| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: schwarzer Balken am unteren Rand des BildschirmsWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
09.09.2013, 09:45
| #1 |
| |  schwarzer Balken am unteren Rand des Bildschirms Guten Morgen, seit dem ich heute morgen im Internet bin, fand ich einen schwarzen Balken, während ich eine Seite offen hab. Der Balken ist nicht da, wenn ich Firefox schließe, er ist erst dann da, sobald ich google oder eine andere Internetseite aufmache. Der Balken ist auch da, wenn ich eine Datei öffne. Mittlerweile fand ich heraus, dass er von meinem Bildschirmhintergrund kommt, bin aber nicht in der Lage, dass er nicht mehr angezeigt wird, wenn ich zb ins Internet geh hxxp://www.ezimba.com/work/130909C/ezimba16163765013605.jpg Dazu kommt, dass ich auf anderen Seiten, wo ich registriert bin, die Bilder nicht mehr richtig sehen kann. Ebenso ist es mir nicht möglich Tags wie [ url]...[ / url] mit einem Mausklick auszuwählen. Momentan lasse ich einen Check mit Antivir ausführen, der allerdings immer einige Stunden dauert, weswegen ich mich nun hilfesuchend ans Forum wende. Danke für die Hilfe PS: ich merke gerade, dass er bei dem Bildlink das http immer in ein hxxp umwandelt und weiß nicht wieso. Geändert von Malanna (09.09.2013 um 09:54 Uhr) |
|
09.09.2013, 10:08
| #2 |
| /// the machine /// TB-Ausbilder    | schwarzer Balken am unteren Rand des Bildschirms hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
09.09.2013, 10:57
| #3 |
| | schwarzer Balken am unteren Rand des Bildschirms Hi, schrauber,
__________________danke für die Antwort. Hier die beiden txt. Dateien FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-09-2013
Ran by Joanna (administrator) on JOANNA-PC on 09-09-2013 11:13:14
Running from C:\Users\Joanna\Downloads
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
(ScanSoft, Inc.) C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
(Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
(Spigot, Inc.) C:\Program Files\Search Settings\SearchSettings.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdSync.exe
() C:\Program Files\i@Sky WIC\iatsky.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(CANON INC.) C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(pdfforge GbR) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files\PDF Architect\ConversionService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(Syntek America Inc.) C:\Windows\System32\StkCSrv.exe
(TuneUp Software) C:\Windows\System32\TUProgSt.exe
(Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Windows\system32\WerCon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avscan.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avscan.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Cerulean Studios) C:\Program Files\Trillian\trillian.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] - RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [6111232 2008-04-17] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416 2007-10-26] (Synaptics, Inc.)
HKLM\...\Run: [RemoteControl] - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [71216 2007-03-14] (Cyberlink Corp.)
HKLM\...\Run: [LanguageShortcut] - C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [52256 2007-01-08] ()
HKLM\...\Run: [SSBkgdUpdate] - C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [185896 2006-09-28] (Nuance Communications, Inc.)
HKLM\...\Run: [OpwareSE4] - C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [75304 2006-10-11] (ScanSoft, Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2008-10-15] (Adobe Systems Incorporated)
HKLM\...\Run: [MobileConnect] - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2060288 2008-03-13] (Vodafone)
HKLM\...\Run: [SearchSettings] - C:\Program Files\Search Settings\SearchSettings.exe [1024512 2009-07-29] (Spigot, Inc.)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [Windows Mobile-based device management] - C:\Windows\WindowsMobile\wmdSync.exe [215552 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [IATSKY] - C:\Program Files\i@Sky WIC\iatsky.exe [335872 2011-07-26] ()
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2516296 2010-03-24] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenuEx] - C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-02] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [702024 2012-12-13] (Cisco Systems, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2289664 2008-03-17] (Hewlett-Packard Company)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
MountPoints2: F - F:\setup.exe
MountPoints2: {9dd9e84a-7e95-11de-a0aa-0013776eabeb} - F:\setup.exe
MountPoints2: {9dd9e86b-7e95-11de-a0aa-0013776eabeb} - F:\setup.exe
MountPoints2: {b9926651-62ef-11dd-823a-806e6f6e6963} - E:\zdata\cobi.exe
MountPoints2: {d0ec1c68-f1fd-11de-b267-0013776eabeb} - nvda\nvda.exe
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk
ShortcutTarget: BTTray.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Joanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Joanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk
ShortcutTarget: OpenOffice.org 3.0.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.dll (Spigot, Inc.)
SearchScopes: HKCU - DefaultScope {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
SearchScopes: HKCU - {49379A46-306B-4E39-B6B0-EA99FA1E6A6B} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=867034&p={searchTerms}
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.dll (Spigot, Inc.)
Toolbar: HKLM - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files\PDF Architect\PDFIEPlugin.dll (pdfforge GbR)
Toolbar: HKCU -&Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Joanna\AppData\Roaming\Mozilla\Firefox\Profiles\mkkc9wph.default
FF user.js: detected! => C:\Users\Joanna\AppData\Roaming\Mozilla\Firefox\Profiles\mkkc9wph.default\user.js
FF DefaultSearchEngine: ICQ Search
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.de/
FF Keyword.URL: hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.6&q=
FF NetworkProxy: "backup.ftp", "proxy.uni-hamburg.de"
FF NetworkProxy: "backup.ftp_port", 3128
FF NetworkProxy: "backup.socks", "proxy.uni-hamburg.de"
FF NetworkProxy: "backup.socks_port", 3128
FF NetworkProxy: "backup.ssl", "proxy.uni-hamburg.de"
FF NetworkProxy: "backup.ssl_port", 3128
FF NetworkProxy: "ftp", "proxy.uni-hamburg.de"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "http", "proxy.uni-hamburg.de"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "proxy.uni-hamburg.de"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "proxy.uni-hamburg.de"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @cambridgesoft.com/Chem3D,version=11.0 - C:\Programme\CambridgeSoft\ChemOffice2008\Chem3D\npChem3DPlugin.dll (CambridgeSoft Corp.)
FF Plugin: @cambridgesoft.com/ChemDraw,version=11.0 - C:\Programme\CambridgeSoft\ChemOffice2008\ChemDraw\npcdp32.dll (CambridgeSoft Corp.)
FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin HKCU: @movenetworks.com/Quantum Media Player - C:\Users\Joanna\AppData\Roaming\Move Networks\plugins\071803000001\npqmp071803000001.dll (Move Networks)
FF SearchPlugin: C:\Users\Joanna\AppData\Roaming\Mozilla\Firefox\Profiles\mkkc9wph.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\Joanna\AppData\Roaming\Mozilla\Firefox\Profiles\mkkc9wph.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Joanna\AppData\Roaming\Mozilla\Firefox\Profiles\mkkc9wph.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Joanna\AppData\Roaming\Mozilla\Firefox\Profiles\mkkc9wph.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Users\Joanna\AppData\Roaming\Mozilla\Firefox\Profiles\mkkc9wph.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Joanna\AppData\Roaming\Mozilla\Firefox\Profiles\mkkc9wph.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Joanna\AppData\Roaming\Mozilla\Firefox\Profiles\mkkc9wph.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: Flashblock - C:\Users\Joanna\AppData\Roaming\Mozilla\Firefox\Profiles\mkkc9wph.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
FF Extension: multilinks - C:\Users\Joanna\AppData\Roaming\Mozilla\Firefox\Profiles\mkkc9wph.default\Extensions\multilinks@plugin.xpi
FF Extension: personas - C:\Users\Joanna\AppData\Roaming\Mozilla\Firefox\Profiles\mkkc9wph.default\Extensions\personas@christopher.beard.xpi
FF Extension: No Name - C:\Users\Joanna\AppData\Roaming\Mozilla\Firefox\Profiles\mkkc9wph.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\Joanna\AppData\Roaming\Mozilla\Firefox\Profiles\mkkc9wph.default\Extensions\{89506680-e3f4-484c-a2c0-ed711d481eda}.xpi
FF Extension: No Name - C:\Users\Joanna\AppData\Roaming\Mozilla\Firefox\Profiles\mkkc9wph.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Joanna\AppData\Roaming\Mozilla\Firefox\Profiles\mkkc9wph.default\Extensions\{FBF6D7FB-F305-4445-BB3D-FEF66579A033}.xpi
FF Extension: Search Settings Plugin - C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] C:\Program Files\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "urls_to_restore_on_startup": [ ]
========================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-09-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-02] (Avira Operations GmbH & Co. KG)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1522312 2012-11-22] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [905864 2012-11-22] (pdfforge GbR)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2006-12-19] ()
S2 Samsung Update Plus; C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe [73728 2007-06-28] ()
R2 StkSSrv; C:\Windows\System32\StkCSrv.exe [31248 2008-01-16] (Syntek America Inc.)
S3 TuneUp.Defrag; C:\Windows\System32\TuneUpDefragService.exe [361288 2009-08-26] (TuneUp Software)
R2 TuneUp.ProgramStatisticsSvc; C:\Windows\System32\TUProgSt.exe [604488 2009-08-26] (TuneUp Software)
R2 VMCService; C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [24576 2008-03-13] (Vodafone)
R2 vpnagent; C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [544840 2012-12-13] (Cisco Systems, Inc.)
==================== Drivers (Whitelisted) ====================
S3 acsint; C:\Windows\System32\DRIVERS\acsint.sys [39888 2012-12-13] (Cisco Systems, Inc.)
S3 acsmux; C:\Windows\System32\DRIVERS\acsmux.sys [58320 2012-12-13] (Cisco Systems, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [88840 2013-09-02] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136672 2013-09-02] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-20] (Avira Operations GmbH & Co. KG)
R0 CLFS; C:\Windows\System32\CLFS.sys [245736 2009-04-11] (Microsoft Corporation)
R2 KMDFMEMIO; C:\Windows\System32\DRIVERS\kmdfmemio.sys [13312 2008-07-10] (SAMSUNG ELECTRONICS CO., LTD.)
S3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
R3 StkCMini; C:\Windows\System32\Drivers\StkCMini.sys [1363088 2008-03-28] (Syntek)
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 KLIF; system32\DRIVERS\klif.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-09 11:09 - 2013-09-09 11:09 - 01082207 _____ (Farbar) C:\Users\Joanna\Downloads\FRST.exe
2013-09-08 20:33 - 2013-09-08 20:33 - 00003883 _____ C:\Users\Joanna\Desktop\solgel.sk2
2013-09-03 14:29 - 2013-09-03 14:29 - 00057195 _____ C:\Users\Joanna\Desktop\Anatas1
2013-09-03 14:29 - 2013-09-03 14:29 - 00038162 _____ C:\Users\Joanna\Desktop\IM741
2013-09-03 14:28 - 2013-09-03 14:28 - 00038162 _____ C:\Users\Joanna\Desktop\IM74.ASC
2013-09-02 22:59 - 2013-09-02 23:00 - 18037398 _____ C:\Users\Joanna\Downloads\Gwyddion-2.31.win32.exe
2013-09-02 14:58 - 2013-09-02 14:58 - 03507744 _____ C:\Users\Joanna\Desktop\Andreas.zip
2013-09-02 14:58 - 2013-09-02 14:58 - 00000000 ____D C:\Users\Joanna\Desktop\Andreas
2013-08-28 08:46 - 2013-08-02 06:09 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-16 07:50 - 2013-07-25 04:26 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-16 07:50 - 2013-07-25 04:24 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-16 07:50 - 2013-07-25 04:23 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-16 07:50 - 2013-07-25 04:23 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-16 07:50 - 2013-07-25 04:23 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-08-16 07:50 - 2013-07-25 04:23 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-08-16 07:50 - 2013-07-25 04:22 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-16 07:50 - 2013-07-25 04:22 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-16 07:50 - 2013-07-25 04:22 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-08-16 07:49 - 2013-07-25 04:40 - 12334080 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-16 07:49 - 2013-07-25 04:32 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-16 07:49 - 2013-07-25 04:30 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-16 07:49 - 2013-07-25 04:26 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-16 07:49 - 2013-07-25 04:25 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-08-16 07:49 - 2013-07-25 04:24 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-08-16 07:49 - 2013-07-25 04:23 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-14 06:45 - 2013-07-05 06:53 - 00905664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 06:45 - 2013-06-15 15:22 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2013-08-14 06:45 - 2013-06-15 13:23 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-14 06:44 - 2013-07-17 21:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 06:44 - 2013-07-10 11:47 - 00783360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 06:44 - 2013-07-09 14:10 - 01205168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 06:44 - 2013-07-08 06:55 - 03603904 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-08-14 06:44 - 2013-07-08 06:55 - 03551680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 06:44 - 2013-07-08 06:20 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 06:44 - 2013-07-08 06:16 - 00992768 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 06:44 - 2013-07-08 06:16 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 06:44 - 2013-07-08 06:16 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-11 19:25 - 2013-08-11 19:25 - 00000000 ____D C:\ProgramData\AVAST Software
2013-08-11 19:22 - 2013-08-11 19:24 - 117478104 _____ C:\Users\Joanna\Downloads\avast_free_antivirus_setup_8.0.1489.300.exe
2013-08-11 11:06 - 2013-09-09 10:24 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
==================== One Month Modified Files and Folders =======
2013-09-09 11:10 - 2013-09-09 11:10 - 00000000 ____D C:\FRST
2013-09-09 11:09 - 2013-09-09 11:09 - 01082207 _____ (Farbar) C:\Users\Joanna\Downloads\FRST.exe
2013-09-09 11:06 - 2011-06-26 09:49 - 00001744 _____ C:\Users\Joanna\Desktop\Trillian.lnk
2013-09-09 11:06 - 2011-06-26 09:49 - 00001734 _____ C:\Users\Joanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trillian.lnk
2013-09-09 11:00 - 2009-08-26 16:51 - 00000522 _____ C:\Windows\Tasks\1-Klick-Wartung.job
2013-09-09 10:51 - 2008-07-10 08:05 - 00042238 _____ C:\ProgramData\nvModes.001
2013-09-09 10:28 - 2008-08-05 15:17 - 01797205 _____ C:\Windows\WindowsUpdate.log
2013-09-09 10:24 - 2013-08-11 11:06 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-09 10:15 - 2012-06-20 13:37 - 00064414 _____ C:\Windows\system32\dmlg.dat
2013-09-09 10:15 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-09 10:14 - 2006-11-02 15:01 - 00032582 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-09 10:10 - 2008-12-24 19:43 - 00000000 ____D C:\Users\Joanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2013-09-09 10:10 - 2008-07-10 08:04 - 00042238 _____ C:\ProgramData\nvModes.dat
2013-09-09 10:10 - 2006-11-02 14:47 - 00004784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-09 10:10 - 2006-11-02 14:47 - 00004784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-09 10:08 - 2008-07-10 23:15 - 00000012 _____ C:\Windows\bthservsdp.dat
2013-09-09 01:01 - 2006-11-02 12:33 - 01707656 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-09 00:44 - 2013-08-05 07:25 - 00017708 _____ C:\Users\Joanna\Desktop\protokoll.sk2
2013-09-09 00:44 - 2012-07-30 10:17 - 00000584 _____ C:\Users\Joanna\Documents\grstyles.stl
2013-09-09 00:32 - 2012-07-30 10:31 - 00000070 _____ C:\Users\Joanna\Documents\LastLab.sk
2013-09-09 00:13 - 2013-02-03 00:07 - 00000866 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-09 00:13 - 2012-09-30 19:16 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-09 00:08 - 2013-05-06 18:11 - 00000000 ____D C:\Users\Joanna\AppData\Roaming\Skype
2013-09-08 20:33 - 2013-09-08 20:33 - 00003883 _____ C:\Users\Joanna\Desktop\solgel.sk2
2013-09-03 14:29 - 2013-09-03 14:29 - 00057195 _____ C:\Users\Joanna\Desktop\Anatas1
2013-09-03 14:29 - 2013-09-03 14:29 - 00038162 _____ C:\Users\Joanna\Desktop\IM741
2013-09-03 14:28 - 2013-09-03 14:28 - 00038162 _____ C:\Users\Joanna\Desktop\IM74.ASC
2013-09-02 23:00 - 2013-09-02 22:59 - 18037398 _____ C:\Users\Joanna\Downloads\Gwyddion-2.31.win32.exe
2013-09-02 14:58 - 2013-09-02 14:58 - 03507744 _____ C:\Users\Joanna\Desktop\Andreas.zip
2013-09-02 14:58 - 2013-09-02 14:58 - 00000000 ____D C:\Users\Joanna\Desktop\Andreas
2013-09-02 14:50 - 2013-02-03 01:23 - 00136672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-02 14:50 - 2013-02-03 01:23 - 00088840 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-08-30 17:36 - 2013-05-05 15:45 - 00000000 ____D C:\Users\Joanna\Desktop\PC-Praktikum
2013-08-30 17:35 - 2013-03-10 13:48 - 00000000 ____D C:\Users\Joanna\Desktop\Uni
2013-08-26 17:47 - 2013-05-29 16:29 - 00000000 ____D C:\wingx
2013-08-16 08:42 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-08-16 08:40 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-08-16 08:12 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2013-08-15 10:36 - 2013-07-14 07:04 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 10:28 - 2006-11-02 12:24 - 75778376 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-08-15 10:24 - 2008-07-10 08:06 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-11 19:25 - 2013-08-11 19:25 - 00000000 ____D C:\ProgramData\AVAST Software
2013-08-11 19:24 - 2013-08-11 19:22 - 117478104 _____ C:\Users\Joanna\Downloads\avast_free_antivirus_setup_8.0.1489.300.exe
2013-08-11 11:07 - 2008-12-28 22:11 - 00000000 ____D C:\Users\Joanna\AppData\Local\Adobe
2013-08-11 11:06 - 2013-03-07 19:17 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-08-11 11:06 - 2011-12-10 14:33 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-08-10 21:40 - 2008-07-10 08:21 - 00000000 ____D C:\avs contents
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-09-09 10:23
==================== End Of Log ============================
--- --- --- --- --- --- und der Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 09-09-2013 Ran by Joanna at 2013-09-09 11:23:25 Running from C:\Users\Joanna\Downloads Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= Update for Microsoft Office 2007 (KB2508958) AAC Decoder (Version: 7.1.0) ACD/Labs Software in C:\Program Files\ACDFREE12\ (Version: v12.00, FREE) Activation Assistant for the 2007 Microsoft Office suites Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0) Adobe Flash Player 10 ActiveX (Version: 10.0.12.36) Adobe Flash Player 11 Plugin (Version: 11.8.800.94) Adobe Flash Player 9 ActiveX (Version: 9) Adobe Reader 8.1.4 - Deutsch (Version: 8.1.4) Adobe Shockwave Player 11.5 (Version: 11.5.9.620) Agere Systems HDA Modem ArcSoft PhotoStudio 5.5 Atheros WLAN Client (Version: 1.00.000) Audio Recorder for Free 2010 v12.8.2 AutoUpdate (Version: 1.1) Avira Free Antivirus (Version: 13.0.0.4052) Bubblet! Business Contact Manager für Outlook 2007 SP2 (Version: 3.0.8619.1) Calc 3D Pro 2.1.7 (Version: 2.1.7) CambridgeSoft ChemDraw Pro 11.0 (Version: 11.0) Canon Easy-PhotoPrint EX Canon MG5200 series Benutzerregistrierung Canon MG5200 series MP Drivers Canon MP Navigator EX 4.0 Canon MP510 Benutzerregistrierung Canon My Printer Canon Solution Menu EX CCleaner (Version: 3.00) CD-LabelPrint Cisco AnyConnect Secure Mobility Client (Version: 3.1.02026) Cisco AnyConnect Secure Mobility Client (Version: 3.1.02026) CyberLink DVD Suite (Version: 5.0.2403) CyberLink Power2Go (Version: 5.0.3825) D3DX10 (Version: 15.4.2368.0902) Die Siedler 2 - Die nächste Generation (Version: 1.00.0000) Die Siedler III Gold Edition DivX Codec (Version: 6.9.1) DivX Player (Version: 7.2.0) DivX Plus DirectShow Filters DivX Version Checker (Version: 7.1.0.9) DivX Web Player (Version: 1.5.0) Easy Battery Manager (Version: 3.2.1.7) Easy Display Manager (Version: 2.0.0.0) Easy Network Manager 3.0 (Version: 3.0.0.0) Easy SpeedUp Manager (Version: 2.0.1.0) Electric Field Hockey Electric Field of Dreams Fityk 0.8.9 (Version: 0.8.9) FLV Player 2.0 (build 25) (Version: 2.0 (build 25)) FormatFactory 2.50 (Version: 2.50) Free Audio CD Burner version 1.4 Free FLV Converter V 6.94.0 (Version: 6.94.0.0) Free WMA to MP3 Converter 1.16 Free YouTube to MP3 Converter version 3.9 GeoGebra GIMP 2.6.11 (Version: 2.6.11) H.264 Decoder (Version: 1.1.0) i@Sky WIC (Version: 1.1) ImageJ 1.46r imagine digital freedom - Samsung (Version: 1.0.2.0) Intel PROSet Wireless Intel(R) PROSet/Wireless WiFi-Software (Version: 12.00.2000) Intel® Matrix Storage Manager ISIS Draw 2.1.4 Standalone Japanese Fonts Support For Adobe Reader 8 (Version: 8.0) Java 7 Update 21 (Version: 7.0.210) Java Auto Updater (Version: 2.1.9.5) Java(TM) 6 Update 30 (Version: 6.0.300) KaloMa 4.91 Kaspersky Security Suite CBE (Version: 7.0.1.325) LabelPrint (Version: .2406) Largo LBreakout2 2.4.1 LightScribe System Software 1.12.37.1 (Version: 1.12.37.1) Liquid Story Binder XE version 4.93 (Version: 4.93) Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300) Mercury (Version: 3.1) MestReNova 8.0.1-10878 (Version: 8.0.1-10878) Microsoft .NET Framework 3.5 Language Pack SP1 - DEU Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729) Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319) Microsoft .NET Framework 4 Extended (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6012.5000) Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000) Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000) Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014) Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Server Speech Recognition Language - TELE (de-DE) (Version: 11.0.7400.335) Microsoft Silverlight (Version: 5.1.20513.0) Microsoft SOAP Toolkit 2.0 SP2 (Version: 623.1) Microsoft SQL Server 2005 Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (Version: 9.4.5000.00) Microsoft SQL Server Native Client (Version: 9.00.5000.00) Microsoft SQL Server VSS Writer (Version: 9.00.5000.00) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219) MKV Splitter (Version: 1.0.1) Move Media Player Mozilla Firefox 12.0 (x86 de) (Version: 12.0) Mozilla Maintenance Service (Version: 17.0.8) Mozilla Thunderbird 17.0.8 (x86 de) (Version: 17.0.8) MSVCRT (Version: 15.4.2862.0708) MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0) No23 Recorder (Version: 2.1.0.3) Nostale Online DE (Remove) Notepad++ (Version: 5.9.4) NVIDIA Drivers OpenOffice.org 3.0 (Version: 3.0.9358) OpenTTD 1.0.0-RC2 (Version: 1.0.0-RC2) Opera 10.00 (Version: 10.00) Opera 11.10 (Version: 11.10.2092) Origin85 (Version: 8.50.000) Origin90 (Version: 9.00.00) OriginPro 8.5G (Version: 8.5) p.i.c.s. Spielesammlung Paint.NET v3.5.8 (Version: 3.58.0) PDF Architect (Version: 1.0.41.8362) PDFCreator (Version: 1.6.0) PhotoFiltre Platon Taskbar 1.17 (Version: 1.17) Play AVStation (Version: 4.1.20.50) Play Camera (Version: 2.0.0.13) PowerDirector (Version: 5.0.3927) PowerDVD (Version: 7.0.3118.0) PowerProducer (Version: 085120(3.7)_Vista_SSPC) Project64 1.6 (Version: 1.6) QtiPlot 0.9.7.10 Quantum Bound States Realtek High Definition Audio Driver (Version: 6.0.1.5605) RollerCoaster Tycoon 3 Samsung Magic Doctor (Version: 5.00) Samsung Recovery Solution III (Version: 3.0.0.5) Samsung Update Plus (Version: 1.3.0.11) ScanSoft OmniPage SE 4.0 (Version: 15.00.0020) scilab-5.2.1 Search Settings 1.2.2 SecondLifeViewer (remove only) SecureW2 EAP Suite 2.0.2 for Windows Segoe UI (Version: 15.4.2271.0615) ShelXTL Skype™ 6.6 (Version: 6.6.106) Spelling Dictionaries Support For Adobe Reader 8 (Version: 8.0.0) SpinWorks Summer Challenge Sweet Home 3D version 3.3 Synaptics Pointing Device Driver (Version: 10.1.2.0) Trillian TuneUp Utilities 2009 (Version: 8.0.3300.1) Uninstall WinGX (Version: 1.80.05) Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (Version: 9.00.5000.00) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (Version: 1) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2768023) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817642) 32-Bit Edition Update für Microsoft Office Excel 2007 Help (KB963678) Update für Microsoft Office Outlook 2007 Help (KB963677) Update für Microsoft Office Powerpoint 2007 Help (KB963669) Update für Microsoft Office Word 2007 Help (KB963665) USB2.0 UVC 1.3M WebCam USB2.0 UVC WebCam (Version: 6.11.706.012) User Guide (Version: 1.0) v2011.build.46 (Version: v2011.build.46) VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0) VLC media player 0.9.8a (Version: 0.9.8a) Vodafone Mobile Connect Lite Huawei (Version: 9.3.0.9237) WIDCOMM Bluetooth Software 6.0.1.6300 (Version: 6.0.1.6300) Widelands (Version: Widelands) Windows Live Communications Platform (Version: 15.4.3502.0922) Windows Live Essentials (Version: 15.4.3502.0922) Windows Live Essentials (Version: 15.4.3508.1109) Windows Live ID Sign-in Assistant (Version: 7.250.4225.0) Windows Live Installer (Version: 15.4.3502.0922) Windows Live Messenger (Version: 15.4.3502.0922) Windows Live Photo Common (Version: 15.4.3502.0922) Windows Live PIMT Platform (Version: 15.4.3508.1109) Windows Live SOXE (Version: 15.4.3502.0922) Windows Live SOXE Definitions (Version: 15.4.3502.0922) Windows Live UX Platform (Version: 15.4.3502.0922) Windows Live UX Platform Language Pack (Version: 15.4.3508.1109) WinRAR WSxM Zetasizer Software 7.1.0.0 (Version: 7.1.0.0) ==================== Restore Points ========================= 14-08-2013 05:10:03 Geplanter Prüfpunkt 15-08-2013 07:50:13 Windows Update 16-08-2013 05:45:02 Windows Update 17-08-2013 06:17:28 Geplanter Prüfpunkt 21-08-2013 07:36:03 Geplanter Prüfpunkt 23-08-2013 14:59:18 Geplanter Prüfpunkt 29-08-2013 04:16:47 Windows Update 05-09-2013 07:28:32 Geplanter Prüfpunkt 06-09-2013 06:40:08 Geplanter Prüfpunkt 07-09-2013 08:44:45 Geplanter Prüfpunkt ==================== Hosts content: ========================== 2006-11-02 12:23 - 2012-07-30 16:00 - 00000804 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost 193.174.167.65 vpn.rrz.uni-hamburg.de ==================== Scheduled Tasks (whitelisted) ============= Task: {0B5793FE-27E9-459F-B0DF-7A0CAC9469C8} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-21] (Microsoft Corp.) Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM Task: {1F272716-0816-46B5-B604-886FD97D5353} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-21] (Microsoft Corporation) Task: {2DA0BC4D-57D7-4DDE-8BCB-24A26B898F04} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation) Task: {6AC9C2C8-AE81-4964-82DF-69808DA26680} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2008-01-21] (Microsoft Corporation) Task: {847FEFFA-D794-4ED1-8E8A-B70D11C49F76} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task Task: {99AB33AE-62AE-4F49-B79C-B94B652614F2} - System32\Tasks\SamsungMagicDoctor => C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe [2007-07-05] (Samsung Electronics Co., Ltd.) Task: {A61555D3-7840-45C1-A5A9-0D49851DE37A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-21] (Microsoft Corporation) Task: {C3C9EBBC-4E65-4557-AD6F-4F2D7254593B} - System32\Tasks\WPD\SqmUpload_S-1-5-21-2811159846-3605006464-561268004-1003 => C:\Windows\System32\portabledeviceapi.dll [2009-10-01] (Microsoft Corporation) Task: {C6E33D66-5979-4CBC-91D4-C4B6B0F5A6C7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-11] (Adobe Systems Incorporated) Task: {C6F81B65-BFC6-47E4-A88F-3E7A824ED137} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [2008-05-22] (SAMSUNG Electronics) Task: {C9A8DDED-5F20-471D-82BC-58C87ABA7F90} - System32\Tasks\1-Klick-Wartung => C:\Program Files\TuneUp Utilities 2009\OneClickStarter.exe [2009-07-15] (TuneUp Software GmbH) Task: {CACDEBC3-9266-495A-BE59-F93B9EA19AB4} - System32\Tasks\EasySpeedUpManager => C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2008-04-25] (Samsung Electronics Co., Ltd.) Task: {D33B57A7-CEDE-4E17-B0E1-02C36AF32861} - System32\Tasks\{686EE625-7194-4034-B74D-56DD8D2AF4F6} => Firefox.exe hxxp://ui.skype.com/ui/0/6.5.0.158/de/go/help.faq.installer?LastError=1618 Task: {E4EE27B5-8BE6-4430-8C98-99DF6097CBE5} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe [2008-04-17] (SAMSUNG Electronics co., LTD.) Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] () Task: C:\Windows\Tasks\1-Klick-Wartung.job => C:\Program Files\TuneUp Utilities 2009\OneClickStarter.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============= 2008-02-08 20:37 - 2008-02-08 20:37 - 00072208 _____ (Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\r3hook.dll 2008-02-08 20:37 - 2008-02-08 20:37 - 00084496 _____ (Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\adialhk.dll 2008-07-09 12:58 - 2008-06-09 00:23 - 05877760 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dum.dll 2008-02-12 06:19 - 2008-02-12 06:19 - 00208896 _____ (Broadcom Corporation.) C:\Windows\system32\btmmhook.dll 2008-02-08 20:37 - 2008-02-08 20:37 - 00158224 _____ (Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\scrchpg.dll 2008-02-08 20:37 - 2008-02-08 20:37 - 00109072 _____ (Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\dnsq.dll 2008-02-12 05:36 - 2008-02-12 05:36 - 00184320 _____ (Broadcom Corporation.) C:\Windows\system32\btncopy.dll 2008-07-09 12:58 - 2008-06-09 00:23 - 13543968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2008-07-09 12:58 - 2008-06-09 00:23 - 00454656 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll 2008-07-09 12:58 - 2008-06-09 00:23 - 00092704 _____ (NVIDIA Corporation) C:\Windows\system32\NvMcTray.dll 2008-07-09 12:58 - 2008-06-09 00:23 - 00454656 _____ (NVIDIA Corporation) C:\Windows\System32\nvapi.dll 2008-07-09 12:59 - 2007-10-26 07:01 - 00163840 _____ (Synaptics, Inc.) C:\Windows\system32\SynCOM.dll 2008-07-09 12:59 - 2007-10-26 07:09 - 00147456 _____ (Synaptics, Inc.) C:\Windows\system32\SynTPAPI.dll 2006-10-04 23:07 - 2006-10-04 23:07 - 00144936 _____ (ScanSoft, Inc.) C:\Program Files\ScanSoft\OmniPageSE4.0\OpHookSE4.dll 2008-03-13 19:08 - 2008-03-13 19:08 - 00221184 _____ (Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMC.BaseServices.Platform.dll 2008-03-13 19:08 - 2008-03-13 19:08 - 00217088 _____ (Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMC.ConnectionServices.dll 2008-03-13 19:08 - 2008-03-13 19:08 - 00110592 _____ (Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMC.ConnectionServicesInterface.dll 2008-03-13 19:08 - 2008-03-13 19:08 - 00147456 _____ (Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMC.UI.CommonDialogs.dll 2008-03-13 19:08 - 2008-03-13 19:08 - 00163840 _____ (Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMC.BaseServices.DataAccessor.dll 2008-03-13 19:08 - 2008-03-13 19:08 - 00065536 _____ (Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMC.WindowsService.Core.dll 2008-03-13 19:08 - 2008-03-13 19:08 - 00225280 _____ (Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMC.BaseServices.XmlSerializers.dll 2009-08-18 20:06 - 2009-04-11 08:28 - 00368640 _____ () C:\Windows\system32\msjetoledb40.dll 2008-03-13 19:08 - 2008-03-13 19:08 - 00454656 _____ (Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\WwanWrapper.dll 2008-03-07 16:43 - 2008-03-07 16:43 - 01514008 ____R (PCTEL Inc.) C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\WwanCore.dll 2008-03-07 16:43 - 2008-03-07 16:43 - 00129560 ____R (PCTEL Inc.) C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\Diagnostic.dll 2008-03-07 16:43 - 2008-03-07 16:43 - 00403992 ____R (PCTEL Inc.) C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\ToolBx.dll 2008-03-07 16:43 - 2008-03-07 16:43 - 00109080 _____ (PCTEL Inc.) C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\DevWiz.dll 2008-03-13 19:08 - 2008-03-13 19:08 - 00024576 _____ (Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMC.WindowsService.Messaging.dll 2008-03-13 19:08 - 2008-03-13 19:08 - 00036864 _____ (Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMC.ConnectionServices.TrafficOptimiser.dll 2009-07-29 19:38 - 2009-07-29 19:38 - 00045056 _____ (Spigot, Inc.) C:\Program Files\Search Settings\kb128\SearchSettingsRes409.dll 2012-09-20 19:54 - 2010-03-28 19:50 - 00077824 _____ (CANON INC.) C:\Program Files\Canon\MyPrinter\BJMyRes.dll 2012-09-20 19:57 - 2010-04-08 13:43 - 00032768 _____ (CANON INC.) C:\Program Files\Canon\Solution Menu EX\LangInfo\DE\CNSELANG.dll 2012-09-20 19:33 - 2010-08-25 05:00 - 00586752 _____ (CANON INC.) C:\Windows\system32\spool\DRIVERS\W32X86\3\CNMDRAE.DLL 2012-09-20 19:33 - 2010-08-25 05:00 - 02923008 _____ (CANON INC.) C:\Windows\system32\spool\DRIVERS\W32X86\3\CNMUIAE.DLL 2007-07-12 06:55 - 2007-07-12 06:55 - 01581056 _____ () C:\Program Files\Common Files\LightScribe\QtCore4.dll 2007-08-14 06:59 - 2007-08-14 06:59 - 06365184 _____ () C:\Program Files\Common Files\LightScribe\QtGui4.dll 2007-07-12 06:55 - 2007-07-12 06:55 - 00131072 _____ () C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll 2006-11-02 14:35 - 2006-11-02 14:35 - 00116736 _____ (Microsoft Corporation) C:\Windows\eHome\ehProxy.dll 2008-02-12 05:31 - 2008-02-12 05:31 - 00602112 _____ (Broadcom Corporation.) C:\Windows\system32\btwapi.dll 2008-02-12 05:46 - 2008-02-12 05:46 - 00233472 _____ (Broadcom Corporation.) C:\Windows\system32\btosif.dll 2008-02-12 05:58 - 2008-02-12 05:58 - 00393216 _____ (Broadcom Corporation.) C:\Windows\system32\btwhidcs.DLL 2008-02-12 05:26 - 2008-02-12 05:26 - 05271552 _____ (Broadcom Corporation.) C:\Windows\system32\btrez.dll 2006-11-02 10:57 - 2006-11-02 11:44 - 00418816 _____ (Microsoft Corporation) C:\Windows\system32\irprops.cpl 2008-07-29 15:55 - 2008-07-29 15:55 - 00969728 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll 2008-02-12 05:45 - 2008-02-12 05:45 - 00180224 _____ (Broadcom Corporation.) C:\Windows\system32\BtAudioHelper.dll 2008-02-12 05:50 - 2008-02-12 05:50 - 00442368 _____ (Broadcom Corporation.) C:\Windows\system32\btosif_ol.dll 2008-02-12 05:50 - 2008-02-12 05:50 - 00270336 _____ (Broadcom Corporation.) C:\Windows\system32\btosif_olx.dll 2008-02-12 05:49 - 2008-02-12 05:49 - 00335872 _____ (Broadcom Corporation.) C:\Windows\system32\btosif_notes.dll 2008-07-10 07:53 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files\Samsung\Samsung Magic Doctor\HookDllPS2.dll 2008-07-10 07:53 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll 2012-01-14 18:33 - 2012-04-21 03:16 - 00838584 _____ (sqlite.org) C:\Program Files\Mozilla Firefox\mozsqlite3.dll 2012-01-14 18:33 - 2012-04-21 03:16 - 01952696 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll 2010-08-10 00:00 - 2010-08-10 00:00 - 00059904 _____ () C:\Program Files\Trillian\zlib1.dll 2007-04-30 00:00 - 2007-04-30 00:00 - 00016896 _____ () C:\Program Files\Trillian\languages\de\trillian.dll 2010-08-10 00:00 - 2010-08-10 00:00 - 00147456 _____ (Cerulean Studios) C:\Program Files\Trillian\expatxml.dll 2010-08-10 00:00 - 2010-08-10 00:00 - 00163840 _____ (Cerulean Studios) C:\Program Files\Trillian\events.dll 2010-08-10 00:00 - 2010-08-10 00:00 - 00128376 _____ (Cerulean Studios) C:\Program Files\Trillian\crypto.dll 2010-08-10 00:00 - 2010-08-10 00:00 - 00103800 _____ (Cerulean Studios) C:\Program Files\Trillian\proxy.dll 2010-08-10 00:00 - 2010-08-10 00:00 - 00217088 _____ (Cerulean Studios) C:\Program Files\Trillian\list.dll 2010-08-10 00:00 - 2010-08-10 00:00 - 00499712 _____ (Cerulean Studios) C:\Program Files\Trillian\toolkit.dll 2010-08-10 00:00 - 2010-08-10 00:00 - 00315392 _____ (The University of New South Wales) C:\Program Files\Trillian\kdu_v43R.dll 2010-08-10 00:00 - 2010-08-10 00:00 - 00122880 _____ () C:\Program Files\Trillian\libpng13.dll 2010-08-10 00:00 - 2010-08-10 00:00 - 00127488 _____ (Independent JPEG Group <www.ijg.org>) C:\Program Files\Trillian\jpeg62.dll 2010-08-10 00:00 - 2010-08-10 00:00 - 00065536 _____ () C:\Program Files\Trillian\libungif.dll 2010-08-10 00:00 - 2010-08-10 00:00 - 00356352 _____ (Cerulean Studios) C:\Program Files\Trillian\buddy.dll 2010-08-10 00:00 - 2010-08-10 00:00 - 01118208 _____ (Cerulean Studios) C:\Program Files\Trillian\talk.dll 2007-04-30 00:00 - 2007-04-30 00:00 - 00011264 _____ () C:\Program Files\Trillian\languages\de\events.dll 2007-04-30 00:00 - 2007-04-30 00:00 - 00005632 _____ () C:\Program Files\Trillian\languages\de\proxy.dll 2007-04-30 00:00 - 2007-04-30 00:00 - 00004096 _____ () C:\Program Files\Trillian\languages\de\toolkit.dll 2007-04-30 00:00 - 2007-04-30 00:00 - 00011776 _____ () C:\Program Files\Trillian\languages\de\buddy.dll 2007-04-30 00:00 - 2007-04-30 00:00 - 00008704 _____ () C:\Program Files\Trillian\languages\de\talk.dll 2010-08-10 00:00 - 2010-08-10 00:00 - 00020856 _____ (Cerulean Studios) C:\Program Files\Trillian\plugins\upnp.dll 2010-08-10 00:00 - 2010-08-10 00:00 - 00062840 _____ (Cerulean Studios) C:\Program Files\Trillian\plugins\http.dll 2010-08-10 00:00 - 2010-08-10 00:00 - 00230776 _____ (Cerulean Studios) C:\Program Files\Trillian\plugins\at.dll 2010-08-10 00:00 - 2010-08-10 00:00 - 00562552 _____ (Cerulean Studios) C:\Program Files\Trillian\plugins\yahoo.dll 2007-04-30 00:00 - 2007-04-30 00:00 - 00019456 _____ () C:\Program Files\Trillian\languages\de\yahoo.dll 2010-08-10 00:00 - 2010-08-10 00:00 - 00450560 _____ (Cerulean Studios) C:\Program Files\Trillian\plugins\msn.dll 2007-04-30 00:00 - 2007-04-30 00:00 - 00014848 _____ () C:\Program Files\Trillian\languages\de\msn.dll 2010-08-10 00:00 - 2010-08-10 00:00 - 00872448 _____ (Cerulean Studios) C:\Program Files\Trillian\plugins\aim.dll 2007-04-30 00:00 - 2007-04-30 00:00 - 00055296 _____ () C:\Program Files\Trillian\languages\de\aim.dll 2010-08-10 00:00 - 2010-08-10 00:00 - 00488824 _____ (Cerulean Studios) C:\Program Files\Trillian\plugins\av.dll 2008-01-21 04:24 - 2008-01-21 04:24 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax 2006-11-02 10:55 - 2006-11-02 11:44 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\vidcap.ax 2009-08-18 20:06 - 2009-04-11 08:27 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\kswdmcap.ax 2008-07-10 07:37 - 2008-01-10 08:15 - 00100880 _____ (Syntek America Inc.) C:\Windows\system32\StkCProp.ax ==================== Alternate Data Streams (whitelisted) ========== AlternateDataStreams: C:\Users\Joanna\Downloads\bios - bios.mp3:TOC.WMV ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Cisco Systems Service: vpnva Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (09/09/2013 10:56:23 AM) (Source: Application Hang) (User: ) Description: Programm firefox.exe, Version 12.0.0.4493 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen. Prozess-ID: 7bc Anfangszeit: 01cead3673bc1d22 Zeitpunkt der Beendigung: 13126 Error: (09/09/2013 10:27:42 AM) (Source: RasClient) (User: ) Description: CoID={DBD3EA71-DAA3-4C29-9263-62689134A41E}: Der Benutzer "Joanna-PC\Joanna" hat eine Verbindung mit dem Namen "Vodafone Mobile Connect" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 797. Error: (09/09/2013 10:14:39 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/09/2013 10:14:11 AM) (Source: Application Error) (User: ) Description: Fehlerhafte Anwendung svchost.exe_ProfSvc, Version 6.0.6001.18000, Zeitstempel 0x47918b89, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x754d0080, Prozess-ID 0x438, Anwendungsstartzeit svchost.exe_ProfSvc0. Error: (09/09/2013 10:11:19 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/09/2013 10:00:55 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/09/2013 09:59:36 AM) (Source: Application Error) (User: ) Description: Fehlerhafte Anwendung svchost.exe_iphlpsvc, Version 6.0.6001.18000, Zeitstempel 0x47918b89, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x75d80080, Prozess-ID 0x444, Anwendungsstartzeit svchost.exe_iphlpsvc0. Error: (09/09/2013 07:29:38 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/08/2013 09:38:21 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/07/2013 05:02:36 PM) (Source: Application Hang) (User: ) Description: Programm Explorer.EXE, Version 6.0.6002.18005 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen. Prozess-ID: 480 Anfangszeit: 01ceab9939c432c8 Zeitpunkt der Beendigung: 114 System errors: ============= Error: (09/09/2013 11:14:35 AM) (Source: Service Control Manager) (User: ) Description: KLIF%%2 Error: (09/09/2013 11:14:35 AM) (Source: Service Control Manager) (User: ) Description: KLIF%%2 Error: (09/09/2013 11:09:57 AM) (Source: Service Control Manager) (User: ) Description: KLIF%%2 Error: (09/09/2013 11:09:56 AM) (Source: Service Control Manager) (User: ) Description: KLIF%%2 Error: (09/09/2013 11:00:02 AM) (Source: Service Control Manager) (User: ) Description: KLIF%%2 Error: (09/09/2013 11:00:02 AM) (Source: Service Control Manager) (User: ) Description: KLIF%%2 Error: (09/09/2013 10:19:23 AM) (Source: Service Control Manager) (User: ) Description: KLIF%%2 Error: (09/09/2013 10:19:23 AM) (Source: Service Control Manager) (User: ) Description: KLIF%%2 Error: (09/09/2013 10:18:39 AM) (Source: Service Control Manager) (User: ) Description: KLIF%%2 Error: (09/09/2013 10:18:39 AM) (Source: Service Control Manager) (User: ) Description: KLIF%%2 Microsoft Office Sessions: ========================= Error: (06/18/2012 09:59:22 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 46617 seconds with 6840 seconds of active time. This session ended with a crash. Error: (06/17/2012 04:05:59 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 17600 seconds with 3300 seconds of active time. This session ended with a crash. Error: (04/06/2012 06:31:56 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 15870 seconds with 4080 seconds of active time. This session ended with a crash. Error: (02/01/2012 09:54:28 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 17005 seconds with 1080 seconds of active time. This session ended with a crash. Error: (11/21/2011 00:45:41 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8453 seconds with 2040 seconds of active time. This session ended with a crash. Error: (11/06/2010 00:42:58 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 188 seconds with 180 seconds of active time. This session ended with a crash. CodeIntegrity Errors: =================================== Date: 2012-10-03 19:45:25.411 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-10-03 19:45:24.954 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-10-03 19:45:24.434 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-10-03 19:45:23.975 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-10-03 19:45:23.517 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-10-03 19:45:23.061 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-10-03 19:45:22.425 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-10-03 19:45:21.968 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-10-03 19:45:21.442 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-10-03 19:45:20.982 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Memory info =========================== Percentage of memory in use: 63% Total physical RAM: 3065.88 MB Available physical RAM: 1130.1 MB Total Pagefile: 6338.75 MB Available Pagefile: 3916.12 MB Total Virtual: 2047.88 MB Available Virtual: 1906.78 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:144.09 GB) (Free:62.59 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: () (Fixed) (Total:144 GB) (Free:85.73 GB) NTFS Drive e: (CB1313CD) (CDROM) (Total:0.65 GB) (Free:0 GB) UDF ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 298 GB) (Disk ID: D24C1D32) Partition 1: (Not Active) - (Size=10 GB) - (Type=27) Partition 2: (Active) - (Size=144 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=144 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
|
09.09.2013, 16:52
| #4 |
| /// the machine /// TB-Ausbilder | schwarzer Balken am unteren Rand des Bildschirms Hi, was ist Laufwerk E und F:?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu schwarzer Balken am unteren Rand des Bildschirms |
| andere, anderen, antivir, bilder, bildschirm, check, dauert, firefox, forum, google, guten, heute, interne, internet, internetseite, morgen, nicht mehr, nicht möglich, offen, richtig, schließe, schwarzer, schwarzer balken, seite, seiten, stunden, tan |
