| |
| |||||||
Log-Analyse und Auswertung: Win7 32bit-Alter Laptop: Malewarebytes zeigt an die 100 Funde anWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
10.09.2013, 16:00
| #1 |
 |  Win7 32bit-Alter Laptop: Malewarebytes zeigt an die 100 Funde an Hallihallo, letztens meinte meine Freundin, dass ihr Laptop sehr viel langsamer laufen wuerde, ich dachte sofort an Viren und machte mal einen Komplettscan mit Malewarebytes und jetzt kommt's: Malewarebytes hing sich irgendwann auf, nachdem es sage und schreibe fast 100 Funde verzeichnete.... ich war voellig geplaettet, ein wunder, dass der pc ueberhaupt noch funktioniert. Sie hatte ueber 4 Anti-Virenprogramme darauf installiert (genau....) und war wohl oefter auf gewissen kino-seiten... da war dann alles klar. Sie hat den Lappi wohl schon seit Jahren und hat sich nie um Antivirenprogramme etc. gekuemmert. Sie hatte allein 4 Gb temporaere Daten darauf. Hier die Scans und Logs, ich hoffe, dass noch was zu retten ist - sie nutzt ihn fuer die Uni und Neuaufsetzen waere wohl etwas zeitintensiv. Vielen Dank schonmal! defogger Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 13:49 on 02/09/2013 (Samira)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
HKCU:AlcoholAutomount -> Removed
Checking for services/drivers...
Unable to read sptd.sys
SPTD -> Disabled (Service running -> reboot required)
-=E.O.F=-
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 02-09-2013 04 Ran by Samira at 2013-09-02 14:06:45 Running from C:\Users\Samira\Desktop Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= Adobe Flash Player 11 Plugin (Version: 11.8.800.94) Adobe Reader X (10.1.3) - Deutsch (Version: 10.1.3) Artweaver Free 4 (Version: 4.0) avast! Free Antivirus (Version: 7.0.1474.0) Avira Free Antivirus (Version: 13.0.0.3885) Avira SearchFree Toolbar plus Web Protection (Version: 12.2.2.663) AVM FRITZ!DSL (Version: 2.04.03) CCleaner (Version: 3.17) D3DX10 (Version: 15.4.2368.0902) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Die Sims™ 3 Einfach tierisch: Erstelle ein Tier-Demo (Version: 1.0.24) Fotogalerie (Version: 16.4.3505.0912) GIMP 2.8.2 (Version: 2.8.2) Google Chrome (HKCU Version: 29.0.1547.57) Google Earth (Version: 7.1.1.1888) Google Update Helper (Version: 1.3.21.153) IB Updater Service (Version: 3.0.5.4) Intel(R) Graphics Media Accelerator Driver (Version: 8.15.10.1930) Intel(R) TV Wizard Internet Explorer Toolbar 4.6 by SweetPacks (Version: 4.6.0004) Java Auto Updater (Version: 2.0.7.2) Java(TM) 6 Update 37 (Version: 6.0.370) JDownloader 0.9 (Version: 0.9) Join Air (Version: 1.0.0.1) Kröt XS Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300) McAfee Security Scan Plus (Version: 3.0.207.4) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319) Microsoft .NET Framework 4.5 (Version: 4.5.50709) Microsoft Application Error Reporting (Version: 12.0.6012.5000) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (German) 2010 (Version: 14.0.6029.1000) Microsoft Office Excel MUI (German) 2010 (Version: 14.0.6029.1000) Microsoft Office Groove MUI (German) 2010 (Version: 14.0.6029.1000) Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.6029.1000) Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.6029.1000) Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.6029.1000) Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.6029.1000) Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000) Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000) Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000) Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000) Microsoft Office Proof (Italian) 2010 (Version: 14.0.6029.1000) Microsoft Office Proofing (German) 2010 (Version: 14.0.6029.1000) Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.6029.1000) Microsoft Office Shared MUI (German) 2010 (Version: 14.0.6029.1000) Microsoft Office Word MUI (German) 2010 (Version: 14.0.6029.1000) Microsoft Silverlight (Version: 5.1.20513.0) Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219) Movie Maker (Version: 16.4.3505.0912) Mozilla Firefox 23.0.1 (x86 de) (Version: 23.0.1) Mozilla Maintenance Service (Version: 23.0.1) MSVCRT (Version: 15.4.2862.0708) MSVCRT110 (Version: 16.4.1108.0727) OpenOffice.org 3.3 (Version: 3.3.9567) Pando Media Booster (Version: 2.6.0.8) PDFCreator (Version: 1.5.1) Photo Gallery (Version: 16.4.3505.0912) Sandboxie 3.74 (32-bit) (Version: 3.74) Skype™ 6.3 (Version: 6.3.107) SweetIM for Messenger 3.7 (Version: 3.7.0007) SweetPacks bundle uninstaller (Version: 1.0.0001) Update for Microsoft .NET Framework 4.5 (KB2750147) (Version: 1) Update for Microsoft .NET Framework 4.5 (KB2805221) (Version: 1) Update for Microsoft .NET Framework 4.5 (KB2805226) (Version: 1) Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition Update Manager for SweetPacks 1.1 (Version: 1.1.0008) Windows Live Communications Platform (Version: 16.4.3505.0912) Windows Live Essentials (Version: 16.4.3505.0912) Windows Live ID Sign-in Assistant (Version: 7.250.4311.0) Windows Live Installer (Version: 16.4.3505.0912) Windows Live Photo Common (Version: 16.4.3505.0912) Windows Live PIMT Platform (Version: 16.4.3505.0912) Windows Live SOXE (Version: 16.4.3505.0912) Windows Live SOXE Definitions (Version: 16.4.3505.0912) Windows Live UX Platform (Version: 16.4.3505.0912) Windows Live UX Platform Language Pack (Version: 16.4.3505.0912) WinZip 11.1 (Version: 11.1.7466) Yahoo! Detect ==================== Restore Points ========================= 20-08-2013 14:43:36 Windows Update 30-08-2013 19:04:30 Geplanter Prüfpunkt 31-08-2013 05:18:15 Windows Update 02-09-2013 11:54:18 Removed U2bviews Software 02-09-2013 11:56:34 Removed Norton Ghost. ==================== Hosts content: ========================== 2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {00E0092F-67D6-4F42-9F72-BD45809F5AB8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-272472105-3204116038-1883624732-1000UA => C:\Users\Samira\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-29] (Google Inc.) Task: {0D9B5D92-3A22-486D-A887-3AA21597CF27} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => start w32time task_started Task: {192B79B4-20E2-41BF-AF09-0C5B1B3F1F92} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2012-10-31] (AVAST Software) Task: {37D641F5-ADA7-4DDF-B15F-D8A895F005AD} - System32\Tasks\KMS Activation for Office => C:\Windows\KMSAct.exe [2010-07-07] () Task: {3AE8CA5D-7755-45DC-8150-0C73409277A3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-05-29] (Google Inc.) Task: {50055E14-63F6-4E4D-AE1E-FFE49FB51036} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-30] (Adobe Systems Incorporated) Task: {57C2FE8A-6FE6-4797-8246-6070B5229851} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-06-24] (Microsoft Corporation) Task: {6B3BB7BA-C346-44AD-9344-E76ED15860D5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-05-29] (Google Inc.) Task: {AD4C0E3E-5A38-4C70-9D80-D8D902D9E21E} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task Task: {C8AA1678-84D7-4D8F-828E-9C85A724D70F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-272472105-3204116038-1883624732-1000Core => C:\Users\Samira\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-29] (Google Inc.) Task: {F3BAE72A-EC2C-4E20-9271-FDCF84CF8CAB} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => start osppsvc Task: {F82DAF33-39BB-4E06-9282-D8DBB5A9EEB9} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-272472105-3204116038-1883624732-1000Core.job => C:\Users\Samira\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-272472105-3204116038-1883624732-1000UA.job => C:\Users\Samira\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2012-10-04 17:34 - 2012-10-04 17:34 - 00026968 ____R (SweetIM Technologies Ltd.) C:\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll 2006-07-11 19:35 - 2006-07-11 19:35 - 00348160 _____ (Microsoft Corporation) C:\Program Files\SweetIM\Messenger\MSVCR71.dll 2012-11-08 19:07 - 2012-10-31 00:50 - 00121528 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\ashShell.dll 2012-08-16 06:43 - 2012-08-16 06:43 - 04171424 _____ (Microsoft Corporation) C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL 2011-06-24 17:33 - 2011-06-24 17:33 - 00159048 _____ (Microsoft Corporation) C:\Windows\WinSxS\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.DLL 2011-03-17 00:11 - 2011-03-17 00:11 - 04297568 _____ () C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf 2010-10-29 04:01 - 2010-10-29 04:01 - 08953256 _____ (Microsoft Corporation) C:\PROGRA~1\MICROS~2\Office14\1031\GrooveIntlResource.dll 2009-07-14 01:22 - 2009-07-14 03:15 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\FunDisc.dll 2009-07-14 01:22 - 2009-07-14 03:15 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\fdproxy.dll 2007-04-11 11:10 - 2007-04-11 11:10 - 00010856 ____R (WinZip Computing, S.L.) C:\Program Files\WinZip\wzshlstb.dll 2009-07-14 01:53 - 2009-07-14 03:16 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\NetworkItemFactory.dll 2009-07-14 01:53 - 2009-07-14 03:15 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\dtsh.dll 2009-07-14 01:53 - 2009-07-14 03:15 - 00462848 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll 2009-07-14 01:53 - 2009-07-14 03:15 - 00081920 _____ (Microsoft Corporation) C:\Windows\System32\fdwcn.dll 2009-07-14 01:53 - 2009-07-14 03:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\System32\wcnapi.dll 2009-07-14 01:22 - 2009-07-14 03:15 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\fdWNet.dll 2009-07-14 01:37 - 2009-07-14 03:15 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\dfscli.dll 2012-08-15 22:44 - 2012-07-04 23:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll 2009-07-28 16:08 - 2009-07-28 16:08 - 00028472 _____ (AVM Berlin) C:\Program Files\FRITZ!DSL\sarah.dll 2009-07-28 16:06 - 2009-07-28 16:06 - 00082744 _____ (AVM Berlin) C:\Program Files\FRITZ!DSL\block.dll 2013-09-02 11:38 - 2013-08-31 20:31 - 00258104 _____ (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avsda.dll 2009-07-14 01:54 - 2009-07-14 03:09 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\rnr20.dll 2011-05-29 11:53 - 2010-11-20 14:21 - 00410624 _____ (Microsoft Corporation) C:\Windows\System32\systemcpl.dll 2009-07-14 01:18 - 2009-07-14 03:16 - 00012800 _____ (Microsoft Corporation) C:\Windows\System32\WINBRAND.dll 2011-05-29 11:53 - 2010-11-20 14:20 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\SPPC.DLL 2010-01-09 21:21 - 2010-01-09 21:21 - 00061824 _____ (Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\msohevi.dll 2013-09-02 11:38 - 2013-08-31 20:32 - 00154680 _____ (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\shlext.dll 2011-06-11 01:58 - 2011-06-11 01:58 - 04422992 _____ (Microsoft Corporation) C:\Windows\system32\mfc100u.dll 2011-06-11 01:58 - 2011-06-11 01:58 - 00773968 _____ (Microsoft Corporation) C:\Windows\system32\MSVCR100.dll 2011-06-11 01:58 - 2011-06-11 01:58 - 00421200 _____ (Microsoft Corporation) C:\Windows\system32\MSVCP100.dll 2011-06-11 01:58 - 2011-06-11 01:58 - 00064336 _____ (Microsoft Corporation) C:\Windows\system32\MFC100DEU.DLL 2012-11-08 19:07 - 2012-10-31 00:50 - 00236888 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\snxhk.dll 2009-09-23 18:49 - 2009-09-23 18:49 - 00094208 _____ (Intel Corporation) C:\Windows\System32\hccutils.DLL 2009-09-23 18:49 - 2009-09-23 18:49 - 00051712 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll 2009-09-23 18:52 - 2009-09-23 18:52 - 00303616 _____ (Intel Corporation) C:\Windows\system32\igfxrDEU.lrc 2009-09-23 18:48 - 2009-09-23 18:48 - 05702656 _____ (Intel Corporation) C:\Windows\System32\igfxress.dll 2013-05-27 10:56 - 2013-05-27 10:56 - 00382976 _____ () C:\Windows\System32\jmdp\lmrn.dll 2013-02-05 09:25 - 2013-02-05 09:25 - 00362029 _____ () C:\Windows\System32\jmdp\sqlite3.dll 2009-09-23 18:49 - 2009-09-23 18:49 - 00218112 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll 2012-11-08 19:07 - 2012-10-31 00:50 - 00027296 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\aswUtil.dll 2012-11-08 19:07 - 2012-10-31 00:50 - 00441352 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\ashBase.dll 2012-11-08 19:07 - 2012-10-31 00:50 - 00051000 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngLdr.dll 2012-11-08 19:07 - 2012-10-31 00:50 - 00099416 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\aswCmnOS.dll 2012-11-08 19:07 - 2012-10-31 00:50 - 00191568 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\aswCmnIS.dll 2012-11-08 19:07 - 2012-10-31 00:50 - 00347616 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\aswCmnBS.dll 2012-11-08 19:07 - 2012-10-31 00:50 - 00153976 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\ashTask.dll 2012-11-08 19:07 - 2012-10-31 00:50 - 00682384 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\aswAux.dll 2012-11-08 19:07 - 2012-10-31 00:50 - 00220944 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\aswLog.dll 2012-11-08 19:07 - 2012-10-31 00:50 - 00476360 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\aswSqLt.dll 2012-11-08 19:07 - 2012-10-31 00:50 - 00217848 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\aswProperty.dll 2012-11-08 19:07 - 2012-10-31 00:50 - 00120504 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\AavmRpch.dll 2011-06-24 17:33 - 2011-06-24 17:33 - 03781960 _____ (Microsoft Corporation) C:\Windows\WinSxS\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll 2011-06-24 17:33 - 2011-06-24 17:33 - 00063312 _____ (Microsoft Corporation) C:\Windows\WinSxS\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90DEU.DLL 2012-11-08 19:07 - 2012-10-31 00:51 - 00066944 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\1031\Base.dll 2012-11-08 19:07 - 2012-10-31 00:50 - 02162488 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\aswAra.dll 2012-11-08 19:07 - 2012-10-31 00:50 - 00191080 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\aswData.dll 2012-11-08 19:07 - 2012-10-31 00:50 - 00061800 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\ashTaskEx.dll 2012-11-08 19:07 - 2012-10-31 00:50 - 00368752 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\Aavm4h.dll 2012-11-08 19:07 - 2012-10-31 00:51 - 00235376 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\1031\UILangRes.dll 2012-11-08 19:07 - 2012-10-31 00:50 - 06439048 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\CommonRes.dll 2013-09-02 10:17 - 2013-08-19 15:26 - 00042688 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\defs\13090200\uiExt.dll 2012-10-04 17:35 - 2012-10-04 17:35 - 00299352 ____R (SweetIM Technologies Ltd.) C:\Program Files\SweetIM\Messenger\mgUpdateSupport.dll 2012-10-04 17:35 - 2012-10-04 17:35 - 00098648 ____R (SweetIM Technologies Ltd.) C:\Program Files\SweetIM\Messenger\mgsimcommon.dll 2012-10-04 17:34 - 2012-10-04 17:34 - 00516440 ____R (SweetIM Technologies Ltd.) C:\Program Files\SweetIM\Messenger\mgcommon.dll 2006-07-11 19:35 - 2006-07-11 19:35 - 00503808 _____ (Microsoft Corporation) C:\Program Files\SweetIM\Messenger\MSVCP71.dll 2012-10-04 17:34 - 2012-10-04 17:34 - 00036696 ____R (SweetIM Technologies Ltd.) C:\Program Files\SweetIM\Messenger\mgcommunication.dll 2012-10-04 17:34 - 2012-10-04 17:34 - 00168280 ____R (SweetIM Technologies Ltd.) C:\Program Files\SweetIM\Messenger\mghooking.dll 2012-10-04 17:35 - 2012-10-04 17:35 - 00074072 ____R (SweetIM Technologies Ltd.) C:\Program Files\SweetIM\Messenger\mgxml_wrapper.dll 2012-10-04 17:34 - 2012-10-04 17:34 - 00065880 ____R (SweetIM Technologies Ltd.) C:\Program Files\SweetIM\Messenger\mgconfig.dll 2012-08-15 20:08 - 2012-08-15 20:08 - 00650584 ____R (SweetIM Technologies Ltd.) C:\Program Files\SweetIM\Communicator\mgcommon.dll 2012-08-15 20:08 - 2012-08-15 20:08 - 00061272 _____ (SweetIM Technologies Ltd.) C:\Program Files\SweetIM\Communicator\mgxml_wrapper.dll 2012-08-15 20:08 - 2012-08-15 20:08 - 00041304 _____ (SweetIM Technologies Ltd.) C:\Program Files\SweetIM\Communicator\mgcommunication.dll 2012-08-15 20:08 - 2012-08-15 20:08 - 00071512 _____ (SweetIM Technologies Ltd.) C:\Program Files\SweetIM\Communicator\mgsimcommon.dll 2013-08-20 16:44 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2012-11-08 19:07 - 2012-10-31 00:50 - 00126160 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\aswJsFlt.dll 2011-05-29 11:53 - 2010-11-20 14:19 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\LOGONCLI.DLL 2012-08-15 22:44 - 2012-07-04 23:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\BROWCLI.DLL 2013-09-02 11:38 - 2013-08-31 20:31 - 00739384 _____ (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\ccwkrlib.dll 2013-09-02 11:38 - 2013-08-31 20:31 - 00054840 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\cfglib.dll 2013-09-02 11:38 - 2013-08-31 20:31 - 00349752 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\ccguard.dll 2013-09-02 11:38 - 2013-08-31 20:31 - 00030432 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\ccgrdrc.dll 2013-09-02 11:38 - 2013-08-31 20:31 - 00229432 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\ccgrdw.dll 2013-09-02 11:38 - 2013-08-31 20:31 - 00378424 _____ (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\grdcore.dll 2013-09-02 11:38 - 2013-08-31 20:31 - 00218168 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\gpipc.dll 2013-09-02 11:38 - 2013-08-31 20:31 - 00059448 _____ (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avipc.dll 2013-09-02 11:38 - 2013-08-31 20:31 - 00418872 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\ccwgrd.dll 2013-09-02 11:38 - 2013-08-31 20:31 - 00026168 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\ccwgrdrc.dll 2013-09-02 11:38 - 2013-08-31 20:31 - 00127544 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\ccwgrdw.dll 2013-09-02 11:38 - 2013-08-31 20:31 - 00790584 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\ccgen.dll 2013-09-02 11:38 - 2013-08-31 20:31 - 00049208 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\ccgenrc.dll 2013-09-02 11:38 - 2013-08-31 20:31 - 00219192 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\ccupdate.dll 2013-09-02 11:38 - 2013-08-31 20:31 - 00029472 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\ccupdrc.dll 2013-09-02 11:38 - 2013-08-31 20:31 - 00082488 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\cclic.dll 2013-09-02 11:38 - 2013-08-31 20:31 - 00011632 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\cclicrc.dll 2013-09-02 11:38 - 2013-08-31 20:31 - 00207928 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\ccmsg.dll 2013-09-02 11:38 - 2013-08-31 20:31 - 00010608 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\ccmsgrc.dll 2013-09-02 11:38 - 2013-08-31 20:31 - 04780832 _____ (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\rcimage.dll 2013-09-02 11:38 - 2013-08-31 20:31 - 00016240 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\ccmainrc.dll 2013-09-02 11:38 - 2013-08-31 20:31 - 00212536 _____ (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\ccupdw.dll 2012-08-25 22:27 - 2012-08-25 22:27 - 00316688 _____ (SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieDll.dll 2011-05-29 11:53 - 2010-11-20 14:20 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll 2011-05-29 11:53 - 2010-11-20 14:19 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll 2009-09-23 19:14 - 2009-09-23 19:14 - 00536576 _____ (Intel Corporation) C:\Windows\system32\igdumdx32.dll 2009-09-23 19:18 - 2009-09-23 19:18 - 03829760 _____ (Intel Corporation) C:\Windows\system32\igdumd32.dll 2012-11-08 19:07 - 2012-10-31 00:50 - 00140104 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\AhAScr.dll 2012-11-08 19:07 - 2012-10-31 00:50 - 00347616 _____ (AVAST Software) C:\PROGRA~1\AVASTS~1\Avast\aswCmnBS.dll 2012-11-08 19:07 - 2012-10-31 00:50 - 00099416 _____ (AVAST Software) C:\PROGRA~1\AVASTS~1\Avast\aswCmnOS.dll 2012-11-08 19:07 - 2012-10-31 00:50 - 00191568 _____ (AVAST Software) C:\PROGRA~1\AVASTS~1\Avast\aswCmnIS.dll 2012-11-08 19:07 - 2012-10-31 00:50 - 00368752 _____ (AVAST Software) C:\PROGRA~1\AVASTS~1\Avast\Aavm4h.dll 2012-11-08 19:07 - 2012-10-31 00:50 - 00120504 _____ (AVAST Software) C:\PROGRA~1\AVASTS~1\Avast\AavmRpch.dll 2012-11-08 19:07 - 2012-10-31 00:50 - 00441352 _____ (AVAST Software) C:\PROGRA~1\AVASTS~1\Avast\ashBase.dll 2012-11-08 19:07 - 2012-10-31 00:50 - 00051000 _____ (AVAST Software) C:\PROGRA~1\AVASTS~1\Avast\aswEngLdr.dll 2012-11-08 19:07 - 2012-10-31 00:50 - 00153976 _____ (AVAST Software) C:\PROGRA~1\AVASTS~1\Avast\ashTask.dll 2012-11-08 19:07 - 2012-10-31 00:50 - 00682384 _____ (AVAST Software) C:\PROGRA~1\AVASTS~1\Avast\aswAux.dll 2012-11-08 19:07 - 2012-10-31 00:50 - 00217848 _____ (AVAST Software) C:\PROGRA~1\AVASTS~1\Avast\aswProperty.dll 2013-08-20 16:44 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-02-27 10:44 - 2013-01-13 22:22 - 01988096 _____ (Microsoft Corporation) C:\Windows\system32\D3D10Warp.dll 2009-07-28 16:07 - 2009-07-28 16:07 - 00068408 _____ (AVM Berlin) C:\Program Files\FRITZ!DSL\fireapi.dll 2009-07-28 16:07 - 2009-07-28 16:07 - 00064312 _____ (AVM Berlin) C:\Program Files\FRITZ!DSL\igdapi.dll 2009-07-28 16:06 - 2009-07-28 16:06 - 00260408 _____ (AVM Berlin) C:\Program Files\FRITZ!DSL\avmcsock.dll 2009-07-28 16:06 - 2009-07-28 16:06 - 00036152 _____ (AVM Berlin) C:\Program Files\FRITZ!DSL\avmufc.dll 2011-06-24 17:33 - 2011-06-24 17:33 - 03766600 _____ (Microsoft Corporation) C:\Windows\WinSxS\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90.dll 1999-03-11 14:15 - 1999-03-11 14:15 - 00037632 _____ (Microsoft Corporation) C:\Program Files\FRITZ!DSL\SHFOLDER.dll 2011-05-29 11:53 - 2010-11-20 14:18 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll 2009-07-14 02:12 - 2009-07-14 03:14 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx 2013-08-22 21:17 - 2013-08-16 05:20 - 47067600 _____ (Google Inc.) C:\Users\Samira\AppData\Local\Google\Chrome\Application\29.0.1547.57\chrome.dll 2013-08-22 21:17 - 2013-08-16 05:20 - 09962960 _____ (The ICU Project) C:\Users\Samira\AppData\Local\Google\Chrome\Application\29.0.1547.57\icudt.dll 2011-01-17 16:19 - 2011-05-31 19:50 - 01740800 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\URE\bin\sal3.dll 2010-11-19 18:46 - 2011-05-31 19:50 - 00086016 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\URE\bin\uwinapi.dll 2010-12-13 16:23 - 2011-05-31 19:50 - 00379904 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\sofficeapp.dll 2011-01-17 16:19 - 2011-05-31 19:50 - 01033728 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\comphelp4MSC.dll 2010-11-19 18:45 - 2011-05-31 19:50 - 00432128 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\URE\bin\cppuhelper3MSC.dll 2010-11-19 18:45 - 2011-05-31 19:50 - 00013312 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\URE\bin\salhelper3MSC.dll 2010-11-19 18:45 - 2011-05-31 19:50 - 00142848 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\URE\bin\cppu3.dll 2010-11-19 18:46 - 2011-05-31 19:50 - 00597504 _____ (STLport Consulting, Inc.) C:\Program Files\OpenOffice.org 3\URE\bin\stlport_vc7145.dll 2010-11-19 18:46 - 2011-05-31 19:50 - 00358912 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\ucbhelper4MSC.dll 2010-11-19 18:46 - 2011-05-31 19:50 - 00094208 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\vos3MSC.dll 2011-01-17 16:19 - 2011-05-31 19:50 - 00135680 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\deploymentmiscmi.dll 2011-01-17 16:19 - 2011-05-31 19:50 - 00832000 _____ (Oracle) C:\Program Files\OpenOffice.org 3\program\libdb47.dll 2011-01-17 16:19 - 2011-05-31 19:50 - 00529408 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\tlmi.dll 2011-01-17 16:19 - 2011-05-31 19:50 - 00700928 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\basegfxmi.dll 2010-11-19 18:45 - 2011-05-31 19:50 - 00026112 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\i18nisolang1MSC.dll 2011-01-17 16:19 - 2011-05-31 19:50 - 00958464 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\utlmi.dll 2010-11-19 18:46 - 2011-05-31 19:50 - 00531456 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\xcrmi.dll 2011-01-17 16:19 - 2011-05-31 19:50 - 03234816 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\sfxmi.dll 2010-12-13 16:22 - 2011-05-31 19:50 - 00869888 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\fwemi.dll 2010-12-13 16:22 - 2011-05-31 19:50 - 00311296 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\fwimi.dll 2010-12-13 16:23 - 2011-05-31 19:50 - 02863616 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\svtmi.dll 2011-01-17 16:19 - 2011-05-31 19:50 - 02186752 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\tkmi.dll 2011-01-17 16:19 - 2011-05-31 19:50 - 03266560 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\vclmi.dll 2010-11-19 18:46 - 2011-05-31 19:50 - 00256000 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\sotmi.dll 2010-11-19 18:45 - 2011-05-31 19:50 - 00029184 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\i18npapermi.dll 2010-11-19 18:45 - 2011-05-31 19:50 - 00066560 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\i18nutilMSC.dll 2010-11-19 18:45 - 2011-05-31 19:50 - 00951296 _____ (IBM Corporation and others) C:\Program Files\OpenOffice.org 3\program\icuuc40.dll 2010-11-19 18:45 - 2011-05-31 19:50 - 13914112 _____ (IBM Corporation and others) C:\Program Files\OpenOffice.org 3\program\icudt40.dll 2011-01-17 16:19 - 2011-05-31 19:50 - 00777216 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\svlmi.dll 2010-11-19 18:45 - 2011-05-31 19:50 - 00092160 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\URE\bin\jvmfwk3.dll 2011-01-17 16:19 - 2011-05-31 19:50 - 00985088 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll 2011-01-17 16:19 - 2011-05-31 19:50 - 01577984 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\sbmi.dll 2010-11-19 12:42 - 2010-11-19 12:42 - 00083456 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\saxmi.dll 2010-11-19 18:45 - 2011-05-31 19:50 - 00051712 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\URE\bin\msci_uno.dll 2010-11-19 18:45 - 2011-05-31 19:50 - 00452608 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\URE\bin\bootstrap.uno.dll 2010-11-19 18:45 - 2011-05-31 19:50 - 00092672 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\URE\bin\reg3.dll 2010-11-19 18:46 - 2011-05-31 19:50 - 00053248 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\URE\bin\store3.dll 2010-11-19 18:45 - 2011-05-31 19:50 - 00396800 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\configmgr.uno.dll 2010-12-13 16:22 - 2011-05-31 19:50 - 00024064 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\localebe1.uno.dll 2010-11-19 18:46 - 2011-05-31 19:50 - 00092672 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\URE\bin\stocservices.uno.dll 2010-11-19 18:46 - 2011-05-31 19:50 - 00212992 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\ucb1.dll 2010-12-13 16:22 - 2011-05-31 19:50 - 01649152 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\fwkmi.dll 2011-01-17 16:19 - 2011-05-31 19:50 - 00257024 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\ucpfile1.dll 2011-01-17 16:19 - 2011-05-31 19:50 - 01317376 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\i18npool.uno.dll 2010-11-19 18:45 - 2011-05-31 19:50 - 01071616 _____ (IBM Corporation and others) C:\Program Files\OpenOffice.org 3\program\icuin40.dll 2010-12-13 16:22 - 2011-05-31 19:50 - 00083968 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\oooimprovementmi.dll 2010-12-13 16:22 - 2011-05-31 19:50 - 00287232 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\oleautobridge.uno.dll 2010-11-19 18:45 - 2011-05-31 19:50 - 00148480 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\emsermi.dll 2013-08-22 21:17 - 2013-08-16 03:23 - 03231688 _____ (Microsoft Corporation) C:\Users\Samira\AppData\Local\Google\Chrome\Application\29.0.1547.57\D3DCompiler_46.dll 2013-08-22 21:17 - 2013-08-16 05:20 - 00709584 _____ () C:\Users\Samira\AppData\Local\Google\Chrome\Application\29.0.1547.57\libglesv2.dll 2013-08-22 21:17 - 2013-08-16 05:20 - 00099792 _____ () C:\Users\Samira\AppData\Local\Google\Chrome\Application\29.0.1547.57\libegl.dll 2013-08-22 21:17 - 2013-08-16 05:21 - 04053456 _____ () C:\Users\Samira\AppData\Local\Google\Chrome\Application\29.0.1547.57\pdf.dll 2013-08-22 21:18 - 2013-08-16 05:21 - 00410576 _____ () C:\Users\Samira\AppData\Local\Google\Chrome\Application\29.0.1547.57\ppGoogleNaClPluginChrome.dll 2013-08-22 21:17 - 2013-08-16 05:20 - 02110928 _____ (Google Inc.) C:\Users\Samira\AppData\Local\Google\Chrome\Application\29.0.1547.57\libpeerconnection.dll 2013-08-22 21:17 - 2013-08-16 05:20 - 01604560 _____ () C:\Users\Samira\AppData\Local\Google\Chrome\Application\29.0.1547.57\ffmpegsumo.dll 2011-08-11 12:51 - 2011-05-04 06:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll 2011-05-29 11:53 - 2010-11-20 14:19 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\MAPI32.dll ==================== Alternate Data Streams (whitelisted) ========== AlternateDataStreams: C:\Users\Samira\Documents\Thumbs.db:encryptable ==================== Faulty Device Manager Devices ============= Name: Massenspeichercontroller Description: Massenspeichercontroller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (09/02/2013 01:59:20 PM) (Source: Automatic LiveUpdate Scheduler) (User: Samira-PC) Description: errorEntfernung des Dienstes aus der Registrierung fehlgeschlagen. Error: (09/02/2013 01:33:38 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: VProSvc.exe, Version: 15.0.1.36526, Zeitstempel: 0x4b8e6c9a Name des fehlerhaften Moduls: VProSvc.exe, Version: 15.0.1.36526, Zeitstempel: 0x4b8e6c9a Ausnahmecode: 0xc0000005 Fehleroffset: 0x0006272b ID des fehlerhaften Prozesses: 0x7a0 Startzeit der fehlerhaften Anwendung: 0xVProSvc.exe0 Pfad der fehlerhaften Anwendung: VProSvc.exe1 Pfad des fehlerhaften Moduls: VProSvc.exe2 Berichtskennung: VProSvc.exe3 Error: (09/02/2013 01:33:36 PM) (Source: Norton Ghost) (User: ) Description: Fehler EC8F1780: Die Änderungen seit der letzten Sitzung können nicht ordnungsgemäß abgestimmt werden. Fehler EC8F1771: Die aktuellen Laufwerke auf diesem System können nicht aufgelistet werden. Fehler E0BB0147: Operation 'Snap Volume' ist derzeit nicht für Volume aktiviert. (UMI:V-281-3215-6016) Details: Quelle: Norton Ghost Error: (08/22/2013 00:24:46 AM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: VProSvc.exe, Version: 15.0.1.36526, Zeitstempel: 0x4b8e6c9a Name des fehlerhaften Moduls: VProSvc.exe, Version: 15.0.1.36526, Zeitstempel: 0x4b8e6c9a Ausnahmecode: 0xc0000005 Fehleroffset: 0x0006272b ID des fehlerhaften Prozesses: 0x16c Startzeit der fehlerhaften Anwendung: 0xVProSvc.exe0 Pfad der fehlerhaften Anwendung: VProSvc.exe1 Pfad des fehlerhaften Moduls: VProSvc.exe2 Berichtskennung: VProSvc.exe3 Error: (08/22/2013 00:24:45 AM) (Source: Norton Ghost) (User: ) Description: Fehler EC8F1780: Die Änderungen seit der letzten Sitzung können nicht ordnungsgemäß abgestimmt werden. Fehler EC8F1771: Die aktuellen Laufwerke auf diesem System können nicht aufgelistet werden. Fehler E0BB0147: Operation 'Snap Volume' ist derzeit nicht für Volume aktiviert. (UMI:V-281-3215-6016) Details: Quelle: Norton Ghost Error: (07/25/2013 02:59:55 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 22.0.0.4917, Zeitstempel: 0x51c06b1b Name des fehlerhaften Moduls: xul.dll, Version: 22.0.0.4917, Zeitstempel: 0x51c06a5b Ausnahmecode: 0xc0000005 Fehleroffset: 0x00173668 ID des fehlerhaften Prozesses: 0xc08 Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0 Pfad der fehlerhaften Anwendung: firefox.exe1 Pfad des fehlerhaften Moduls: firefox.exe2 Berichtskennung: firefox.exe3 Error: (07/20/2013 05:34:53 PM) (Source: .NET Runtime Optimization Service) (User: ) Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.Data.SqlXml, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=msil". The error returned was Error: The specified assembly is not installed. . Error: (07/19/2013 03:06:42 PM) (Source: .NET Runtime Optimization Service) (User: ) Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.Data.Linq, Version=3.5.0.0, Culture=Neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=msil". The error returned was Error: The specified assembly is not installed. . Error: (06/18/2013 10:29:17 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: SweetPacksUpdateManager.exe, Version: 1.1.0.8, Zeitstempel: 0x502bc905 Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b96f Ausnahmecode: 0xc0000005 Fehleroffset: 0x00039342 ID des fehlerhaften Prozesses: 0xaa0 Startzeit der fehlerhaften Anwendung: 0xSweetPacksUpdateManager.exe0 Pfad der fehlerhaften Anwendung: SweetPacksUpdateManager.exe1 Pfad des fehlerhaften Moduls: SweetPacksUpdateManager.exe2 Berichtskennung: SweetPacksUpdateManager.exe3 Error: (06/06/2013 11:06:16 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: Updater.exe, Version: 6.1.1.44121, Zeitstempel: 0x50ec1733 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x008300c4 ID des fehlerhaften Prozesses: 0xc98 Startzeit der fehlerhaften Anwendung: 0xUpdater.exe0 Pfad der fehlerhaften Anwendung: Updater.exe1 Pfad des fehlerhaften Moduls: Updater.exe2 Berichtskennung: Updater.exe3 System errors: ============= Error: (09/02/2013 01:53:38 PM) (Source: DCOM) (User: ) Description: {995C996E-D918-4A8C-A302-45719A6F4EA7} Error: (09/02/2013 01:52:18 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (09/02/2013 01:52:18 PM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Live ID Sign-in Assistant erreicht. Error: (09/02/2013 01:51:57 PM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SysMain erreicht. Error: (09/02/2013 01:36:39 PM) (Source: Service Control Manager) (User: ) Description: Dienst "Sandboxie Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (09/02/2013 01:34:45 PM) (Source: DCOM) (User: ) Description: {7D1933CB-86F6-4A98-8628-01BE94C9A575} Error: (09/02/2013 01:34:15 PM) (Source: VDS Basic Provider) (User: ) Description: Unerwarteter Fehler. Fehlercode: 490@01010004 Error: (09/02/2013 01:34:13 PM) (Source: VDS Basic Provider) (User: ) Description: Unerwarteter Fehler. Fehlercode: 490@01010004 Error: (09/02/2013 01:34:11 PM) (Source: VDS Basic Provider) (User: ) Description: Unerwarteter Fehler. Fehlercode: 490@01010004 Error: (09/02/2013 01:33:55 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Norton Ghost" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts. Microsoft Office Sessions: ========================= Error: (09/02/2013 01:59:20 PM) (Source: Automatic LiveUpdate Scheduler)(User: Samira-PC) Description: errorEntfernung des Dienstes aus der Registrierung fehlgeschlagen. Error: (09/02/2013 01:33:38 PM) (Source: Application Error)(User: ) Description: VProSvc.exe15.0.1.365264b8e6c9aVProSvc.exe15.0.1.365264b8e6c9ac00000050006272b7a001cea7cfde30df56C:\Program Files\Norton Ghost\Agent\VProSvc.exeC:\Program Files\Norton Ghost\Agent\VProSvc.exe82279f62-13c3-11e3-ba01-001a80b9ad9a Error: (09/02/2013 01:33:36 PM) (Source: Norton Ghost)(User: ) Description: Fehler EC8F1780: Die Änderungen seit der letzten Sitzung können nicht ordnungsgemäß abgestimmt werden. Fehler EC8F1771: Die aktuellen Laufwerke auf diesem System können nicht aufgelistet werden. Fehler E0BB0147: Operation 'Snap Volume' ist derzeit nicht für Volume aktiviert. (UMI:V-281-3215-6016) Details: Quelle: Norton Ghost Error: (08/22/2013 00:24:46 AM) (Source: Application Error)(User: ) Description: VProSvc.exe15.0.1.365264b8e6c9aVProSvc.exe15.0.1.365264b8e6c9ac00000050006272b16c01ce9ebcca76d541C:\Program Files\Norton Ghost\Agent\VProSvc.exeC:\Program Files\Norton Ghost\Agent\VProSvc.exe7b768abe-0ab0-11e3-bc70-001a80b9ad9a Error: (08/22/2013 00:24:45 AM) (Source: Norton Ghost)(User: ) Description: Fehler EC8F1780: Die Änderungen seit der letzten Sitzung können nicht ordnungsgemäß abgestimmt werden. Fehler EC8F1771: Die aktuellen Laufwerke auf diesem System können nicht aufgelistet werden. Fehler E0BB0147: Operation 'Snap Volume' ist derzeit nicht für Volume aktiviert. (UMI:V-281-3215-6016) Details: Quelle: Norton Ghost Error: (07/25/2013 02:59:55 PM) (Source: Application Error)(User: ) Description: firefox.exe22.0.0.491751c06b1bxul.dll22.0.0.491751c06a5bc000000500173668c0801ce8933a88fdcc3C:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Mozilla Firefox\xul.dll19d3a325-f52a-11e2-8b5d-001a80b9ad9a Error: (07/20/2013 05:34:53 PM) (Source: .NET Runtime Optimization Service)(User: ) Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.Data.SqlXml, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=msil". The error returned was Error: The specified assembly is not installed. . Error: (07/19/2013 03:06:42 PM) (Source: .NET Runtime Optimization Service)(User: ) Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.Data.Linq, Version=3.5.0.0, Culture=Neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=msil". The error returned was Error: The specified assembly is not installed. . Error: (06/18/2013 10:29:17 PM) (Source: Application Error)(User: ) Description: SweetPacksUpdateManager.exe1.1.0.8502bc905ole32.dll6.1.7601.175144ce7b96fc000000500039342aa001ce6c62615f171bC:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exeC:\Windows\system32\ole32.dllbf1f9183-d855-11e2-9981-001a80b9ad9a Error: (06/06/2013 11:06:16 PM) (Source: Application Error)(User: ) Description: Updater.exe6.1.1.4412150ec1733unknown0.0.0.000000000c0000005008300c4c9801ce62f979bd4d99C:\Program Files\Skype\Updater\Updater.exeunknownec8bc23e-ceec-11e2-8ae6-001a80b9ad9a ==================== Memory info =========================== Percentage of memory in use: 47% Total physical RAM: 3062.43 MB Available physical RAM: 1612.59 MB Total Pagefile: 6123.15 MB Available Pagefile: 4554.08 MB Total Virtual: 2047.88 MB Available Virtual: 1898.02 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:93.54 GB) (Free:58.21 GB) NTFS Drive d: () (Fixed) (Total:92.68 GB) (Free:47.51 GB) NTFS Drive f: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 186 GB) (Disk ID: D5A56E96) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=93 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=94 GB) - (Type=07 NTFS) ==================== End Of Log ============================ Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-09-2013 04
Ran by Samira (administrator) on SAMIRA-PC on 02-09-2013 14:05:19
Running from C:\Users\Samira\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
() C:\Windows\system32\dmwu.exe
(AVM Berlin) C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
(StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
() C:\Program Files\Join Air\AssistantServices.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Windows\System32\jmdp\stij.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
() C:\Program Files\Join Air\UIExec.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(SweetIM Technologies Ltd.) C:\Program Files\SweetIM\Messenger\SweetIM.exe
(SweetIM Technologies Ltd.) C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(APN) C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieCtrl.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Google Inc.) C:\Users\Samira\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(AVM Berlin) C:\Program Files\FRITZ!DSL\FwebProt.exe
(AVM Berlin) C:\Program Files\FRITZ!DSL\StCenter.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WZQKPICK.EXE
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(Google Inc.) C:\Users\Samira\AppData\Local\Google\Chrome\Application\chrome.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Google Inc.) C:\Users\Samira\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Samira\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Samira\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [UIExec] - C:\Program Files\Join Air\UIExec.exe [132608 2009-08-31] ()
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254896 2012-09-17] (Sun Microsystems, Inc.)
HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4297136 2012-10-31] (AVAST Software)
HKLM\...\Run: [SweetIM] - C:\Program Files\SweetIM\Messenger\SweetIM.exe [115032 2012-10-04] (SweetIM Technologies Ltd.)
HKLM\...\Run: [Sweetpacks Communicator] - C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe [231768 2012-08-15] (SweetIM Technologies Ltd.)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [345144 2013-08-31] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [ApnTBMon] - C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1558480 2013-07-26] (APN)
HKCU\...\Run: [Google Update] - C:\Users\Samira\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-05-29] (Google Inc.)
HKCU\...\Run: [SandboxieControl] - C:\Program Files\Sandboxie\SbieCtrl.exe [545552 2012-08-25] (SANDBOXIE L.T.D)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [18678376 2013-04-19] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Protect.lnk
ShortcutTarget: FRITZ!DSL Protect.lnk -> C:\Program Files\FRITZ!DSL\FwebProt.exe (AVM Berlin)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Startcenter.lnk
ShortcutTarget: FRITZ!DSL Startcenter.lnk -> C:\Windows\Installer\{74A929E2-FBD8-4736-A84E-2ABBB2ABADF2}\Icon2457326B4.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
ShortcutTarget: WinZip Quick Pick.lnk -> C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)
Startup: C:\Users\Samira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
URLSearchHook: SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
SearchScopes: HKCU - DefaultScope {5B6504A2-1C11-4EBA-8D17-99847B74179F} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {5B6504A2-1C11-4EBA-8D17-99847B74179F} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: SweetPacks Browser Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM - Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKCU -SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 09 C:\Program Files\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)
Winsock: Catalog9 02 C:\Program Files\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)
Winsock: Catalog9 09 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 10 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 11 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 12 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 13 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 14 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 15 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 16 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 17 C:\Program Files\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)
Winsock: Catalog9 18 C:\Program Files\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)
Winsock: Catalog9 22 C:\Program Files\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)
Winsock: Catalog9 23 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Samira\AppData\Roaming\Mozilla\Firefox\Profiles\umm3zol9.default
FF Homepage: hxxp://avira.search.ask.com/?p2=%5EB0Q%5EYYYYYY%5EYY%5EDE&gct=hp&o=APN11074&apn_ptnrs=%5EB0Q&apn_dtid=%5EYYYYYY%5EYY%5EDE&tpid=AVIRA-V7&apn_dbr=ff_23.0&trgb=ALL&apn_uid=FF173598-7895-4B64-9B4E-BCDA61705533&itbv=12.2.2.663&doi=2013-09-02&psv=
FF SelectedSearchEngine: Ask Search
FF SearchEngineOrder.1: Ask Search
FF DefaultSearchEngine: Ask Search
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=1.6.0_37 - C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Samira\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Samira\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Samira\AppData\Roaming\Mozilla\Firefox\Profiles\umm3zol9.default\searchplugins\ask-search.xml
FF SearchPlugin: C:\Users\Samira\AppData\Roaming\Mozilla\Firefox\Profiles\umm3zol9.default\searchplugins\MyStart.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: toolbar_AVIRA-V7 - C:\Users\Samira\AppData\Roaming\Mozilla\Firefox\Profiles\umm3zol9.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi
Chrome:
=======
CHR HomePage: hxxp://www.google.de/
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\Samira\AppData\Local\Google\Chrome\Application\29.0.1547.57\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Samira\AppData\Local\Google\Chrome\Application\29.0.1547.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Samira\AppData\Local\Google\Chrome\Application\29.0.1547.57\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U37) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Pando Web Plugin) - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Java Deployment Toolkit 6.0.370.6) - C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (Avira SearchFree Toolbar plus Web Protection) - C:\Users\Samira\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh\20.53263_0
CHR Extension: (YouTube) - C:\Users\Samira\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Samira\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (AdBlock) - C:\Users\Samira\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.6_0
CHR Extension: (avast! WebRep) - C:\Users\Samira\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0
CHR Extension: (SweetIM for Facebook) - C:\Users\Samira\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Samira\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: (Gmail) - C:\Users\Samira\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx
CHR HKLM\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
CHR HKLM\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\Samira\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx
CHR StartMenuInternet: Google Chrome - C:\Users\Samira\AppData\Local\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-08-31] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-08-31] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [589368 2013-08-31] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [168400 2013-07-26] (APN LLC.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44808 2012-10-31] (AVAST Software)
R2 IBUpdaterService; C:\Windows\system32\dmwu.exe [1167152 2013-05-21] ()
R2 IGDCTRL; C:\Program Files\FRITZ!DSL\IGDCTRL.EXE [73528 2009-07-28] (AVM Berlin)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe [237008 2011-06-17] (McAfee, Inc.)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [85776 2012-08-25] (SANDBOXIE L.T.D)
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software)
R2 UI Assistant Service; C:\Program Files\Join Air\AssistantServices.exe [241664 2009-08-31] ()
S3 GenericMount Helper Service; "C:\Program Files\Norton Ghost\Shared\Drivers\GenericMountHelper.exe" [x]
S3 SymSnapService; "C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe" [x]
==================== Drivers (Whitelisted) ====================
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [21256 2012-10-31] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [58680 2012-10-31] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [44784 2012-10-15] (AVAST Software)
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [738504 2012-10-31] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [361032 2012-10-31] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [54232 2012-10-31] (AVAST Software)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [84744 2013-08-31] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135136 2013-08-31] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-08-31] (Avira Operations GmbH & Co. KG)
R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
S3 GenericMount; C:\Windows\System32\DRIVERS\GenericMount.sys [57840 2010-02-12] (Symantec Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [157776 2012-08-25] (SANDBOXIE L.T.D)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [436792 2011-05-30] (Duplex Secure Ltd.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-08-31] (Avira GmbH)
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2009-09-19] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2009-09-19] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2009-09-19] (MCCI Corporation)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
U2 V2iMount;
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-02 14:04 - 2013-09-02 14:04 - 01085803 _____ (Farbar) C:\Users\Samira\Desktop\FRST.exe
2013-09-02 13:49 - 2013-09-02 13:49 - 00000204 _____ C:\Users\Samira\defogger_reenable
2013-09-02 13:47 - 2013-09-02 13:47 - 00050477 _____ C:\Users\Samira\Desktop\Defogger.exe
2013-09-02 13:44 - 2013-09-02 14:03 - 00000000 ____D C:\Users\Samira\Desktop\fuers board
2013-09-02 13:36 - 2013-09-02 13:36 - 00448512 _____ (OldTimer Tools) C:\Users\Samira\Downloads\TFC.exe
2013-09-02 11:45 - 2013-09-02 11:45 - 00000000 ____D C:\Users\Samira\AppData\Roaming\Avira
2013-09-02 11:44 - 2013-09-02 11:44 - 00000000 ____D C:\Users\Samira\AppData\Roaming\Malwarebytes
2013-09-02 11:43 - 2013-09-02 11:44 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-02 11:43 - 2013-09-02 11:43 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Samira\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-02 11:43 - 2013-09-02 11:43 - 00001067 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-02 11:43 - 2013-09-02 11:43 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-02 11:43 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-02 11:41 - 2013-09-02 11:41 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-09-02 11:41 - 2013-09-02 11:41 - 00000000 ____D C:\Program Files\AskPartnerNetwork
2013-09-02 11:41 - 2013-09-02 11:40 - 00067168 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-09-02 11:40 - 2013-09-02 11:40 - 00000000 ____D C:\ProgramData\APN
2013-09-02 11:38 - 2013-09-02 11:38 - 00001940 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-09-02 11:38 - 2013-09-02 11:38 - 00000000 ____D C:\ProgramData\Avira
2013-09-02 11:38 - 2013-09-02 11:38 - 00000000 ____D C:\Program Files\Avira
2013-09-02 11:38 - 2013-08-31 20:32 - 00135136 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-02 11:38 - 2013-08-31 20:32 - 00084744 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-02 11:38 - 2013-08-31 20:32 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-09-02 11:38 - 2013-08-31 20:32 - 00028520 _____ (Avira GmbH) C:\Windows\system32\Drivers\ssmdrv.sys
2013-08-22 22:32 - 2013-08-22 22:38 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-22 22:22 - 2013-08-22 22:23 - 00024190 _____ C:\Users\Samira\Downloads\Holz-Stehleuchten.gz
2013-08-22 22:08 - 2013-08-22 22:08 - 00031478 _____ C:\Users\Samira\Downloads\Schlafzimmerleuchten.gz
2013-08-22 22:07 - 2013-08-22 22:07 - 00002627 _____ C:\Users\Samira\Downloads\Wohnraumleuchten.gz
2013-08-20 16:44 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-20 16:44 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-20 16:44 - 2013-07-26 05:13 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-20 16:44 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-20 16:44 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-20 16:44 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-20 16:44 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-20 16:44 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-20 16:44 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-20 16:44 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-20 16:44 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-20 16:44 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-20 16:44 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-20 16:44 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-20 16:44 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-20 16:44 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-20 14:48 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-20 14:48 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-20 14:48 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-08-20 14:48 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-20 14:48 - 2013-07-09 06:53 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-20 14:48 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-20 14:48 - 2013-07-09 06:50 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-20 14:48 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-20 14:48 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-20 14:48 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-20 14:48 - 2013-07-06 07:05 - 01293760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-20 14:47 - 2013-06-15 05:40 - 00918528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2013-08-20 14:47 - 2013-06-15 05:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
==================== One Month Modified Files and Folders =======
2013-09-02 14:05 - 2013-09-02 14:05 - 00000000 ____D C:\FRST
2013-09-02 14:05 - 2011-05-26 21:03 - 01449181 _____ C:\Windows\WindowsUpdate.log
2013-09-02 14:04 - 2013-09-02 14:04 - 01085803 _____ (Farbar) C:\Users\Samira\Desktop\FRST.exe
2013-09-02 14:04 - 2011-05-26 22:43 - 00000000 ____D C:\Users\Samira\AppData\Roaming\FRITZ!
2013-09-02 14:03 - 2013-09-02 13:44 - 00000000 ____D C:\Users\Samira\Desktop\fuers board
2013-09-02 14:03 - 2009-07-14 06:34 - 00017360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-02 14:03 - 2009-07-14 06:34 - 00017360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-02 14:01 - 2011-07-07 21:43 - 00000436 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-09-02 14:01 - 2011-05-26 21:47 - 00144804 _____ C:\Users\Samira\DesktopStCenter.txt
2013-09-02 14:00 - 2013-02-22 18:59 - 00062904 _____ C:\Windows\PFRO.log
2013-09-02 14:00 - 2012-04-08 19:05 - 00038918 _____ C:\Windows\setupact.log
2013-09-02 14:00 - 2011-07-22 22:22 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2013-09-02 14:00 - 2011-05-29 14:38 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-02 14:00 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-02 13:59 - 2011-05-30 20:19 - 00000000 ____D C:\ProgramData\Symantec
2013-09-02 13:59 - 2011-05-30 20:19 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2013-09-02 13:59 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\registration
2013-09-02 13:58 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\tracing
2013-09-02 13:56 - 2013-03-08 20:44 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-02 13:49 - 2013-09-02 13:49 - 00000204 _____ C:\Users\Samira\defogger_reenable
2013-09-02 13:49 - 2011-05-26 21:27 - 00000000 ____D C:\Users\Samira
2013-09-02 13:47 - 2013-09-02 13:47 - 00050477 _____ C:\Users\Samira\Desktop\Defogger.exe
2013-09-02 13:46 - 2011-05-29 14:38 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-02 13:36 - 2013-09-02 13:36 - 00448512 _____ (OldTimer Tools) C:\Users\Samira\Downloads\TFC.exe
2013-09-02 13:11 - 2011-05-29 11:40 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-272472105-3204116038-1883624732-1000UA.job
2013-09-02 13:11 - 2011-05-29 11:40 - 00001072 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-272472105-3204116038-1883624732-1000Core.job
2013-09-02 11:45 - 2013-09-02 11:45 - 00000000 ____D C:\Users\Samira\AppData\Roaming\Avira
2013-09-02 11:44 - 2013-09-02 11:44 - 00000000 ____D C:\Users\Samira\AppData\Roaming\Malwarebytes
2013-09-02 11:44 - 2013-09-02 11:43 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-02 11:43 - 2013-09-02 11:43 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Samira\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-02 11:43 - 2013-09-02 11:43 - 00001067 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-02 11:43 - 2013-09-02 11:43 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-02 11:41 - 2013-09-02 11:41 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-09-02 11:41 - 2013-09-02 11:41 - 00000000 ____D C:\Program Files\AskPartnerNetwork
2013-09-02 11:40 - 2013-09-02 11:41 - 00067168 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-09-02 11:40 - 2013-09-02 11:40 - 00000000 ____D C:\ProgramData\APN
2013-09-02 11:38 - 2013-09-02 11:38 - 00001940 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-09-02 11:38 - 2013-09-02 11:38 - 00000000 ____D C:\ProgramData\Avira
2013-09-02 11:38 - 2013-09-02 11:38 - 00000000 ____D C:\Program Files\Avira
2013-09-01 16:14 - 2012-11-17 17:20 - 00000000 ____D C:\Users\Samira\AppData\Roaming\Skype
2013-08-31 20:32 - 2013-09-02 11:38 - 00135136 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-08-31 20:32 - 2013-09-02 11:38 - 00084744 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-08-31 20:32 - 2013-09-02 11:38 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-08-31 20:32 - 2013-09-02 11:38 - 00028520 _____ (Avira GmbH) C:\Windows\system32\Drivers\ssmdrv.sys
2013-08-31 07:19 - 2011-05-30 21:43 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-30 20:24 - 2013-03-08 20:42 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-08-22 22:38 - 2013-08-22 22:32 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-22 22:23 - 2013-08-22 22:22 - 00024190 _____ C:\Users\Samira\Downloads\Holz-Stehleuchten.gz
2013-08-22 22:08 - 2013-08-22 22:08 - 00031478 _____ C:\Users\Samira\Downloads\Schlafzimmerleuchten.gz
2013-08-22 22:07 - 2013-08-22 22:07 - 00002627 _____ C:\Users\Samira\Downloads\Wohnraumleuchten.gz
2013-08-21 10:50 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2013-08-21 10:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-08-20 16:55 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-08-20 14:43 - 2011-05-29 14:37 - 00000000 ____D C:\Program Files\Google
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-09-01 00:12
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-09-03 22:04:33
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4 TOSHIBA_MK2546GSX_200 rev.LB012Q 186,31GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\Samira\AppData\Local\Temp\kwdiqpod.sys
---- System - GMER 2.1 ----
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS ZwAddBootEntry [0x8B6964BA]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS ZwAllocateVirtualMemory [0x90E55C22]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS ZwAssignProcessToJobObject [0x8B696ED6]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS ZwCreateEvent [0x8B6A1FA8]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS ZwCreateEventPair [0x8B6A1FF4]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS ZwCreateIoCompletion [0x8B6A2176]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS ZwCreateMutant [0x8B6A1F16]
SSDT 90A88BCE ZwCreateSection
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS ZwCreateSemaphore [0x8B6A1F5E]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS ZwCreateThread [0x8B69711C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS ZwCreateThreadEx [0x8B6972F4]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS ZwCreateTimer [0x8B6A2130]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS ZwDebugActiveProcess [0x8B69793E]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS ZwDeleteBootEntry [0x8B696508]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS ZwFreeVirtualMemory [0x90E55CEA]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS ZwLoadDriver [0x90E543EC]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS ZwModifyBootEntry [0x8B696556]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS ZwNotifyChangeKey [0x8B69B534]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS ZwNotifyChangeMultipleKeys [0x8B6983A6]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS ZwOpenEvent [0x8B6A1FD2]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS ZwOpenEventPair [0x8B6A2016]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS ZwOpenIoCompletion [0x8B6A219A]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS ZwOpenMutant [0x8B6A1F3C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS ZwOpenSection [0x8B6A20BA]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS ZwOpenSemaphore [0x8B6A1F86]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS ZwOpenTimer [0x8B6A2154]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS ZwProtectVirtualMemory [0x90E55E4A]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS ZwQueryObject [0x8B698272]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS ZwQueueApcThreadEx [0x8B697F86]
SSDT 90A88BD8 ZwRequestWaitReplyPort
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS ZwSetBootEntryOrder [0x8B6965A4]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS ZwSetBootOptions [0x8B6965F2]
SSDT 90A88BD3 ZwSetContextThread
SSDT 90A88BDD ZwSetSecurityObject
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS ZwSetSystemInformation [0x8B6961FA]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS ZwSetSystemPowerState [0x8B6963AA]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS ZwShutdownSystem [0x8B696350]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS ZwSuspendProcess [0x8B697AF8]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS ZwSuspendThread [0x8B697C54]
SSDT 90A88BE2 ZwSystemDebugControl
SSDT 90A88B6F ZwTerminateProcess
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS ZwTerminateThread [0x8B697636]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS ZwUnloadDriver [0x90E5441C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS ZwVdmControl [0x8B696640]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS ZwWriteVirtualMemory [0x90E55D96]
Code 90A9CBFC ZwTraceEvent
Code 90A9CBFB NtTraceEvent
---- Kernel code sections - GMER 2.1 ----
.text ntkrnlpa.exe!ZwRollbackEnlistment + 142D 82C47A15 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82C81212 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!KeRemoveQueueEx + 10CB 82C88460 4 Bytes [BA, 64, 69, 8B]
.text ntkrnlpa.exe!KeRemoveQueueEx + 10F3 82C88488 4 Bytes [22, 5C, E5, 90] {AND BL, [EBP-0x70]}
.text ntkrnlpa.exe!KeRemoveQueueEx + 1153 82C884E8 4 Bytes [D6, 6E, 69, 8B]
.text ntkrnlpa.exe!KeRemoveQueueEx + 11A7 82C8853C 8 Bytes [A8, 1F, 6A, 8B, F4, 1F, 6A, ...] {TEST AL, 0x1f; PUSH -0x75; HLT ; POP DS; PUSH -0x75}
.text ntkrnlpa.exe!KeRemoveQueueEx + 11B3 82C88548 4 Bytes [76, 21, 6A, 8B] {JBE 0x23; PUSH -0x75}
.text ...
.text ntkrnlpa.exe!NtTraceEvent 82CD1AE2 5 Bytes JMP 90A9CC00
PAGE ntkrnlpa.exe!ZwReplyWaitReceivePortEx + 108 82E434CF 4 Bytes CALL 8B698A8D \SystemRoot\System32\Drivers\aswSnx.SYS
PAGE ntkrnlpa.exe!ZwAlpcSendWaitReceivePort + 2 82E5D203 5 Bytes JMP 90A9CDE0
PAGE ntkrnlpa.exe!ZwAlpcSendWaitReceivePort + 122 82E5D323 4 Bytes CALL 8B698AA3 \SystemRoot\System32\Drivers\aswSnx.SYS
PAGE ntkrnlpa.exe!NtRequestPort + 2 82E8B7A5 5 Bytes JMP 90A9CCA0
---- User code sections - GMER 2.1 ----
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[172] kernel32.dll!GetBinaryTypeW + 70 757069F4 1 Byte [62]
.text C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe[340] kernel32.dll!GetBinaryTypeW + 70 757069F4 1 Byte [62]
.text C:\Windows\system32\csrss.exe[408] kernel32.dll!GetBinaryTypeW + 70 757069F4 1 Byte [62]
.text C:\Windows\system32\svchost.exe[424] kernel32.dll!GetBinaryTypeW + 70 757069F4 1 Byte [62]
.text C:\Windows\system32\wininit.exe[464] kernel32.dll!GetBinaryTypeW + 70 757069F4 1 Byte [62]
.text ...
.text C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1480] kernel32.dll!SetUnhandledExceptionFilter 756EF4FB 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP }
.text C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1480] kernel32.dll!GetBinaryTypeW + 70 757069F4 1 Byte [62]
.text C:\Windows\System32\spoolsv.exe[1584] kernel32.dll!GetBinaryTypeW + 70 757069F4 1 Byte [62]
.text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1612] kernel32.dll!GetBinaryTypeW + 70 757069F4 1 Byte [62]
.text C:\Windows\system32\svchost.exe[1632] kernel32.dll!GetBinaryTypeW + 70 757069F4 1 Byte [62]
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1744] kernel32.dll!GetBinaryTypeW + 70 757069F4 1 Byte [62]
.text ...
---- Devices - GMER 2.1 ----
AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS
AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x35 0xDD 0x9F 0xF6 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x5C 0x19 0x94 0xFF ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x1F 0xD5 0xF3 0xCC ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x35 0xDD 0x9F 0xF6 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x5C 0x19 0x94 0xFF ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x1F 0xD5 0xF3 0xCC ...
---- EOF - GMER 2.1 ----
|
| Themen zu Win7 32bit-Alter Laptop: Malewarebytes zeigt an die 100 Funde an |
| adblock, administrator, dsl, error, explorer, failed, farbar, farbar recovery scan tool, flash player, helper, helper.exe, homepage, neustart, opera, plug-in, programme, pup.optional.sweetim, registry, required, riskware.tool.ck, scan, server, svchost.exe, symantec, system, udp, winlogon.exe, wmp |
Baum-Darstellung