| |
| |||||||
Log-Analyse und Auswertung: Firefox meldet sich mind. 2 mal täglich selbst abWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
03.12.2013, 14:34
| #1 |
 |  Firefox meldet sich mind. 2 mal täglich selbst ab Liebe Experten, täglich arbeite ich u.a. mit Firefox an meinem Lapptop - nun meldet er sich seit Tagen mind. 2 täglich ab. Die Verbindung zum Server ist dann unterbrochen und ein PC-Neustart ist erforderlich. Wie erreiche ich, dass ich ohne tägliche Unterbrechungen arbeiten kann? Vielen Dank schon jetzt für die nützlichen Antwort(en) - bin gespannt! Grüßle aus BW |
|
03.12.2013, 14:37
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Firefox meldet sich mind. 2 mal täglich selbst ab Hallo und
__________________  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
03.12.2013, 18:55
| #3 | |
| | Firefox meldet sich mind. 2 mal täglich selbst abZitat:
A: FRST FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-12-2013
Ran by **** (administrator) on HOME on 03-12-2013 14:15:12
Running from C:\Users\****\Desktop
Microsoft® Windows Vista™ Home Premium (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
(CANON INC.) C:\Windows\System32\CNAB4RPK.EXE
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Symantec Corporation) C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
() C:\Windows\System32\PSIService.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
() C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\ccApp.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
(Interactive Digital Media) C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe
(TOSHIBA) C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
(Chicony) C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Babylon Ltd.) C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe
() C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(TOSHIBA) C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
() C:\Program Files\Vidalia Bridge Bundle\Vidalia\vidalia.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieRpcSs.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynToshiba.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Windows Mail\WinMail.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Symantec Corporation) C:\Program Files\Symantec\LiveUpdate\AUPDATE.EXE
(Symantec Corporation) C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1006264 2007-07-12] (Microsoft Corporation)
HKLM\...\Run: [IgfxTray] - C:\Windows\system32\igfxtray.exe
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] - C:\Windows\system32\igfxpers.exe
HKLM\...\Run: [KeNotify] - C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [34352 2006-11-06] ()
HKLM\...\Run: [SVPWUTIL] - C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [438272 2006-03-22] (TOSHIBA)
HKLM\...\Run: [ccApp] - C:\Program Files\Common Files\Symantec Shared\ccApp.exe [115816 2007-01-09] (Symantec Corporation)
HKLM\...\Run: [HWSetup] - \HWSetup.exe hwSetUP
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4702208 2007-09-03] (Realtek Semiconductor)
HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe [411192 2007-03-29] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] - C:\Program Files\TOSHIBA\TBS\HSON.exe [55416 2006-12-07] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] - C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe [509496 2007-04-03] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [538744 2007-05-22] (TOSHIBA Corporation)
HKLM\...\Run: [NDSTray.exe] - NDSTray.exe
HKLM\...\Run: [Desktop SMS] - C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe [1507328 2007-06-18] (Interactive Digital Media)
HKLM\...\Run: [topi] - C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe [581632 2007-07-10] (TOSHIBA)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [90112 2006-11-10] ()
HKLM\...\Run: [Camera Assistant Software] - C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [413696 2007-04-10] (Chicony)
HKLM\...\Run: [SynTPStart] - C:\Program Files\Synaptics\SynTP\SynTPStart.exe [204800 2007-07-27] (Synaptics, Inc.)
HKLM\...\Run: [Toshiba Registration] - C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe [571024 2007-02-19] (Toshiba)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [174872 2007-02-12] (Intel Corporation)
HKLM\...\Run: [Symantec PIF AlertEng] - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [583048 2008-01-29] (Symantec Corporation)
HKLM\...\Run: [BabylonToolbar] - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe [286720 2010-11-07] (Babylon Ltd.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [PDFPrint] - C:\Program Files\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)
HKLM\...\Run: [SDTray] - C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe
Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
Winlogon\Notify\igfxcui: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
Winlogon\Notify\SDWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
HKLM\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKCU\...\Run: [TOSCDSPD] - TOSCDSPD.EXE
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehtray.exe [125440 2006-11-02] (Microsoft Corporation)
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-05-19] (Google Inc.)
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [rasGLSched] - rundll32.exe "C:\Users\****\AppData\Local\BluetoothMobileTray\rasGLSched.dll",WinUserSnap AcroWI32 <===== ATTENTION
HKCU\...\Run: [mscjm] - c:\users\****\appdata\roaming\80529\mscjm.exe
HKCU\...\Run: [malacuxatx.exe] - C:\malacuxatx.exe\malacuxatx.exe
HKCU\...\Run: [FileHippo.com] - C:\Program Files\FileHippo.com\UpdateChecker.exe [306688 2012-03-26] (FileHippo.com)
HKCU\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE [5717272 2013-11-07] (SUPERAntiSpyware)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20549280 2013-10-21] (Skype Technologies S.A.)
HKCU\...\Run: [SandboxieControl] - C:\Program Files\Sandboxie\SbieCtrl.exe [543432 2013-10-16] (Sandboxie Holdings, LLC)
HKCU\...\Run: [Vidalia] - C:\Program Files\Vidalia Bridge Bundle\Vidalia\vidalia.exe [6239727 2012-12-02] ()
HKCU\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\system32\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe -update activex [829832 2013-10-19] (Adobe Systems Incorporated)
HKCU\...\Policies\Explorer: [NoSetActiveDesktop] 0
MountPoints2: {13ca67fe-321a-11e2-8163-8ab7f5466902} - E:\Menu.exe
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default\...\Run: [TOSCDSPD] - C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [ 2006-11-13] (TOSHIBA)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [TOSCDSPD] - C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [ 2006-11-13] (TOSHIBA)
HKU\**** Neu\...\Run: [TOSCDSPD] - C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [ 2006-11-13] (TOSHIBA)
HKU\**** Neu\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [ 2008-05-19] (Google Inc.)
HKU\**** Neu\...\Run: [SandboxieControl] - C:\Program Files\Sandboxie\SbieCtrl.exe [ 2013-10-16] (Sandboxie Holdings, LLC)
Startup: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\**** Neu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.web.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de
SearchScopes: HKLM - DefaultScope {B3468730-4A98-4CC7-BBAD-86FFCFBECDC7} URL = hxxp://www.google.de/search?q={searchTerms}&rls=com.microsoft:*:IE-SearchBox&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7;
SearchScopes: HKLM - {B3468730-4A98-4CC7-BBAD-86FFCFBECDC7} URL = hxxp://www.google.de/search?q={searchTerms}&rls=com.microsoft:*:IE-SearchBox&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7;
SearchScopes: HKCU - {1F096B29-E9DA-4D64-8D63-936BE7762CC5} URL = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=565b1f73000000000000001de0a76003&tlver=1.4.19.19&affID=17162
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: No Name - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBHO.dll (Symantec Corporation)
BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
Toolbar: HKLM - Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-19] (SuperAdBlocker.com)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ticovwtm.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF Homepage: hxxp://go.web.de/tb/mff_startpage
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ticovwtm.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ticovwtm.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ticovwtm.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ticovwtm.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ticovwtm.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: toolbar - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ticovwtm.default\Extensions\toolbar@web.de.xpi
FF Extension: Mozilla Firefox distributed by RealNetworks - C:\Program Files\Mozilla Firefox\extensions\realplayer@partners.mozilla.com
FF Extension: Google Toolbar for Firefox - C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR DefaultSearchURL: (Google) - {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR Extension: (Babylon Chrome OCR) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.0_0
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0
CHR HKLM\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbar.crx
========================== Services (Whitelisted) =================
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2012-09-28] (SUPERAntiSpyware.com)
R2 Automatisches LiveUpdate - Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [554352 2007-09-26] (Symantec Corporation)
R2 ccEvtMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108648 2007-01-09] (Symantec Corporation)
R2 ccSetMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108648 2007-01-09] (Symantec Corporation)
R2 CLTNetCnService; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108648 2007-01-09] (Symantec Corporation)
S3 comHost; C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe [49248 2007-01-12] (Symantec Corporation)
S3 FirebirdServerMAGIXInstance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®)
S3 ISPwdSvc; C:\Program Files\Norton Internet Security\isPwdSvc.exe [80504 2007-01-14] (Symantec Corporation)
S3 LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE [2999664 2007-09-26] (Symantec Corporation)
R2 LiveUpdate Notice Ex; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108648 2007-01-09] (Symantec Corporation)
S2 LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll [537992 2008-04-10] (Symantec Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [235216 2013-09-06] (McAfee, Inc.)
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [174656 2006-11-02] ()
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [130248 2013-10-16] (Sandboxie Holdings, LLC)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S3 Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [1251720 2011-01-13] ()
R2 SymAppCore; C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe [47712 2007-01-05] (Symantec Corporation)
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.)
S2 TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [x]
==================== Drivers (Whitelisted) ====================
S4 CplIR; C:\Windows\system32\DRIVERS\CplIR.SYS [14848 2007-03-06] (COMPAL ELECTRONIC INC.)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [374392 2011-11-10] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [106104 2011-11-10] (Symantec Corporation)
R1 IDSvix86; C:\ProgramData\Symantec\Definitions\SymcData\idsdefs\20120112.001\IDSvix86.sys [287792 2011-01-08] (Symantec Corporation)
R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [19456 2006-07-28] (COMPAL ELECTRONIC INC.)
R3 NAVENG; C:\ProgramData\Symantec\Definitions\VirusDefs\20120114.019\NAVENG.SYS [86136 2011-08-18] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Symantec\Definitions\VirusDefs\20120114.019\NAVEX15.SYS [1576312 2011-08-18] (Symantec Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [159840 2013-10-16] (Sandboxie Holdings, LLC)
R1 SPBBCDrv; C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [418104 2007-04-14] (Symantec Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [279088 2007-11-30] (Symantec Corporation)
S3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [317616 2007-11-30] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [43696 2007-11-30] (Symantec Corporation)
R3 SYMDNS; C:\Windows\System32\Drivers\SYMDNS.SYS [12720 2009-08-03] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [124464 2011-01-13] (Symantec Corporation)
R3 SYMFW; C:\Windows\System32\Drivers\SYMFW.SYS [145968 2009-08-03] (Symantec Corporation)
R3 SYMIDS; C:\Windows\System32\Drivers\SYMIDS.SYS [39856 2009-08-03] (Symantec Corporation)
R3 SYMNDISV; C:\Windows\System32\Drivers\SYMNDISV.SYS [38448 2009-08-03] (Symantec Corporation)
R3 SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [26416 2009-08-03] (Symantec Corporation)
R1 SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [188080 2009-08-03] (Symantec Corporation)
R3 UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [11776 2007-04-16] (Chicony Electronics Co., Ltd.)
S2 adfs; No ImagePath
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 igfx; system32\DRIVERS\igdkmd32.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 Tosrfcom; No ImagePath
S3 TpChoice; system32\DRIVERS\TpChoice.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-03 14:14 - 2013-12-03 14:14 - 01092389 _____ (Farbar) C:\Users\****\Desktop\FRST.exe
2013-12-02 14:59 - 2013-12-02 15:06 - 00053443 _____ C:\Users\****\Desktop\Addition.txt
2013-12-02 14:58 - 2013-12-03 14:15 - 00023904 _____ C:\Users\****\Desktop\FRST.txt
2013-12-02 14:58 - 2013-12-02 14:58 - 00000000 ____D C:\FRST
2013-11-20 18:44 - 2013-11-20 18:45 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-10 08:16 - 2013-11-10 08:16 - 00007963 _____ C:\Users\****\.recently-used.xbel
==================== One Month Modified Files and Folders =======
2013-12-03 14:15 - 2013-12-02 14:58 - 00023904 _____ C:\Users\****\Desktop\FRST.txt
2013-12-03 14:14 - 2013-12-03 14:14 - 01092389 _____ (Farbar) C:\Users\****\Desktop\FRST.exe
2013-12-03 14:14 - 2011-01-18 21:06 - 00006338 _____ C:\Windows\Sandboxie.ini
2013-12-03 14:13 - 2011-01-17 22:21 - 00000424 ____H C:\Windows\Tasks\User_Feed_Synchronization-{CFE8EA9A-798A-4E1F-AC22-E44A53E7D28F}.job
2013-12-03 14:13 - 2006-11-02 11:33 - 01461736 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-03 14:10 - 2008-05-18 12:24 - 00000000 ____D C:\Users\****\AppData\Roaming\Skype
2013-12-03 14:08 - 2013-11-02 13:35 - 00000000 ____D C:\Users\****\AppData\Local\Vidalia
2013-12-03 14:06 - 2013-10-30 13:18 - 00000644 _____ C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2013-12-03 14:06 - 2012-01-26 11:56 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2013-12-03 14:06 - 2012-01-26 11:40 - 00000429 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-12-03 14:06 - 2010-01-04 19:27 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-03 14:06 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-03 14:06 - 2006-11-02 13:47 - 00003456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-03 14:06 - 2006-11-02 13:47 - 00003456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-03 14:04 - 2008-05-17 15:48 - 01268145 _____ C:\Windows\WindowsUpdate.log
2013-12-03 14:04 - 2006-11-02 14:01 - 00032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-03 13:44 - 2010-01-04 19:27 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-03 13:28 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\tracing
2013-12-03 12:22 - 2013-01-04 10:17 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-03 11:52 - 2009-03-27 20:09 - 00001052 _____ C:\Windows\Tasks\Google Software Updater.job
2013-12-03 11:39 - 2013-06-03 18:21 - 00047828 _____ C:\Users\****\Desktop\Stand der Bewerbungen_Mai2013.xlsx
2013-12-03 11:19 - 2013-10-04 07:59 - 00000000 ____D C:\Users\****\Documents\Documents\OneNote-Notizbücher
2013-12-03 09:49 - 2013-08-04 17:51 - 00000000 ____D C:\Users\****\Desktop\Dokumentation
2013-12-02 15:40 - 2013-01-20 17:19 - 00062976 _____ C:\Users\****\Desktop\Planung_2013_02.xls
2013-12-02 15:06 - 2013-12-02 14:59 - 00053443 _____ C:\Users\****\Desktop\Addition.txt
2013-12-02 14:58 - 2013-12-02 14:58 - 00000000 ____D C:\FRST
2013-12-02 14:28 - 2008-05-19 09:05 - 00000416 ____H C:\Windows\Tasks\User_Feed_Synchronization-{9B5BE33B-1C19-4CBB-B4B1-59549B38285C}.job
2013-11-21 08:40 - 2013-02-02 22:33 - 00000000 ___RD C:\Program Files\Skype
2013-11-21 08:40 - 2008-05-18 12:23 - 00000000 ____D C:\ProgramData\Skype
2013-11-21 08:36 - 2012-10-23 09:38 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-20 18:45 - 2013-11-20 18:44 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-20 00:38 - 2013-10-30 13:18 - 00000616 _____ C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2013-11-20 00:38 - 2013-10-30 13:18 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-11-17 15:13 - 2013-07-18 09:19 - 00000000 ____D C:\Users\****\Desktop\AN RA
2013-11-14 18:58 - 2008-05-17 17:56 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-14 18:57 - 2013-08-14 18:06 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 18:55 - 2006-11-02 11:24 - 80340640 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-11-13 20:53 - 2013-02-08 19:52 - 00001924 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-11-13 20:53 - 2010-12-26 20:32 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-11-13 16:02 - 2013-09-18 12:58 - 00000000 ____D C:\Users\****\Desktop\Vortrag consinion
2013-11-11 20:03 - 2008-05-17 18:23 - 00000580 _____ C:\Windows\Tasks\Norton Internet Security - Systemprüfung ausführen - ****.job
2013-11-11 05:50 - 2010-12-17 06:42 - 00230048 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-10 08:34 - 2013-01-07 11:46 - 00000000 ____D C:\Users\****\.gimp-2.6
2013-11-10 08:16 - 2013-11-10 08:16 - 00007963 _____ C:\Users\****\.recently-used.xbel
2013-11-10 08:16 - 2013-01-07 11:48 - 00000000 ____D C:\Users\****\AppData\Roaming\gtk-2.0
2013-11-10 08:16 - 2008-05-17 17:07 - 00000000 ____D C:\Users\****
2013-11-08 08:07 - 2011-01-17 19:48 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
Some content of TEMP:
====================
C:\Users\****\AppData\Local\Temp\SandboxieInstall.exe
C:\Users\****\AppData\Local\Temp\symlcsv1.exe
C:\Users\**** Neu\AppData\Local\Temp\contentDATs.exe
C:\Users\**** Neu\AppData\Local\Temp\firefoxjre_exe.exe
C:\Users\**** Neu\AppData\Local\Temp\ICReinstall_beleuchtungstechnik_bosch_pdf-b9932_downloader.exe
C:\Users\**** Neu\AppData\Local\Temp\SkypeSetup.exe
C:\Users\**** Neu\AppData\Local\Temp\symlcsv1.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-03 14:13
==================== End Of Log ============================
--- --- --- B: ADDITION Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 01-12-2013
Ran by **** at 2013-12-02 14:59:33
Running from C:\Users\****\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
==================== Installed Programs ======================
Update for Microsoft Office 2007 (KB2508958)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Adobe Media Player (Version: 0.0.0)
Adobe Media Player (Version: 1.1)
Adobe Reader X (10.1.7) - Deutsch (Version: 10.1.7)
Alice-Installationsdateien entfernen
Amazon MP3-Downloader 1.0.9
AppCore (Version: 1)
Apple Software Update (Version: 1.0.0.7)
ATI Catalyst Install Manager (Version: 3.0.642.0)
AV (Version: 1)
Babylon toolbar
Bluetooth Stack for Windows by Toshiba (Version: v5.10.06(T))
Camera Assistant Software for Toshiba (Version: 1.7.140.0517)
Canon LBP2900
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2007.0920.2342.40548)
Catalyst Control Center Graphics Full Existing (Version: 2007.0920.2342.40548)
Catalyst Control Center Graphics Full New (Version: 2007.0920.2342.40548)
Catalyst Control Center Graphics Light (Version: 2007.0920.2342.40548)
Catalyst Control Center Graphics Previews Common (Version: 2007.0920.2342.40548)
Catalyst Control Center Graphics Previews Vista (Version: 2007.0920.2342.40548)
Catalyst Control Center Localization Chinese Standard (Version: 2007.0920.2342.40548)
Catalyst Control Center Localization Chinese Traditional (Version: 2007.0920.2342.40548)
Catalyst Control Center Localization Czech (Version: 2007.0920.2342.40548)
Catalyst Control Center Localization Danish (Version: 2007.0920.2342.40548)
Catalyst Control Center Localization Dutch (Version: 2007.0920.2342.40548)
Catalyst Control Center Localization Finnish (Version: 2007.0920.2342.40548)
Catalyst Control Center Localization French (Version: 2007.0920.2342.40548)
Catalyst Control Center Localization German (Version: 2007.0920.2342.40548)
Catalyst Control Center Localization Greek (Version: 2007.0920.2342.40548)
Catalyst Control Center Localization Hungarian (Version: 2007.0920.2342.40548)
Catalyst Control Center Localization Italian (Version: 2007.0920.2342.40548)
Catalyst Control Center Localization Japanese (Version: 2007.0920.2342.40548)
Catalyst Control Center Localization Korean (Version: 2007.0920.2342.40548)
Catalyst Control Center Localization Norwegian (Version: 2007.0920.2342.40548)
Catalyst Control Center Localization Polish (Version: 2007.0920.2342.40548)
Catalyst Control Center Localization Portuguese (Version: 2007.0920.2342.40548)
Catalyst Control Center Localization Russian (Version: 2007.0920.2342.40548)
Catalyst Control Center Localization Spanish (Version: 2007.0920.2342.40548)
Catalyst Control Center Localization Swedish (Version: 2007.0920.2342.40548)
Catalyst Control Center Localization Thai (Version: 2007.0920.2342.40548)
Catalyst Control Center Localization Turkish (Version: 2007.0920.2342.40548)
CCC Help Chinese Standard (Version: 2007.0920.2341.40548)
CCC Help Chinese Traditional (Version: 2007.0920.2341.40548)
CCC Help Czech (Version: 2007.0920.2341.40548)
CCC Help Danish (Version: 2007.0920.2341.40548)
CCC Help Dutch (Version: 2007.0920.2341.40548)
CCC Help English (Version: 2007.0920.2341.40548)
CCC Help Finnish (Version: 2007.0920.2341.40548)
CCC Help French (Version: 2007.0920.2341.40548)
CCC Help German (Version: 2007.0920.2341.40548)
CCC Help Greek (Version: 2007.0920.2341.40548)
CCC Help Hungarian (Version: 2007.0920.2341.40548)
CCC Help Italian (Version: 2007.0920.2341.40548)
CCC Help Japanese (Version: 2007.0920.2341.40548)
CCC Help Korean (Version: 2007.0920.2341.40548)
CCC Help Norwegian (Version: 2007.0920.2341.40548)
CCC Help Polish (Version: 2007.0920.2341.40548)
CCC Help Portuguese (Version: 2007.0920.2341.40548)
CCC Help Russian (Version: 2007.0920.2341.40548)
CCC Help Spanish (Version: 2007.0920.2341.40548)
CCC Help Swedish (Version: 2007.0920.2341.40548)
CCC Help Thai (Version: 2007.0920.2341.40548)
CCC Help Turkish (Version: 2007.0920.2341.40548)
ccc-core-static (Version: 2007.0920.2342.40548)
ccCommon (Version: 106.2.0.21)
ccc-utility (Version: 2007.0920.2342.40548)
CCleaner (Version: 4.03)
CD/DVD Drive Acoustic Silencer (Version: 2.00.02)
Desktop SMS (Version: 1.2.0)
DVD MovieFactory for TOSHIBA (Version: 5.3)
Emdedded IR Driver (Version: 0.0.0.6C)
FileHippo.com Update Checker
Firebird SQL Server - MAGIX Edition 2.0.0.1 (D) (Version: 2.0.0.1)
FoxTab PDF Converter
Free PDF to Word Doc Converter v1.1 (Version: 1.1)
GIMP 2.6.12 (Version: 2.6.12)
Google Toolbar for Firefox (Version: 3.0.20070525)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4601.54)
Google Update Helper (Version: 1.3.22.3)
Google Updater (Version: 2.4.2432.1652)
Intel Matrix Storage Manager
Java(TM) SE Runtime Environment 6 (Version: 1.6.0.0)
LiveUpdate 3.2 (Symantec Corporation) (Version: 3.2.0.68)
LiveUpdate Notice (Symantec Corporation) (Version: 1.4.5)
MAGIX Foto Suite 1.12.0.89 (D) (Version: 1.12.0.89)
MAGIX Online Druck Service 2.3.2.0 (D) (Version: 2.3.2.0)
McAfee Security Scan Plus (Version: 3.8.130.10)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft XML Parser (Version: 8.0.7820.0)
Microsoft XML Parser (Version: 8.20.8730.4)
Mozilla Firefox 25.0.1 (x86 de) (Version: 25.0.1)
Mozilla Maintenance Service (Version: 25.0.1)
mp3-2-wav converter 1.14
MSRedist (Version: 1.0.0.0)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
myphotobook 3.1 (Version: 3.1)
Norton AntiVirus (Version: 14.2.0.29)
Norton Confidential Browser Component (Version: 1.5.0.29)
Norton Confidential Web Protection Component (Version: 1.5.0.29)
Norton Internet Security (Symantec Corporation) (Version: 10.2.0.30)
Norton Internet Security (Version: 10.1.0)
Norton Internet Security (Version: 10.2.0.30)
Norton Protection Center (Version: 2007.2.0.22)
PDF24 Creator 5.2.0
PDF-XChange Viewer (Version: 2.5.201.0)
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.5477)
Sandboxie 4.06 (32-bit) (Version: 4.06)
shortcircuit
Skins (Version: 2007.0920.2342.40548)
Skype™ 6.10 (Version: 6.10.104)
SPBBC 32bit (Version: 3.2.0.21)
Spybot - Search & Destroy (Version: 2.2.25)
SUPERAntiSpyware (Version: 5.0.1146)
Symantec Real Time Storage Protection Component (Version: 10.2.2.6)
SymNet (Version: 7.2.5.8)
Synaptics Pointing Device Driver (Version: 10.0.9.0)
Texas Instruments PCIxx21/x515/xx12 drivers. (Version: 2.00.0001)
TIPCI (Version: 2.00.0001)
TOSHIBA Assist (Version: 2.01.02)
TOSHIBA ConfigFree (Version: 7.00.32)
TOSHIBA Disc Creator (Version: 2.0.0.8)
TOSHIBA Extended Tiles for Windows Mobility Center (Version: 1.01.00)
TOSHIBA Flash Cards Support Utility (Version: 1.48.0.3C)
TOSHIBA Hardware Setup (Version: 1.48.0.11C)
Toshiba Online Product Information (Version: 1.00.0012)
TOSHIBA SD Memory Utilities (Version: 1.8.1.1)
TOSHIBA Software Modem (Version: 2.1.77 (SM2177ALD04))
TOSHIBA Supervisor Password (Version: 1.48.0.8C)
TOSHIBA Supervisorkennwort (Version: 1.48.0.8C)
TOSHIBA Value Added Package (Version: 1.0.28)
Try Corel Snapfire muvee autoProducer add on (Version: 1.00.0000)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
Utility Common Driver (Version: 0.0.1.1C)
VideoLAN VLC media player 0.8.6f (Version: 0.8.6f)
Windows Media Encoder 9-Reihe
Windows Media Encoder 9-Reihe (Version: 9.00.2980)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
==================== Restore Points =========================
01-11-2013 09:10:12 Windows Update
05-11-2013 09:03:00 Windows Update
08-11-2013 07:20:20 Windows Update
12-11-2013 10:57:32 Windows Update
14-11-2013 17:54:06 Windows Update
15-11-2013 10:31:08 Windows Update
19-11-2013 23:41:02 Windows Update
22-11-2013 11:09:17 Windows Update
26-11-2013 07:39:30 Windows Update
29-11-2013 20:17:06 Windows Update
02-12-2013 11:16:21 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {04500A21-43F6-4C50-A47E-ED2A9FA775F9} - System32\Tasks\{CC84EA0B-5C9F-4F75-B61F-63480E77FDC9} => Firefox.exe hxxp://ui.skype.com/ui/0/5.5.0.113.210/en/abandoninstall?page=tsPlugin&installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;alreadyoffered
Task: {1821E137-AF54-4120-A108-3516C3B01EFC} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-22] (Google)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {249007F6-8D9A-49E9-86B4-3348BED3D2C2} - System32\Tasks\{E88551D9-7878-401E-A081-DA2E4EDAC128} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116.259/de/abandoninstall?source=lightinstaller&page=tsMain
Task: {3174DE2D-894F-4E36-9697-8945E3822790} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-04] (Google Inc.)
Task: {35E99BE5-DE8E-4BD3-B58C-5023A942C2EF} - System32\Tasks\{D81DACD6-E4E2-4FB3-9E30-79932B0FBB6D} => C:\Program Files\Skype\Phone\Skype.exe [2013-10-21] (Skype Technologies S.A.)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {3C0AD0F7-F036-44D1-9E90-C7D2CBA2C0C0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-19] (Adobe Systems Incorporated)
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\System32\RacAgent.exe [2006-11-02] (Microsoft Corporation)
Task: {4AF716FD-B882-4F3E-9A68-C19E6FB76F03} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2599141903-779861207-2602139015-1002 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {4EC98873-B85A-44CF-B053-98C724979DE5} - System32\Tasks\Check for updates (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {60635F05-CF4E-4768-AA60-F389F0913E8A} - System32\Tasks\{1E226C2C-D863-4F10-B844-F6EA1D1F958F} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.5.0.124.259&LastError=12029
Task: {65A6BC48-DB5B-42D5-8614-063ADA64BC00} - System32\Tasks\Norton Internet Security - Systemprüfung ausführen - **** => C:\Program Files\Norton Internet Security\Norton AntiVirus\Navw32.exe [2007-01-14] (Symantec Corporation)
Task: {87D35AC9-8D94-4F2E-A1B2-604EE4623B36} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => C:\Program Files\Windows Defender\MpCmdRun.exe [2007-07-12] (Microsoft Corporation)
Task: {90962D59-9213-4AC6-A568-B83608DE088C} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2599141903-779861207-2602139015-1002 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {9A4DD97F-967E-4452-9E89-38983D2550EB} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2599141903-779861207-2602139015-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {9BDA627B-E498-4DDA-9A67-DAC9565900FE} - System32\Tasks\Scan the system (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: {9EB44560-63F6-4CA3-8294-048D3F7D340B} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {BA96ACA1-AA18-451D-BCA6-6639F2874B09} - System32\Tasks\{A32F7560-1F7B-4433-B9A7-310D8F74DAE8} => Firefox.exe hxxp://ui.skype.com/ui/0/5.3.0.120/de/abandoninstall?source=lightinstaller&page=tsMain&installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:offered-installed;madedefault
Task: {BE1B25FC-C355-40F9-833B-8618A57A1133} - System32\Tasks\Refresh immunization (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {C24D16BA-E80D-4C7C-9811-AD0E9240F844} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-04] (Google Inc.)
Task: {CFD78B1F-A764-4F26-BE39-A6492728146C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: {D036DF9B-5597-448A-911C-2B9ACBA42F06} - System32\Tasks\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2006-08-29] (Apple Computer, Inc.)
Task: {D1C13337-6D85-4572-A238-0E6D9A1E3A35} - System32\Tasks\{BF791142-A9DB-4300-ACDF-BA8A925A9EA5} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.5.59.124&LastError=12029
Task: {E005F6BB-0175-45E3-B04D-E6FCF14CF77A} - System32\Tasks\{14942EE6-C304-41BB-8927-1661ECC40549} => Firefox.exe hxxp://ui.skype.com/ui/0/5.9.0.123/en/abandoninstall?page=tsProgressBar
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\System32\gatherWirelessInfo.vbs [2006-11-02] ()
Task: {F1D2F92D-1B56-4980-BA77-D652CB641B27} - System32\Tasks\{8AD533A0-9036-4C17-9183-808428249D5D} => Firefox.exe hxxp://ui.skype.com/ui/0/5.3.0.120/de/abandoninstall?source=lightinstaller&page=tsMain&installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;alreadyoffered
Task: {F7257B6D-E5A5-4818-9E44-5A2F66CFB256} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2599141903-779861207-2602139015-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Norton Internet Security - Systemprüfung ausführen - ****.job => C:\Program Files\Norton Internet Security\Norton AntiVirus\Navw32.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{9B5BE33B-1C19-4CBB-B4B1-59549B38285C}.job => C:\Windows\system32\msfeedssync.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{CFE8EA9A-798A-4E1F-AC22-E44A53E7D28F}.job => C:\Windows\system32\msfeedssync.exe
==================== Loaded Modules (whitelisted) =============
2007-10-15 19:54 - 2007-09-20 17:43 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll
2007-01-18 08:30 - 2007-01-18 08:30 - 00094208 _____ () C:\Program Files\IDM\Desktop SMS\oehook.dll
2007-01-17 17:08 - 2007-01-17 17:08 - 00009336 _____ () C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVShExt.loc
2013-10-30 13:18 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-10-30 13:18 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2007-05-31 15:38 - 2007-05-31 15:38 - 00958464 _____ () C:\Program Files\TOSHIBA\FlashCards\de\TCrdMain.resources.dll
2006-11-09 17:27 - 2006-11-09 17:27 - 00090112 _____ () C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll
2007-07-12 09:40 - 2006-10-10 10:44 - 00009728 _____ () C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll
2006-11-08 18:08 - 2006-11-08 18:08 - 00009216 _____ () C:\Program Files\Toshiba\PCDiag\NotifyPCD.dll
2006-10-07 11:57 - 2006-10-07 11:57 - 00053248 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
2006-12-01 17:55 - 2006-12-01 17:55 - 00009216 _____ () C:\Program Files\Toshiba\TBS\NotifyTBS.dll
2009-06-23 03:42 - 2009-06-23 03:42 - 00043008 _____ () C:\Program Files\Vidalia Bridge Bundle\Vidalia\libgcc_s_dw2-1.dll
2011-08-23 23:59 - 2011-08-23 23:59 - 00047972 _____ () C:\Program Files\Vidalia Bridge Bundle\Vidalia\mingwm10.dll
2007-05-31 09:12 - 2007-05-31 09:12 - 00016384 ____R () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-11-20 18:44 - 2013-11-20 18:44 - 03363952 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:A8ADE5D8
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: isatap.{FADD7046-2015-4C36-A9A9-9FBAE4F07D06}
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: isatap.{FADD7046-2015-4C36-A9A9-9FBAE4F07D06}
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: isatap.{FADD7046-2015-4C36-A9A9-9FBAE4F07D06}
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: isatap.{FADD7046-2015-4C36-A9A9-9FBAE4F07D06}
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: isatap.{FADD7046-2015-4C36-A9A9-9FBAE4F07D06}
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: =========================
Application errors:
==================
Error: (12/02/2013 10:19:23 AM) (Source: WerSvc) (User: )
Description: Die Zieldatei für die Windows-Feedbackplattform (eine DLL-Datei, die eine Liste der auf diesem Computer aufgetretenen Probleme enthält, für deren Diagnose das Sammeln zusätzlicher Daten erforderlich ist) konnte nicht analysiert werden. Fehlercode 8014FFF9.
Error: (11/29/2013 09:06:06 PM) (Source: WerSvc) (User: )
Description: Die Zieldatei für die Windows-Feedbackplattform (eine DLL-Datei, die eine Liste der auf diesem Computer aufgetretenen Probleme enthält, für deren Diagnose das Sammeln zusätzlicher Daten erforderlich ist) konnte nicht analysiert werden. Fehlercode 8014FFF9.
Error: (11/26/2013 07:01:10 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung Explorer.EXE, Version 6.0.6000.16771, Zeitstempel 0x4907deda, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x01f70fef,
Prozess-ID 0x7c0, Anwendungsstartzeit Explorer.EXE0.
Error: (11/26/2013 01:30:21 PM) (Source: WerSvc) (User: )
Description: Die Zieldatei für die Windows-Feedbackplattform (eine DLL-Datei, die eine Liste der auf diesem Computer aufgetretenen Probleme enthält, für deren Diagnose das Sammeln zusätzlicher Daten erforderlich ist) konnte nicht analysiert werden. Fehlercode 8014FFF9.
Error: (11/25/2013 10:11:18 AM) (Source: WerSvc) (User: )
Description: Die Zieldatei für die Windows-Feedbackplattform (eine DLL-Datei, die eine Liste der auf diesem Computer aufgetretenen Probleme enthält, für deren Diagnose das Sammeln zusätzlicher Daten erforderlich ist) konnte nicht analysiert werden. Fehlercode 8014FFF9.
Error: (11/23/2013 11:41:30 AM) (Source: WerSvc) (User: )
Description: Die Zieldatei für die Windows-Feedbackplattform (eine DLL-Datei, die eine Liste der auf diesem Computer aufgetretenen Probleme enthält, für deren Diagnose das Sammeln zusätzlicher Daten erforderlich ist) konnte nicht analysiert werden. Fehlercode 8014FFF9.
Error: (11/22/2013 11:37:16 AM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung Explorer.EXE, Version 6.0.6000.16771, Zeitstempel 0x4907deda, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x01c50fef,
Prozess-ID 0x534, Anwendungsstartzeit Explorer.EXE0.
Error: (11/22/2013 08:30:09 AM) (Source: WerSvc) (User: )
Description: Die Zieldatei für die Windows-Feedbackplattform (eine DLL-Datei, die eine Liste der auf diesem Computer aufgetretenen Probleme enthält, für deren Diagnose das Sammeln zusätzlicher Daten erforderlich ist) konnte nicht analysiert werden. Fehlercode 8014FFF9.
Error: (11/21/2013 08:11:57 PM) (Source: WerSvc) (User: )
Description: Die Zieldatei für die Windows-Feedbackplattform (eine DLL-Datei, die eine Liste der auf diesem Computer aufgetretenen Probleme enthält, für deren Diagnose das Sammeln zusätzlicher Daten erforderlich ist) konnte nicht analysiert werden. Fehlercode 8014FFF9.
Error: (11/21/2013 08:43:42 AM) (Source: WerSvc) (User: )
Description: Die Zieldatei für die Windows-Feedbackplattform (eine DLL-Datei, die eine Liste der auf diesem Computer aufgetretenen Probleme enthält, für deren Diagnose das Sammeln zusätzlicher Daten erforderlich ist) konnte nicht analysiert werden. Fehlercode 8014FFF9.
System errors:
=============
Error: (12/02/2013 02:23:10 PM) (Source: ipnathlp) (User: )
Description: Die DHCP-Zuweisung wurde für IP-Adresse 192.168.1.3 deaktiviert, da die IP-Adresse außerhalb des Bereichs 192.168.0.0/255.255.255.0 liegt, von der die Adressen DHCP-Clients zu gewiesen werden. Ändern Sie den Bereich, sodass die IP-Adresse mit einbezogen wird, oder ändern Sie die IP-Adresse, sodass sie innerhalb dieses Bereichs liegt, um die DHCP-Zuweisung zu aktivieren.
Error: (12/02/2013 02:23:05 PM) (Source: ipnathlp) (User: )
Description: 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner Fehler ist im Speicher-Manager aufgetreten.
Error: (12/02/2013 01:21:22 PM) (Source: ipnathlp) (User: )
Description: Die DHCP-Zuweisung wurde für IP-Adresse 192.168.1.3 deaktiviert, da die IP-Adresse außerhalb des Bereichs 192.168.0.0/255.255.255.0 liegt, von der die Adressen DHCP-Clients zu gewiesen werden. Ändern Sie den Bereich, sodass die IP-Adresse mit einbezogen wird, oder ändern Sie die IP-Adresse, sodass sie innerhalb dieses Bereichs liegt, um die DHCP-Zuweisung zu aktivieren.
Error: (12/02/2013 00:15:41 PM) (Source: ipnathlp) (User: )
Description: Die DHCP-Zuweisung wurde für IP-Adresse 192.168.1.3 deaktiviert, da die IP-Adresse außerhalb des Bereichs 192.168.0.0/255.255.255.0 liegt, von der die Adressen DHCP-Clients zu gewiesen werden. Ändern Sie den Bereich, sodass die IP-Adresse mit einbezogen wird, oder ändern Sie die IP-Adresse, sodass sie innerhalb dieses Bereichs liegt, um die DHCP-Zuweisung zu aktivieren.
Error: (12/02/2013 10:16:03 AM) (Source: DCOM) (User: )
Description: C:\Windows\system32\igfxext.exe -Embedding2{7160A13D-73DA-4CEA-95B9-37356478588A}
Error: (12/02/2013 10:13:11 AM) (Source: ipnathlp) (User: )
Description: Die DHCP-Zuweisung wurde für IP-Adresse 192.168.1.3 deaktiviert, da die IP-Adresse außerhalb des Bereichs 192.168.0.0/255.255.255.0 liegt, von der die Adressen DHCP-Clients zu gewiesen werden. Ändern Sie den Bereich, sodass die IP-Adresse mit einbezogen wird, oder ändern Sie die IP-Adresse, sodass sie innerhalb dieses Bereichs liegt, um die DHCP-Zuweisung zu aktivieren.
Error: (12/02/2013 10:13:11 AM) (Source: ipnathlp) (User: )
Description: ICS_IPV6 konnte den IPv6-Stapel nicht konfigurieren.
Error: (12/02/2013 10:13:03 AM) (Source: Service Control Manager) (User: )
Description: TOSHIBA Bluetooth Service%%2
Error: (12/02/2013 10:13:03 AM) (Source: Service Control Manager) (User: )
Description: adfs%%2
Error: (12/02/2013 10:13:03 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058
Microsoft Office Sessions:
=========================
Error: (07/18/2013 07:13:43 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3285 seconds with 1260 seconds of active time. This session ended with a crash.
Error: (04/15/2012 11:39:12 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5304 seconds with 4980 seconds of active time. This session ended with a crash.
Error: (02/27/2012 05:53:47 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 319 seconds with 180 seconds of active time. This session ended with a crash.
Error: (02/27/2012 00:06:35 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4575 seconds with 900 seconds of active time. This session ended with a crash.
Error: (10/16/2008 11:26:33 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 52 seconds with 0 seconds of active time. This session ended with a crash.
Error: (09/24/2008 08:04:24 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 67 seconds with 0 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2013-04-13 20:44:08.846
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\atiumdag.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-04-13 20:44:08.756
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\IDM\Desktop SMS\oehook.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-04-13 20:44:08.676
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\atiumdag.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-04-13 20:44:08.586
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\IDM\Desktop SMS\oehook.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-11-03 21:05:39.251
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\IDM\Desktop SMS\oehook.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-11-03 21:05:39.173
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\IDM\Desktop SMS\oehook.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-11-03 21:05:39.098
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\atiumdag.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-11-03 21:05:39.023
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\atiumdag.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-09-09 21:51:32.490
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\atiumdag.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-09-09 21:51:32.410
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\IDM\Desktop SMS\oehook.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 51%
Total physical RAM: 3069.63 MB
Available physical RAM: 1491.38 MB
Total Pagefile: 6341.44 MB
Available Pagefile: 4509.38 MB
Total Virtual: 2047.88 MB
Available Virtual: 1933.62 MB
==================== Drives ================================
Drive c: (Vista) (Fixed) (Total:74.52 GB) (Free:19.34 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:149.05 GB) (Free:145.36 GB) NTFS
Drive f: (Data) (Fixed) (Total:73.06 GB) (Free:72.94 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149 GB) (Disk ID: C48F4B19)
Partition 1: (Not Active) - (Size=1 GB) - (Type=27)
Partition 2: (Active) - (Size=75 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=73 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 149 GB) (Disk ID: 5D379805)
Partition 1: (Not Active) - (Size=149 GB) - (Type=OF Extended)
==================== End Of Log ============================
|
|
03.12.2013, 21:41
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox meldet sich mind. 2 mal täglich selbst ab Dann bitte jetzt Combofix ausführen: Scan mit Combofix
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
04.12.2013, 09:31
| #5 |
| | Firefox meldet sich mind. 2 mal täglich selbst ab OK, vielen Dank - Prozesse ausgeführt. Bin gespannt auf die Analyse! Hier die log-Datei: Code:
ATTFilter ComboFix 13-12-04.02 - **** 04.12.2013 9:03.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.49.1031.18.3070.994 [GMT 1:00]
ausgeführt von:: c:\users\****\Desktop\ComboFix.exe
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\malacuxatx.exe
c:\malacuxatx.exe\malacuxatx.exe
c:\malacuxatx.exe\mxfilerelatedcache.mxc2
c:\users\**** Neu\Documents\~WRL1423.tmp
c:\users\****\AppData\Local\Temp\ppcrlui_772_2
c:\users\****\AppData\Roaming\Microsoft\Windows\Recent\mxfilerelatedcache.mxc2
c:\users\****\Desktop\Favorites\mxfilerelatedcache.mxc2
c:\users\Public\Favorites\mxfilerelatedcache.mxc2
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-11-04 bis 2013-12-04 ))))))))))))))))))))))))))))))
.
.
2013-12-02 13:58 . 2013-12-02 13:58 -------- d-----w- C:\FRST
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-11 04:50 . 2010-12-17 05:42 230048 ------w- c:\windows\system32\MpSigStub.exe
2013-11-08 01:15 . 2013-12-03 12:48 7772552 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{90F0759F-E7AC-417B-A3F2-7F3E91AA1CD7}\mpengine.dll
2013-10-30 12:16 . 2013-10-30 12:16 40658208 ----a-w- c:\program files\spybot-2.2.25.exe
2013-10-30 11:59 . 2013-10-30 11:59 9636506 ----a-w- c:\program files\vidalia-bridge-bundle-0.2.3.25-0.2.21.exe
2013-10-19 09:22 . 2012-09-01 07:27 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-19 09:22 . 2012-09-01 07:27 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-09-20 09:49 . 2013-10-30 12:18 18968 ----a-w- c:\windows\system32\sdnclean.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-05-20 1232896]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-19 68856]
"FileHippo.com"="c:\program files\FileHippo.com\UpdateChecker.exe" [2012-03-26 306688]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2013-11-07 5717272]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-10-21 20549280]
"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2013-10-16 543432]
"Vidalia"="c:\program files\Vidalia Bridge Bundle\Vidalia\vidalia.exe" [2012-12-02 6239727]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HWSetup"="\HWSetup.exe hwSetUP" [X]
"KeNotify"="c:\program files\TOSHIBA\Utilities\KeNotify.exe" [2006-11-06 34352]
"SVPWUTIL"="c:\program files\TOSHIBA\Utilities\SVPWUTIL.exe" [2006-03-22 438272]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2007-01-09 115816]
"RtHDVCpl"="RtHDVCpl.exe" [2007-09-03 4702208]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2007-03-29 411192]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2006-12-07 55416]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2007-04-03 509496]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2007-05-22 538744]
"NDSTray.exe"="NDSTray.exe" [BU]
"Desktop SMS"="c:\program files\IDM\Desktop SMS\DesktopSMS.exe" [2007-06-18 1507328]
"topi"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-07-10 581632]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2007-04-10 413696]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-07-27 204800]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaRegistration.exe" [2007-02-19 571024]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-02-12 174872]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
"BabylonToolbar"="c:\program files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe" [2010-11-07 286720]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"PDFPrint"="c:\program files\PDF24\pdf24.exe" [2012-12-12 163000]
"SDTray"="c:\program files\Spybot - Search & Destroy 2\SDTray.exe" [2013-07-25 5624784]
.
c:\users\**** Neu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
c:\users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Canon LBP2900 Statusfenster.lnk - c:\windows\System32\spool\drivers\w32x86\3\CNAB4LAK.EXE [2008-5-19 50848]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.130\SSScheduler.exe [2013-9-6 273296]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2012-09-28 116608]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - COMHOST
.
Inhalt des "geplante Tasks" Ordners
.
2013-12-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-01 09:22]
.
2013-09-29 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2006-08-29 12:21]
.
2013-12-04 c:\windows\Tasks\Check for updates (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDUpdate.exe [2013-10-30 09:57]
.
2013-12-03 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-05-19 05:51]
.
2013-12-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-04 18:27]
.
2013-12-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-04 18:27]
.
2013-11-11 c:\windows\Tasks\Norton Internet Security - Systemprüfung ausführen - ****.job
- c:\program files\Norton Internet Security\Norton AntiVirus\Navw32.exe [2007-01-14 01:09]
.
2013-11-19 c:\windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDImmunize.exe [2013-10-30 09:49]
.
2013-10-30 c:\windows\Tasks\Scan the system (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDScan.exe [2013-10-30 09:51]
.
2013-12-03 c:\windows\Tasks\User_Feed_Synchronization-{9B5BE33B-1C19-4CBB-B4B1-59549B38285C}.job
- c:\windows\system32\msfeedssync.exe [2011-01-19 04:56]
.
2013-12-04 c:\windows\Tasks\User_Feed_Synchronization-{CFE8EA9A-798A-4E1F-AC22-E44A53E7D28F}.job
- c:\windows\system32\msfeedssync.exe [2011-01-19 04:56]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.web.de/
mWindow Title =
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ticovwtm.default\
FF - prefs.js: browser.startup.homepage - hxxp://go.web.de/tb/mff_startpage
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-TOSCDSPD - TOSCDSPD.EXE
HKCU-Run-AdobeBridge - (no file)
HKCU-Run-rasGLSched - c:\users\****\AppData\Local\BluetoothMobileTray\rasGLSched.dll
HKCU-Run-mscjm - c:\users\****\appdata\roaming\80529\mscjm.exe
HKCU-Run-malacuxatx.exe - c:\malacuxatx.exe\malacuxatx.exe
HKLM-Run-IgfxTray - c:\windows\system32\igfxtray.exe
HKLM-Run-HotKeysCmds - c:\windows\system32\hkcmd.exe
HKLM-Run-Persistence - c:\windows\system32\igfxpers.exe
Notify-SDWinLogon - SDWinLogon.dll
AddRemove-Amazon MP3-Downloader - c:\program files\Amazon\MP3 Downloader\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2013-12-04 09:16
Windows 6.0.6000 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(5968)
c:\program files\IDM\Desktop SMS\oehook.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Sandboxie\SbieSvc.exe
c:\program files\Common Files\Symantec Shared\ccSvcHst.exe
c:\program files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
c:\windows\system32\CNAB4RPK.EXE
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe
c:\program files\Common Files\Symantec Shared\ccSvcHst.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\windows\system32\PSIService.exe
c:\program files\Spybot - Search & Destroy 2\SDFSSvc.exe
c:\windows\system32\TODDSrv.exe
c:\program files\TOSHIBA\Power Saver\TosCoSrv.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files\Spybot - Search & Destroy 2\SDUpdSvc.exe
c:\program files\Spybot - Search & Destroy 2\SDWSCSvc.exe
c:\windows\system32\conime.exe
c:\windows\RtHDVCpl.exe
c:\program files\TOSHIBA\ConfigFree\NDSTray.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
c:\program files\Microsoft Office\Office12\ONENOTEM.EXE
c:\windows\ehome\ehmsas.exe
c:\program files\Synaptics\SynTP\SynTPEnh.exe
c:\program files\Synaptics\SynTP\SynToshiba.exe
c:\program files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\program files\TOSHIBA\ConfigFree\CFSwMgr.exe
c:\program files\Windows Mail\WinMail.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-12-04 09:23:29 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2013-12-04 08:23
.
Vor Suchlauf: 8 Verzeichnis(se), 22.429.437.952 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 23.562.969.088 Bytes frei
.
- - End Of File - - 5A233E14240D2C3714C8403FF170B375
5C616939100B85E558DA92B899A0FC36
|
|
04.12.2013, 10:04
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox meldet sich mind. 2 mal täglich selbst ab Adware/Junkware/Toolbars entfernen 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ --> Firefox meldet sich mind. 2 mal täglich selbst ab |
|
04.12.2013, 10:39
| #7 |
| | Firefox meldet sich mind. 2 mal täglich selbst ab OK - hier die gewünschten 3 log-files. Wie gehts weiter? 1. Code:
ATTFilter # AdwCleaner v3.014 - Bericht erstellt am 04/12/2013 um 10:15:15
# Updated 01/12/2013 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium (32 bits)
# Benutzername : **** - HOME
# Gestartet von : C:\Users\****\Downloads\adwcleaner(1).exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Program Files\BabylonToolbar
Ordner Gelöscht : C:\Users\****\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\****\AppData\LocalLow\BabylonToolbar
Ordner Gelöscht : C:\Users\**** Neu\AppData\LocalLow\BabylonToolbar
Ordner Gelöscht : C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Ordner Gelöscht : C:\Users\**** Neu\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Datei Gelöscht : C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ticovwtm.default\searchplugins\11-suche.xml
Datei Gelöscht : C:\Program Files\Mozilla Firefox\searchplugins\Babylon.xml
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1821E137-AF54-4120-A108-3516C3B01EFC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [BabylonToolbar]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{AD25754E-D76C-42B3-A335-2F81478B722F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{AD25754E-D76C-42B3-A335-2F81478B722F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
Schlüssel Gelöscht : HKCU\Software\BabylonToolbar
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\Software\BabylonToolbar
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar
***** [ Browser ] *****
-\\ Internet Explorer v8.0.6001.18882
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
-\\ Mozilla Firefox v25.0.1 (de)
[ Datei : C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ticovwtm.default\prefs.js ]
[ Datei : C:\Users\**** Neu\AppData\Roaming\Mozilla\Firefox\Profiles\u2g2mzsb.default\prefs.js ]
-\\ Google Chrome v
[ Datei : C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ Datei : C:\Users\**** Neu\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [6500 octets] - [04/12/2013 10:14:12]
AdwCleaner[S0].txt - [6332 octets] - [04/12/2013 10:15:15]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6392 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows Vista (TM) Home Premium x86
Ran by **** on 04.12.2013 at 10:29:15,03
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\ticovwtm.default\minidumps [116 files]
~~~ Chrome
Successfully deleted: [Folder] C:\Users\****\appdata\local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04.12.2013 at 10:33:55,85
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-12-2013
Ran by **** (administrator) on HOME on 04-12-2013 10:35:53
Running from C:\Users\****\Desktop
Microsoft® Windows Vista™ Home Premium (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
(CANON INC.) C:\Windows\System32\CNAB4RPK.EXE
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Symantec Corporation) C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
() C:\Windows\System32\PSIService.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
() C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\ccApp.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
(Interactive Digital Media) C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe
(TOSHIBA) C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
(Chicony) C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
() C:\Program Files\Vidalia Bridge Bundle\Vidalia\vidalia.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynToshiba.exe
() C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
(Microsoft Corporation) C:\Program Files\Windows Mail\WinMail.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [KeNotify] - C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [34352 2006-11-06] ()
HKLM\...\Run: [SVPWUTIL] - C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [438272 2006-03-22] (TOSHIBA)
HKLM\...\Run: [ccApp] - C:\Program Files\Common Files\Symantec Shared\ccApp.exe [115816 2007-01-09] (Symantec Corporation)
HKLM\...\Run: [HWSetup] - \HWSetup.exe hwSetUP
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4702208 2007-09-03] (Realtek Semiconductor)
HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe [411192 2007-03-29] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] - C:\Program Files\TOSHIBA\TBS\HSON.exe [55416 2006-12-07] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] - C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe [509496 2007-04-03] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [538744 2007-05-22] (TOSHIBA Corporation)
HKLM\...\Run: [NDSTray.exe] - NDSTray.exe
HKLM\...\Run: [Desktop SMS] - C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe [1507328 2007-06-18] (Interactive Digital Media)
HKLM\...\Run: [topi] - C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe [581632 2007-07-10] (TOSHIBA)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [90112 2006-11-10] ()
HKLM\...\Run: [Camera Assistant Software] - C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [413696 2007-04-10] (Chicony)
HKLM\...\Run: [SynTPStart] - C:\Program Files\Synaptics\SynTP\SynTPStart.exe [204800 2007-07-27] (Synaptics, Inc.)
HKLM\...\Run: [Toshiba Registration] - C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe [571024 2007-02-19] (Toshiba)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [174872 2007-02-12] (Intel Corporation)
HKLM\...\Run: [Symantec PIF AlertEng] - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [583048 2008-01-29] (Symantec Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [PDFPrint] - C:\Program Files\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)
HKLM\...\Run: [SDTray] - C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
Winlogon\Notify\igfxcui: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehtray.exe [125440 2006-11-02] (Microsoft Corporation)
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-05-19] (Google Inc.)
HKCU\...\Run: [FileHippo.com] - C:\Program Files\FileHippo.com\UpdateChecker.exe [306688 2012-03-26] (FileHippo.com)
HKCU\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE [5717272 2013-11-07] (SUPERAntiSpyware)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20549280 2013-10-21] (Skype Technologies S.A.)
HKCU\...\Run: [SandboxieControl] - C:\Program Files\Sandboxie\SbieCtrl.exe [543432 2013-10-16] (Sandboxie Holdings, LLC)
HKCU\...\Run: [Vidalia] - C:\Program Files\Vidalia Bridge Bundle\Vidalia\vidalia.exe [6239727 2012-12-02] ()
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default\...\Run: [TOSCDSPD] - C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [ 2006-11-13] (TOSHIBA)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [TOSCDSPD] - C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [ 2006-11-13] (TOSHIBA)
HKU\**** Neu\...\Run: [TOSCDSPD] - C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [ 2006-11-13] (TOSHIBA)
HKU\**** Neu\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [ 2008-05-19] (Google Inc.)
HKU\**** Neu\...\Run: [SandboxieControl] - C:\Program Files\Sandboxie\SbieCtrl.exe [ 2013-10-16] (Sandboxie Holdings, LLC)
Startup: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\**** Neu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.web.de/
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {B3468730-4A98-4CC7-BBAD-86FFCFBECDC7} URL = hxxp://www.google.de/search?q={searchTerms}&rls=com.microsoft:*:IE-SearchBox&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7;
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: No Name - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBHO.dll (Symantec Corporation)
BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
Toolbar: HKLM - Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-19] (SuperAdBlocker.com)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ticovwtm.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF Homepage: hxxp://go.web.de/tb/mff_startpage
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ticovwtm.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ticovwtm.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ticovwtm.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ticovwtm.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: toolbar - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ticovwtm.default\Extensions\toolbar@web.de.xpi
FF Extension: Mozilla Firefox distributed by RealNetworks - C:\Program Files\Mozilla Firefox\extensions\realplayer@partners.mozilla.com
FF Extension: Google Toolbar for Firefox - C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR DefaultSearchURL: (Google) - {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0
========================== Services (Whitelisted) =================
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2012-09-28] (SUPERAntiSpyware.com)
R2 Automatisches LiveUpdate - Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [554352 2007-09-26] (Symantec Corporation)
R2 ccEvtMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108648 2007-01-09] (Symantec Corporation)
R2 ccSetMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108648 2007-01-09] (Symantec Corporation)
R2 CLTNetCnService; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108648 2007-01-09] (Symantec Corporation)
S3 comHost; C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe [49248 2007-01-12] (Symantec Corporation)
S3 FirebirdServerMAGIXInstance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®)
S3 ISPwdSvc; C:\Program Files\Norton Internet Security\isPwdSvc.exe [80504 2007-01-14] (Symantec Corporation)
S3 LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE [2999664 2007-09-26] (Symantec Corporation)
R2 LiveUpdate Notice Ex; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108648 2007-01-09] (Symantec Corporation)
S2 LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll [537992 2008-04-10] (Symantec Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [235216 2013-09-06] (McAfee, Inc.)
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [174656 2006-11-02] ()
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [130248 2013-10-16] (Sandboxie Holdings, LLC)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S3 Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [1251720 2011-01-13] ()
R2 SymAppCore; C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe [47712 2007-01-05] (Symantec Corporation)
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.)
S2 TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [x]
==================== Drivers (Whitelisted) ====================
S4 CplIR; C:\Windows\system32\DRIVERS\CplIR.SYS [14848 2007-03-06] (COMPAL ELECTRONIC INC.)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [374392 2011-11-10] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [106104 2011-11-10] (Symantec Corporation)
R1 IDSvix86; C:\ProgramData\Symantec\Definitions\SymcData\idsdefs\20120112.001\IDSvix86.sys [287792 2011-01-08] (Symantec Corporation)
R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [19456 2006-07-28] (COMPAL ELECTRONIC INC.)
R3 NAVENG; C:\ProgramData\Symantec\Definitions\VirusDefs\20120114.019\NAVENG.SYS [86136 2011-08-18] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Symantec\Definitions\VirusDefs\20120114.019\NAVEX15.SYS [1576312 2011-08-18] (Symantec Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [159840 2013-10-16] (Sandboxie Holdings, LLC)
R1 SPBBCDrv; C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [418104 2007-04-14] (Symantec Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [279088 2007-11-30] (Symantec Corporation)
S3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [317616 2007-11-30] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [43696 2007-11-30] (Symantec Corporation)
R3 SYMDNS; C:\Windows\System32\Drivers\SYMDNS.SYS [12720 2009-08-03] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [124464 2011-01-13] (Symantec Corporation)
R3 SYMFW; C:\Windows\System32\Drivers\SYMFW.SYS [145968 2009-08-03] (Symantec Corporation)
R3 SYMIDS; C:\Windows\System32\Drivers\SYMIDS.SYS [39856 2009-08-03] (Symantec Corporation)
R3 SYMNDISV; C:\Windows\System32\Drivers\SYMNDISV.SYS [38448 2009-08-03] (Symantec Corporation)
R3 SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [26416 2009-08-03] (Symantec Corporation)
R1 SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [188080 2009-08-03] (Symantec Corporation)
R3 UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [11776 2007-04-16] (Chicony Electronics Co., Ltd.)
S2 adfs; No ImagePath
U5 AppMgmt; C:\Windows\system32\svchost.exe [22016 2006-11-02] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 igfx; system32\DRIVERS\igdkmd32.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 Tosrfcom; No ImagePath
S3 TpChoice; system32\DRIVERS\TpChoice.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-04 10:33 - 2013-12-04 10:34 - 00000944 _____ C:\Users\****\Desktop\JRT.txt
2013-12-04 10:24 - 2013-12-04 10:24 - 00000000 ____D C:\Windows\ERUNT
2013-12-04 10:23 - 2013-12-04 10:23 - 01034531 _____ (Thisisu) C:\Users\****\Downloads\JRT.exe
2013-12-04 10:19 - 2013-12-04 10:19 - 00006472 _____ C:\Users\****\Desktop\AdwCleaner[S0].txt
2013-12-04 10:13 - 2013-12-04 10:15 - 00000000 ____D C:\AdwCleaner
2013-12-04 10:13 - 2013-12-04 10:13 - 01110034 _____ C:\Users\****\Downloads\adwcleaner(1).exe
2013-12-04 10:12 - 2013-12-04 10:12 - 01110034 _____ C:\Users\****\Downloads\adwcleaner.exe
2013-12-04 09:23 - 2013-12-04 09:23 - 00013864 _____ C:\ComboFix.txt
2013-12-04 08:57 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-12-04 08:57 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-12-04 08:57 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-12-04 08:57 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-12-04 08:57 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-12-04 08:57 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2013-12-04 08:57 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-12-04 08:57 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-12-04 08:57 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-12-04 08:55 - 2013-12-04 09:23 - 00000000 ____D C:\Qoobox
2013-12-04 08:54 - 2013-12-04 09:21 - 00000000 ____D C:\Windows\erdnt
2013-12-04 08:53 - 2013-12-04 08:53 - 05152198 ____R (Swearware) C:\Users\****\Desktop\ComboFix.exe
2013-12-03 14:14 - 2013-12-03 14:14 - 01092389 _____ (Farbar) C:\Users\****\Desktop\FRST.exe
2013-12-02 14:59 - 2013-12-02 15:06 - 00053443 _____ C:\Users\****\Desktop\Addition.txt
2013-12-02 14:58 - 2013-12-04 10:35 - 00020789 _____ C:\Users\****\Desktop\FRST.txt
2013-12-02 14:58 - 2013-12-02 14:58 - 00000000 ____D C:\FRST
2013-11-20 18:44 - 2013-11-20 18:45 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-10 08:16 - 2013-11-10 08:16 - 00007963 _____ C:\Users\****\.recently-used.xbel
2013-11-10 08:16 - 2013-11-10 08:16 - 00007963 _____ C:\Users\****\.recently-used.xbel
==================== One Month Modified Files and Folders =======
2013-12-04 10:36 - 2013-12-02 14:58 - 00020789 _____ C:\Users\****\Desktop\FRST.txt
2013-12-04 10:35 - 2006-11-02 11:33 - 01461736 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-04 10:34 - 2013-12-04 10:33 - 00000944 _____ C:\Users\****\Desktop\JRT.txt
2013-12-04 10:33 - 2008-05-17 15:48 - 01315952 _____ C:\Windows\WindowsUpdate.log
2013-12-04 10:31 - 2008-05-18 12:24 - 00000000 ____D C:\Users\****\AppData\Roaming\Skype
2013-12-04 10:30 - 2013-11-02 13:35 - 00000000 ____D C:\Users\****\AppData\Local\Vidalia
2013-12-04 10:29 - 2013-10-30 13:18 - 00000644 _____ C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2013-12-04 10:29 - 2012-01-26 11:40 - 00000427 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-12-04 10:28 - 2012-01-26 11:56 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2013-12-04 10:28 - 2010-01-04 19:27 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-04 10:28 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-04 10:28 - 2006-11-02 13:47 - 00003456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-04 10:28 - 2006-11-02 13:47 - 00003456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-04 10:25 - 2006-11-02 14:01 - 00032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-04 10:24 - 2013-12-04 10:24 - 00000000 ____D C:\Windows\ERUNT
2013-12-04 10:23 - 2013-12-04 10:23 - 01034531 _____ (Thisisu) C:\Users\****\Downloads\JRT.exe
2013-12-04 10:19 - 2013-12-04 10:19 - 00006472 _____ C:\Users\****\Desktop\AdwCleaner[S0].txt
2013-12-04 10:15 - 2013-12-04 10:13 - 00000000 ____D C:\AdwCleaner
2013-12-04 10:15 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\tracing
2013-12-04 10:13 - 2013-12-04 10:13 - 01110034 _____ C:\Users\****\Downloads\adwcleaner(1).exe
2013-12-04 10:13 - 2011-01-17 22:21 - 00000424 ____H C:\Windows\Tasks\User_Feed_Synchronization-{CFE8EA9A-798A-4E1F-AC22-E44A53E7D28F}.job
2013-12-04 10:12 - 2013-12-04 10:12 - 01110034 _____ C:\Users\****\Downloads\adwcleaner.exe
2013-12-04 10:08 - 2013-05-01 07:30 - 00000000 ____D C:\Users\****\Desktop\Arbeit
2013-12-04 09:44 - 2010-01-04 19:27 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-04 09:44 - 2006-11-02 12:18 - 00000000 ___RD C:\Users\Public
2013-12-04 09:25 - 2011-01-18 21:06 - 00006416 _____ C:\Windows\Sandboxie.ini
2013-12-04 09:23 - 2013-12-04 09:23 - 00013864 _____ C:\ComboFix.txt
2013-12-04 09:23 - 2013-12-04 08:55 - 00000000 ____D C:\Qoobox
2013-12-04 09:23 - 2008-05-17 17:24 - 00000000 ____D C:\Users\Adriane
2013-12-04 09:23 - 2006-11-02 12:18 - 00000000 __RHD C:\Users\Default
2013-12-04 09:22 - 2013-01-04 10:17 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-04 09:21 - 2013-12-04 08:54 - 00000000 ____D C:\Windows\erdnt
2013-12-04 09:16 - 2006-11-02 11:23 - 00000215 _____ C:\Windows\system.ini
2013-12-04 09:14 - 2007-04-16 07:16 - 00098924 _____ C:\Windows\PFRO.log
2013-12-04 08:53 - 2013-12-04 08:53 - 05152198 ____R (Swearware) C:\Users\****\Desktop\ComboFix.exe
2013-12-03 20:27 - 2013-06-03 18:21 - 00047982 _____ C:\Users\****\Desktop\Stand der Bewerbungen_Mai2013.xlsx
2013-12-03 15:10 - 2008-05-19 09:05 - 00000416 ____H C:\Windows\Tasks\User_Feed_Synchronization-{9B5BE33B-1C19-4CBB-B4B1-59549B38285C}.job
2013-12-03 14:14 - 2013-12-03 14:14 - 01092389 _____ (Farbar) C:\Users\****\Desktop\FRST.exe
2013-12-03 11:52 - 2009-03-27 20:09 - 00001052 _____ C:\Windows\Tasks\Google Software Updater.job
2013-12-02 15:40 - 2013-01-20 17:19 - 00062976 _____ C:\Users\****\Desktop\Planung_2013_02.xls
2013-12-02 15:06 - 2013-12-02 14:59 - 00053443 _____ C:\Users\****\Desktop\Addition.txt
2013-12-02 14:58 - 2013-12-02 14:58 - 00000000 ____D C:\FRST
2013-11-21 08:40 - 2013-02-02 22:33 - 00000000 ___RD C:\Program Files\Skype
2013-11-21 08:40 - 2008-05-18 12:23 - 00000000 ____D C:\ProgramData\Skype
2013-11-21 08:40 - 2008-05-18 12:23 - 00000000 ____D C:\ProgramData\Skype
2013-11-21 08:36 - 2012-10-23 09:38 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-20 18:45 - 2013-11-20 18:44 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-20 00:38 - 2013-10-30 13:18 - 00000616 _____ C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2013-11-20 00:38 - 2013-10-30 13:18 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-11-20 00:38 - 2013-10-30 13:18 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-11-14 18:58 - 2008-05-17 17:56 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-14 18:58 - 2008-05-17 17:56 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-14 18:57 - 2013-08-14 18:06 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 18:55 - 2006-11-02 11:24 - 80340640 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-11-13 20:53 - 2013-02-08 19:52 - 00001924 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-11-13 20:53 - 2010-12-26 20:32 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-11-11 20:03 - 2008-05-17 18:23 - 00000580 _____ C:\Windows\Tasks\Norton Internet Security - Systemprüfung ausführen - ****.job
2013-11-11 05:50 - 2010-12-17 06:42 - 00230048 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-10 08:34 - 2013-01-07 11:46 - 00000000 ____D C:\Users\****\.gimp-2.6
2013-11-10 08:34 - 2013-01-07 11:46 - 00000000 ____D C:\Users\****\.gimp-2.6
2013-11-10 08:16 - 2013-11-10 08:16 - 00007963 _____ C:\Users\****\.recently-used.xbel
2013-11-10 08:16 - 2013-11-10 08:16 - 00007963 _____ C:\Users\****\.recently-used.xbel
2013-11-10 08:16 - 2013-01-07 11:48 - 00000000 ____D C:\Users\****\AppData\Roaming\gtk-2.0
2013-11-10 08:16 - 2008-05-17 17:07 - 00000000 ____D C:\Users\****
2013-11-08 08:07 - 2011-01-17 19:48 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
Some content of TEMP:
====================
C:\Users\****\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-04 10:35
==================== End Of Log ============================
--- --- --- |
|
04.12.2013, 11:02
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox meldet sich mind. 2 mal täglich selbst ab Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes Anti-Malware (MBAM) Hinweis: Denk bitte vorher daran, Malwarebytes Anti-Malware über den Updatebutton zu aktualisieren! Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.12.2013, 11:53
| #9 |
| | Firefox meldet sich mind. 2 mal täglich selbst ab OK - Scan-Prozess abgeschlossen, hier die log-dateien: 1. Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.12.04.04 Windows Vista x86 NTFS Internet Explorer 8.0.6001.18882 **** :: HOME [Administrator] Schutz: Aktiviert 04.12.2013 11:11:06 mbam-log-2013-12-04 (11-11-06).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 240785 Laufzeit: 9 Minute(n), 56 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 5 C:\Program Files\Mozilla Firefox\freefox(2).exe (Adware.Dropper) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files\Mozilla Firefox\freefox.exe (Adware.Dropper) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\****\Downloads\Babylon9_setup.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\**** Neu\Downloads\SoftonicDownloader_fuer_quicktime(1).exe (PUP.Optional.Softonic.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\**** Neu\Downloads\SoftonicDownloader_fuer_quicktime.exe (PUP.Optional.Softonic.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) |
|
04.12.2013, 12:01
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox meldet sich mind. 2 mal täglich selbst ab Gut, fehlt noch ESET. Warum fehlt deinem Vista eigentlich jegliches ServicePack? Und der IE ist auch nicht aktuell...
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.12.2013, 12:43
| #11 |
| | Firefox meldet sich mind. 2 mal täglich selbst ab Finish? Was bedeutet das alles und wie gehts weiter? Danke schon mal dafür! Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=b0851346b49f974ab64722c092ef3411
# engine=16129
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-12-04 10:53:04
# local_time=2013-12-04 11:53:04 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.0.6000 NT
# compatibility_mode=5892 16776574 100 100 79450 223687112 0 0
# scanned=27556
# found=0
# cleaned=0
# scan_time=1533
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=b0851346b49f974ab64722c092ef3411
# engine=16129
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-12-04 11:40:18
# local_time=2013-12-04 12:40:18 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.0.6000 NT
# compatibility_mode=5892 16776574 100 100 85884 223689946 0 0
# scanned=28039
# found=0
# cleaned=0
# scan_time=1595
|
|
04.12.2013, 12:51
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox meldet sich mind. 2 mal täglich selbst ab Sieht soweit ok aus  Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.12.2013, 14:19
| #13 |
| | Firefox meldet sich mind. 2 mal täglich selbst ab DANKE! - Ich arbeite jetzt mal und sag dann bescheid, wie es läuft. Die Tipps schaue ich mir gerne an. Warum im Vista jegliches ServicePack fehlt, weiss ich nicht, und wie der IE aktuallisiert wird auch leider nicht - für Tipps bin ich offen... falls relevant. |
|
04.12.2013, 15:40
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox meldet sich mind. 2 mal täglich selbst ab SP1 für Windows Vista (32-Bit) Das Vista-SP2 erfordert ein installiertes SP1. Daher bitte erst das SP1 installieren:
SP2/IE9 für Windows Vista (32-Bit)
Achte beim Setup des IE wieder darauf, dass vorher möglichst alle Programme beendet und der Virenscanner deaktiviert wurde. Im Setup selbst bitte nicht an dem Verbesserungsprogramm teilnehmen (oder wie MS das nennt) und auch KEINE Updates über das Setup installieren. Die installieren wir später, ich sag dir dann wie. Melde dich wenn SP2/IE9 drauf sind.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
05.12.2013, 08:08
| #15 |
| | Firefox meldet sich mind. 2 mal täglich selbst ab Installationen (SP1) SP2/IE9 sind abgeschlossen - was bleibt noch zu tun? |
|
| Themen zu Firefox meldet sich mind. 2 mal täglich selbst ab |
| adware.dropper, antwort, arbeiten, erreiche, experte, experten, firefox, firefox absturz, liebe, melde, meldet, nützliche, pup.optional.babylon.a, pup.optional.softonic.a, server, tagen, täglich, unterbrechungen, unterbrochen, verbindung |
Linear-Darstellung
