AppData\Roaming\Microsoft\Windows\Templates\audiodi.exe
    Log-Analyse und Auswertung - 19.02.2012 (1)
  17. Trojaner Fake.AV c:\Users\Sexgott\AppData\Roaming\microsoft\Windows\start menu\Programs\windows reco
    Mülltonne - 28.04.2011 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema C:\Windows\SysWOW64\rundll32.exe "C:\Users\Admin\AppData\Roaming\BabSolution\Shared\enhancedNT.dll - addition.txt. Code: Alles auswählen Aufklappen ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-09-2014 02 Ran by Admin at 2014-09-29 13:00:01 Running from \\zentrale\software\Malware Boot Mode: Normal - C:\Windows\SysWOW64\rundll32.exe "C:\Users\Admin\AppData\Roaming\BabSolution\Shared\enhancedNT.dll...

Alle Zeitangaben in WEZ +1. Es ist jetzt 21:33 Uhr.

Kontakt - Trojaner-Board - Archiv - Datenschutzerklärung - Nach oben

Copyright ©2000-2025, Trojaner-Board
Archiv
Du betrachtest: C:\Windows\SysWOW64\rundll32.exe "C:\Users\Admin\AppData\Roaming\BabSolution\Shared\enhancedNT.dll auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19