| |
| |||||||
Log-Analyse und Auswertung: Programme lassen sich nicht mehr über Systemsteuerung löschenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
01.11.2013, 10:45
| #1 |
 |  Programme lassen sich nicht mehr über Systemsteuerung löschen Hallo, nach Befall mit Schadsoftware habe ich mittels MBAM, Spybot - Search & Destroy sowie AVIRA versucht diese zu entfernen. Es wurden weit mehr als 140 Infektionen ermittelt und gelöscht. MBAM meldet bei einem weiteren Lauf keine Infektionen mehr. Auch adwcleaner habe ich schon mal laufen lassen. Aber immer noch kommt manchmal die Meldung: Code:
ATTFilter Dieser Vorgang kann nicht ausgeführt werden, da die andere Anwendung aktiv ist. Klicken Sie auf "Wechseln zu", um zu der anderen Anwendung zu wechseln und das Problem zu beheben.
Code:
ATTFilter "C:\users\Familie\AppData\Local\Temp\dlmCF50.tmp\Luckyleap0816.exe" konnte nicht gefunden werden. Stellen Sie sicher. dass Sie den Namen richtig eingegeben haben und wiederholen Sie den Vorgang.
Nach nochmaliger Installation von AVIRA z.B. ist der Button dann wieder da. Wichtig: Der installierte Drucker läßt sich im Netzwerk auch nicht mehr freigeben. Beim Schritt "Übernehmen" kommt die Meldung: Code:
ATTFilter Die Druckereinstellungen konnten nicht gespeichert werden.
Der Vorgang konnte nicht abgeschlossen werden (Fehler 0x0000007a).
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-10-2013
Ran by Familie (administrator) on FAMILIE-PC on 31-10-2013 22:49:45
Running from C:\Users\Familie\Desktop
Windows Vista (TM) Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Could not list processes ===============
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [hpsysdrv] - C:\hp\support\hpsysdrv.exe [65536 2007-04-18] (Hewlett-Packard Company)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [NeroFilterCheck] - C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [NBKeyScan] - C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [1836328 2007-09-20] (Nero AG)
HKLM\...\Run: [AirPort Base Station Agent] - C:\Program Files\AirPort\APAgent.exe [753664 2009-05-27] (Apple Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE [2567272 2011-07-19] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenuEx] - C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [1637496 2011-08-04] (CANON INC.)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [681032 2013-10-07] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2345296 2013-10-01] (LogMeIn Inc.)
HKLM\...\Run: [IJNetworkScannerSelectorEX] - C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [468112 2011-07-25] (CANON INC.)
HKLM\...\Run: [SDTray] - C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-10-19] (Apple Inc.)
HKLM\...\RunOnce: [Launcher] - %WINDIR%\SMINST\launcher.exe [44168 2007-04-03] (soft thinks)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] fastprox.dll ATTENTION! ====> ZeroAccess?
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehtray.exe [125952 2008-01-19] (Microsoft Corporation)
HKCU\...\Run: [KiesTrayAgent] - C:\Program Files\Samsung\Kies\/\KiesTrayAgent.exe [3365176 2010-05-11] (Samsung Electronics Co., Ltd.)
HKCU\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-10-15] (Nero AG)
HKCU\...\Run: [Spybot-S&D Cleaning] - C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [3666224 2013-09-20] (Safer-Networking Ltd.)
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-02-09] (Google Inc.)
HKCU\...\Winlogon: [Shell] Explorer.exe <==== ATTENTION
HKCU\...409d6c4515e9\InprocServer32: [Default-shell32] C:\$Recycle.Bin\S-1-5-21-765362131-1424477460-4068555651-1001\$bb84c5b83ae09f7bd024d5f77b50e929\n. ATTENTION! ====> ZeroAccess/Alureon?
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableChangePassword] 0
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKCU\...\Policies\Explorer: [NoLogoff] 0
MountPoints2: ##FAMILIE-PC#Users#Familie - Y:\Autorun.exe
MountPoints2: {1421e5a6-d26e-11dc-9638-001d606457c7} - setupSNK.exe
MountPoints2: {8044f8b3-fd65-11df-9679-001d606457c7} - J:\LGAutoRun.exe
HKU\Anne\...\Run: [HPADVISOR] - C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [ 2007-06-01] (Hewlett-Packard)
HKU\Anne\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [ 2008-02-09] (Google Inc.)
HKU\Anne\...\Policies\system: [LogonHoursAction] 2
HKU\Anne\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Anne\...\Winlogon: [Shell] explorer.exe,C:\Users\Anne\AppData\Roaming\skype.dat <==== ATTENTION
HKU\Chris\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Chris\...\Run: [HPADVISOR] - C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [ 2007-06-01] (Hewlett-Packard)
HKU\Chris\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [ 2008-02-09] (Google Inc.)
HKU\Chris\...\Run: [ehTray.exe] - C:\Windows\ehome\ehtray.exe [ 2008-01-19] (Microsoft Corporation)
HKU\Chris\...\Policies\system: [LogonHoursAction] 2
HKU\Chris\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Chris\...\Winlogon: [Shell] Explorer.exe <==== ATTENTION
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [HPADVISOR] - C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [ 2007-06-01] (Hewlett-Packard)
HKU\IUSR_NMPR\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\UpdatusUser\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\UpdatusUser\...\Run: [HPADVISOR] - C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [ 2007-06-01] (Hewlett-Packard)
AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL [ 2007-06-01] ()
Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
BootExecute: autocheck autochk * sdnclean.exe
==================== Internet (Whitelisted) ====================
ProxyServer: http=www-proxy.t-online.de:80;ftp=ftp-proxy.t-online.de:80
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.startpage.com/deu/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.t-online.de/service/redir/ie_t-online.htm
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.t-online.de/service/redir/ie_suche.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=74&bd=Pavilion&pf=desktop
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=74&bd=Pavilion&pf=desktop
HKLM\Software\Microsoft\Internet Explorer\Main,Update_Check_Page = hxxp://www.microsoft.com/isapi/redir.dll?Prd=ie&Pver=5.0&Ar=ie5update
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {86BA9CFC-C74D-4BD9-B531-067D223BED46} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie7chrome
SearchScopes: HKLM - {FA91A2D7-0663-4DB1-A35E-BD397860812C} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKCU - DefaultScope {3A9A2805-AF03-4AF8-8A5D-3A36C8857FB9} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3306060&CUI=UN22052712076880264&UM=2
SearchScopes: HKCU - {3A9A2805-AF03-4AF8-8A5D-3A36C8857FB9} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3306060&CUI=UN22052712076880264&UM=2
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.de/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7HPEA_deDE321
SearchScopes: HKCU - {86BA9CFC-C74D-4BD9-B531-067D223BED46} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie7chrome
SearchScopes: HKCU - {9130661E-DCEE-452B-B8DD-4DD77839587F} URL = hxxp://startpage.com/do/search?query={searchTerms}&nossl=1&cat=web&pl=ie&language=deutsch
SearchScopes: HKCU - {FA91A2D7-0663-4DB1-A35E-BD397860812C} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
BHO: EWPBrowseObject Class - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll ()
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: No Name - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 02 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 03 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 04 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 05 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 06 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 07 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 08 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 09 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 10 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 11 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 12 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 13 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 14 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 15 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 16 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 17 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 27 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 48 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
FireFox:
========
FF ProfilePath: C:\Users\Familie\AppData\Roaming\Mozilla\Firefox\Profiles\ptz896zb.default
FF Homepage: https://www.startpage.com/deu
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa2,version=2.0.0 - C:\Program Files\Picasa2\npPicasa2.dll No File
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @real.com/nppl3260;version=6.0.12.450 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.3.448 - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @Webzen.com/NPGameWebStarter - C:\Program Files\WEBZEN\WebzenGameStarter\NPGameWebStarter.dll No File
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @sun.com/npsopluginmi;version=1.0 - C:\Program Files\OpenOffice.org 3\program ()
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Familie\AppData\Roaming\Mozilla\Firefox\Profiles\ptz896zb.default\searchplugins\bing--google.xml
FF SearchPlugin: C:\Users\Familie\AppData\Roaming\Mozilla\Firefox\Profiles\ptz896zb.default\searchplugins\bing-vs-google.xml
FF SearchPlugin: C:\Users\Familie\AppData\Roaming\Mozilla\Firefox\Profiles\ptz896zb.default\searchplugins\google-language-de.xml
FF SearchPlugin: C:\Users\Familie\AppData\Roaming\Mozilla\Firefox\Profiles\ptz896zb.default\searchplugins\google-language-en.xml
FF SearchPlugin: C:\Users\Familie\AppData\Roaming\Mozilla\Firefox\Profiles\ptz896zb.default\searchplugins\startpage-https---deutsch.xml
FF SearchPlugin: C:\Users\Familie\AppData\Roaming\Mozilla\Firefox\Profiles\ptz896zb.default\searchplugins\suche-in-wikipedia.xml
FF SearchPlugin: C:\Users\Familie\AppData\Roaming\Mozilla\Firefox\Profiles\ptz896zb.default\searchplugins\wikipedia-eng.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Deutsches Wörterbuch - C:\Users\Familie\AppData\Roaming\Mozilla\Firefox\Profiles\ptz896zb.default\Extensions\de-DE@dictionaries.addons.mozilla.org
FF Extension: Fast Dial - C:\Users\Familie\AppData\Roaming\Mozilla\Firefox\Profiles\ptz896zb.default\Extensions\fastdial@telega.phpnet.us
FF Extension: WOT - C:\Users\Familie\AppData\Roaming\Mozilla\Firefox\Profiles\ptz896zb.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: No Name - C:\Users\Familie\AppData\Roaming\Mozilla\Firefox\Profiles\ptz896zb.default\Extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}.xpi
FF Extension: mapprefs - C:\Users\Familie\AppData\Roaming\Mozilla\Firefox\Profiles\ptz896zb.default\Extensions\{398e77b8-2304-11dc-8314-0800200c9a66}.xpi
FF Extension: sage - C:\Users\Familie\AppData\Roaming\Mozilla\Firefox\Profiles\ptz896zb.default\Extensions\{a6ca9b3b-5e52-4f47-85d8-cca35bb57596}.xpi
FF Extension: prefs - C:\Users\Familie\AppData\Roaming\Mozilla\Firefox\Profiles\ptz896zb.default\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi
FF Extension: Adblock Plus - C:\Users\Familie\AppData\Roaming\Mozilla\Firefox\Profiles\ptz896zb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: tabmix - C:\Users\Familie\AppData\Roaming\Mozilla\Firefox\Profiles\ptz896zb.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
FF Extension: prefs - C:\Users\Familie\AppData\Roaming\Mozilla\Firefox\Profiles\ptz896zb.default\Extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}.xpi
FF Extension: No Name - C:\Users\Familie\AppData\Roaming\Mozilla\Firefox\Profiles\ptz896zb.default\Extensions\{fd2f951f-77ea-4938-9493-0c892c027a13}.xpi
FF HKLM\...\Firefox\Extensions: [{3112ca9c-de6d-4884-a869-9855de68056c}] - C:\ProgramData\Mozilla\Firefox Extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF Extension: Google Toolbar for Firefox - C:\ProgramData\Mozilla\Firefox Extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Program Files\Real\RealPlayer\browserrecord\firefox\ext
FF Extension: RealPlayer Browser Record Plugin - C:\Program Files\Real\RealPlayer\browserrecord\firefox\ext
FF HKCU\...\Firefox\Extensions: [{184AA5E6-741D-464a-820E-94B3ABC2F3B4}] - C:\Users\Familie\AppData\Roaming\5053
FF Extension: Java String Helper - C:\Users\Familie\AppData\Roaming\5053
========================== Services (Whitelisted) =================
S3 AlertService; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [188416 2006-09-11] (Intel(R) Corporation)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440392 2013-10-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440392 2013-10-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1164360 2013-10-07] (Avira Operations GmbH & Co. KG)
S4 Automatisches LiveUpdate - Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [554352 2007-09-26] (Symantec Corporation)
R2 dgdersvc; C:\Windows\system32\dgdersvc.exe [95568 2010-05-01] (Devguru Co., Ltd.)
R2 DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [208896 2006-09-03] ()
S2 gupdate1c9c4dfcd2a3bd0; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-04-24] (Google Inc.)
S2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1612112 2013-10-01] (LogMeIn Inc.)
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [61440 2007-05-24] (Hewlett-Packard)
R2 HPBtnSrv; c:\hp\HPEZBTN\HPBtnSrv.exe [198240 2007-05-29] ()
R2 IntelDHSvcConf; C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe [29696 2006-05-10] (Intel(R) Corporation)
S3 ISSM; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [75264 2006-09-11] (Intel(R) Corporation)
S3 KiesAllShare; C:\Program Files\Samsung\Kies\WiselinkPro\WiselinkPro.exe [9241088 2010-05-04] ()
S3 LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2999664 2007-09-26] (Symantec Corporation)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [375056 2013-08-26] (LogMeIn, Inc.)
S3 M1 Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [26624 2006-08-31] ()
S3 MCLServiceATL; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [167936 2006-09-11] (Intel(R) Corporation)
S3 npggsvc; C:\Windows\system32\GameMon.des [3717904 2010-08-18] (INCA Internet Co., Ltd.)
S3 Remote UI Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [544256 2006-09-11] (Intel(R) Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [266343 2006-09-29] ()
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S3 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1228504 2013-10-14] (Secunia)
R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [660184 2013-10-14] (Secunia)
S3 TuneUp.Defrag; C:\Windows\System32\TuneUpDefragService.exe [355584 2009-04-26] (TuneUp Software GmbH)
S3 usnjsvc; C:\Program Files\Windows Live\Messenger\usnsvc.exe [98328 2007-10-18] (Microsoft Corporation)
R2 VideoAcceleratorService; C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe [284280 2008-03-19] (Speedbit Ltd.)
S2 Winmgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S3 WLSetupSvc; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [266240 2007-10-25] (Microsoft Corporation)
S3 GoogleDesktopManager-110309-193829; "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [x]
S3 Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe /RunAsService [x]
==================== Drivers (Whitelisted) ====================
R2 acedrv09; C:\Windows\system32\drivers\acedrv09.sys [373568 2007-06-18] (Protect Software GmbH)
R2 acedrv10; C:\Windows\system32\drivers\acedrv10.sys [583128 2007-10-28] (Protect Software GmbH)
R2 acehlp09; C:\Windows\system32\drivers\acehlp09.sys [201696 2007-05-30] (Protect Software GmbH)
R2 acehlp10; C:\Windows\system32\drivers\acehlp10.sys [250560 2007-10-26] (Protect Software GmbH)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2010-04-10] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [89376 2013-10-07] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137208 2013-10-07] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-07] (Avira Operations GmbH & Co. KG)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36640 2010-05-01] ()
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2010-04-01] ()
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2013-10-14] (Secunia)
S3 SaiK0CEA; C:\Windows\System32\DRIVERS\SaiK0CEA.sys [104960 2008-01-14] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [14080 2008-01-14] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [35456 2008-01-14] (Saitek)
S3 SaiU0CEA; C:\Windows\System32\DRIVERS\SaiU0CEA.sys [28544 2008-01-14] (Saitek)
S3 sscebus; C:\Windows\System32\DRIVERS\sscebus.sys [98560 2010-04-27] (MCCI Corporation)
S3 sscemdfl; C:\Windows\System32\DRIVERS\sscemdfl.sys [14848 2010-04-27] (MCCI Corporation)
S3 sscemdm; C:\Windows\System32\DRIVERS\sscemdm.sys [123648 2010-04-27] (MCCI Corporation)
S3 ssceserd; C:\Windows\System32\DRIVERS\ssceserd.sys [100352 2010-04-27] (MCCI Corporation)
R1 SSHDRV61; C:\Windows\system32\drivers\SSHDRV61.sys [36864 2009-11-10] ()
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-09-13] (Avira GmbH)
S3 wanatw; C:\Windows\System32\DRIVERS\wanatw4.sys [33588 2006-11-01] (America Online, Inc.)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S2 sbbotdi; \??\C:\PROGRA~1\SPEEDB~1\sbbotdi.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-31 22:44 - 2013-10-31 22:46 - 00021101 _____ C:\Users\Familie\Desktop\Addition.txt
2013-10-31 22:41 - 2013-10-31 22:41 - 00000000 ____D C:\FRST
2013-10-31 22:39 - 2013-10-31 22:39 - 01089445 _____ (Farbar) C:\Users\Familie\Desktop\FRST.exe
2013-10-31 20:45 - 2013-10-31 20:45 - 00001126 _____ C:\Users\Public\Desktop\EditPad Lite 7.lnk
2013-10-31 19:27 - 2013-10-31 19:27 - 00001666 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-10-31 19:26 - 2013-10-31 19:27 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-10-31 19:26 - 2013-10-31 19:27 - 00000000 ____D C:\Program Files\iTunes
2013-10-31 19:26 - 2013-10-31 19:26 - 00000000 ____D C:\Program Files\iPod
2013-10-31 19:04 - 2013-10-31 19:04 - 00000000 ____D C:\ProgramData\APN
2013-10-31 19:02 - 2013-10-31 19:02 - 00000000 ____D C:\ProgramData\Oracle
2013-10-31 19:01 - 2013-10-31 19:01 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-10-31 19:01 - 2013-10-31 19:00 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-10-31 19:01 - 2013-10-31 19:00 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-10-31 19:01 - 2013-10-31 19:00 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-10-31 18:17 - 2013-10-31 19:22 - 00022173 _____ C:\Windows\wininit.ini
2013-10-31 18:04 - 2013-10-31 18:04 - 00001792 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2013-10-31 18:00 - 2013-10-31 18:00 - 00001728 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2013-10-31 17:59 - 2013-10-31 18:02 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-10-31 17:59 - 2013-10-31 18:00 - 00000000 ____D C:\Program Files\QuickTime
2013-10-31 17:52 - 2013-10-31 17:52 - 00000000 ____D C:\Windows\system32\Adobe
2013-10-31 17:24 - 2013-10-31 17:24 - 00000864 _____ C:\Users\Familie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Temp File Cleaner.lnk
2013-10-31 17:24 - 2013-10-31 17:24 - 00000000 ____D C:\Users\Familie\AppData\Roaming\addpcs
2013-10-31 17:24 - 2013-10-31 17:24 - 00000000 ____D C:\Program Files\Temp File Cleaner
2013-10-31 17:21 - 2013-10-31 17:21 - 00000000 ____D C:\Users\Familie\AppData\Local\Secunia PSI
2013-10-31 17:21 - 2013-10-31 17:21 - 00000000 ____D C:\Program Files\Secunia
2013-10-31 17:15 - 2013-10-31 20:10 - 00000644 _____ C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2013-10-31 17:15 - 2013-10-31 19:10 - 00000616 _____ C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2013-10-31 17:15 - 2013-10-31 19:10 - 00000446 _____ C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2013-10-31 17:15 - 2013-10-31 18:17 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-10-31 17:15 - 2013-10-31 17:18 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2013-10-31 17:15 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2013-10-31 17:09 - 2013-10-31 17:15 - 00000000 ____D C:\Windows\system32\MRT
2013-10-14 11:04 - 2013-10-14 11:04 - 00016024 _____ (Secunia) C:\Windows\system32\Drivers\psi_mf_x86.sys
2013-10-13 11:05 - 2013-09-22 11:29 - 12336128 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-13 11:05 - 2013-09-22 11:22 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-13 11:05 - 2013-09-22 11:22 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-13 11:05 - 2013-09-22 11:14 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-10-13 11:05 - 2013-09-22 11:13 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-13 11:05 - 2013-09-22 11:13 - 01104896 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-13 11:05 - 2013-09-22 11:12 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-10-13 11:05 - 2013-09-22 11:09 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-13 11:05 - 2013-09-22 11:08 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-10-13 11:05 - 2013-09-22 11:07 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-13 11:05 - 2013-09-22 11:06 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-10-13 11:05 - 2013-09-22 11:05 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-13 11:05 - 2013-09-22 11:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-13 11:05 - 2013-09-22 11:03 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-13 11:05 - 2013-09-22 11:03 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-10-13 11:05 - 2013-09-22 10:59 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-12 12:23 - 2013-10-12 12:23 - 00000000 ___HD C:\ProgramData\CanonIJSolutionMenuEX
2013-10-12 12:22 - 2013-10-12 12:22 - 00000000 ___HD C:\ProgramData\CanonIJMyPrinter
2013-10-12 12:15 - 2013-10-12 12:15 - 00000000 ____D C:\Windows\medias
2013-10-12 12:15 - 2013-10-12 12:15 - 00000000 ____D C:\ProgramData\Canon IJ Network Tool
2013-10-12 11:53 - 2013-10-29 15:22 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-10-10 06:56 - 2013-08-29 08:36 - 02050048 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-10 06:56 - 2013-08-27 03:47 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-10-10 06:56 - 2013-08-27 03:47 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-10-10 06:56 - 2013-08-27 03:47 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-10-10 06:56 - 2013-08-27 03:47 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-10-10 06:56 - 2013-08-27 02:52 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-10-10 06:56 - 2013-08-27 02:50 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-10-10 06:56 - 2013-08-27 02:32 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-10-10 06:56 - 2013-08-27 02:28 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-10-10 06:56 - 2013-08-27 02:28 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-10-10 06:56 - 2013-08-01 04:16 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-10 06:56 - 2013-08-01 03:49 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2013-10-10 06:56 - 2013-07-20 11:44 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 06:56 - 2013-07-12 10:04 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-10 06:56 - 2013-07-04 05:21 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-10 06:56 - 2013-07-03 03:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-10 06:56 - 2013-07-03 03:10 - 00025472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-10 06:56 - 2013-06-29 03:07 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-10 06:56 - 2013-06-29 03:07 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-10 06:56 - 2013-06-29 03:07 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-10 06:56 - 2013-06-29 03:06 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-10 06:56 - 2013-06-27 00:01 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-10 06:56 - 2013-06-04 05:16 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-10 06:56 - 2013-06-04 02:49 - 00293376 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-10 06:56 - 2011-05-05 14:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-10 06:56 - 2011-05-05 14:54 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-07 11:07 - 2013-10-07 11:07 - 00000000 ____D C:\Users\Anne\AppData\Local\LogMeIn
2013-10-02 14:05 - 2013-10-02 14:05 - 00000000 ____D C:\Users\Familie\AppData\Local\LogMeIn
2013-10-02 14:05 - 2013-10-02 14:05 - 00000000 ____D C:\ProgramData\LogMeIn
2013-10-02 14:01 - 2013-10-02 14:01 - 00000000 ____D C:\Program Files\LogMeIn Hamachi
==================== One Month Modified Files and Folders =======
2013-10-31 22:46 - 2013-10-31 22:44 - 00021101 _____ C:\Users\Familie\Desktop\Addition.txt
2013-10-31 22:41 - 2013-10-31 22:41 - 00000000 ____D C:\FRST
2013-10-31 22:39 - 2013-10-31 22:39 - 01089445 _____ (Farbar) C:\Users\Familie\Desktop\FRST.exe
2013-10-31 22:31 - 2008-02-13 19:52 - 00000258 _____ C:\Windows\Tasks\Auf Updates für Windows Live Toolbar prüfen.job
2013-10-31 22:23 - 2009-06-30 20:11 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-31 22:23 - 2009-06-30 20:11 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-31 22:16 - 2012-07-26 19:47 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-31 22:09 - 2006-11-02 13:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-31 22:09 - 2006-11-02 13:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-31 22:00 - 2008-02-09 20:39 - 00000504 _____ C:\Windows\Tasks\1-Klick-Wartung.job
2013-10-31 21:15 - 2008-02-09 20:41 - 00000000 ___RD C:\Users\Familie\Desktop\SYSTEM-Sicherheit u. Wartung
2013-10-31 21:00 - 2011-03-20 10:50 - 00000000 ____D C:\Program Files\7-Zip
2013-10-31 20:45 - 2013-10-31 20:45 - 00001126 _____ C:\Users\Public\Desktop\EditPad Lite 7.lnk
2013-10-31 20:45 - 2008-02-09 18:29 - 00000000 ____D C:\Users\Familie\AppData\Roaming\JGsoft
2013-10-31 20:15 - 2012-07-19 21:06 - 00000000 ____D C:\Users\Familie\AppData\Local\LogMeIn Hamachi
2013-10-31 20:13 - 2006-11-02 13:37 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-10-31 20:11 - 2007-09-26 10:33 - 01166989 _____ C:\Windows\WindowsUpdate.log
2013-10-31 20:10 - 2013-10-31 17:15 - 00000644 _____ C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2013-10-31 20:10 - 2007-09-18 10:17 - 00000000 ____D C:\Windows\SMINST
2013-10-31 20:09 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-31 20:07 - 2006-11-02 14:01 - 00032514 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-31 20:06 - 2011-01-29 13:57 - 00000000 ____D C:\Users\Chris
2013-10-31 20:06 - 2009-04-24 17:53 - 00000000 ____D C:\Users\Familie\AppData\Roaming\Uniblue
2013-10-31 20:06 - 2009-04-24 17:53 - 00000000 ____D C:\Program Files\Uniblue
2013-10-31 19:41 - 2007-12-25 23:16 - 00000000 ____D C:\Windows\Minidump
2013-10-31 19:27 - 2013-10-31 19:27 - 00001666 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-10-31 19:27 - 2013-10-31 19:26 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-10-31 19:27 - 2013-10-31 19:26 - 00000000 ____D C:\Program Files\iTunes
2013-10-31 19:26 - 2013-10-31 19:26 - 00000000 ____D C:\Program Files\iPod
2013-10-31 19:26 - 2008-01-19 22:03 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-10-31 19:22 - 2013-10-31 18:17 - 00022173 _____ C:\Windows\wininit.ini
2013-10-31 19:10 - 2013-10-31 17:15 - 00000616 _____ C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2013-10-31 19:10 - 2013-10-31 17:15 - 00000446 _____ C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2013-10-31 19:10 - 2012-05-06 18:36 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-10-31 19:05 - 2006-11-02 12:18 - 00000000 __RHD C:\Users\Default
2013-10-31 19:04 - 2013-10-31 19:04 - 00000000 ____D C:\ProgramData\APN
2013-10-31 19:02 - 2013-10-31 19:02 - 00000000 ____D C:\ProgramData\Oracle
2013-10-31 19:01 - 2013-10-31 19:01 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-10-31 19:01 - 2007-09-18 10:04 - 00000000 ____D C:\Program Files\Common Files\Java
2013-10-31 19:00 - 2013-10-31 19:01 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-10-31 19:00 - 2013-10-31 19:01 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-10-31 19:00 - 2013-10-31 19:01 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-10-31 19:00 - 2007-09-18 10:04 - 00000000 ____D C:\Program Files\Java
2013-10-31 18:17 - 2013-10-31 17:15 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-10-31 18:06 - 2008-11-29 19:11 - 00000000 ____D C:\Program Files\Adobe
2013-10-31 18:05 - 2010-04-21 11:55 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2013-10-31 18:04 - 2013-10-31 18:04 - 00001792 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2013-10-31 18:04 - 2010-10-27 16:17 - 00000000 ____D C:\Users\Familie\AppData\Local\Thunderbird
2013-10-31 18:04 - 2010-10-27 16:17 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2013-10-31 18:03 - 2009-11-27 12:01 - 00000861 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-10-31 18:02 - 2013-10-31 17:59 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-10-31 18:00 - 2013-10-31 18:00 - 00001728 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2013-10-31 18:00 - 2013-10-31 17:59 - 00000000 ____D C:\Program Files\QuickTime
2013-10-31 17:54 - 2013-07-08 19:51 - 00000000 ____D C:\Users\Familie\AppData\Roaming\Pemy
2013-10-31 17:52 - 2013-10-31 17:52 - 00000000 ____D C:\Windows\system32\Adobe
2013-10-31 17:24 - 2013-10-31 17:24 - 00000864 _____ C:\Users\Familie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Temp File Cleaner.lnk
2013-10-31 17:24 - 2013-10-31 17:24 - 00000000 ____D C:\Users\Familie\AppData\Roaming\addpcs
2013-10-31 17:24 - 2013-10-31 17:24 - 00000000 ____D C:\Program Files\Temp File Cleaner
2013-10-31 17:21 - 2013-10-31 17:21 - 00000000 ____D C:\Users\Familie\AppData\Local\Secunia PSI
2013-10-31 17:21 - 2013-10-31 17:21 - 00000000 ____D C:\Program Files\Secunia
2013-10-31 17:18 - 2013-10-31 17:15 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2013-10-31 17:15 - 2013-10-31 17:09 - 00000000 ____D C:\Windows\system32\MRT
2013-10-31 17:09 - 2010-11-15 20:07 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-10-31 16:51 - 2008-02-09 15:58 - 00000000 ____D C:\totalcmd
2013-10-30 14:06 - 2009-03-26 18:30 - 00001052 _____ C:\Windows\Tasks\Google Software Updater.job
2013-10-29 15:22 - 2013-10-12 11:53 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-10-29 12:31 - 2008-02-11 09:26 - 00000000 ____D C:\Users\Familie\AppData\Local\Paint.NET
2013-10-26 22:45 - 2013-05-31 23:44 - 00000000 ____D C:\Users\Anne\AppData\Local\LogMeIn Hamachi
2013-10-19 17:05 - 2007-11-24 19:17 - 00000000 ____D C:\Users\Familie\AppData\Local\Google
2013-10-17 10:50 - 2007-11-24 23:43 - 00083968 _____ C:\Users\Familie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-14 11:04 - 2013-10-14 11:04 - 00016024 _____ (Secunia) C:\Windows\system32\Drivers\psi_mf_x86.sys
2013-10-13 11:42 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-10-13 11:36 - 2006-11-02 13:47 - 00389736 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-13 11:35 - 2008-09-09 16:42 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-13 11:11 - 2006-11-02 11:33 - 01495694 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-12 17:30 - 2008-02-10 09:48 - 00000000 ____D C:\Users\Familie\Documents\Eigene Briefe usw
2013-10-12 12:23 - 2013-10-12 12:23 - 00000000 ___HD C:\ProgramData\CanonIJSolutionMenuEX
2013-10-12 12:22 - 2013-10-12 12:22 - 00000000 ___HD C:\ProgramData\CanonIJMyPrinter
2013-10-12 12:16 - 2007-11-25 00:01 - 00000000 ____D C:\Program Files\Canon
2013-10-12 12:15 - 2013-10-12 12:15 - 00000000 ____D C:\Windows\medias
2013-10-12 12:15 - 2013-10-12 12:15 - 00000000 ____D C:\ProgramData\Canon IJ Network Tool
2013-10-12 12:15 - 2006-11-02 13:37 - 00000000 ____D C:\Windows\twain_32
2013-10-09 20:16 - 2012-07-26 19:47 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-10-09 20:16 - 2011-05-18 15:14 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-10-09 13:45 - 2007-11-24 18:40 - 00000000 ____D C:\Users\Familie
2013-10-07 11:12 - 2013-09-13 21:23 - 00137208 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-10-07 11:12 - 2013-09-13 21:23 - 00089376 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-10-07 11:12 - 2013-09-13 21:23 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-10-07 11:12 - 2013-05-31 23:44 - 00000000 ____D C:\Users\Anne\AppData\Local\Google
2013-10-07 11:07 - 2013-10-07 11:07 - 00000000 ____D C:\Users\Anne\AppData\Local\LogMeIn
2013-10-02 14:05 - 2013-10-02 14:05 - 00000000 ____D C:\Users\Familie\AppData\Local\LogMeIn
2013-10-02 14:05 - 2013-10-02 14:05 - 00000000 ____D C:\ProgramData\LogMeIn
2013-10-02 14:01 - 2013-10-02 14:01 - 00000000 ____D C:\Program Files\LogMeIn Hamachi
Files to move or delete:
====================
C:\Users\Familie\AppData\Roaming\desktop.ini
C:\ProgramData\9541985.pad
C:\ProgramData\fodiwj.pad
C:\ProgramData\r4got.js
C:\ProgramData\r4got.pad
C:\Users\Familie\server.dll
Some content of TEMP:
====================
C:\Users\Familie\AppData\Local\Temp\avgnt.exe
C:\Users\Familie\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-10-31 20:17
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 31-10-2013 Ran by Familie at 2013-10-31 22:44:20 Running from C:\Users\Familie\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== Could not list Security Center items. Check WMI. ==================== Installed Programs ====================== Adobe AIR (Version: 3.8.0.1430) Adobe Flash Player 11 ActiveX (Version: 11.9.900.117) Adobe Flash Player 11 Plugin (Version: 11.9.900.117) Adobe Reader 9.5.5 - Deutsch (Version: 9.5.5) Adobe Shockwave Player 12.0 (Version: 12.0.4.144) Agent Ransack Version 1.7.3 AirPort (Version: 5.4.2.21) Amazon MP3-Downloader 1.0.9 Apple Application Support (Version: 2.3.6) Apple Mobile Device Support (Version: 7.0.0.117) Apple Software Update (Version: 2.1.3.127) Avira Free Antivirus (Version: 14.0.0.383) Bonjour (Version: 3.0.0.10) Canon Easy-PhotoPrint EX Canon IJ Network Scanner Selector EX Canon IJ Network Tool Canon Kurzwahlprogramm Canon MP Navigator EX 5.1 Canon MX890 series Benutzerregistrierung Canon MX890 series MP Drivers Canon MX890 series On-screen Manual Canon My Printer Canon Solution Menu EX Connect DLC 4 Toolbar for IE (Version: 6.17.1.25) Die*Sims™*3 (Version: 1.0.631) Dropbox (HKCU Version: 1.1.35) Duden Mathematik 4 EditPad Lite DE 7.3.0 (Version: DE 7.3.0) Google Earth (Version: 7.1.1.1888) Google Toolbar for Internet Explorer (Version: 7.5.4601.54) Google Update Helper (Version: 1.3.21.165) HPAsset component for HP Active Support Library (Version: 3.0.2.2) IrfanView (remove only) (Version: 4.36) iTunes (Version: 11.1.2.31) Java 7 Update 45 (Version: 7.0.450) Java Auto Updater (Version: 2.1.9.8) LogMeIn Hamachi (Version: 2.2.0.58) Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300) Microsoft .NET Framework 1.1 (Version: 1.1.4322) Microsoft .NET Framework 1.1 Security Update (KB2698023) Microsoft .NET Framework 1.1 Security Update (KB2833941) Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft Office Word Viewer 2003 (Version: 11.0.8173.0) Microsoft Silverlight (Version: 5.1.20913.0) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Works 6-9 Converter (Version: 9.7.0621) Mozilla Firefox 17.0.1 (x86 de) (Version: 17.0.1) Mozilla Maintenance Service (Version: 24.1.0) Mozilla Thunderbird 24.1.0 (x86 de) (Version: 24.1.0) Nero 8 Essentials (Version: 8.10.284) neroxml (Version: 1.0.0) NVIDIA Grafiktreiber 307.83 (Version: 307.83) NVIDIA Install Application (Version: 2.1002.109.706) NVIDIA Systemsteuerung 307.83 (Version: 307.83) NVIDIA Update 1.10.8 (Version: 1.10.8) NVIDIA Update Components (Version: 1.10.8) Picasa 3 (Version: 3.9) QuickTime (Version: 7.74.80.86) Raumschiffe bauen mit Willy Werkel (Version: 1.00.0000) SAMSUNG USB Driver for Mobile Phones (Version: 1.3.350.0) Secunia PSI (3.0.0.8013) (Version: 3.0.0.8013) Spybot - Search & Destroy (Version: 2.2.25) swMSM (Version: 12.0.0.1) Temp File Cleaner (Version: 4.3.0) TIPP10 Version 2.1.0 Total Commander (Remove or Repair) (Version: 8.01) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3) VCRedistSetup (Version: 1.0.0) VLC media player 2.1.0 (Version: 2.1.0) ==================== Restore Points ========================= Could not list Restore Points. Check WMI. ==================== Hosts content: ========================== 2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {059CE7ED-80AB-412D-BCFF-98158EC6C068} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI Task: {07C2D569-5511-42B4-BC76-52ECB7DDCD37} - System32\Tasks\Refresh immunization (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe Task: {0D827BB1-1474-43ED-8208-14629F31CF50} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => C:\Program Files\Windows Defender\MpCmdRun.exe [2008-01-19] (Microsoft Corporation) Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM Task: {2386D73E-BFA4-46A1-9DB1-DC9701D68505} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-24] (Google Inc.) Task: {2BAF39B6-F2EF-4611-A395-98EB142F5DF5} - System32\Tasks\JavaUpdateAdministrator => C:\Windows\System32\jusched.exe [2007-04-07] (Sun Microsystems, Inc.) Task: {36C5CAB3-B8FE-4401-9235-588DD77BD7E9} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-12] (Google) Task: {3AFD43A8-F647-4481-9FE0-F3561979C48C} - System32\Tasks\Scan the system (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\System32\RacAgent.exe [2008-01-19] (Microsoft Corporation) Task: {48F10C63-656B-45CC-AD57-0A8C0884B441} - System32\Tasks\Auf Updates für Windows Live Toolbar prüfen => C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19] (Microsoft Corporation) Task: {58CAB7F4-5E58-4514-80EA-C1B630028A7E} - System32\Tasks\Check for updates (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe Task: {65E749F5-CAC0-4A0D-AE3E-B8E246D5D44B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-24] (Google Inc.) Task: {7EDBBEEE-DA81-453A-ABB7-18800D9165A7} - System32\Tasks\1-Klick-Wartung => C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe [2008-05-17] () Task: {883ECDD0-5D72-4600-A931-2E55AC830626} - System32\Tasks\HP Health Check => C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2007-05-24] (Hewlett-Packard) Task: {8EE426FB-C208-4FDB-AAEB-786E1CBA8C99} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09] (Adobe Systems Incorporated) Task: {9E3BA316-4721-464A-9108-204208C13674} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {C58EA8CD-8EE1-49F7-AD59-B9FC15CB3F76} - System32\Tasks\JavaUpdateFamilie => C:\Windows\System32\jusched.exe [2007-04-07] (Sun Microsystems, Inc.) Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\System32\gatherWirelessInfo.vbs [2008-01-05] () Task: C:\Windows\Tasks\1-Klick-Wartung.job => C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\Auf Updates für Windows Live Toolbar prüfen.job => C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe ==================== Loaded Modules (whitelisted) ============= ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\ProgramData\TEMP:B0D4D817 ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== Faulty Device Manager Devices ============= Could not list Devices. Check WMI. ==================== Event log errors: ========================= Application errors: ================== Error: (10/31/2013 09:17:00 PM) (Source: Windows Search Service) (User: ) Description: Eintrag <C:\USERS\FAMILIE\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\PTZ896ZB.DEFAULT\CACHE\3\8C> in der Hash-Zuordnung kann nicht aktualisiert werden. Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) Error: (10/31/2013 09:16:40 PM) (Source: Windows Search Service) (User: ) Description: Eintrag <C:\USERS\FAMILIE\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\PTZ896ZB.DEFAULT\CACHE\5\57> in der Hash-Zuordnung kann nicht aktualisiert werden. Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) Error: (10/31/2013 09:16:33 PM) (Source: Windows Search Service) (User: ) Description: Eintrag <C:\USERS\FAMILIE\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\PTZ896ZB.DEFAULT\CACHE\D\DE> in der Hash-Zuordnung kann nicht aktualisiert werden. Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) Error: (10/31/2013 09:16:33 PM) (Source: Windows Search Service) (User: ) Description: Eintrag <C:\USERS\FAMILIE\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\PTZ896ZB.DEFAULT\CACHE\D\DE> in der Hash-Zuordnung kann nicht aktualisiert werden. Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) Error: (10/31/2013 09:04:53 PM) (Source: Windows Search Service) (User: ) Description: Eintrag <C:\USERS\FAMILIE\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\PTZ896ZB.DEFAULT\CACHE\7\5F> in der Hash-Zuordnung kann nicht aktualisiert werden. Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) Error: (10/31/2013 09:04:53 PM) (Source: Windows Search Service) (User: ) Description: Eintrag <C:\USERS\FAMILIE\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\PTZ896ZB.DEFAULT\CACHE\7\5F> in der Hash-Zuordnung kann nicht aktualisiert werden. Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) Error: (10/31/2013 09:01:12 PM) (Source: Windows Search Service) (User: ) Description: Eintrag <C:\USERS\FAMILIE\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\PTZ896ZB.DEFAULT\CACHE\9\F8> in der Hash-Zuordnung kann nicht aktualisiert werden. Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) Error: (10/31/2013 09:01:11 PM) (Source: Windows Search Service) (User: ) Description: Eintrag <C:\USERS\FAMILIE\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\PTZ896ZB.DEFAULT\CACHE\9\F8> in der Hash-Zuordnung kann nicht aktualisiert werden. Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) Error: (10/31/2013 08:41:25 PM) (Source: Windows Search Service) (User: ) Description: Eintrag <C:\USERS\FAMILIE\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\PTZ896ZB.DEFAULT\CACHE\A\5F> in der Hash-Zuordnung kann nicht aktualisiert werden. Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) Error: (10/31/2013 08:16:50 PM) (Source: Application Error) (User: ) Description: Fehlerhafte Anwendung PSIA.exe, Version 3.0.0.8013, Zeitstempel 0x525b8f0c, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18881, Zeitstempel 0x51da3e27, Ausnahmecode 0xc0000005, Fehleroffset 0x00067450, Prozess-ID 0xa6c, Anwendungsstartzeit PSIA.exe0. System errors: ============= Error: (10/31/2013 08:13:52 PM) (Source: DCOM) (User: ) Description: {8BC3F05E-D86B-11D0-A075-00C04FB68820} Error: (10/31/2013 08:11:21 PM) (Source: DCOM) (User: ) Description: {8BC3F05E-D86B-11D0-A075-00C04FB68820} Error: (10/31/2013 07:40:39 PM) (Source: DCOM) (User: ) Description: {8BC3F05E-D86B-11D0-A075-00C04FB68820} Error: (10/31/2013 07:37:29 PM) (Source: DCOM) (User: ) Description: {8BC3F05E-D86B-11D0-A075-00C04FB68820} Error: (10/31/2013 07:20:23 PM) (Source: DCOM) (User: ) Description: {8BC3F05E-D86B-11D0-A075-00C04FB68820} Error: (10/31/2013 07:12:36 PM) (Source: DCOM) (User: ) Description: {8BC3F05E-D86B-11D0-A075-00C04FB68820} Error: (10/31/2013 04:41:35 PM) (Source: DCOM) (User: ) Description: {8BC3F05E-D86B-11D0-A075-00C04FB68820} Error: (10/31/2013 04:40:26 PM) (Source: DCOM) (User: ) Description: {8BC3F05E-D86B-11D0-A075-00C04FB68820} Error: (10/30/2013 10:35:48 AM) (Source: DCOM) (User: ) Description: {8BC3F05E-D86B-11D0-A075-00C04FB68820} Error: (10/30/2013 10:34:48 AM) (Source: DCOM) (User: ) Description: {8BC3F05E-D86B-11D0-A075-00C04FB68820} Microsoft Office Sessions: ========================= Error: (10/31/2013 09:17:00 PM) (Source: Windows Search Service)(User: ) Description: Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) C:\USERS\FAMILIE\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\PTZ896ZB.DEFAULT\CACHE\3\8C Error: (10/31/2013 09:16:40 PM) (Source: Windows Search Service)(User: ) Description: Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) C:\USERS\FAMILIE\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\PTZ896ZB.DEFAULT\CACHE\5\57 Error: (10/31/2013 09:16:33 PM) (Source: Windows Search Service)(User: ) Description: Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) C:\USERS\FAMILIE\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\PTZ896ZB.DEFAULT\CACHE\D\DE Error: (10/31/2013 09:16:33 PM) (Source: Windows Search Service)(User: ) Description: Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) C:\USERS\FAMILIE\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\PTZ896ZB.DEFAULT\CACHE\D\DE Error: (10/31/2013 09:04:53 PM) (Source: Windows Search Service)(User: ) Description: Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) C:\USERS\FAMILIE\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\PTZ896ZB.DEFAULT\CACHE\7\5F Error: (10/31/2013 09:04:53 PM) (Source: Windows Search Service)(User: ) Description: Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) C:\USERS\FAMILIE\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\PTZ896ZB.DEFAULT\CACHE\7\5F Error: (10/31/2013 09:01:12 PM) (Source: Windows Search Service)(User: ) Description: Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) C:\USERS\FAMILIE\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\PTZ896ZB.DEFAULT\CACHE\9\F8 Error: (10/31/2013 09:01:11 PM) (Source: Windows Search Service)(User: ) Description: Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) C:\USERS\FAMILIE\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\PTZ896ZB.DEFAULT\CACHE\9\F8 Error: (10/31/2013 08:41:25 PM) (Source: Windows Search Service)(User: ) Description: Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) C:\USERS\FAMILIE\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\PTZ896ZB.DEFAULT\CACHE\A\5F Error: (10/31/2013 08:16:50 PM) (Source: Application Error)(User: ) Description: PSIA.exe3.0.0.8013525b8f0cntdll.dll6.0.6002.1888151da3e27c000000500067450a6c01ced66cd6b01b7c CodeIntegrity Errors: =================================== Date: 2013-06-11 15:04:00.817 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-06-11 15:04:00.602 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-06-11 15:04:00.385 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-06-11 15:04:00.170 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-06-11 15:03:59.952 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-06-11 15:03:59.735 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-06-11 15:03:59.412 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-06-11 15:03:59.197 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-06-11 15:03:58.979 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-06-11 15:03:58.765 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Memory info =========================== Percentage of memory in use: 48% Total physical RAM: 3070.57 MB Available physical RAM: 1567.07 MB Total Pagefile: 6374.15 MB Available Pagefile: 4851.79 MB Total Virtual: 2047.88 MB Available Virtual: 1887.05 MB ==================== Drives ================================ Drive c: (HP) (Fixed) (Total:458.33 GB) (Free:279.57 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (FACTORY_IMAGE) (Fixed) (Total:7.43 GB) (Free:0.96 GB) NTFS ==>[System with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 466 GB) (Disk ID: 33DF4293) Partition 1: (Active) - (Size=458 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=7 GB) - (Type=07 NTFS) ==================== End Of Log ============================ Im Netzwerk- und Freigabecenter erhalte ich beim Einschalten von Freigaben usw. (z.Zt. alles auf "Aus" - warum?): Code:
ATTFilter Der angegebene Dienst ist kein installierter Dienst.
Gruß Ch. Hanisch Geändert von Hanisch (01.11.2013 um 10:55 Uhr) |
| Themen zu Programme lassen sich nicht mehr über Systemsteuerung löschen |
| adblock, antivir, antivirus, avg, avira, bonjour, converter, defender, farbar, farbar recovery scan tool, fehler, flash player, ftp, google, home, homepage, installation, mozilla, netzwerk, ntdll.dll, plug-in, problem, refresh, registry, rundll, safer networking, scan, secunia psi, security, services.exe, svchost.exe, symantec, vista, warum |
Baum-Darstellung