Trojaner-Board - Windows 7: Avira blockiert '\Device\HarddiskVolume1\Autorun.inf'. Wiederholt Viren auf dem Rechner (Sony Vaio).

Hi Schrauber,

hier ist die ESET Online Scanner Log:

Code:



ESETSmartInstaller@High as downloader log:

all ok

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# EOSSerial=a8b98ceee8609d4fb487e7024e1a42da

# end=init

# utc_time=2015-07-27 07:28:58

# local_time=2015-07-27 09:28:58 (+0100, Mitteleuropäische Sommerzeit)

# country="Germany"

# osver=6.1.7601 NT Service Pack 1

Update Init

Update Download

Update Finalize

Updated modules version: 24998

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# EOSSerial=a8b98ceee8609d4fb487e7024e1a42da

# end=updated

# utc_time=2015-07-27 07:31:04

# local_time=2015-07-27 09:31:04 (+0100, Mitteleuropäische Sommerzeit)

# country="Germany"

# osver=6.1.7601 NT Service Pack 1

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.7777

# api_version=3.1.1

# EOSSerial=a8b98ceee8609d4fb487e7024e1a42da

# engine=24998

# end=finished

# remove_checked=false

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2015-07-27 10:27:58

# local_time=2015-07-28 12:27:58 (+0100, Mitteleuropäische Sommerzeit)

# country="Germany"

# lang=1031

# osver=6.1.7601 NT Service Pack 1

# compatibility_mode_1=''

# compatibility_mode=5893 16776574 100 94 190412 189665928 0 0

# scanned=308552

# found=5

# cleaned=0

# scan_time=10614

sh=8992F72873D09212597E582A16F8D9BC60E6A22A ft=1 fh=e21391a34e842ffc vn="Win32/Toolbar.Conduit evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir"

sh=9CA71C727934861E9351AF97CC28CEA38811B07C ft=1 fh=15a0a042e9313939 vn="Variante von Win32/AdWare.Adpeak.G Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\netfilter64.sys.vir"

sh=5A3E42C40333D4532E4CA223A369D1065236CF54 ft=1 fh=fec25919adca011c vn="Variante von Win32/KoyoteLab.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Program Files (x86)\Free FLV Converter\Uninstall.exe"

sh=7A0A5CF5422295CAADBB73D20B098CFD2E825273 ft=1 fh=2191112f3528b494 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Herr\Downloads\VLC\VLC115DE.exe"

sh=7A0A5CF5422295CAADBB73D20B098CFD2E825273 ft=1 fh=2191112f3528b494 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Herr\Sicherung\Student 1\Downloads\VLC\VLC115DE.exe"

Und hier die Log-Datei von SecurityCheck:

Code:



 Results of screen317's Security Check version 1.006  

 Windows 7 Service Pack 1 x64 (UAC is enabled)  

 Internet Explorer 11  
 ``````````````Antivirus/Firewall Check:`````````````` 

Avira Antivirus   

 Antivirus up to date!   
 `````````Anti-malware/Other Utilities Check:````````` 

 Java 8 Update 45  

 Free JavaScript Editor 4.7  

 Java version 32-bit out of Date! 

 Adobe Flash Player 18.0.0.209  

 Mozilla Firefox (39.0) 

 Google Chrome (44.0.2403.107) 

 Google Chrome (44.0.2403.89) 
 ````````Process Check: objlist.exe by Laurent````````  

 Avira Antivir avgnt.exe 

 Avira Antivir avguard.exe 
 `````````````````System Health check````````````````` 

 Total Fragmentation on Drive C:  
 ````````````````````End of Log``````````````````````

Und hier die FRST Log-Datei:

FRST Logfile:

Code:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:26-07-2015

durchgeführt von Herr (Administrator) auf HERR-VAIO (28-07-2015 01:01:54)

Gestartet von C:\Users\Herr\Desktop

Geladene Profile: Herr (Verfügbare Profile: Herr)

Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)

Internet Explorer Version 11 (Standard-Browser: FF)

Start-Modus: Normal

Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Prozesse (Nicht auf der Ausnahmeliste) =================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
 

(AMD) C:\Windows\System32\atiesrxx.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

(Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Sony Corporation) C:\Program Files (x86)\SONY\PMB\PMBDeviceInfoProvider.exe

() C:\Windows\SysWOW64\PnkBstrA.exe

(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe

(Sony Corporation) C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe

(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe

(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe

(Sony Corporation) C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe

(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe

() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

(Sony Corporation) C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe

(Sony Corporation) C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe

(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe

(Sony Corporation) C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

(Microsoft Corporation) C:\Windows\System32\alg.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe

(ALPS) C:\Program Files\Apoint\Apvfb.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe

(Microsoft Corporation) C:\Windows\System32\vds.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\Admload.exe

(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 

==================== Registry (Nicht auf der Ausnahmeliste) ==================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
 

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9636896 2009-12-16] (Realtek Semiconductor)

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [208384 2009-11-04] (Alps Electric Co., Ltd.)

HKLM\...\Run: [SunJavaUpdateSched] => "C:\Program Files\Java\jre1.8.0_45\bin\jusched.exe"

HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-11-21] (Intel Corporation)

HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [320880 2009-08-26] (Sony Corporation)

HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [538472 2009-06-17] (Symantec Corporation)

HKLM-x32\...\Run: [PMBVolumeWatcher] => c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [597792 2009-10-24] (Sony Corporation)

HKLM-x32\...\Run: [MarketingTools] => C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe [26624 2011-03-03] (Sony Corporation)

HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-09-20] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [730416 2015-06-10] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-02-26] (LogMeIn Inc.)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)

HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-06-02] (Avira Operations GmbH & Co. KG)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

Winlogon\Notify\VESWinlogon-x32: VESWinlogon.dll [X]

HKU\S-1-5-21-2202360798-2069361757-1288354515-1000\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3077528 2011-08-10] ()

HKU\S-1-5-21-2202360798-2069361757-1288354515-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [4910912 2011-08-02] (DT Soft Ltd)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-05-19]

ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Herr\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll [2012-11-14] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Herr\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll [2012-11-14] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Herr\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll [2012-11-14] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Herr\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll [2012-11-14] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Herr\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll [2012-11-14] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Herr\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll [2012-11-14] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Herr\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll [2012-11-14] (Dropbox, Inc.)
 

==================== Internet (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
 

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome

HKU\S-1-5-21-2202360798-2069361757-1288354515-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKU\S-1-5-21-2202360798-2069361757-1288354515-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-21-2202360798-2069361757-1288354515-1000 -> {2695A964-F4D6-4092-B775-FCD63C9C2778} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie

SearchScopes: HKU\S-1-5-21-2202360798-2069361757-1288354515-1000 -> {290ECD62-68E3-44C0-A49E-1908A3144B49} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}

SearchScopes: HKU\S-1-5-21-2202360798-2069361757-1288354515-1000 -> {354406BE-508F-4C28-8763-A384946019F7} URL = hxxp://de.shopping.com/?linkin_id=8056363

SearchScopes: HKU\S-1-5-21-2202360798-2069361757-1288354515-1000 -> {44F3CE4C-A8A0-4DE6-954D-0C593B404403} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SVEC

SearchScopes: HKU\S-1-5-21-2202360798-2069361757-1288354515-1000 -> {456D44FC-BDA6-4883-9FF8-FCA19FBB5FC5} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}

SearchScopes: HKU\S-1-5-21-2202360798-2069361757-1288354515-1000 -> {4C26CE78-E169-40B4-AEE8-3B07FCEF51D8} URL = hxxp://de.search.yahoo.com/search?p={searchterms}&ei=UTF-8&fr=w3i&type=W3i_DS,136,0_0,Search,20110418,16987,0,8,0

SearchScopes: HKU\S-1-5-21-2202360798-2069361757-1288354515-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 

SearchScopes: HKU\S-1-5-21-2202360798-2069361757-1288354515-1000 -> {70FDEBB2-FB58-4AC7-996C-DA45933A3858} URL = hxxp://www.zinio.com/search/index.jsp?s={searchTerms}&rf=sonyie8search

SearchScopes: HKU\S-1-5-21-2202360798-2069361757-1288354515-1000 -> {8155DB9E-FBF0-468A-A4A6-E245C89457E5} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}

SearchScopes: HKU\S-1-5-21-2202360798-2069361757-1288354515-1000 -> {81E35F56-BC88-49F9-8ECB-DA2B767384A5} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-0/4?satitle={searchTerms}

BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll [2009-08-06] (Microsoft Corporation)

BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)

BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  Keine Datei

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-06-27] (Oracle Corporation)

BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)

BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10] (Skype Technologies S.A.)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-27] (Oracle Corporation)

Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)

Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)

Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10] (Skype Technologies S.A.)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

Tcpip\..\Interfaces\{1EFB8A60-ADE3-4852-AA62-C8616E1EABDA}: [DhcpNameServer] 192.168.2.1

Tcpip\..\Interfaces\{2A608AFF-59EF-4010-ABC8-5B40A1080FF9}: [DhcpNameServer] 192.168.42.129

Tcpip\..\Interfaces\{927587AB-1894-493E-8E72-6063314BF69A}: [DhcpNameServer] 192.168.2.1
 

FireFox:

========

FF ProfilePath: C:\Users\Herr\AppData\Roaming\Mozilla\Firefox\Profiles\e6yxi9nu.default

FF DefaultSearchEngine: Yahoo

FF SelectedSearchEngine: Yahoo

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-16] ()

FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2013-09-03] (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-27] (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)

FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-16] ()

FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)

FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-27] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-27] (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2011-08-10] (Pando Networks)

FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll [2011-08-03] (Sony Computer Entertainment Inc.)

FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll [2011-08-02] (Sony Network Entertainment International LLC)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-2202360798-2069361757-1288354515-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2011-08-10] (Pando Networks)

FF SearchPlugin: C:\Users\Herr\AppData\Roaming\Mozilla\Firefox\Profiles\e6yxi9nu.default\searchplugins\englische-ergebnisse.xml [2014-06-04]

FF SearchPlugin: C:\Users\Herr\AppData\Roaming\Mozilla\Firefox\Profiles\e6yxi9nu.default\searchplugins\gmx-suche.xml [2014-06-04]

FF SearchPlugin: C:\Users\Herr\AppData\Roaming\Mozilla\Firefox\Profiles\e6yxi9nu.default\searchplugins\lastminute.xml [2014-05-09]

FF SearchPlugin: C:\Users\Herr\AppData\Roaming\Mozilla\Firefox\Profiles\e6yxi9nu.default\searchplugins\webde-suche.xml [2014-06-04]

FF Extension: Avira Browser Safety - C:\Users\Herr\AppData\Roaming\Mozilla\Firefox\Profiles\e6yxi9nu.default\Extensions\abs@avira.com [2015-07-02]

FF Extension: Ghostery - C:\Users\Herr\AppData\Roaming\Mozilla\Firefox\Profiles\e6yxi9nu.default\Extensions\firefox@ghostery.com.xpi [2014-02-09]

FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
 

Chrome: 

=======

CHR Profile: C:\Users\Herr\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Slides) - C:\Users\Herr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-15]

CHR Extension: (Google Docs) - C:\Users\Herr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-15]

CHR Extension: (Google Drive) - C:\Users\Herr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-15]

CHR Extension: (YouTube) - C:\Users\Herr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-15]

CHR Extension: (Google Search) - C:\Users\Herr\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-15]

CHR Extension: (Google Sheets) - C:\Users\Herr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-15]

CHR Extension: (Avira Browser Safety) - C:\Users\Herr\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-09-15]

CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Herr\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-15]

CHR Extension: (Google Wallet) - C:\Users\Herr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-15]

CHR Extension: (Gmail) - C:\Users\Herr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-15]

CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
 

==================== Services (Nicht auf der Ausnahmeliste) =================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827184 2015-06-10] (Avira Operations GmbH & Co. KG)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [450808 2015-06-10] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [450808 2015-06-10] (Avira Operations GmbH & Co. KG)

S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1188360 2015-06-10] (Avira Operations GmbH & Co. KG)

R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [217280 2015-06-02] (Avira Operations GmbH & Co. KG)

R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [Datei ist nicht signiert]

S3 FirebirdServerMAGIXInstance; C:\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-08-10] (The Firebird Project) [Datei ist nicht signiert]

S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2012-10-23] (Macrovision Europe Ltd.) [Datei ist nicht signiert]

R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-02-26] (LogMeIn, Inc.)

S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)

R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2013-08-28] ()

R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)

S3 SOHDBSvr; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [70952 2009-10-15] (Sony Corporation)

S3 SOHPlMgr; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [91432 2009-10-15] (Sony Corporation)

R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)

S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [69632 2009-09-14] (Sony Corporation) [Datei ist nicht signiert]

R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [642416 2009-09-14] (Sony Corporation)

R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [845312 2010-08-11] (Sony Corporation) [Datei ist nicht signiert]

R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1286784 2012-10-26] (Sony Corporation)

R2 VzCdbSvc; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [206336 2009-09-14] (Sony Corporation) [Datei ist nicht signiert]

R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 

==================== Drivers (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [153256 2015-06-10] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132656 2015-06-10] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)

R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-10] (Avira Operations GmbH & Co. KG)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [270912 2013-08-28] (DT Soft Ltd)

S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [7778176 2009-12-16] (Intel Corporation) [Datei ist nicht signiert]

S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [244736 2009-12-16] (Intel(R) Corporation) [Datei ist nicht signiert]

S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [109272 2015-06-18] (Malwarebytes Corporation)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)

S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)

S3 SynasUSB; C:\Windows\System32\drivers\SynUSB64.sys [31248 2006-11-16] (SIA Syncrosoft)

S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)

S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-10-10] (Cisco Systems, Inc.)

R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-11-12] ()

S3 catchme; \??\C:\ComboFix\catchme.sys [X]
 

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 

==================== Ein Monat: Erstellte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2015-07-28 01:01 - 2015-07-28 01:02 - 00026405 _____ C:\Users\Herr\Desktop\FRST.txt

2015-07-28 00:47 - 2015-07-28 00:47 - 00852684 _____ C:\Users\Herr\Desktop\SecurityCheck.exe

2015-07-27 21:28 - 2015-07-27 21:28 - 00000000 ____D C:\Program Files (x86)\ESET

2015-07-27 19:46 - 2015-07-27 19:46 - 02870984 _____ (ESET) C:\Users\Herr\Desktop\esetsmartinstaller_deu.exe

2015-07-26 17:36 - 2015-07-26 17:36 - 00069087 _____ C:\Users\Herr\Desktop\FRST_2.txt

2015-07-26 17:33 - 2015-07-26 17:37 - 00000000 ____D C:\Users\Herr\Desktop\Farbar Recovery Scan Tool (FRST)

2015-07-26 17:28 - 2015-07-26 17:28 - 00002030 _____ C:\Users\Herr\Desktop\JRT.txt

2015-07-26 17:18 - 2015-07-26 17:18 - 01798288 _____ (Malwarebytes Corporation) C:\Users\Herr\Desktop\JRT.exe

2015-07-26 16:58 - 2015-07-26 16:58 - 00013213 _____ C:\Users\Herr\Desktop\AdwCleaner[S0].txt

2015-07-26 16:38 - 2015-07-26 16:48 - 00000000 ____D C:\AdwCleaner

2015-07-26 16:30 - 2015-07-26 16:30 - 02248704 _____ C:\Users\Herr\Desktop\AdwCleaner_4.208.exe

2015-07-26 16:29 - 2015-07-26 16:29 - 00000000 ____D C:\Users\Herr\Desktop\malwarebytes anti-malware (mbam)

2015-07-26 16:28 - 2015-07-26 16:28 - 00008316 _____ C:\Users\Herr\Desktop\mbam.txt

2015-07-26 14:51 - 2015-07-26 14:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2015-07-26 14:51 - 2015-07-26 14:53 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware

2015-07-26 14:51 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2015-07-26 14:51 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2015-07-25 20:19 - 2015-07-25 20:19 - 00028220 _____ C:\ComboFix.txt

2015-07-25 19:42 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe

2015-07-25 19:42 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe

2015-07-25 19:42 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe

2015-07-25 19:42 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe

2015-07-25 19:42 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe

2015-07-25 19:42 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe

2015-07-25 19:42 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe

2015-07-25 19:42 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe

2015-07-25 19:41 - 2015-07-25 20:20 - 00000000 ____D C:\Qoobox

2015-07-25 19:41 - 2015-07-25 20:20 - 00000000 ____D C:\ComboFix

2015-07-25 19:41 - 2015-07-25 20:14 - 00000000 ____D C:\Windows\erdnt

2015-07-25 19:27 - 2015-07-25 19:27 - 05633622 ____R (Swearware) C:\Users\Herr\Desktop\ComboFix.exe

2015-07-24 13:50 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

2015-07-24 13:50 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2015-07-24 13:50 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll

2015-07-24 13:50 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

2015-07-24 13:50 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2015-07-24 13:50 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll

2015-07-24 13:50 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll

2015-07-24 13:50 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll

2015-07-24 13:50 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

2015-07-24 13:50 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll

2015-07-24 13:50 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll

2015-07-24 13:50 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll

2015-07-24 13:50 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll

2015-07-24 13:50 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll

2015-07-24 13:50 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll

2015-07-24 13:50 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

2015-07-24 13:49 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2015-07-24 13:49 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2015-07-24 13:49 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2015-07-24 13:49 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2015-07-24 13:49 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2015-07-24 13:49 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2015-07-24 13:49 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2015-07-24 13:49 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2015-07-24 13:49 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2015-07-24 13:49 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2015-07-24 13:49 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2015-07-24 13:49 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2015-07-24 13:49 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2015-07-24 13:49 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll

2015-07-24 13:49 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2015-07-24 13:49 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe

2015-07-24 13:49 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2015-07-24 13:49 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll

2015-07-24 13:49 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll

2015-07-24 13:49 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll

2015-07-24 13:49 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2015-07-24 13:49 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2015-07-24 13:49 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2015-07-24 13:49 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2015-07-24 13:49 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2015-07-24 13:49 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2015-07-24 13:49 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll

2015-07-24 13:49 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2015-07-24 13:49 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2015-07-24 13:49 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll

2015-07-24 13:49 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2015-07-24 13:49 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe

2015-07-24 13:49 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll

2015-07-24 13:49 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll

2015-07-24 13:49 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll

2015-07-24 13:49 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys

2015-07-24 13:49 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys

2015-07-24 13:49 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys

2015-07-24 13:49 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2015-07-24 13:49 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2015-07-24 13:49 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2015-07-24 13:49 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2015-07-24 13:48 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll

2015-07-24 13:48 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll

2015-07-24 13:48 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll

2015-07-24 13:48 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll

2015-07-24 13:48 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll

2015-07-24 13:48 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll

2015-07-24 13:48 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll

2015-07-24 13:48 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll

2015-07-24 13:48 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll

2015-07-24 13:48 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll

2015-07-24 13:48 - 2015-07-09 19:59 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe

2015-07-24 13:48 - 2015-07-09 19:58 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll

2015-07-24 13:48 - 2015-07-09 19:58 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll

2015-07-24 13:48 - 2015-07-09 19:58 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll

2015-07-24 13:48 - 2015-07-09 19:58 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll

2015-07-24 13:48 - 2015-07-09 19:58 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2015-07-24 13:48 - 2015-07-09 19:58 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll

2015-07-24 13:48 - 2015-07-09 19:50 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2015-07-24 13:48 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll

2015-07-24 13:48 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll

2015-07-24 13:48 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2015-07-24 13:48 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2015-07-24 13:48 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2015-07-24 13:48 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2015-07-24 13:48 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2015-07-24 13:48 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2015-07-24 13:48 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2015-07-24 13:48 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2015-07-24 13:48 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2015-07-24 13:48 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2015-07-24 13:48 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2015-07-24 13:48 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2015-07-24 13:48 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2015-07-24 13:48 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2015-07-24 13:48 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2015-07-24 13:48 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2015-07-24 13:48 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2015-07-24 13:48 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2015-07-24 13:48 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2015-07-24 13:48 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2015-07-24 13:48 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2015-07-24 13:48 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2015-07-24 13:48 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2015-07-24 13:48 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2015-07-24 13:48 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2015-07-24 13:48 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2015-07-24 13:48 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2015-07-24 13:48 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2015-07-24 13:48 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2015-07-24 13:48 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2015-07-24 13:48 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2015-07-24 13:48 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2015-07-24 13:48 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2015-07-24 13:48 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2015-07-24 13:48 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2015-07-24 13:48 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2015-07-24 13:48 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2015-07-24 13:48 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2015-07-24 13:48 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2015-07-24 13:48 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2015-07-24 13:48 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2015-07-24 13:48 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2015-07-24 13:48 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2015-07-24 13:48 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2015-07-24 13:48 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2015-07-24 13:48 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2015-07-24 13:48 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2015-07-24 13:48 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2015-07-24 13:48 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2015-07-24 13:48 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2015-07-24 13:48 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2015-07-24 13:48 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2015-07-24 13:48 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2015-07-24 13:48 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2015-07-24 13:48 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2015-07-24 13:48 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2015-07-24 13:48 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2015-07-24 13:48 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

2015-07-24 13:48 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll

2015-07-24 13:48 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll

2015-07-24 13:48 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll

2015-07-24 13:48 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll

2015-07-24 13:48 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll

2015-07-24 13:48 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll

2015-07-24 13:48 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll

2015-07-24 13:48 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll

2015-07-24 13:48 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll

2015-07-24 13:48 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll

2015-07-24 13:47 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2015-07-24 13:47 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe

2015-07-24 13:47 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll

2015-07-24 13:47 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll

2015-07-24 13:47 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll

2015-07-24 13:47 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll

2015-07-24 13:47 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe

2015-07-24 13:47 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll

2015-07-24 13:47 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll

2015-07-24 13:47 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll

2015-07-24 13:47 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe

2015-07-24 13:47 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll

2015-07-24 13:47 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll

2015-07-24 11:12 - 2015-07-26 14:51 - 00000000 ____D C:\ProgramData\Malwarebytes

2015-07-24 11:11 - 2015-07-26 16:20 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2015-07-24 11:11 - 2015-07-26 15:29 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2015-07-24 11:09 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2015-07-22 12:01 - 2015-07-22 12:01 - 00000958 _____ C:\Users\Herr\Desktop\Revo Uninstaller.lnk

2015-07-22 12:00 - 2015-07-22 12:01 - 00000000 ____D C:\Users\Herr\Desktop\Revo Uninstaller 1.95

2015-07-22 11:59 - 2015-07-22 11:59 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Herr\Desktop\revosetup95.exe

2015-07-21 23:48 - 2015-07-23 21:14 - 00000000 ____D C:\Users\Herr\AppData\Roaming\dvdcss

2015-07-21 11:54 - 2015-07-28 01:01 - 00000000 ____D C:\FRST

2015-07-21 11:52 - 2015-07-26 17:33 - 02146816 _____ (Farbar) C:\Users\Herr\Desktop\FRST64.exe

2015-07-19 11:07 - 2015-07-19 11:07 - 00000000 ____D C:\Users\Herr\AppData\Local\CEF

2015-07-12 19:09 - 2015-07-12 19:09 - 00242928 _____ C:\Users\Herr\Downloads\Firefox Setup Stub 39.0.exe

2015-07-11 11:53 - 2015-07-27 16:21 - 00000000 ____D C:\Users\Herr\Desktop\x

2015-07-10 13:57 - 2015-07-10 13:57 - 00007598 _____ C:\Users\Herr\AppData\Local\Resmon.ResmonCfg

2015-07-02 17:19 - 2015-07-16 15:40 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

2015-07-02 17:19 - 2015-07-16 15:36 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
 

==================== Ein Monat: Geänderte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2015-07-28 01:02 - 2011-08-10 17:03 - 00000000 ____D C:\Users\Herr\AppData\Local\PMB Files

2015-07-28 00:46 - 2013-02-06 20:10 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2015-07-27 19:44 - 2011-03-03 09:51 - 00699682 _____ C:\Windows\system32\perfh007.dat

2015-07-27 19:44 - 2011-03-03 09:51 - 00149790 _____ C:\Windows\system32\perfc007.dat

2015-07-27 19:44 - 2009-07-14 07:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI

2015-07-27 19:41 - 2009-07-14 06:45 - 00022752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2015-07-27 19:41 - 2009-07-14 06:45 - 00022752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2015-07-27 19:37 - 2013-11-27 19:39 - 00000000 ____D C:\Users\Herr\AppData\Local\LogMeIn Hamachi

2015-07-27 16:10 - 2011-03-03 10:47 - 00003930 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{B6123501-8938-49ED-993A-DE192AEF27B7}

2015-07-27 16:04 - 2011-04-25 20:00 - 00000437 _____ C:\Windows\system32\Drivers\etc\hosts.ics

2015-07-27 16:02 - 2013-02-06 20:10 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2015-07-27 16:01 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2015-07-27 16:01 - 2009-07-14 06:51 - 00248386 _____ C:\Windows\setupact.log

2015-07-26 23:48 - 2011-03-03 09:57 - 01246133 _____ C:\Windows\WindowsUpdate.log

2015-07-26 16:49 - 2011-03-03 09:55 - 01252118 _____ C:\Windows\PFRO.log

2015-07-26 15:24 - 2013-10-21 00:12 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk

2015-07-25 22:23 - 2011-03-21 15:38 - 00000000 ____D C:\Windows\System32\Tasks\Games

2015-07-25 20:20 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default

2015-07-25 20:03 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini

2015-07-24 19:07 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache

2015-07-24 15:43 - 2015-05-21 09:45 - 00000000 ___SD C:\Windows\SysWOW64\GWX

2015-07-24 15:43 - 2015-05-21 09:45 - 00000000 ___SD C:\Windows\system32\GWX

2015-07-24 15:24 - 2009-07-14 06:45 - 05337160 _____ C:\Windows\system32\FNTCACHE.DAT

2015-07-24 15:21 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions

2015-07-24 15:20 - 2014-12-12 18:42 - 00000000 ____D C:\Windows\system32\appraiser

2015-07-24 15:20 - 2014-05-07 03:01 - 00000000 ___SD C:\Windows\system32\CompatTel

2015-07-24 15:04 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT

2015-07-24 14:42 - 2011-03-03 11:06 - 00000000 ____D C:\ProgramData\Microsoft Help

2015-07-24 14:32 - 2013-07-22 23:30 - 00000000 ____D C:\Windows\system32\MRT

2015-07-24 00:22 - 2012-03-08 20:47 - 00000000 ____D C:\Users\Herr\AppData\Roaming\vlc

2015-07-22 16:40 - 2015-06-26 15:45 - 00000000 ____D C:\Users\Herr\Desktop\Wohnung

2015-07-22 16:40 - 2015-02-07 23:21 - 00000000 ____D C:\Users\Herr\Desktop\sonstiges

2015-07-22 12:34 - 2014-03-11 13:27 - 00000000 ____D C:\ProgramData\Cisco

2015-07-22 12:34 - 2014-03-11 13:27 - 00000000 ____D C:\Program Files (x86)\Cisco

2015-07-21 13:59 - 2014-08-04 13:16 - 00000000 ____D C:\Users\Herr\Desktop\MUSIK

2015-07-19 21:31 - 2011-03-03 10:19 - 00000000 ____D C:\Temp

2015-07-17 13:44 - 2011-03-10 20:23 - 00000000 ____D C:\Users\Herr\Documents\STUDIUM

2015-07-16 15:41 - 2013-02-06 20:10 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2015-07-16 15:41 - 2013-02-06 20:10 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2015-07-16 15:17 - 2014-06-02 11:58 - 00000652 _____ C:\Users\Herr\AppData\Local\PMB Filer耯pa

2015-07-16 15:16 - 2011-03-03 11:08 - 00000000 ____D C:\Users\Herr\AppData\Local\Adobe

2015-07-16 15:15 - 2012-10-09 17:14 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2015-07-16 15:15 - 2012-02-02 19:34 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2015-07-15 20:13 - 2011-03-03 10:42 - 00000000 ____D C:\Users\Herr

2015-07-15 13:42 - 2015-01-22 22:55 - 00000000 ____D C:\Users\Herr\Desktop\Sicherungen

2015-07-15 12:05 - 2015-05-26 15:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2015-07-15 12:05 - 2013-10-21 00:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2015-07-12 19:10 - 2013-10-21 00:12 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2015-07-12 01:45 - 2011-03-18 19:25 - 00000000 ____D C:\Users\Herr\AppData\Roaming\Skype

2015-07-11 12:57 - 2012-03-08 22:47 - 00000000 ____D C:\Users\Herr\Daten

2015-07-11 12:51 - 2011-03-10 20:11 - 00000000 ____D C:\Users\Herr\Freizeit

2015-07-11 12:43 - 2013-09-27 18:31 - 00000000 ____D C:\Users\Herr\Desktop\PnP

2015-07-11 12:36 - 2014-08-08 16:09 - 00132608 ___SH C:\Users\Herr\Documents\Thumbs.db

2015-07-11 12:24 - 2011-03-10 20:25 - 00000000 ____D C:\Users\Herr\Documents\Verschiedenes

2015-07-08 18:03 - 2014-04-29 13:53 - 00000000 ____D C:\Users\Herr\Desktop\KARRIERE

2015-07-07 16:02 - 2015-03-29 19:31 - 00000000 ____D C:\Users\Herr\Desktop\Reise

2015-07-06 18:35 - 2014-08-14 13:07 - 00000000 ____D C:\ProgramData\Package Cache

2015-07-06 18:35 - 2012-09-28 12:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

2015-07-06 18:35 - 2012-09-28 12:02 - 00000000 ____D C:\Program Files (x86)\Avira

2015-07-06 18:35 - 2012-09-27 12:10 - 00000000 ____D C:\ProgramData\Avira

2015-07-03 08:43 - 2011-03-03 11:41 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2015-07-02 18:36 - 2011-03-18 19:25 - 00000000 ___RD C:\Program Files (x86)\Skype

2015-07-02 18:36 - 2011-03-18 19:25 - 00000000 ____D C:\ProgramData\Skype

2015-07-02 17:24 - 2014-08-04 13:18 - 00000000 ____D C:\Users\Herr\Desktop\zusätzliche Verknüpfungen

2015-07-02 17:22 - 2011-03-03 10:47 - 00000000 ____D C:\Users\Herr\AppData\Roaming\Adobe

2015-07-02 17:19 - 2011-03-17 16:21 - 00000000 ____D C:\Program Files (x86)\Adobe

2015-07-02 17:19 - 2011-03-03 10:00 - 00000000 ____D C:\ProgramData\Adobe
 

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
 

2014-06-02 11:58 - 2015-07-16 15:17 - 0000652 _____ () C:\Users\Herr\AppData\Local\PMB Filer耯pa

2015-07-10 13:57 - 2015-07-10 13:57 - 0007598 _____ () C:\Users\Herr\AppData\Local\Resmon.ResmonCfg

2014-08-01 20:05 - 2014-08-01 20:05 - 0000000 _____ () C:\Users\Herr\AppData\Local\{7E607ED7-7036-4A22-8831-48FAE17427F4}

2014-10-15 21:21 - 2014-10-15 21:22 - 0000000 _____ () C:\Users\Herr\AppData\Local\{E14DBA54-D6A4-4982-A18F-71882022FF80}

2011-03-18 19:26 - 2011-03-18 19:26 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

2011-03-03 10:11 - 2011-03-03 10:11 - 0000221 _____ () C:\ProgramData\MusicStation.xml
 

Einige Dateien in TEMP:

====================

C:\Users\Herr\AppData\Local\Temp\avgnt.exe

C:\Users\Herr\AppData\Local\Temp\Quarantine.exe

C:\Users\Herr\AppData\Local\Temp\sqlite3.dll
 
 

==================== Bamital & volsnap Check =================
 

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
 

C:\Windows\System32\winlogon.exe => Datei ist digital signiert

C:\Windows\System32\wininit.exe => Datei ist digital signiert

C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert

C:\Windows\explorer.exe => Datei ist digital signiert

C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert

C:\Windows\System32\svchost.exe => Datei ist digital signiert

C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert

C:\Windows\System32\services.exe => Datei ist digital signiert

C:\Windows\System32\User32.dll => Datei ist digital signiert

C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert

C:\Windows\System32\userinit.exe => Datei ist digital signiert

C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert

C:\Windows\System32\rpcss.dll => Datei ist digital signiert

C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert
 
 

LastRegBack: 2015-07-23 13:51
 

==================== Ende von log ============================

--- --- ---

Symptome gibt's keine mehr. Aber der Eset Online Scanner hat nochmal paar Sachen gefunden von denen zwar vermutlich nicht alle problematisch sind, aber ich lass mal lieber Dich das beurteilen...

Lg,

nachtw1nd