DHLBenachrichtigung.zip

D_Harry · 04.03.2015, 21:31

Hallo Leute!

Meine mir Zugemutete hat mir heute mitgeteilt, dass die von DHL zugeschickte Benachrichtigung nicht funktioniert

Das heißt wohl, dass ich vermutlich auch stolzer Besitzer eines Trojaners bin, was sich zwischenzeitlich schon etwas negativ auf den Haussegen ausgewirkt hat.

Hoffe, dass ihr mir bei meinem Dilemma helfen könnt und danke euch jetzt schon mal für eure Bemühungen!

FRST:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-03-2015
Ran by Harald (administrator) on HOME on 04-03-2015 20:38:20
Running from C:\Dokumente und Einstellungen\Harald\Desktop
Loaded Profiles: Harald (Available profiles: Harald & Gaby)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8 (Default browser path: "C:\Programme\Opera\Opera.exe")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(AVG Technologies CZ, s.r.o.) F:\Programme\AVG\avgchsvx.exe
(AVG Technologies CZ, s.r.o.) F:\Programme\AVG\avgrsx.exe
(AVG Technologies CZ, s.r.o.) F:\Programme\AVG\avgcsrvx.exe
(AVG Technologies CZ, s.r.o.) F:\Programme\AVG\avgwdsvc.exe
(Apple Inc.) C:\Programme\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
() C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\WINDOWS\system32\PnkBstrA.exe
(DEVGURU Co., LTD.) C:\Programme\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(AVG Technologies CZ, s.r.o.) F:\Programme\AVG\avgemc.exe
(AVG Technologies CZ, s.r.o.) F:\Programme\AVG\avgnsx.exe
(AVG Technologies CZ, s.r.o.) F:\Programme\AVG\avgcsrvx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Analog Devices, Inc.) C:\Programme\Analog Devices\Core\smax4pnp.exe
() C:\Programme\ASUS\AI Suite\AiNap\AiNap.exe
(Hagel Technologies Ltd) F:\Tools\DU Meter\DUMeter.exe
(Advanced Micro Devices Inc.) C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Programme\ASUS\AASP\1.00.59\aaCenter.exe
(Microsoft Corporation) F:\Programme\Microsoft ActiveSync\wcescomm.exe
(Microsoft Corporation) F:\PROGRA~1\MICROS~2\rapimgr.exe
(Logitech, Inc.) C:\Programme\Logitech\SetPoint\SetPoint.exe
(Opera Software) C:\Programme\Opera\opera.exe
(Renier Crause) F:\Programme\PopTray\PopTray.exe
(ATI Technologies Inc.) C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Logitech, Inc.) C:\Programme\Gemeinsame Dateien\Logishrd\KHAL2\KHALMNPR.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SoundMAXPnP] => C:\Programme\Analog Devices\Core\smax4pnp.exe [868352 2006-12-18] (Analog Devices, Inc.)
HKLM\...\Run: [SoundMAX] => C:\Programme\Analog Devices\SoundMAX\Smax4.exe [729088 2006-07-13] (Analog Devices, Inc.)
HKLM\...\Run: [Ai Nap] => C:\Programme\ASUS\AI Suite\AiNap\AiNap.exe [1413120 2008-01-28] ()
HKLM\...\Run: [CPU Power Monitor] => C:\Programme\ASUS\AI Suite\AiGear3\CpuPowerMonitor.exe [627200 2008-01-09] ()
HKLM\...\Run: [Cpu Level Up help] => C:\Programme\ASUS\AI Suite\CpuLevelUpHelp.exe [881152 2007-11-30] ()
HKLM\...\Run: [ASUS Energy Saving] => C:\Programme\ASUS\AI Suite\EnergySaving\PwSave.exe [1352704 2008-01-28] ()
HKLM\...\Run: [DU Meter] => F:\Tools\DU Meter\DUMeter.exe [1587224 2006-11-27] (Hagel Technologies Ltd)
HKLM\...\Run: [InstalledTime] => 1-27-2014
HKLM\...\Run: [ASUSPRP] => C:\Programme\ASUS\APRP\APRP.EXE [3220640 2013-08-27] (ASUSTek Computer Inc.)
HKLM\...\Run: [StartCCC] => C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2013-12-23] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Programme\QuickTime\qttask.exe [421888 2011-10-24] (Apple Inc.)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\WINDOWS\KHALMNPR.EXE [55824 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [SunJavaUpdateSched] => "C:\Programme\Java\jre1.8.0_31\bin\jusched.exe"
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
Winlogon\Notify\avgrsstarter: C:\WINDOWS\system32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\LBTWlgn: c:\programme\gemeinsame dateien\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-854245398-790525478-839522115-1003\...\Run: [H/PC Connection Agent] => F:\Programme\Microsoft ActiveSync\wcescomm.exe [1289000 2006-11-13] (Microsoft Corporation)
HKU\S-1-5-21-854245398-790525478-839522115-1003\...\Run: [] => [X]
HKU\S-1-5-21-854245398-790525478-839522115-1003\...\MountPoints2: {4da9df78-0d2e-11e0-8bae-001e8c9c44a0} - R:\NokiaPCIA_Autorun.exe
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech SetPoint.lnk
ShortcutTarget: Logitech SetPoint.lnk -> C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
Startup: C:\Dokumente und Einstellungen\Harald\Startmenü\Programme\Autostart\PopTray.lnk
ShortcutTarget: PopTray.lnk -> F:\Programme\PopTray\PopTray.exe (Renier Crause)
BootExecute: autocheck autochk * 

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-854245398-790525478-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-854245398-790525478-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> F:\Programme\AVG\avgssie.dll (AVG Technologies CZ, s.r.o.)
BHO: SSVHelper Class -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Programme\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Programme\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\System32\msvidctl.dll (Microsoft Corporation)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - F:\Programme\AVG\avgpp.dll (AVG Technologies CZ, s.r.o.)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Winsock: Catalog5 04 C:\Programme\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 92.243.32.40 194.112.145.60

FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Mozilla\Firefox\Profiles\iej40zxr.default-1358705011781
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> F:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @eleco.com/o2cplayer -> F:\Programme\o2c Player\npO2CPlayer.DLL (Eleco plc)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Programme\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Programme\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Programme\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Extension: Greasemonkey - C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Mozilla\Firefox\Profiles\iej40zxr.default-1358705011781\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-01-20]
FF Extension: Java Console - C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2015-01-27]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-11-13]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55144 2011-10-09] (Apple Inc.)
R2 Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [643072 2013-12-23] (ATI Technologies Inc.) [File not signed]
R2 avg9emc; F:\Programme\AVG\avgemc.exe [921952 2010-07-21] (AVG Technologies CZ, s.r.o.)
R2 avg9wd; F:\Programme\AVG\avgwdsvc.exe [308136 2010-07-15] (AVG Technologies CZ, s.r.o.)
R2 Bonjour Service; C:\Programme\Bonjour\mDNSResponder.exe [390504 2011-08-30] (Apple Inc.)
S3 iPod Service; C:\Programme\iPod\bin\iPodService.exe [821608 2011-10-09] (Apple Inc.)
S3 LBTServ; C:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTServ.exe [121360 2009-07-20] (Logitech, Inc.)
R2 LightScribeService; C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe [75304 2007-04-19] (Hewlett-Packard Company)
R2 MDM; C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe [322120 2003-06-19] (Microsoft Corporation)
S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [114800 2015-01-27] (Mozilla Foundation)
S3 NBService; F:\Programme\Nero 7\Nero BackItUp\NBService.exe [792112 2007-04-13] (Nero AG)
S3 NMIndexingService; C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe [271920 2007-05-08] (Nero AG)
R2 PassThru Service; C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe [87040 2011-08-12] () [File not signed]
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [66872 2008-05-03] ()
S3 ServiceLayer; C:\Programme\PC Connectivity Solution\ServiceLayer.exe [737616 2013-04-18] (Nokia)
R2 ss_conn_service; C:\Programme\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
S3 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2006-11-03] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\WINDOWS\System32\drivers\AsIO.sys [12400 2007-12-18] ()
R2 Aspi32; C:\WINDOWS\system32\Drivers\Aspi32.sys [25244 1999-09-10] (Adaptec)
R3 ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [6852096 2013-12-23] (ATI Technologies Inc.) [File not signed]
R3 AtiHDAudioService; C:\WINDOWS\System32\drivers\AtihdXP3.sys [103040 2012-05-14] (Advanced Micro Devices)
R1 AvgLdx86; C:\WINDOWS\System32\Drivers\avgldx86.sys [226016 2013-01-15] (AVG Technologies CZ, s.r.o.)
R1 AvgMfx86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [29712 2011-09-13] (AVG Technologies CZ, s.r.o.)
R1 AvgTdiX; C:\WINDOWS\System32\Drivers\avgtdix.sys [243152 2011-05-05] (AVG Technologies CZ, s.r.o.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R0 JGOGO; C:\WINDOWS\System32\DRIVERS\JGOGO.sys [6912 2006-02-07] (JMicron )
R0 JRAID; C:\WINDOWS\System32\DRIVERS\jraid.sys [46208 2007-03-24] (JMicron Technology Corp.)
R3 LEqdUsb; C:\WINDOWS\System32\Drivers\LEqdUsb.Sys [40720 2009-06-17] (Logitech, Inc.)
R3 LHidEqd; C:\WINDOWS\System32\Drivers\LHidEqd.Sys [10384 2009-06-17] (Logitech, Inc.)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 OVT511Plus; C:\WINDOWS\System32\Drivers\omcamvid.sys [167816 2001-10-18] (OmniVision Technologies, Inc.) [File not signed]
S3 RTLWUSB; C:\WINDOWS\System32\DRIVERS\RTL8187.sys [332928 2008-06-27] (Realtek Semiconductor Corporation                           )
R3 SenFiltService; C:\WINDOWS\System32\drivers\Senfilt.sys [392960 2006-03-17] (Sensaura)
S3 wceusbsh; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [28672 2006-11-06] (Microsoft Corporation)
S3 yukonwxp; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [265856 2007-08-15] (Marvell)
S3 eaps2kbd; system32\DRIVERS\eaps2kbd.sys [X]
S4 hpt3xx; No ImagePath
S4 IntelIde; No ImagePath
S3 SANDRA; \??\F:\Tools\SiSoftware Sandra Lite XII.SP2c\WNt500x86\Sandra.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-04 20:38 - 2015-03-04 20:38 - 00014388 _____ () C:\Dokumente und Einstellungen\Harald\Desktop\FRST.txt
2015-03-04 20:38 - 2015-03-04 20:38 - 00000000 ____D () C:\FRST
2015-03-04 20:36 - 2015-03-04 20:36 - 01132544 _____ (Farbar) C:\Dokumente und Einstellungen\Harald\Desktop\FRST.exe
2015-02-03 16:07 - 2015-02-03 16:07 - 00000000 ____D () C:\Programme\SAMSUNG
2015-02-03 16:07 - 2014-10-13 06:57 - 00184192 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2015-02-03 16:07 - 2014-10-13 06:57 - 00089856 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-04 20:38 - 2008-04-28 21:42 - 00000000 ____D () C:\Dokumente und Einstellungen\Harald\Lokale Einstellungen\Temp
2015-03-04 20:25 - 2008-05-01 14:40 - 00000300 ___SH () C:\Dokumente und Einstellungen\Gaby\ntuser.ini
2015-03-04 20:25 - 2008-05-01 14:40 - 00000000 ____D () C:\Dokumente und Einstellungen\Gaby\Lokale Einstellungen\Temp
2015-03-04 20:25 - 2001-08-23 13:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2015-03-04 18:23 - 2008-04-29 15:33 - 00000000 ____D () C:\WINDOWS\system32\Drivers\Avg
2015-03-04 18:20 - 2010-10-17 18:49 - 02017440 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-04 18:20 - 2008-04-29 04:39 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-03-04 18:19 - 2008-04-29 04:39 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2015-03-04 05:32 - 2008-04-29 07:54 - 00524288 _____ () C:\WINDOWS\system32\config\ACEEvent.evt
2015-03-04 05:32 - 2008-04-28 21:42 - 00000300 ___SH () C:\Dokumente und Einstellungen\Harald\ntuser.ini
2015-02-25 18:49 - 2008-05-01 14:40 - 00000000 ____D () C:\Dokumente und Einstellungen\Gaby
2015-02-21 21:55 - 2010-06-07 18:41 - 00002644 _____ () C:\WINDOWS\system32\d3d9caps.dat
2015-02-18 18:19 - 2013-07-27 15:00 - 00379820 _____ () C:\WINDOWS\setupapi.log
2015-02-07 09:35 - 2012-03-31 07:28 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-02-07 09:35 - 2011-05-17 04:11 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-02-03 18:01 - 2008-04-29 04:38 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Dokumente
2015-02-03 16:08 - 2013-08-24 11:51 - 00010568 _____ () C:\WINDOWS\setupact.log
2015-02-03 16:07 - 2008-04-29 04:38 - 00000000 ___RD () C:\Programme
2015-02-03 16:06 - 2014-12-17 18:29 - 00000579 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\Samsung Kies 3.lnk

==================== Files in the root of some directories =======

2008-05-01 16:15 - 2008-05-01 16:26 - 0002798 _____ () C:\Programme\SICHERUNG.bat
2008-06-24 18:02 - 2008-06-24 18:02 - 0002528 _____ () C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\$_hpcst$.hpc
2012-08-16 16:38 - 2012-08-16 16:38 - 0000288 _____ () C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\.backup.dm
2008-06-14 15:58 - 2014-08-01 23:33 - 0022528 _____ () C:\Dokumente und Einstellungen\Harald\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Some content of TEMP:
====================
C:\Dokumente und Einstellungen\Gaby\Lokale Einstellungen\Temp\jre-6u23-windows-i586-iftw-rv.exe
C:\Dokumente und Einstellungen\Gaby\Lokale Einstellungen\Temp\NEventMessages.dll
C:\Dokumente und Einstellungen\Harald\Lokale Einstellungen\Temp\Execute2App.exe
C:\Dokumente und Einstellungen\Harald\Lokale Einstellungen\Temp\jre-7u67-windows-i586-iftw.exe
C:\Dokumente und Einstellungen\Harald\Lokale Einstellungen\Temp\jre-7u71-windows-i586-iftw.exe
C:\Dokumente und Einstellungen\Harald\Lokale Einstellungen\Temp\jre-8u31-windows-au.exe
C:\Dokumente und Einstellungen\Harald\Lokale Einstellungen\Temp\NEventMessages.dll
C:\Dokumente und Einstellungen\Harald\Lokale Einstellungen\Temp\NOSEventMessages.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

Addition:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 04-03-2015
Ran by Harald at 2015-03-04 20:38:46
Running from C:\Dokumente und Einstellungen\Harald\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.6.602.168 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
AGEIA PhysX v7.07.09 (HKLM\...\{65F1CF63-31E0-450B-96F3-4A88BE7361A6}) (Version: 7.07.09 - AGEIA Technologies, Inc.)
AI Suite (HKLM\...\{310BC5E2-31AF-49BB-904D-E71EB93645DC}) (Version: 1.03.29 - )
AMD Catalyst Install Manager (HKLM\...\{B577572E-88D0-E34C-C93E-124BC43874E2}) (Version: 8.0.891.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{A00B9A50-3090-4CFF-9CDA-82DA0BEDAA21}) (Version: 4.0.0.96 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS GPU Tweak (HKLM\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.4.8.2 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (Version: 2.4.8.2 - ASUSTek COMPUTER INC.) Hidden
ASUS Product Register Program (HKLM\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.025 - ASUSTek Computer Inc.)
ASUSUpdate (HKLM\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version:  - )
ATI AVIVO Codecs (Version: 10.0.0.40103 - ATI Technologies Inc.) Hidden
Auslogics Disk Defrag (HKLM\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: version 3.1 - Auslogics Software Pty Ltd)
AVG Free 9.0 (HKLM\...\AVG9Uninstall) (Version:  - AVG Technologies)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Bouquet Wizard (HKLM\...\BouquetWizard) (Version:  - )
Canon IJ Scan Utility (HKLM\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon MG7100 series Benutzerregistrierung (HKLM\...\Canon MG7100 series Benutzerregistrierung) (Version:  - *Canon Inc.)
Canon MG7100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG7100_series) (Version: 1.00 - Canon Inc.)
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 3.26 - Piriform)
CDDRV_Installer (Version: 4.60 - Logitech) Hidden
CDex extraction audio (HKLM\...\CDex) (Version:  - )
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
DH Driver Cleaner Professional Edition (HKLM\...\Driver Cleaner Pro) (Version: Version 1.5 - Ruud Ketelaars)
DU Meter (HKLM\...\dumeter3_is1) (Version: 3.50 Build R2822 - Hagel Technologies Ltd)
erLT (Version: 1.20.0137 - Logitech, Inc.) Hidden
Exifer (HKLM\...\Exifer_is1) (Version:  - Friedemann Schmidt)
Foxit PDF IFilter (HKLM\...\{4448ABF6-786D-4C3D-A49D-7BB237E6DD17}) (Version: 1.0.1729 - Foxit Software)
Foxit Reader (HKLM\...\Foxit Reader) (Version:  - )
Free FLV Converter V 6.8.0 (HKLM\...\Free FLV Converter_is1) (Version: 6.8.0.0 - Koyote Soft)
Free Video Dub version 1.8.10 (HKLM\...\Free Video Dub_is1) (Version:  - DVDVideoSoft Limited.)
Freemake Video Converter Version 2.0.1 (HKLM\...\Freemake Video Converter_is1) (Version: 2.0.1 - Ellora Assets Corporation)
HD Tach version 3 (HKLM\...\HD Tach_is1) (Version:  - Simpli Software, Inc.)
HTC BMP USB Driver (HKLM\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.017 - HTC Corporation)
HydraVision (Version: 4.2.242.0 - Advanced Micro Devices, Inc.) Hidden
InterVideo WinDVD (HKLM\...\InterVideo WinDVD) (Version:  - )
IrfanView (remove only) (HKLM\...\IrfanView) (Version:  - )
IsoBuster 1.7 (HKLM\...\IsoBuster_is1) (Version: 1.7 - Smart Projects)
iTunes (HKLM\...\{29ED20C9-5E15-4969-9279-25BF3727A3DA}) (Version: 10.5.0.142 - Apple Inc.)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JMB36X Raid Configurer (HKLM\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0000 - JMICRON Technology Corp.)
KhalInstallWrapper (Version: 2.00.0000 - Logitech) Hidden
Kochbuch 1.7.1 (HKLM\...\Kochbuch_is1) (Version: 1.7.1.0 - Flo & Seb Engineering)
LeechFTP  (HKLM\...\LeechFTP) (Version:  - )
LightScribe  1.6.43.1 (Version: 1.6.43.1 - hxxp://www.lightscribe.com) Hidden
Logitech SetPoint (HKLM\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.80 - Logitech)
Marvell Miniport Driver (HKLM\...\Marvell Miniport Driver) (Version: 10.22.4.3 - Marvell)
Medal of Honor Airborne (HKLM\...\{25F28E39-FDBB-11DB-8314-0800200C9A66}) (Version: 1.0.1.0 - Electronic Arts)
Medal of Honor Allied Assault (HKLM\...\{0DEA94ED-915A-4834-A87E-388D012C8E02}) (Version:  - )
Medal of Honor Allied Assault(tm) Breakthrough (HKLM\...\{823A68CC-3049-4A6B-8F63-7DC85E4BB1C9}) (Version:  - )
Medal of Honor Allied Assault(tm) Breakthrough v2.40 Patch (HKLM\...\{DF9046D6-5F1F-40B6-9782-3DC2D902D391}) (Version:  - )
Medal of Honor Allied Assault(tm) Spearhead (HKLM\...\{7914BE1E-F186-4790-B8F4-9F63C52A41C1}) (Version:  - )
Medal of Honor Allied Assault(tm) Spearhead (HKLM\...\{BE699EDC-9E58-4671-A23E-9CDF7F6F42F2}) (Version:  - )
Medal of Honor Allied Assault(tm) Spearhead Patch 2.15 (HKLM\...\{18EF2DEE-DCB0-466A-ABA5-4C73E508530A}) (Version:  - )
Medal of Honor Pacific Assault(tm) (HKLM\...\{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}) (Version: 1.0 - Electronic Arts)
Medal of Honor Pacific Assault(tm) Patch2 (HKLM\...\{824539D7-D27E-4CC3-B36F-6404B5EB726B}) (Version: 1.0 - Electronic Arts)
Medion GoPal Assistant 4.00.0003 (HKLM\...\Medion GoPal Assistant) (Version: 4.0.3.0 - Medion)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU (HKLM\...\{C314CE45-3392-3B73-B4E1-139CD41CA933}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU (HKLM\...\{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft ActiveSync (HKLM\...\{99052DB7-9592-4522-A558-5417BBAD48EE}) (Version: 4.5.5096.0 - Microsoft Corporation)
Microsoft Office XP Professional mit FrontPage (HKLM\...\{90280407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.9 (HKLM\...\Wudf01009) (Version:  - Microsoft Corporation)
Microsoft Visio Professional 2002 [DEU] (HKLM\...\{90510407-6D54-11D4-BEE3-00C04F990354}) (Version: 10.2.5111 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 de) (HKLM\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mp3tag v2.48 (HKLM\...\Mp3tag) (Version: v2.48 - Florian Heidenreich)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-854245398-790525478-839522115-1003\...\MyFreeCodec) (Version:  - )
Nero 7 Essentials (HKLM\...\{A2104078-AAA5-449E-95DD-55C9443A1031}) (Version: 7.02.8506 - Nero AG)
Nokia Connectivity Cable Driver (HKLM\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)
Nokia Suite (Version: 3.8.48.0 - Nokia) Hidden
o2c Player (HKLM\...\o2c Player) (Version:  - )
Opera 12.17 (HKLM\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
ORF-Ski Challenge 2010 (HKU\S-1-5-21-854245398-790525478-839522115-1003\...\sc10-ORF_MAIN) (Version:  - )
Paint.NET v3.5.4 (HKLM\...\{053B3DA8-91B5-4682-A130-715412A1A252}) (Version: 3.54.0 - dotPDN LLC)
PC Connectivity Solution (HKLM\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PC Probe II (HKLM\...\{F7338FA3-DAB5-49B2-900D-0AFB5760C166}) (Version: 1.04.29 - )
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 0.9.7 - Frank Heindörfer, Philip Chinery)
PopTray 3.20 (HKLM\...\PopTray) (Version: 3.20 - Renier Crause)
PopTray Plug-ins (beta 6) (HKLM\...\PopTray Plug-ins) (Version: (beta 6) - Renier Crause)
QuickTime (HKLM\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
REALTEK GbE & FE Ethernet PCI NIC Driver (HKLM\...\{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}) (Version: 1.05.0000 - Realtek)
Samsung Kies3 (HKLM\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15013.17 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (Version: 3.2.15013.17 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2360131) (HKLM\...\KB2360131-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2416400) (HKLM\...\KB2416400-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2482017) (HKLM\...\KB2482017-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB971961) (HKLM\...\KB971961-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB981332) (HKLM\...\KB981332-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB982381) (HKLM\...\KB982381-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB911564) (Version:  - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player 6.4 (KB925398) (HKLM\...\KB925398_WMP64) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player 9 (KB936782) (Version:  - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows XP (KB923789) (HKLM\...\KB923789) (Version:  - Microsoft Corporation)
Ski Challenge 11 (AT) (HKU\S-1-5-21-854245398-790525478-839522115-1003\...\sc11-AT_ORF_MAIN) (Version:  - )
Ski Challenge 12 (AT) (HKU\S-1-5-21-854245398-790525478-839522115-1003\...\sc12-AT_MAIN) (Version:  - )
Ski Challenge 13 (AT) (HKU\S-1-5-21-854245398-790525478-839522115-1003\...\sc13-AT_MAIN) (Version:  - )
Skins (Version: 2013.1223.216.3934 - Advanced Micro Devices, Inc.) Hidden
Skype™ 5.1 (HKLM\...\{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}) (Version: 5.1.112 - Skype Technologies S.A.)
SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 5.10.01.6110 - Analog Devices)
Stock Monitor (2) (HKU\S-1-5-21-854245398-790525478-839522115-1003\...\Stock Monitor (2)) (Version:  - Daniel Sitnik)
TeamSpeak 3 Client (HKU\S-1-5-21-854245398-790525478-839522115-1003\...\TeamSpeak 3 Client) (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
Turbo Lister 2 (HKLM\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)
Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version:  - )
Update für Windows Internet Explorer 8 (KB2447568) (HKLM\...\KB2447568-IE8) (Version: 1 - Microsoft Corporation)
Update für Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation)
VLC media player 1.1.9 (HKLM\...\VLC media player) (Version: 1.1.9 - VideoLAN)
WD Spindown or Stop Utility for External Drive, v1.00 (HKLM\...\{BE6F412F-C276-4FD8-B3E1-F996CC172776}) (Version: 1.0.0 - Western Digital Technologies)
WebFldrs XP (Version: 9.50.5318 - Microsoft Corporation) Hidden
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR Archivierer (HKLM\...\WinRAR archiver) (Version:  - )
World of Tanks (HKLM\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version:  - Wargaming.net)
XMedia Recode 2.2.3.9 (HKLM\...\XMedia Recode) (Version: 2.2.3.9 - Sebastian Dörfler)
XML Paper Specification Shared Components Language Pack 1.0 (Version:  - Microsoft Corporation) Hidden
Youtube Video Mp3 Downloader (HKLM\...\{DB573D57-DECF-49D6-B95D-8AF9CDE27554}) (Version: 2.2.0.0 - iWesoft)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-854245398-790525478-839522115-1003_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-790525478-839522115-1003_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-790525478-839522115-1003_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-790525478-839522115-1003_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-790525478-839522115-1003_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-790525478-839522115-1003_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-790525478-839522115-1003_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-790525478-839522115-1003_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-790525478-839522115-1003_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-790525478-839522115-1003_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-790525478-839522115-1003_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-790525478-839522115-1003_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-790525478-839522115-1003_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-790525478-839522115-1003_Classes\CLSID\{DB450001-9764-11D6-819E-005056C00008}\localserver32 -> F:\Tools\DU Meter\DUMeter.exe (Hagel Technologies Ltd)

==================== Restore Points  =========================

29-12-2014 18:14:37 Avg Update
06-01-2015 16:44:31 Avg Update
03-02-2015 16:06:04 Installed Samsung Kies3

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2001-08-23 13:00 - 2001-08-23 13:00 - 00000820 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Programme\Apple Software Update\SoftwareUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2009-03-23 17:16 - 2001-10-28 16:42 - 00116224 _____ () C:\WINDOWS\system32\pdfcmnnt.dll
2011-08-12 17:13 - 2011-08-12 17:13 - 00087040 _____ () C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe
2008-05-03 22:47 - 2008-05-03 22:56 - 00066872 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2008-05-03 22:00 - 2002-05-28 17:11 - 00122880 _____ () F:\Programme\WinRAR\rarext.dll
2008-04-29 16:12 - 2008-01-28 11:55 - 01413120 _____ () C:\Programme\ASUS\AI Suite\AiNap\AiNap.exe
2008-04-29 16:12 - 2008-01-16 19:08 - 00208896 _____ () C:\Programme\ASUS\AI Suite\AiNap\AiNap.dll
2008-04-29 16:12 - 2008-01-24 17:53 - 00613376 _____ () C:\Programme\ASUS\AASP\1.00.59\aaCenter.exe
2008-04-29 07:34 - 2006-01-10 23:50 - 00024576 _____ () C:\WINDOWS\system32\AsIO.dll
2008-04-29 16:12 - 2005-06-23 00:39 - 00204851 _____ () C:\Programme\ASUS\AASP\1.00.59\PowerDll.dll
2008-04-29 16:12 - 2008-01-17 23:46 - 00053248 _____ () C:\Programme\ASUS\AASP\1.00.59\cpuutil.dll
2011-12-14 17:55 - 2009-07-20 12:27 - 00017936 _____ () C:\Programme\Logitech\SetPoint\khalwrapper.dll
2001-08-23 13:00 - 2008-04-14 06:52 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2011-01-28 15:03 - 2014-04-26 00:13 - 00835584 _____ () C:\Programme\Opera\gstreamer\gstreamer.dll
2011-01-28 15:03 - 2014-04-26 00:13 - 00093696 _____ () C:\Programme\Opera\gstreamer\plugins\gstaudioconvert.dll
2011-01-28 15:03 - 2014-04-26 00:13 - 00094208 _____ () C:\Programme\Opera\gstreamer\plugins\gstaudioresample.dll
2011-01-28 15:03 - 2014-04-26 00:13 - 00057344 _____ () C:\Programme\Opera\gstreamer\plugins\gstautodetect.dll
2011-12-08 19:49 - 2014-04-26 00:13 - 00096256 _____ () C:\Programme\Opera\gstreamer\plugins\gstcoreplugins.dll
2011-01-28 15:03 - 2014-04-26 00:13 - 00062976 _____ () C:\Programme\Opera\gstreamer\plugins\gstdecodebin2.dll
2011-01-28 15:03 - 2014-04-26 00:13 - 00067072 _____ () C:\Programme\Opera\gstreamer\plugins\gstdirectsound.dll
2011-01-28 15:03 - 2014-04-26 00:13 - 00158208 _____ () C:\Programme\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
2011-01-28 15:03 - 2014-04-26 00:13 - 00312832 _____ () C:\Programme\Opera\gstreamer\plugins\gstoggdec.dll
2011-01-28 15:03 - 2014-04-26 00:13 - 00038912 _____ () C:\Programme\Opera\gstreamer\plugins\gstwaveform.dll
2011-01-28 15:03 - 2014-04-26 00:13 - 00073728 _____ () C:\Programme\Opera\gstreamer\plugins\gstwavparse.dll
2011-01-28 15:03 - 2014-04-26 00:13 - 00101888 _____ () C:\Programme\Opera\gstreamer\plugins\gstwebmdec.dll
2003-10-09 19:17 - 2003-10-09 19:17 - 00287232 _____ () F:\Programme\PopTray\plugins\ProtocolIMAP4.dll
2003-09-27 17:29 - 2003-09-27 17:29 - 00257536 _____ () F:\Programme\PopTray\plugins\ProtocolPOP3SSL.dll
2002-08-13 05:09 - 2002-08-13 05:09 - 00684032 _____ () F:\Programme\PopTray\libeay32.dll
2002-08-13 05:10 - 2002-08-13 05:10 - 00155648 _____ () F:\Programme\PopTray\ssleay32.dll
2010-03-16 11:22 - 2010-03-16 11:22 - 00014848 _____ () C:\Programme\ATI Technologies\ATI.ACE\Core-Static\AxInterop.WBOCXLib.dll
2013-06-18 14:49 - 2013-06-18 14:49 - 00016384 _____ () C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-12-23 02:15 - 2013-12-23 02:15 - 00270336 _____ () C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UploadMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WdfLoadGroup => ""=""

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-854245398-790525478-839522115-1003\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Grüne Idylle.bmp
DNS Servers: 92.243.32.40 - 194.112.145.60

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: 36X Raid Configurer => C:\WINDOWS\system32\xRaidSetup.exe boot
MSCONFIG\startupreg: APSDaemon => "C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AVG9_TRAY => F:\PROGRA~1\AVG\avgtray.exe
MSCONFIG\startupreg: H/PC Connection Agent => "F:\Programme\Microsoft ActiveSync\wcescomm.exe"
MSCONFIG\startupreg: iTunesHelper => "F:\Programme\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: JMB36X IDE Setup => C:\WINDOWS\RaidTool\xInsIDE.exe
MSCONFIG\startupreg: NeroFilterCheck => C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe
MSCONFIG\startupreg: NokiaMServer => C:\Programme\Gemeinsame Dateien\Nokia\MPlatform\NokiaMServer /watchfiles startup
MSCONFIG\startupreg: QuickTime Task => "C:\Programme\QuickTime\QTTask.exe" -atboottime

==================== Accounts: =============================

Administrator (S-1-5-21-854245398-790525478-839522115-500 - Administrator - Enabled)
Gaby (S-1-5-21-854245398-790525478-839522115-1004 - Administrator - Enabled) => %SystemDrive%\Dokumente und Einstellungen\Gaby
Gast (S-1-5-21-854245398-790525478-839522115-501 - Limited - Enabled)
Harald (S-1-5-21-854245398-790525478-839522115-1003 - Administrator - Enabled) => %SystemDrive%\Dokumente und Einstellungen\Harald
Hilfeassistent (S-1-5-21-854245398-790525478-839522115-1000 - Limited - Enabled)
SUPPORT_388945a0 (S-1-5-21-854245398-790525478-839522115-1002 - Limited - Disabled)

==================== Faulty Device Manager Devices =============

Name: Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter
Description: Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RTLWUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller
Description: Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Marvell
Service: yukonwxp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: PS/2 Keyboard
Description: PS/2 Keyboard
Class Guid: {4D36E96B-E325-11CE-BFC1-08002BE10318}
Manufacturer: Logitech
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/27/2015 10:06:20 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Die Extrahierung der Drittanbieterstammlisten aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.

Error: (02/27/2015 10:06:20 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Die Extrahierung der Drittanbieterstammlisten aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.

Error: (01/03/2015 06:11:28 PM) (Source: WmiAdapter) (EventID: 4099) (User: VORDEFINIERT)
Description: Dienst konnte nicht geöffnet werden.

Error: (12/18/2014 05:05:09 AM) (Source: WmiAdapter) (EventID: 4099) (User: VORDEFINIERT)
Description: Dienst konnte nicht geöffnet werden.

Error: (11/20/2014 05:04:29 AM) (Source: WmiAdapter) (EventID: 4099) (User: VORDEFINIERT)
Description: Dienst konnte nicht geöffnet werden.

Error: (10/27/2014 09:50:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlgeschlagene Anwendung plugin-container.exe, Version 32.0.3.5379, fehlgeschlagenes Modul mozalloc.dll, Version 32.0.3.5379, Fehleradresse 0x0000141b.
Das medienspezifische Ereignis für [plugin-container.exe!ws!] wird verarbeitet.

Error: (10/26/2014 08:31:07 PM) (Source: WmiAdapter) (EventID: 4099) (User: VORDEFINIERT)
Description: Dienst konnte nicht geöffnet werden.

Error: (09/09/2014 09:29:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlgeschlagene Anwendung worldoftanks.exe, Version 0.9.2.0, fehlgeschlagenes Modul msvcr110.dll, Version 11.0.51106.1, Fehleradresse 0x000a327c.
Das medienspezifische Ereignis für [worldoftanks.exe!ws!] wird verarbeitet.

Error: (06/14/2014 11:43:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlgeschlagene Anwendung worldoftanks.exe, Version 0.9.1.0, fehlgeschlagenes Modul msvcr110.dll, Version 11.0.51106.1, Fehleradresse 0x000a327c.
Das medienspezifische Ereignis für [worldoftanks.exe!ws!] wird verarbeitet.

Error: (06/10/2014 10:58:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlgeschlagene Anwendung worldoftanks.exe, Version 0.9.0.0, fehlgeschlagenes Modul worldoftanks.exe, Version 0.9.0.0, Fehleradresse 0x007cd9cf.
Das medienspezifische Ereignis für [worldoftanks.exe!ws!] wird verarbeitet.


System errors:
=============
Error: (03/04/2015 06:20:37 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
iaStor

Error: (03/04/2015 05:18:01 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
iaStor

Error: (03/03/2015 06:38:28 PM) (Source: WPDMTPDriver) (EventID: 15300) (User: )
Description: MTP WPD Driver has failed to start. Error 0x8007001f.

Error: (03/03/2015 06:34:33 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
iaStor

Error: (03/03/2015 05:14:27 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
iaStor

Error: (03/02/2015 06:16:39 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
iaStor

Error: (03/02/2015 05:18:38 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
iaStor

Error: (03/01/2015 05:58:11 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
iaStor

Error: (03/01/2015 11:14:44 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
iaStor

Error: (02/28/2015 07:37:27 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
iaStor


Microsoft Office Sessions:
=========================
Error: (02/27/2015 10:06:20 PM) (Source: crypt32) (EventID: 11) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

Error: (02/27/2015 10:06:20 PM) (Source: crypt32) (EventID: 11) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

Error: (01/03/2015 06:11:28 PM) (Source: WmiAdapter) (EventID: 4099) (User: VORDEFINIERT)
Description: 

Error: (12/18/2014 05:05:09 AM) (Source: WmiAdapter) (EventID: 4099) (User: VORDEFINIERT)
Description: 

Error: (11/20/2014 05:04:29 AM) (Source: WmiAdapter) (EventID: 4099) (User: VORDEFINIERT)
Description: 

Error: (10/27/2014 09:50:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe32.0.3.5379mozalloc.dll32.0.3.53790000141b

Error: (10/26/2014 08:31:07 PM) (Source: WmiAdapter) (EventID: 4099) (User: VORDEFINIERT)
Description: 

Error: (09/09/2014 09:29:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: worldoftanks.exe0.9.2.0msvcr110.dll11.0.51106.1000a327c

Error: (06/14/2014 11:43:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: worldoftanks.exe0.9.1.0msvcr110.dll11.0.51106.1000a327c

Error: (06/10/2014 10:58:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: worldoftanks.exe0.9.0.0worldoftanks.exe0.9.0.0007cd9cf


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
Percentage of memory in use: 26%
Total physical RAM: 3327.04 MB
Available physical RAM: 2457.28 MB
Total Pagefile: 11324.19 MB
Available Pagefile: 10273.77 MB
Total Virtual: 2047.88 MB
Available Virtual: 1932.41 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:39.06 GB) (Free:5.1 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive e: (MOHAAB) (CDROM) (Total:0.64 GB) (Free:0 GB) CDFS
Drive f: (Anwendungen) (Fixed) (Total:150 GB) (Free:107.46 GB) NTFS
Drive g: (Harald) (Fixed) (Total:100 GB) (Free:90.99 GB) NTFS
Drive h: (Gaby) (Fixed) (Total:26.7 GB) (Free:24.91 GB) NTFS
Drive i: (P_1_leer) (Fixed) (Total:150.01 GB) (Free:149.93 GB) NTFS
Drive j: (P_2_primaer) (Fixed) (Total:48.83 GB) (Free:48.75 GB) NTFS
Drive k: (P_2_leer) (Fixed) (Total:150 GB) (Free:145.93 GB) NTFS
Drive l: (P_2_leer) (Fixed) (Total:150 GB) (Free:149.92 GB) NTFS
Drive m: (Spiele) (Fixed) (Total:116.94 GB) (Free:79.11 GB) NTFS
Drive s: (extBACKUP) (Fixed) (Total:24.41 GB) (Free:24.12 GB) NTFS
Drive t: (extern2Partition) (Fixed) (Total:146.48 GB) (Free:128.37 GB) NTFS
Drive u: (Musik & Fotos & Filme) (Fixed) (Total:127.19 GB) (Free:101.28 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 3E8B3E8B)
Partition 1: (Active) - (Size=39.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=426.7 GB) - (Type=OF Extended)

========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 3ECA3ECA)
Partition 1: (Not Active) - (Size=48.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=416.9 GB) - (Type=OF Extended)

========================================================
Disk: 2 (Size: 298.1 GB) (Disk ID: 44FDFE06)
Partition 1: (Not Active) - (Size=24.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=146.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=127.2 GB) - (Type=07 NTFS)

==================== End Of Log ============================

cosinus · 04.03.2015, 21:48

Hi und

Zitat:

Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8

Du bist ja auch so einer, der noch mit Windows XP unterwegs ist. Wie kommt's?

Zitat:

Processor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
Total physical RAM: 3327.04 MB

An altersschwacher Hardware kann es ja nicht liegen, da hat ein Windows XP eigentlich nichts drauf verloren.

D_Harry · 04.03.2015, 21:57

Zitat:

Zitat von cosinus

Du bist ja auch so einer, der noch mit Windows XP unterwegs ist. Wie kommt's?

1. Läuft einwandfrei (never change a running system)
2. zu faul um mich mit dem 'modernen' Zeug herumzuschlagen

cosinus · 04.03.2015, 22:09

Dafür hast du seit einem Jahr schwere Lücken. Windows XP ist nämlich seit April 2014 aus dem Support raus und erhält keine Updates mehr. Entspannt zurücklehnen ist also nicht.

Du solltest ASAP auf ein aktuelles Windows umsteigen. Oder als Alternative Linux für diesen Rechner verwenden. Aber XP gehört entsorgt.

D_Harry · 04.03.2015, 22:30

Naja, nach dem ich jetzt mit meine Dachbodenausbau fertig bin, werde ich mal ernsthaft darüber nachdenken. Im Moment löst das aber natürlich mein kleines Problem nicht.

cosinus · 04.03.2015, 22:36

Zitat:

Zitat von D_Harry

Im Moment löst das aber natürlich mein kleines Problem nicht.

Du hast schon seit letztes Jahr ein dickes Problem mit Windows XP, nimmst es nur nicht so richtig wahr...

Zitat:

Meine mir Zugemutete hat mir heute mitgeteilt, dass die von DHL zugeschickte Benachrichtigung nicht funktioniert

Was genau von der Mail wurde angeklickt? Anhang entpackt und die ausführbare Datei wurde auch ausgeführt?

D_Harry · 05.03.2015, 05:27

Das zu klären ist etwas schwierig, da die liebe Göttergattin in technischen Belangen nicht gerade sehr versiert ist.
Hab jetzt nochmal nachgefragt, was sie denn eigentlich genau gemacht hat. Mit Sicherheit kann ich sagen, dass sie das Zip-File mittels Push-Button 'öffnen' entpackt hat. Laut ihren Angaben war da aber nichts - Zitat: 'es war leer und grau'. Die Frage ob sie ein allfällig im Zip-Archiv gepacktes pdf-File oder sonstiges File geöffnet hat bleibt ungeklärt - 'das weiß ich doch nicht'.

Im Prinzip weiß ich also leider nicht wirklich, was die gute Frau tatsächlich gemacht hat, aber da eine ausführbare Datei gepackt war, gehe ich schon mal davon aus, dass sie die auch ausgeführt hat.

cosinus · 05.03.2015, 08:42

Dann wurde vermutlich nichts ausgeführt. Hat der Virenscanner noch rechtzeitig angeschlagen? Bitte im Log von AVG nachsehen. Und auch mal sicherstellen ob das überhaupt ne Spam-Mail oder ne legitime E-Mail vllt sogar war.

D_Harry · 06.03.2015, 08:55

Also es war definitiv ein Spam-Mail und im downgeloadeden Zip-File war eine exe-Datei gepackt (hab mir das Zip-Archiv selbst angesehen).

Da mir das aber letztlich zu viel Wenn u. Aber war und mich die Ungewissheit ob denn da jetzt Schadsoftware drauf ist oder nicht etwas unruhig gemacht hat, habe ich den PC einfach mal neu aufgesetzt.
Und weil ich schon mal dabei war, habe ich XP entsorgt u. 8.1 drauf gemacht.

cosinus · 06.03.2015, 10:37

Zitat:

habe ich XP entsorgt u. 8.1 drauf gemacht.

Damit hast du gleich zwei Probleme auf einmal gelöst

05.03.2015, 08:42	#8
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	DHLBenachrichtigung.zip Dann wurde vermutlich nichts ausgeführt. Hat der Virenscanner noch rechtzeitig angeschlagen? Bitte im Log von AVG nachsehen. Und auch mal sicherstellen ob das überhaupt ne Spam-Mail oder ne legitime E-Mail vllt sogar war. __________________ Logfiles bitte immer in CODE-Tags posten

04.03.2015, 22:30	#5
D_Harry	DHLBenachrichtigung.zip Naja, nach dem ich jetzt mit meine Dachbodenausbau fertig bin, werde ich mal ernsthaft darüber nachdenken. Im Moment löst das aber natürlich mein kleines Problem nicht.

DHLBenachrichtigung.zip

Plagegeister aller Art und deren Bekämpfung: DHLBenachrichtigung.zip