|
Log-Analyse und Auswertung: Win Vista: DHL Fake-Mail Versandschein Link geöffnet. Rechner infiziert?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
24.04.2016, 11:50 | #1 |
| Win Vista: DHL Fake-Mail Versandschein Link geöffnet. Rechner infiziert? Liebe Leute, leider ist meine Frau nun auch auf die DHL-Fakemailflut hereingefallen und hat gleich 3 Mails davon aufgemacht und den vermeintlichen Versandschein versucht herunterzuladen. Was dann passierte beschreibt sie so: Es hätte sich eine neue IE-Seite geöffnet, mit der Info, daß nichts angezeigt werden kann. Dann weiß sie nicht mehr genau, was sie gemacht hätte... Der Rechner zeigt bisher keinerlei Auffälligkeiten, trotzdem nahm ich ihn sicherheitshalber vom Netz. Vorsichtshalber haben wir mal alle Passwärter über unseren Zweitrechner geändert. Bisher habe ich folgendes unternommen: Avira free Antivir ist installiert. Vollständige Püfung -> keine Funde. Spybot Seary & Destroy ist installiert. Vollständige Prüfung -> keine Funde. Malwarebytes Anti-Rootkit -> keine Funde. TDSS rootkit removing tool -> keine Funde. ESET -> findet "unerwünschte Anwendungen". Diese sind mir aber durchwegs nicht unbekannt...? Ich kann's irgenwie nicht glauben, daß der Rechner nicht infiziert ist...? Ich bin verunsichert und ersuche Euch um Hilfe. Vielen Dank!!! FRST.text Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:18-04-2016 durchgeführt von Gerhard (Administrator) auf GERHARD-PC (24-04-2016 11:16:10) Gestartet von C:\Users\Gerhard\Desktop Geladene Profile: Gerhard (Verfügbare Profile: Gerhard) Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 9 (Standard-Browser: IE) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\stacsv64.exe (Microsoft Corporation) C:\Windows\System32\SLsvc.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (THOMSON Telecom Belgium) C:\Program Files (x86)\Thomson\ST330\service\st330service.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Validity Sensors, Inc.) C:\Windows\System32\vfsFPService.exe (DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (THOMSON Telecom Belgium) C:\Program Files (x86)\Thomson\ST330\diagnostics\diagnostics.exe (O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Macrovision Corporation) C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe (Microsoft Corporation) C:\Windows\ehome\ehtray.exe (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Microsoft Corporation) C:\Windows\ehome\ehmsas.exe (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (Hewlett-Packard Co.) C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe (CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe ( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (Hagel Technologies Ltd) C:\Program Files (x86)\DU Meter\DUMeter.exe (CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Hewlett-Packard) C:\Program Files (x86)\Hp\Digital Imaging\bin\HpqSRmon.exe (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe () C:\Program Files (x86)\Winamp\winampa.exe (DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac (Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe () C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe () C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe () C:\Windows\SMINST\BLService.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe () C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe (Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpAgent.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE () C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe () C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe () C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe () C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe (Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe (Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe (Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe (Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe () C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe (Microsoft Corporation) C:\Windows\System32\wisptis.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-21] (Microsoft Corporation) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated) HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [910128 2008-08-07] (Hewlett-Packard) HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [178712 2008-04-15] (Intel Corporation) HKLM\...\Run: [diagnostics] => C:\Program Files (x86)\Thomson\ST330\diagnostics\diagnostics.exe [557149 2008-11-15] (THOMSON Telecom Belgium) HKLM\...\Run: [OODefragTray] => C:\Program Files\OO Software\Defrag\oodtray.exe [3942728 2011-01-12] (O&O Software GmbH) HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-04] (CANON INC.) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [442368 2009-06-03] (IDT, Inc.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49152 2006-12-10] (Hewlett-Packard Co.) HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2007-12-24] (CyberLink Corp.) HKLM-x32\...\Run: [TVAgent] => C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe [468264 2008-07-23] (CyberLink Corp.) HKLM-x32\...\Run: [TSMAgent] => C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [1144104 2008-08-02] (CyberLink Corp.) HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [202032 2008-08-01] ( Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [hpWirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752 2008-04-15] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [HP Health Check Scheduler] => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75008 2008-06-16] (Hewlett-Packard) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [DVDAgent] => C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [1148200 2008-07-23] (CyberLink Corp.) HKLM-x32\...\Run: [DU Meter] => C:\Program Files (x86)\DU Meter\DUMeter.exe [1587224 2006-11-27] (Hagel Technologies Ltd) HKLM-x32\...\Run: [CLMLServer for HP TouchSmart] => C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [210216 2008-08-02] (CyberLink) HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150016 2008-08-20] (Hewlett-Packard) HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.) HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [37888 2009-07-01] () HKLM-x32\...\Run: [DpAgent] => C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe [842816 2009-12-01] (DigitalPersona, Inc.) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [807392 2016-03-10] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443408 2014-03-18] (BlackBerry Limited) HKLM-x32\...\Run: [RIM PeerManager] => C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4494848 2014-06-23] (Research In Motion Limited) HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH) HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4127488 2015-06-16] (Safer-Networking Ltd.) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-03-30] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-245431003-2198170287-2616952542-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2008-11-03] (Google Inc.) HKU\S-1-5-21-245431003-2198170287-2616952542-1000\...\Run: [ISUSPM] => C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe [226904 2007-07-12] (Macrovision Corporation) HKU\S-1-5-21-245431003-2198170287-2616952542-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-21] (Microsoft Corporation) HKU\S-1-5-21-245431003-2198170287-2616952542-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2008-01-22] (Nero AG) HKU\S-1-5-21-245431003-2198170287-2616952542-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1095000 2013-12-13] (Garmin Ltd or its subsidiaries) HKU\S-1-5-21-245431003-2198170287-2616952542-1000\...\Run: [] => [X] HKU\S-1-5-21-245431003-2198170287-2616952542-1000\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-10-02] (Nokia) HKU\S-1-5-21-245431003-2198170287-2616952542-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd) HKU\S-1-5-21-245431003-2198170287-2616952542-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.) HKU\S-1-5-21-245431003-2198170287-2616952542-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) HKU\S-1-5-21-245431003-2198170287-2616952542-1000\...\Run: [WMPNSCFG] => C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe HKU\S-1-5-21-245431003-2198170287-2616952542-1000\...\MountPoints2: G - G:\WDSetup.exe HKU\S-1-5-21-245431003-2198170287-2616952542-1000\...\MountPoints2: {4c5268e7-5bb8-11e4-a230-001e68ec9b13} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\start.exe HKU\S-1-5-21-245431003-2198170287-2616952542-1000\...\MountPoints2: {cd71414e-b347-11dd-b70e-002186b37951} - G:\WDSetup.exe Lsa: [Notification Packages] scecli DPPWDFLT ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 1] -> {02B2B772-B8A8-4DA4-9B18-42551A54A1A8} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_3_20160309172102198.dll [2016-01-26] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 2] -> {0575AB16-E932-4160-8936-4DBE195BDBD7} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_3_20160309172102198.dll [2016-01-26] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 3] -> {0E9EF89A-96D3-4DE6-B2F8-E9548AA5321E} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_3_20160309172102198.dll [2016-01-26] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 4] -> {1A4AFFE1-B2F9-483D-B627-D9A339DBFD34} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_3_20160309172102198.dll [2016-01-26] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 1] -> {02B2B772-B8A8-4DA4-9B18-42551A54A1A8} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20160309172102198.dll [2016-01-26] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 2] -> {0575AB16-E932-4160-8936-4DBE195BDBD7} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20160309172102198.dll [2016-01-26] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 3] -> {0E9EF89A-96D3-4DE6-B2F8-E9548AA5321E} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20160309172102198.dll [2016-01-26] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 4] -> {1A4AFFE1-B2F9-483D-B627-D9A339DBFD34} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20160309172102198.dll [2016-01-26] (1&1 Mail & Media GmbH) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk [2008-09-29] ShortcutTarget: BTTray.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2009-03-16] ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\Users\Gerhard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2008-11-03] ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: C:\Users\Gerhard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk [2008-11-03] ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Winsock: Catalog9 01 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984 2014-05-27] (Avira Operations GmbH & Co. KG) Winsock: Catalog9 02 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984 2014-05-27] (Avira Operations GmbH & Co. KG) Winsock: Catalog9 03 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984 2014-05-27] (Avira Operations GmbH & Co. KG) Winsock: Catalog9 04 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984 2014-05-27] (Avira Operations GmbH & Co. KG) Winsock: Catalog9 05 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984 2014-05-27] (Avira Operations GmbH & Co. KG) Winsock: Catalog9 06 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984 2014-05-27] (Avira Operations GmbH & Co. KG) Winsock: Catalog9 07 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984 2014-05-27] (Avira Operations GmbH & Co. KG) Winsock: Catalog9 08 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984 2014-05-27] (Avira Operations GmbH & Co. KG) Winsock: Catalog9 20 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984 2014-05-27] (Avira Operations GmbH & Co. KG) Winsock: Catalog9-x64 01 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344 2014-05-27] (Avira Operations GmbH & Co. KG) Winsock: Catalog9-x64 02 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344 2014-05-27] (Avira Operations GmbH & Co. KG) Winsock: Catalog9-x64 03 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344 2014-05-27] (Avira Operations GmbH & Co. KG) Winsock: Catalog9-x64 04 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344 2014-05-27] (Avira Operations GmbH & Co. KG) Winsock: Catalog9-x64 05 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344 2014-05-27] (Avira Operations GmbH & Co. KG) Winsock: Catalog9-x64 06 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344 2014-05-27] (Avira Operations GmbH & Co. KG) Winsock: Catalog9-x64 07 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344 2014-05-27] (Avira Operations GmbH & Co. KG) Winsock: Catalog9-x64 08 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344 2014-05-27] (Avira Operations GmbH & Co. KG) Winsock: Catalog9-x64 20 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344 2014-05-27] (Avira Operations GmbH & Co. KG) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\..\Interfaces\{93AC1A5D-01F0-4FB2-BE84-BA861A210925}: [DhcpNameServer] 10.0.0.138 Tcpip\..\Interfaces\{CDC223DA-0590-49A4-816B-4F0F0092415A}: [DhcpNameServer] 10.0.0.138 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_at&c=84&bd=Pavilion&pf=cnnb HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_at&c=84&bd=Pavilion&pf=cnnb HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_at&c=84&bd=Pavilion&pf=cnnb HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_at&c=84&bd=Pavilion&pf=cnnb HKU\S-1-5-21-245431003-2198170287-2616952542-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-245431003-2198170287-2616952542-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_at&c=84&bd=Pavilion&pf=cnnb SearchScopes: HKLM -> {1D866834-6982-4FDA-B8A8-ED4CCFDA4073} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1134&query={searchTerms}&invocationType=tb50hpcnnbie7-de-at SearchScopes: HKLM -> {791361E3-63EF-4B0B-B326-E84DC77CE5D1} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933 SearchScopes: HKLM-x32 -> {1D866834-6982-4FDA-B8A8-ED4CCFDA4073} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1134&query={searchTerms}&invocationType=tb50hpcnnbie7-de-at SearchScopes: HKLM-x32 -> {791361E3-63EF-4B0B-B326-E84DC77CE5D1} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933 SearchScopes: HKU\S-1-5-21-245431003-2198170287-2616952542-1000 -> DefaultScope {E4D7671E-DBC5-4DB6-9174-2C0946B8EFE8} URL = hxxp://www.google.at/search?q={searchTerms}&rlz=1I7GGLL_de SearchScopes: HKU\S-1-5-21-245431003-2198170287-2616952542-1000 -> {1D866834-6982-4FDA-B8A8-ED4CCFDA4073} URL = SearchScopes: HKU\S-1-5-21-245431003-2198170287-2616952542-1000 -> {791361E3-63EF-4B0B-B326-E84DC77CE5D1} URL = SearchScopes: HKU\S-1-5-21-245431003-2198170287-2616952542-1000 -> {E4D7671E-DBC5-4DB6-9174-2C0946B8EFE8} URL = hxxp://www.google.at/search?q={searchTerms}&rlz=1I7GGLL_de BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.) BHO: DigitalPersona Personal Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll [2009-12-01] (DigitalPersona, Inc.) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll [2010-10-06] (Google Inc.) BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-02-19] (DVDVideoSoft Ltd.) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated) BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.) BHO-x32: DigitalPersona Personal Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll [2009-12-01] (DigitalPersona, Inc.) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-27] (Oracle Corporation) BHO-x32: Kein Name -> {7E853D72-626A-48EC-A868-BA8D5E23E045} -> Keine Datei BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll [2008-11-03] () BHO-x32: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll [2010-10-06] (Google Inc.) BHO-x32: Google Dictionary Compression sdch -> {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} -> C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2008-11-03] (Google Inc.) BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-04-01] (Microsoft Corporation.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-27] (Oracle Corporation) BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2014-02-19] (DVDVideoSoft Ltd.) Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.) Toolbar: HKLM-x32 - &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll [2008-11-03] () Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-04-01] (Microsoft Corporation.) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.) Toolbar: HKU\S-1-5-21-245431003-2198170287-2616952542-1000 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/AT/Core/Player/2020PlayerAX_IKEA_Win32.cab DPF: HKLM-x32 {238F6F83-B8B4-11CF-8771-00A024541EE3} hxxp://a516.g.akamai.net/f/516/25175/7d/runaware.download.akamai.com/25175/citrix/icaweb-20070115.cab DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect125.cab DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.22.0.cab Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\MSN Messenger\msgrapp.8.1.0178.00.dll [2007-01-19] (Microsoft Corporation) Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\MSN Messenger\msgrapp.8.1.0178.00.dll [2007-01-19] (Microsoft Corporation) FireFox: ======== FF Plugin: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\system32\npDeployJava1.dll [2013-03-24] (Oracle Corporation) FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google) FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-27] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-27] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation) FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-10-02] ( ) FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2014-06-24] () FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-05] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-05] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.) FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-07-05] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt [2011-04-03] [ist nicht signiert] FF HKU\S-1-5-21-245431003-2198170287-2616952542-1000\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\firefoxext FF HKU\S-1-5-21-245431003-2198170287-2616952542-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-02-22] [ist nicht signiert] Chrome: ======= CHR Profile: C:\Users\Gerhard\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Store) - C:\Users\Gerhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-08] CHR Extension: (Google Drive) - C:\Users\Gerhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-18] CHR Extension: (YouTube) - C:\Users\Gerhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-18] CHR Extension: (Google-Suche) - C:\Users\Gerhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-18] CHR Extension: (Google Wallet) - C:\Users\Gerhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-08] CHR Extension: (Google Mail) - C:\Users\Gerhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-18] CHR HKU\S-1-5-21-245431003-2198170287-2616952542-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-03-04] CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2008-11-03] (Adobe Systems) [Datei ist nicht signiert] S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [940304 2016-03-10] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466504 2016-03-10] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466504 2016-03-10] (Avira Operations GmbH & Co. KG) S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1236896 2016-03-10] (Avira Operations GmbH & Co. KG) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [272304 2016-03-30] (Avira Operations GmbH & Co. KG) R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2014-03-18] (BlackBerry Limited) [Datei ist nicht signiert] R2 DpHost; C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe [322624 2009-12-01] (DigitalPersona, Inc.) [Datei ist nicht signiert] R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [Datei ist nicht signiert] R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [250712 2013-12-13] (Garmin Ltd or its subsidiaries) S2 gupdate1c9ee72f3d1ff62; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc.) R2 HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-06-16] (Hewlett-Packard) [Datei ist nicht signiert] R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [225280 2007-01-02] (Hewlett-Packard Co.) [Datei ist nicht signiert] R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [131072 2006-12-11] (Hewlett-Packard Co.) [Datei ist nicht signiert] S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert] S3 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] () R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [69632 2006-11-08] (Hewlett-Packard) [Datei ist nicht signiert] R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [275752 2008-01-22] (Nero AG) R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [3049800 2011-01-12] (O&O Software GmbH) R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [Datei ist nicht signiert] R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [88064 2006-11-08] (Hewlett-Packard) [Datei ist nicht signiert] R2 QPCapSvc; C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [292216 2008-07-23] () R2 QPSched; C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [116080 2008-07-23] () R2 Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [361808 2008-08-06] () R2 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [241734 2008-04-29] () [Datei ist nicht signiert] R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [389632 2014-06-23] (Apple Inc.) [Datei ist nicht signiert] R2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1325568 2014-06-23] (Research In Motion Limited) [Datei ist nicht signiert] S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1750712 2015-06-16] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2102496 2015-06-16] (Safer-Networking Ltd.) S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [224712 2015-07-24] (Safer-Networking Ltd.) R2 st330service; C:\Program Files (x86)/Thomson/ST330/service/st330service.exe [581632 2008-11-15] (THOMSON Telecom Belgium) [Datei ist nicht signiert] R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\STacSV64.exe [239104 2009-06-03] (IDT, Inc.) R2 SynoDrService; C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe [384072 2013-10-09] () S3 TuneUp.Defrag; C:\Windows\System32\TuneUpDefragService.exe [507136 2008-11-03] (TuneUp Software GmbH) R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248736 2015-02-05] () R2 vfsFPService; C:\Windows\system32\vfsFPService.exe [719152 2008-05-26] (Validity Sensors, Inc.) R2 vfsFPService; C:\Windows\SysWOW64\vfsFPService.exe [599344 2008-05-26] (Validity Sensors, Inc.) S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-21] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31968 2012-10-08] (Wondershare) R3 AVerAF15; C:\Windows\System32\Drivers\AVerAF15.sys [306560 2008-06-10] (AVerMedia TECHNOLOGIES, Inc.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [154816 2016-03-10] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [133168 2016-03-10] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-19] (Avira Operations GmbH & Co. KG) S3 blackberryncm; C:\Windows\System32\DRIVERS\blackberryncm6_AMD64.sys [24576 2014-04-15] (BlackBerry) S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2013-12-02] (BlackBerry Limited) R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2014-06-23] (Research in Motion Limited) S3 ST330; C:\Windows\System32\DRIVERS\st330.sys [47616 2008-11-15] (THOMSON Telecom Belgium) S3 STBUS; C:\Windows\System32\DRIVERS\stbus.sys [24576 2008-11-15] (THOMSON Telecom Belgium) S3 stppp; C:\Windows\System32\DRIVERS\stppp.sys [54272 2008-11-15] (THOMSON Telecom Belgium) R3 vfs101a; C:\Windows\System32\drivers\vfs101a.sys [49968 2008-05-26] (Validity Sensors, Inc.) R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [27632 2008-07-23] (Cyberlink Corp.) S3 IpInIp; system32\DRIVERS\ipinip.sys [X] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-04-24 11:16 - 2016-04-24 11:16 - 00040527 _____ C:\Users\Gerhard\Desktop\FRST.txt 2016-04-24 11:15 - 2016-04-24 11:16 - 00000000 ____D C:\FRST 2016-04-24 11:15 - 2016-04-23 22:24 - 02375680 _____ (Farbar) C:\Users\Gerhard\Desktop\FRST64.exe 2016-04-23 23:05 - 2016-04-23 23:05 - 00000000 ____D C:\Program Files (x86)\ESET 2016-04-23 23:04 - 2016-04-23 20:59 - 02870984 _____ (ESET) C:\Users\Gerhard\Desktop\esetsmartinstaller_deu.exe 2016-04-23 22:55 - 2016-04-23 23:04 - 00618800 _____ C:\TDSSKiller.3.1.0.9_23.04.2016_22.55.24_log.txt 2016-04-23 22:53 - 2016-04-23 22:55 - 00005922 _____ C:\TDSSKiller.3.1.0.9_23.04.2016_22.53.52_log.txt 2016-04-23 22:53 - 2016-04-23 20:57 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Gerhard\Desktop\tdsskiller.exe 2016-04-23 22:09 - 2016-04-23 22:09 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-04-23 22:08 - 2016-04-23 22:50 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2016-04-23 22:08 - 2016-04-23 22:08 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-04-23 22:07 - 2016-04-23 22:07 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-04-23 22:06 - 2016-04-23 22:50 - 00000000 ____D C:\Users\Gerhard\Desktop\mbar 2016-04-23 22:06 - 2016-04-23 20:54 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Gerhard\Desktop\mbar-1.09.3.1001.exe 2016-04-10 21:36 - 2015-12-25 17:41 - 00450750 _____ C:\Windows\system32\Drivers\etc\hosts.20160410-213658.backup 2016-04-10 21:36 - 2015-12-25 17:41 - 00450750 _____ C:\Windows\system32\Drivers\etc\hosts.20160410-213603.backup 2016-04-08 16:08 - 2016-04-08 16:08 - 00063316 _____ C:\Users\Gerhard\Desktop\Bezugsbestätigung.pdf 2016-04-08 15:59 - 2016-04-08 15:59 - 00023997 _____ C:\Users\Gerhard\Desktop\54185210-Umsatzliste-20160408-155925481-AT611200010014139686.pdf 2016-04-08 15:59 - 2016-04-08 15:59 - 00023991 _____ C:\Users\Gerhard\Desktop\54185210-Umsatzliste-20160408-155947177-AT611200010014139686.pdf 2016-04-08 15:03 - 2016-04-08 14:50 - 00068583 _____ C:\Users\Gerhard\Desktop\Krankenbestätigung 08.04.2016.pdf 2016-03-28 20:46 - 2016-03-28 20:46 - 00126529 _____ C:\Users\Gerhard\Desktop\Anleitung selfhost.de.pdf 2016-03-28 20:45 - 2016-03-28 20:45 - 00613763 _____ C:\Users\Gerhard\Desktop\Synology Info.pdf 2016-03-28 20:44 - 2016-03-28 20:44 - 00083277 _____ C:\Users\Gerhard\Desktop\Fehlermeldung Router.pdf 2016-03-28 20:41 - 2016-03-28 20:42 - 00071240 _____ C:\Users\Gerhard\Desktop\Anleitung Router.pdf 2016-03-28 19:57 - 2016-03-28 19:57 - 00876768 _____ C:\Users\Gerhard\Desktop\A1_Sicherheit_WLAN_TG788.pdf 2016-03-28 19:47 - 2016-03-28 19:47 - 00007807 _____ C:\Users\Gerhard\Desktop\AGB selfhost.de.pdf 2016-03-26 22:16 - 2016-02-04 17:37 - 02799616 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-03-26 22:14 - 2016-02-06 04:01 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll 2016-03-26 22:13 - 2016-02-03 19:06 - 00564736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2016-03-26 22:13 - 2016-02-03 19:05 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll 2016-03-26 22:13 - 2016-02-03 18:42 - 00848384 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2016-03-26 22:13 - 2016-02-03 18:41 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll 2016-03-26 22:12 - 2016-02-06 04:11 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2016-03-26 22:12 - 2016-02-06 03:59 - 00048128 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2016-03-26 22:12 - 2016-02-06 02:51 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2016-03-26 22:12 - 2016-02-06 02:33 - 00297472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2016-03-26 22:12 - 2016-02-02 17:44 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS 2016-03-26 21:52 - 2015-11-20 16:15 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00015200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00015200 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00011104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00011104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2016-03-26 21:52 - 2015-11-20 16:15 - 00011104 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2016-03-26 21:51 - 2016-02-19 23:38 - 01589376 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-03-26 21:51 - 2016-02-19 23:38 - 01171696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2016-03-26 21:51 - 2016-02-06 04:12 - 00679424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2016-03-26 21:51 - 2016-02-06 04:12 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2016-03-26 21:51 - 2016-02-06 04:12 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2016-03-26 21:51 - 2016-02-06 04:11 - 00802304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2016-03-26 21:51 - 2016-02-06 04:06 - 04693952 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-03-26 21:51 - 2016-02-06 04:02 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2016-03-26 21:51 - 2016-02-06 04:02 - 00234496 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2016-03-26 21:51 - 2016-02-06 04:02 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2016-03-26 21:51 - 2016-02-06 04:01 - 01304576 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-03-26 21:51 - 2016-02-06 04:01 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2016-03-26 21:51 - 2016-02-06 04:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2016-03-26 21:51 - 2016-02-06 03:59 - 01067008 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2016-03-26 21:51 - 2016-02-06 02:48 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2016-03-26 21:51 - 2016-02-06 02:32 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2016-03-26 21:51 - 2016-02-06 02:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2016-03-26 21:51 - 2016-02-06 02:32 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2016-03-26 20:49 - 2016-02-09 03:49 - 17896448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-03-26 20:49 - 2016-02-09 03:46 - 02351104 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-03-26 20:49 - 2016-02-09 03:42 - 10938880 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-03-26 20:49 - 2016-02-09 03:41 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-03-26 20:49 - 2016-02-09 03:41 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2016-03-26 20:49 - 2016-02-09 03:40 - 02158080 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-03-26 20:49 - 2016-02-09 03:40 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-03-26 20:49 - 2016-02-09 03:40 - 00579584 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-03-26 20:49 - 2016-02-09 03:39 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2016-03-26 20:49 - 2016-02-09 03:39 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-03-26 20:49 - 2016-02-09 03:39 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-03-26 20:49 - 2016-02-09 03:39 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-03-26 20:49 - 2016-02-09 03:39 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2016-03-26 20:49 - 2016-02-09 03:39 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-03-26 20:49 - 2016-02-09 03:39 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-03-26 20:49 - 2016-02-09 03:39 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2016-03-26 20:49 - 2016-02-09 03:39 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2016-03-26 20:49 - 2016-02-09 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-03-26 20:49 - 2016-02-09 03:39 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2016-03-26 20:49 - 2016-02-09 03:39 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2016-03-26 20:49 - 2016-02-09 03:39 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2016-03-26 20:49 - 2016-02-09 03:39 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2016-03-26 20:49 - 2016-02-09 02:17 - 01815552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-03-26 20:49 - 2016-02-09 02:15 - 12392960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-03-26 20:49 - 2016-02-09 02:13 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2016-03-26 20:49 - 2016-02-09 02:12 - 09753600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-03-26 20:49 - 2016-02-09 02:12 - 01140224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-03-26 20:49 - 2016-02-09 02:11 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-03-26 20:49 - 2016-02-09 02:10 - 01804800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-03-26 20:49 - 2016-02-09 02:10 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2016-03-26 20:49 - 2016-02-09 02:10 - 00718848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2016-03-26 20:49 - 2016-02-09 02:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2016-03-26 20:49 - 2016-02-09 02:10 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2016-03-26 20:49 - 2016-02-09 02:10 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2016-03-26 20:49 - 2016-02-09 02:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2016-03-26 20:49 - 2016-02-09 02:09 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2016-03-26 20:49 - 2016-02-09 02:09 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2016-03-26 20:49 - 2016-02-09 02:09 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2016-03-26 20:49 - 2016-02-09 02:09 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2016-03-26 20:49 - 2016-02-09 02:09 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2016-03-26 20:49 - 2016-02-09 02:09 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2016-03-26 20:49 - 2016-02-09 02:09 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2016-03-26 20:49 - 2016-02-09 02:09 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2016-03-26 20:49 - 2016-02-09 02:09 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-04-24 11:10 - 2014-12-19 23:26 - 00000656 _____ C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job 2016-04-24 11:09 - 2008-09-09 07:46 - 00011614 _____ C:\ProgramData\hpqp.ini 2016-04-24 11:07 - 2015-07-06 18:39 - 00000000 ____D C:\Users\Gerhard\AppData\Roaming\Skype 2016-04-24 11:05 - 2009-07-05 16:11 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-04-24 11:05 - 2008-11-03 18:56 - 00000516 _____ C:\Windows\Tasks\1-Klick-Wartung.job 2016-04-24 11:05 - 2006-11-02 17:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-04-24 11:05 - 2006-11-02 17:22 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2016-04-24 11:05 - 2006-11-02 17:22 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2016-04-24 11:04 - 2008-09-29 07:54 - 00000012 _____ C:\Windows\bthservsdp.dat 2016-04-24 11:04 - 2006-11-02 17:42 - 00032534 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2016-04-24 11:00 - 2009-07-05 16:11 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-04-23 23:08 - 2008-09-09 15:34 - 00694316 _____ C:\Windows\system32\perfh007.dat 2016-04-23 23:08 - 2008-09-09 15:34 - 00155004 _____ C:\Windows\system32\perfc007.dat 2016-04-23 23:08 - 2006-11-02 15:33 - 00000000 ____D C:\Windows\inf 2016-04-23 23:08 - 2006-11-02 14:46 - 01620982 _____ C:\Windows\system32\PerfStringBackup.INI 2016-04-19 14:14 - 2015-03-05 14:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2016-04-19 14:14 - 2013-12-28 20:57 - 00000000 ____D C:\ProgramData\Package Cache 2016-04-18 08:17 - 2013-03-04 08:19 - 00003706 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{9A159CE9-4677-4841-856A-AAB4B7BBAEF5} 2016-04-10 19:50 - 2013-03-03 20:08 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-04-10 19:50 - 2013-03-03 20:08 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-03-30 09:25 - 2014-12-19 23:26 - 00000628 _____ C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job 2016-03-27 23:44 - 2008-09-09 07:41 - 00000000 ____D C:\ProgramData\Temp 2016-03-27 18:27 - 2015-01-28 22:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-03-27 18:27 - 2014-09-29 20:15 - 00001112 _____ C:\Users\Gerhard\Desktop\Sweet Home 3D.lnk 2016-03-27 18:27 - 2008-09-09 08:01 - 00000000 ____D C:\Program Files (x86)\Java 2016-03-27 18:25 - 2015-12-25 21:38 - 00000000 ____D C:\Users\Gerhard\.oracle_jre_usage 2016-03-27 18:24 - 2014-12-20 01:05 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2016-03-26 23:13 - 2006-11-02 15:33 - 00000000 ____D C:\Windows\rescache 2016-03-26 22:41 - 2008-09-09 08:12 - 00003580 _____ C:\Windows\System32\Tasks\HP Health Check 2016-03-26 22:32 - 2006-11-02 17:21 - 00395344 _____ C:\Windows\system32\FNTCACHE.DAT 2016-03-26 22:28 - 2006-11-02 17:07 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer 2016-03-26 22:28 - 2006-11-02 15:33 - 00000000 ____D C:\Program Files\Common Files\System 2016-03-26 22:12 - 2013-10-05 22:12 - 00000000 ____D C:\Windows\system32\MRT 2016-03-26 21:53 - 2006-11-02 14:35 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe 2016-03-26 19:43 - 2010-02-18 13:51 - 00000000 ____D C:\Windows\Minidump ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2013-03-05 12:21 - 2013-03-05 12:21 - 0000030 _____ () C:\Program Files (x86)\Exiferupdate.ini 2015-12-04 23:17 - 2015-12-04 23:17 - 6420480 _____ () C:\Program Files (x86)\GUTC5EB.tmp 2014-01-23 12:55 - 2014-01-23 12:55 - 0031049 _____ () C:\Users\Gerhard\AppData\Roaming\UserTile.png 2008-11-03 21:21 - 2008-11-03 21:21 - 0000000 _____ () C:\Users\Gerhard\AppData\Roaming\wklnhst.dat 2008-11-03 14:42 - 2008-11-03 14:42 - 0000000 _____ () C:\Users\Gerhard\AppData\Local\AtStart.txt 2009-10-15 12:43 - 2015-11-09 14:38 - 0000680 _____ () C:\Users\Gerhard\AppData\Local\d3d9caps.dat 2008-11-03 21:30 - 2013-03-04 19:35 - 0024576 _____ () C:\Users\Gerhard\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2009-06-06 17:40 - 2009-06-06 17:40 - 0036144 _____ () C:\Users\Gerhard\AppData\Local\dd_depcheck_NETFX_EXP_35.txt 2009-06-06 17:40 - 2009-06-06 17:40 - 0000002 _____ () C:\Users\Gerhard\AppData\Local\dd_dotnetfx35error_lp.txt 2009-06-06 17:40 - 2009-06-06 17:41 - 0077398 _____ () C:\Users\Gerhard\AppData\Local\dd_dotnetfx35install_lp.txt 2009-06-06 17:40 - 2009-06-06 17:41 - 0810930 _____ () C:\Users\Gerhard\AppData\Local\dd_NET_Framework35_LangPack_MSI196F.txt 2009-03-18 14:06 - 2009-03-18 14:06 - 0420844 _____ () C:\Users\Gerhard\AppData\Local\dd_vcredistMSI0A82.txt 2009-03-18 14:17 - 2009-03-18 14:17 - 0330384 _____ () C:\Users\Gerhard\AppData\Local\dd_vcredistMSI1370.txt 2014-07-31 20:27 - 2014-07-31 20:27 - 0354718 _____ () C:\Users\Gerhard\AppData\Local\dd_vcredistMSI3159.txt 2010-12-05 13:17 - 2010-12-05 13:18 - 0415210 _____ () C:\Users\Gerhard\AppData\Local\dd_vcredistMSI42F6.txt 2009-03-18 14:06 - 2009-03-18 14:06 - 0011454 _____ () C:\Users\Gerhard\AppData\Local\dd_vcredistUI0A82.txt 2009-03-18 14:17 - 2009-03-18 14:17 - 0011214 _____ () C:\Users\Gerhard\AppData\Local\dd_vcredistUI1370.txt 2014-07-31 20:27 - 2014-07-31 20:27 - 0011134 _____ () C:\Users\Gerhard\AppData\Local\dd_vcredistUI3159.txt 2010-12-05 13:17 - 2010-12-05 13:18 - 0011622 _____ () C:\Users\Gerhard\AppData\Local\dd_vcredistUI42F6.txt 2008-11-03 14:42 - 2008-11-03 14:42 - 0000000 _____ () C:\Users\Gerhard\AppData\Local\DSwitch.txt 2008-12-12 14:45 - 2008-12-12 14:55 - 0000000 _____ () C:\Users\Gerhard\AppData\Local\FnF4.txt 2008-11-03 14:42 - 2008-11-03 14:42 - 0000000 _____ () C:\Users\Gerhard\AppData\Local\QSwitch.txt 2009-04-03 08:01 - 2009-04-03 08:01 - 0035312 _____ () C:\Users\Gerhard\AppData\Local\tmpIMG_0030.0 2009-04-03 08:01 - 2009-04-03 08:01 - 0035312 _____ () C:\Users\Gerhard\AppData\Local\tmpIMG_0030.JPG 2009-06-06 17:40 - 2009-06-06 17:41 - 0002184 _____ () C:\Users\Gerhard\AppData\Local\uxeventlog.txt 2008-09-09 07:46 - 2016-04-24 11:09 - 0011614 _____ () C:\ProgramData\hpqp.ini 2008-11-03 20:58 - 2013-03-04 15:35 - 0000021 _____ () C:\ProgramData\hpqp.txt 2009-03-16 15:30 - 2013-03-03 18:45 - 0013791 _____ () C:\ProgramData\hpzinstall.log 2008-11-03 21:20 - 2013-03-03 19:59 - 0089513 _____ () C:\ProgramData\nvModes.001 2008-11-03 21:19 - 2009-05-19 22:26 - 0089513 _____ () C:\ProgramData\nvModes.dat Einige Dateien in TEMP: ==================== C:\Users\Gerhard\AppData\Local\Temp\avgnt.exe C:\Users\Gerhard\AppData\Local\Temp\NOSEventMessages.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-04-24 11:15 ==================== Ende von FRST.txt ============================ |
28.04.2016, 15:46 | #2 |
/// TB-Ausbilder | Win Vista: DHL Fake-Mail Versandschein Link geöffnet. Rechner infiziert?Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags: So funktioniert es: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Logdatei von ESET nachreichen! Zur ersten Analyse bitte FRST und TDSS-Killer ausführen: Schritt 1
Schritt 2 Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
01.05.2016, 14:57 | #3 |
/// TB-Ausbilder | Win Vista: DHL Fake-Mail Versandschein Link geöffnet. Rechner infiziert? Fehlende Rückmeldung
__________________Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten. PM an mich falls Du denoch weiter machen willst. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und einen eigenen Thread erstellen! |
Themen zu Win Vista: DHL Fake-Mail Versandschein Link geöffnet. Rechner infiziert? |
.dll, administrator, adobe, antivir, defender, dhl email geöffnet, dhl versandschein link geöffnet, dll, dnsapi.dll, explorer, fehlermeldung, google, home, kaspersky, launch, nvidia, opera, prozesse, registry, rundll, scan, services.exe, software, system, tunnel, usb, vista, windows, winlogon.exe, wlan |