Takumi-kun | 20.06.2013 19:14 | Also das nenne ich mal 'ne blitzschnelle Antwort. Schon mal vielen Dank dafür.
Okay, der Scan ist erledigt.
Erst mal die FRST.txt:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-06-2013
Ran by Weber (administrator) on 20-06-2013 20:02:21
Running from C:\Users\Weber\Desktop
Windows 7 Home Premium Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Could not list processes ===============
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [932288 2010-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM\...\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe" [1226928 2013-05-20] (AVG Secure Search)
HKLM\...\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" [3830224 2013-05-16] (Safer-Networking Ltd.)
HKLM\...\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe" [356376 2013-06-20] (Kaspersky Lab ZAO)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKCU\...\Run: [EPSON Stylus D92 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBZE.EXE /FU "C:\Users\Weber\AppData\Local\Temp\E_SABF7.tmp" /EF "HKCU" [x]
BootExecute: autocheck autochk * sdnclean.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
URLSearchHook: (No Name) - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - No File
URLSearchHook: (No Name) - {213c8ed6-1d78-4d8f-8729-25006aa86a76} - No File
URLSearchHook: FileConverter 1.3 Toolbar - {78e516ef-11de-47a1-8364-a99b917ec5ee} - C:\Program Files\FileConverter_1.3\prxtbFile.dll (Conduit Ltd.)
HKLM SearchScopes: DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3241949
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=161&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3241949
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&AF=119998&babsrc=SP_ss&mntrId=caf1c208000000000000000000000000
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={ECE61605-D00C-4E8E-94A4-6063223D4410}&mid=a3d7e600427d47d0be67d154263885a3-e5fde1ddcf3180e08b7cab492ec73dcc24982aa1&lang=de&ds=AVG&pr=fr&d=2012-12-22 19:39:31&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=161&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3241949
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: FileConverter 1.3 Toolbar - {78e516ef-11de-47a1-8364-a99b917ec5ee} - C:\Program Files\FileConverter_1.3\prxtbFile.dll (Conduit Ltd.)
BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.2.0.5\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO: No Name - {99079a25-328f-4bd4-be04-00955acaa0a7} - No File
BHO: WOT - {9E571C81-21E7-496B-9E6B-127E60263022} - C:\Users\Weber\AppData\LocalLow\WOT\IE\WOT.dll (WOT Services Oy)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM - TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~1\TerraTec\TERRAT~1\THCDES~1.DLL (TerraTec Electronic GmbH)
Toolbar: HKLM - No Name - {99079a25-328f-4bd4-be04-00955acaa0a7} - No File
Toolbar: HKLM - No Name - !{213c8ed6-1d78-4d8f-8729-25006aa86a76} - No File
Toolbar: HKLM - No Name - !{78e516ef-11de-47a1-8364-a99b917ec5ee} - No File
Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.2.0.5\AVG Secure Search_toolbar.dll (AVG Secure Search)
Toolbar: HKCU -No Name - {EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} - No File
Toolbar: HKCU -No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlcdnet.asus.com/pub/ASUS/misc/dlm-activex-2.2.5.0.cab
DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-31-0.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab
Handler: msdaipp - No CLSID Value -
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll (AVG Secure Search)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{F6A0FDE7-4A67-4697-853B-ADA842061260}: [NameServer]213.191.74.19 62.109.123.197
========================== Services (Whitelisted) =================
R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356376 2013-06-20] (Kaspersky Lab ZAO)
R2 bgsvcgen; C:\Windows\System32\bgsvcgen.exe [145504 2007-06-15] (B.H.A Corporation)
R2 Norton PC Checkup Application Launcher; C:\Program Files\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe [132504 2013-03-22] (Symantec Corporation)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 TVGOnlineUpdateSvc; C:\Program Files\TVG\OnlineUpdate\OnlineUpdateSvc.exe [398128 2010-02-24] ()
R2 vToolbarUpdater15.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [1015984 2013-05-20] (AVG Secure Search)
R2 WOTUpdater; C:\Users\Weber\AppData\LocalLow\WOT\IE\WOTUpdater.exe [18432 2012-01-12] ()
S2 Winmgmt; C:\PROGRA~2\wig1co.dat [x]
==================== Drivers (Whitelisted) ====================
S3 3xHybrid; C:\Windows\System32\DRIVERS\3xHybrid.sys [556416 2003-12-05] (Philips Semiconductors GmbH)
R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
R1 AsIO; C:\Windows\System32\drivers\AsIO.sys [12400 2007-12-17] ()
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-05-20] (AVG Technologies)
R3 azvusb; C:\Windows\System32\DRIVERS\azvusb.sys [44544 2009-08-24] (AzureWave Technologies, Inc.)
R1 cdrbsdrv; C:\Windows\System32\Drivers\cdrbsdrv.sys [33408 2006-02-20] (B.H.A Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [136024 2012-06-19] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [594528 2013-06-20] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [24408 2012-08-02] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [25944 2013-06-20] (Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [25944 2013-06-20] (Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [44000 2013-06-20] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [145040 2013-06-20] (Kaspersky Lab ZAO)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [6504 2009-05-13] ()
S3 pctvvbi; C:\Windows\System32\DRIVERS\pctvvbi.sys [6400 2002-11-11] (Pinnacle Systems)
R3 Pfc; C:\Windows\System32\drivers\pfc.sys [14604 2002-06-17] (Padus, Inc.)
R3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1311232 2009-07-14] (NXP Semiconductors)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-06-20 20:01 - 2013-06-20 20:01 - 00000000 ____D C:\FRST
2013-06-20 20:00 - 2013-06-20 20:00 - 01368263 ____A (Farbar) C:\Users\Weber\Desktop\FRST.exe
2013-06-20 18:16 - 2013-06-20 18:55 - 00000000 ____D C:\PPF_Scan1
2013-06-20 18:14 - 2013-06-20 18:48 - 00000000 ____D C:\Users\Weber\Desktop\PPPFScan
2013-06-20 17:04 - 2013-06-20 17:05 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-06-20 16:55 - 2013-06-20 16:55 - 00001109 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-06-20 16:54 - 2013-06-20 16:54 - 21151576 ____A (Mozilla) C:\Users\Weber\Documents\Firefox Setup 21.0.exe
2013-06-20 16:48 - 2013-06-20 16:48 - 00004292 ____A C:\Users\Weber\Desktop\bookmarks-2013-06-20.json
2013-06-20 16:34 - 2013-06-20 16:34 - 00262144 ____A C:\Windows\System32\config\elam
2013-06-20 15:05 - 2013-06-20 15:05 - 00002290 ____A C:\Users\Weber\Desktop\Sicherer Zahlungsverkehr.lnk
2013-06-20 15:03 - 2013-06-20 15:03 - 00001116 ____A C:\Users\Public\Desktop\Kaspersky Internet Security 2013.lnk
2013-06-20 15:01 - 2013-06-20 19:46 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-06-20 15:01 - 2013-06-20 15:01 - 00000000 ____D C:\Windows\ELAMBKUP
2013-06-20 15:01 - 2013-06-20 15:01 - 00000000 ____D C:\Program Files\Kaspersky Lab
2013-06-20 15:00 - 2013-06-20 15:16 - 00594528 ____A (Kaspersky Lab ZAO) C:\Windows\System32\Drivers\klif.sys
2013-06-20 15:00 - 2013-06-20 15:16 - 00074848 ____A (Kaspersky Lab ZAO) C:\Windows\System32\Drivers\klflt.sys
2013-06-20 14:57 - 2013-06-20 14:58 - 165974760 ____A (Kaspersky Lab) C:\Users\Weber\Downloads\kis13.0.1.4190de-de.exe
2013-06-20 14:45 - 2013-06-20 14:45 - 00000000 ____D C:\Users\Weber\AppData\Local\Avg2013
2013-06-20 14:42 - 2013-06-20 14:42 - 00000000 ____D C:\Users\Weber\AppData\Roaming\TuneUp Software
2013-06-20 14:39 - 2013-06-20 14:39 - 02451728 ____A C:\Users\Weber\Downloads\bitdefender_isecurity(2).exe
2013-06-20 14:39 - 2013-06-20 14:39 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2013-06-20 14:38 - 2013-06-20 14:38 - 02451728 ____A C:\Users\Weber\Downloads\bitdefender_isecurity.exe
2013-06-20 13:26 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\System32\Drivers\etc\hosts.20130620-132626.backup
2013-06-20 13:18 - 2013-06-20 13:28 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-06-20 13:17 - 2013-06-20 13:17 - 00002123 ____A C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-06-20 13:17 - 2013-06-20 13:17 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2013-06-20 13:17 - 2009-01-25 13:14 - 00015224 ____A (Safer Networking Limited) C:\Windows\System32\sdnclean.exe
2013-06-20 13:16 - 2013-06-20 13:16 - 36364784 ____A (Safer-Networking Ltd. ) C:\Users\Weber\Downloads\spybotsd-2.1.20-SR1(2).exe
2013-06-20 13:14 - 2013-06-20 13:14 - 00316412 ____A (Safer-Networking Ltd. ) C:\Users\Weber\Downloads\spybotsd-2.1.20-SR1.exe.part
2013-06-20 13:14 - 2013-06-20 13:14 - 00000000 ____A C:\Users\Weber\Downloads\spybotsd-2.1.20-SR1.exe
2013-06-20 13:07 - 2013-06-20 13:07 - 00388608 ____A (Trend Micro Inc.) C:\Users\Weber\Downloads\HiJackThis204.exe
2013-06-20 09:25 - 2013-06-20 11:53 - 00000000 ____D C:\Program Files\PantsOff
2013-06-19 23:36 - 2013-06-19 23:36 - 00000000 ____D C:\Users\Weber\AppData\Roaming\Malwarebytes
2013-06-19 23:36 - 2013-06-19 23:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-19 23:35 - 2013-06-19 23:33 - 10285040 ____A (Malwarebytes Corporation ) C:\Users\Weber\Desktop\mbam-setup-1.75.0.1300.exe
2013-06-15 15:59 - 2013-06-17 23:38 - 00004696 ____A C:\Users\Weber\Desktop\avgrep.txt
2013-06-15 11:17 - 2013-06-20 08:53 - 95023320 ___AT C:\ProgramData\oc1giw.pad
2013-06-15 11:17 - 2013-06-20 08:53 - 00000000 ____A C:\ProgramData\as98213.txt
2013-06-14 23:14 - 2013-06-08 13:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-14 23:14 - 2013-06-08 13:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-14 23:14 - 2013-06-08 13:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-14 23:14 - 2013-06-08 13:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-14 23:14 - 2013-06-08 13:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-14 23:14 - 2013-06-08 13:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-14 23:11 - 2013-05-17 03:26 - 00042496 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-14 23:11 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-14 23:11 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-14 23:11 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-14 23:11 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-14 23:11 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-14 23:11 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-14 23:11 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-14 23:11 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-14 23:11 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-14 21:19 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-14 21:19 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-14 21:19 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-14 21:19 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-14 21:19 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-14 21:19 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-14 21:19 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-14 21:19 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-14 21:18 - 2013-05-08 07:38 - 01293672 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-14 21:18 - 2013-05-06 07:06 - 03968872 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
2013-06-14 21:18 - 2013-05-06 07:06 - 03913576 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-06-14 21:18 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-07 18:17 - 2013-06-20 17:27 - 00000350 ____A C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2013-06-07 09:55 - 2013-06-18 10:14 - 00000000 ____D C:\Users\Weber\Documents\Sri Lanka Tänze
2013-06-02 23:16 - 2013-06-02 23:16 - 00015882 ____A C:\Users\Weber\Downloads\=_utf-8_Q_Angebot=5FHotel=5FZur=5FB=C3=B6_= =_utf-8_Q_rse (2).docx_=
2013-06-02 23:16 - 2013-06-02 23:16 - 00015882 ____A C:\Users\Weber\Downloads\=_utf-8_Q_Angebot=5FHotel=5FZur=5FB=C3=B6_= =_utf-8_Q_rse (1).docx_=
2013-06-02 23:13 - 2013-06-02 23:13 - 00015882 ____A C:\Users\Weber\Downloads\=_utf-8_Q_Angebot=5FHotel=5FZur=5FB=C3=B6_= =_utf-8_Q_rse.docx_=
2013-05-30 13:37 - 2013-05-30 13:40 - 00000280 ___AH C:\Windows\Tasks\{7A090BE2-CD03-415A-B304-18DCB5C67766}.job
2013-05-30 13:37 - 2013-05-30 13:37 - 00000746 ____A C:\Users\Weber\Desktop\Internet Security 2014.lnk
2013-05-30 13:37 - 2013-05-30 13:37 - 00000000 ____D C:\Users\Weber\AppData\Local\97d3d210-0ade-4a3f-83fd-48de09197f40ad
2013-05-30 13:37 - 2013-05-30 13:37 - 00000000 ____A C:\Users\Weber\mstsc.exe
==================== One Month Modified Files and Folders ========
2013-06-20 20:01 - 2013-06-20 20:01 - 00000000 ____D C:\FRST
2013-06-20 20:00 - 2013-06-20 20:00 - 01368263 ____A (Farbar) C:\Users\Weber\Desktop\FRST.exe
2013-06-20 19:46 - 2013-06-20 15:01 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-06-20 19:46 - 2013-05-17 17:25 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-20 19:32 - 2010-06-26 19:26 - 00001096 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-20 18:55 - 2013-06-20 18:16 - 00000000 ____D C:\PPF_Scan1
2013-06-20 18:48 - 2013-06-20 18:14 - 00000000 ____D C:\Users\Weber\Desktop\PPPFScan
2013-06-20 17:35 - 2010-06-26 17:47 - 01905969 ____A C:\Windows\WindowsUpdate.log
2013-06-20 17:34 - 2009-07-14 06:34 - 00015120 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-20 17:34 - 2009-07-14 06:34 - 00015120 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-20 17:32 - 2010-06-26 19:26 - 00001092 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-20 17:27 - 2013-06-07 18:17 - 00000350 ____A C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2013-06-20 17:27 - 2012-12-22 20:34 - 00018917 ____A C:\Windows\setupact.log
2013-06-20 17:27 - 2009-07-14 06:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-20 17:16 - 2009-07-14 10:47 - 00000000 ____D C:\Windows\System32\Drivers\de-DE
2013-06-20 17:16 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\DriverStore
2013-06-20 17:16 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\de-DE
2013-06-20 17:09 - 2012-12-22 22:25 - 00010648 ____A C:\Windows\PFRO.log
2013-06-20 17:05 - 2013-06-20 17:04 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-06-20 16:55 - 2013-06-20 16:55 - 00001109 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-06-20 16:55 - 2010-06-26 18:43 - 00000000 ____D C:\Users\Weber\AppData\Roaming\Mozilla
2013-06-20 16:55 - 2010-06-26 18:43 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-06-20 16:54 - 2013-06-20 16:54 - 21151576 ____A (Mozilla) C:\Users\Weber\Documents\Firefox Setup 21.0.exe
2013-06-20 16:48 - 2013-06-20 16:48 - 00004292 ____A C:\Users\Weber\Desktop\bookmarks-2013-06-20.json
2013-06-20 16:34 - 2013-06-20 16:34 - 00262144 ____A C:\Windows\System32\config\elam
2013-06-20 15:16 - 2013-06-20 15:00 - 00594528 ____A (Kaspersky Lab ZAO) C:\Windows\System32\Drivers\klif.sys
2013-06-20 15:16 - 2013-06-20 15:00 - 00074848 ____A (Kaspersky Lab ZAO) C:\Windows\System32\Drivers\klflt.sys
2013-06-20 15:16 - 2012-08-13 16:49 - 00145040 ____A (Kaspersky Lab ZAO) C:\Windows\System32\Drivers\kneps.sys
2013-06-20 15:16 - 2012-07-25 14:53 - 00025944 ____A (Kaspersky Lab) C:\Windows\System32\Drivers\klmouflt.sys
2013-06-20 15:16 - 2012-06-08 11:38 - 00044000 ____A (Kaspersky Lab ZAO) C:\Windows\System32\Drivers\kltdi.sys
2013-06-20 15:16 - 2012-05-25 19:38 - 00025944 ____A (Kaspersky Lab) C:\Windows\System32\Drivers\klkbdflt.sys
2013-06-20 15:05 - 2013-06-20 15:05 - 00002290 ____A C:\Users\Weber\Desktop\Sicherer Zahlungsverkehr.lnk
2013-06-20 15:03 - 2013-06-20 15:03 - 00001116 ____A C:\Users\Public\Desktop\Kaspersky Internet Security 2013.lnk
2013-06-20 15:01 - 2013-06-20 15:01 - 00000000 ____D C:\Windows\ELAMBKUP
2013-06-20 15:01 - 2013-06-20 15:01 - 00000000 ____D C:\Program Files\Kaspersky Lab
2013-06-20 14:58 - 2013-06-20 14:57 - 165974760 ____A (Kaspersky Lab) C:\Users\Weber\Downloads\kis13.0.1.4190de-de.exe
2013-06-20 14:46 - 2012-12-22 20:36 - 00000000 ____D C:\ProgramData\MFAData
2013-06-20 14:45 - 2013-06-20 14:45 - 00000000 ____D C:\Users\Weber\AppData\Local\Avg2013
2013-06-20 14:45 - 2012-12-22 20:37 - 00000000 ____D C:\ProgramData\AVG2013
2013-06-20 14:42 - 2013-06-20 14:42 - 00000000 ____D C:\Users\Weber\AppData\Roaming\TuneUp Software
2013-06-20 14:42 - 2012-12-22 20:37 - 00000000 ___HD C:\$AVG
2013-06-20 14:39 - 2013-06-20 14:39 - 02451728 ____A C:\Users\Weber\Downloads\bitdefender_isecurity(2).exe
2013-06-20 14:39 - 2013-06-20 14:39 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2013-06-20 14:38 - 2013-06-20 14:38 - 02451728 ____A C:\Users\Weber\Downloads\bitdefender_isecurity.exe
2013-06-20 13:28 - 2013-06-20 13:18 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-06-20 13:26 - 2009-07-14 04:04 - 00447822 ___RA C:\Windows\System32\Drivers\etc\hosts.20130620-132731.backup
2013-06-20 13:17 - 2013-06-20 13:17 - 00002123 ____A C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-06-20 13:17 - 2013-06-20 13:17 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2013-06-20 13:16 - 2013-06-20 13:16 - 36364784 ____A (Safer-Networking Ltd. ) C:\Users\Weber\Downloads\spybotsd-2.1.20-SR1(2).exe
2013-06-20 13:14 - 2013-06-20 13:14 - 00316412 ____A (Safer-Networking Ltd. ) C:\Users\Weber\Downloads\spybotsd-2.1.20-SR1.exe.part
2013-06-20 13:14 - 2013-06-20 13:14 - 00000000 ____A C:\Users\Weber\Downloads\spybotsd-2.1.20-SR1.exe
2013-06-20 13:07 - 2013-06-20 13:07 - 00388608 ____A (Trend Micro Inc.) C:\Users\Weber\Downloads\HiJackThis204.exe
2013-06-20 12:01 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\NDF
2013-06-20 11:53 - 2013-06-20 09:25 - 00000000 ____D C:\Program Files\PantsOff
2013-06-20 09:01 - 2011-12-30 12:40 - 00000000 ____D C:\Windows\pss
2013-06-20 08:53 - 2013-06-15 11:17 - 95023320 ___AT C:\ProgramData\oc1giw.pad
2013-06-20 08:53 - 2013-06-15 11:17 - 00000000 ____A C:\ProgramData\as98213.txt
2013-06-20 08:03 - 2010-06-26 17:48 - 01498742 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-20 07:58 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\AppCompat
2013-06-20 00:46 - 2010-06-26 17:53 - 00000000 ____D C:\users\Weber
2013-06-19 23:36 - 2013-06-19 23:36 - 00000000 ____D C:\Users\Weber\AppData\Roaming\Malwarebytes
2013-06-19 23:36 - 2013-06-19 23:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-19 23:33 - 2013-06-19 23:35 - 10285040 ____A (Malwarebytes Corporation ) C:\Users\Weber\Desktop\mbam-setup-1.75.0.1300.exe
2013-06-19 22:24 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-06-18 10:46 - 2012-01-07 14:24 - 00000000 ____D C:\Users\Weber\AppData\Local\MPlayer
2013-06-18 10:45 - 2012-01-07 14:21 - 00000000 ____D C:\Users\Weber\.smplayer
2013-06-18 10:14 - 2013-06-07 09:55 - 00000000 ____D C:\Users\Weber\Documents\Sri Lanka Tänze
2013-06-17 23:38 - 2013-06-15 15:59 - 00004696 ____A C:\Users\Weber\Desktop\avgrep.txt
2013-06-16 16:36 - 2010-08-09 07:36 - 00000000 ____D C:\Users\Weber\Documents\Radgruppe
2013-06-14 23:12 - 2010-06-26 18:07 - 73381792 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-14 22:46 - 2013-05-17 17:25 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-06-14 22:46 - 2011-07-08 09:19 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-06-08 13:42 - 2013-06-14 23:14 - 01141248 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 13:40 - 2013-06-14 23:14 - 14327808 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 13:40 - 2013-06-14 23:14 - 13760512 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 13:40 - 2013-06-14 23:14 - 02046976 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 13:40 - 2013-06-14 23:14 - 00391168 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 13:13 - 2013-06-14 23:14 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 10:22 - 2010-06-26 20:21 - 00000000 ____D C:\Users\Weber\Documents\Karin Weber u Familie
2013-06-07 18:17 - 2012-12-22 20:39 - 00000000 ____D C:\Program Files\AVG Secure Search
2013-06-04 10:24 - 2010-06-26 20:23 - 00000000 ____D C:\Users\Weber\Documents\Posaunenchor Petri-Pauli-Kirche Bergedf
2013-06-02 23:16 - 2013-06-02 23:16 - 00015882 ____A C:\Users\Weber\Downloads\=_utf-8_Q_Angebot=5FHotel=5FZur=5FB=C3=B6_= =_utf-8_Q_rse (2).docx_=
2013-06-02 23:16 - 2013-06-02 23:16 - 00015882 ____A C:\Users\Weber\Downloads\=_utf-8_Q_Angebot=5FHotel=5FZur=5FB=C3=B6_= =_utf-8_Q_rse (1).docx_=
2013-06-02 23:13 - 2013-06-02 23:13 - 00015882 ____A C:\Users\Weber\Downloads\=_utf-8_Q_Angebot=5FHotel=5FZur=5FB=C3=B6_= =_utf-8_Q_rse.docx_=
2013-05-31 16:00 - 2012-03-04 15:08 - 00000000 ____D C:\Users\Weber\Documents\Camille
2013-05-30 15:25 - 2010-12-09 00:22 - 00000000 ____D C:\Users\Weber\Documents\Zimmermann, Gerda
2013-05-30 14:16 - 2010-06-26 20:23 - 00000000 ____D C:\Users\Weber\Documents\Wolf Dieter Schäfer
2013-05-30 13:40 - 2013-05-30 13:37 - 00000280 ___AH C:\Windows\Tasks\{7A090BE2-CD03-415A-B304-18DCB5C67766}.job
2013-05-30 13:37 - 2013-05-30 13:37 - 00000746 ____A C:\Users\Weber\Desktop\Internet Security 2014.lnk
2013-05-30 13:37 - 2013-05-30 13:37 - 00000000 ____D C:\Users\Weber\AppData\Local\97d3d210-0ade-4a3f-83fd-48de09197f40ad
2013-05-30 13:37 - 2013-05-30 13:37 - 00000000 ____A C:\Users\Weber\mstsc.exe
2013-05-29 13:02 - 2010-06-26 20:11 - 00000000 ____D C:\Users\Weber\Documents\Briefe an
2013-05-29 10:01 - 2009-07-14 04:04 - 00000506 ____A C:\Windows\win.ini
2013-05-29 09:33 - 2012-12-27 18:16 - 00022016 ____A C:\Users\Weber\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-05-29 09:29 - 2010-06-26 20:16 - 00000000 ____D C:\Users\Weber\Documents\FOTOS MEINE
2013-05-28 18:34 - 2010-06-26 20:16 - 00000000 ____D C:\Users\Weber\Documents\ESPANOL
2013-05-28 18:34 - 2010-06-26 20:11 - 00000000 ____D C:\Users\Weber\Documents\Computer Neur Ordnr
2013-05-28 12:55 - 2012-02-15 17:35 - 00000000 ____D C:\Users\Weber\Documents\Küppersbusch
2013-05-24 10:32 - 2010-06-26 20:21 - 00000000 ____D C:\Users\Weber\Documents\Malte
2013-05-24 10:12 - 2010-06-26 20:19 - 00000000 ____D C:\Users\Weber\Documents\Gymn Meiendorf
2013-05-23 16:32 - 2010-06-26 20:20 - 00000000 ____D C:\Users\Weber\Documents\HAUS Wentorf
Files to move or delete:
====================
C:\Users\Weber\mstsc.exe
C:\ProgramData\oc1giw.pad
C:\Windows\Tasks\{7A090BE2-CD03-415A-B304-18DCB5C67766}.job
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-06-15 08:16
==================== End Of Log ============================ --- --- ---
--- --- ---
--- --- ---
Und nun noch die Addition.txt: Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 20-06-2013
Ran by Weber at 2013-06-20 20:05:25 Run:
Running from C:\Users\Weber\Desktop
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
7-Zip 4.65
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Reader 9.4.0 - Deutsch (Version: 9.4.0)
Adobe SVG Viewer 3.0 (Version: 3.0)
ArcSoft MediaImpression (Version: 1.2.19.690)
AVG Security Toolbar (Version: 15.2.0.5)
CCleaner (Version: 3.14)
Compatibility Pack für 2007 Office System (Version: 12.0.6612.1000)
DasTelefonbuch Deutschland
Epson Copy Utility 3.5 (Version: 3.5.0.0)
EPSON Scan
EPSON TWAIN 5 (Version: 5.71.0000)
EPSON-Drucker-Software
FileConverter 1.3 Toolbar (Version: 6.9.0.16)
Finale PrintMusic 2010 (Version: 15.0.1.1)
FoxTab PDF Creator
Google Earth (Version: 7.0.3.8542)
Google Update Helper (Version: 1.3.21.145)
Grabster AV 350 V2.07.0621.00 (Version: 2.07.0621.00)
ImgBurn (Version: 2.5.1.0)
Java Auto Updater (Version: 2.0.6.1)
Java(TM) 6 Update 30 (Version: 6.0.300)
Kaspersky Internet Security 2013 (Version: 13.0.1.4190)
K-Lite Codec Pack 8.1.0 (Full) (Version: 8.1.0)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office XP Professional mit FrontPage (Version: 10.0.6626.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 21.0 (x86 de) (Version: 21.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MuseScore 1.1 MuseScore score typesetter (Version: 1.1.0)
Norton PC Checkup (Version: 3.0.2.122.0)
PCTV
PHOTOfunSTUDIO HD Edition (Version: 3.00.126)
Picasa 3 (Version: 3.9)
SMPlayer 0.6.10 (Version: 0.6.10)
Spybot - Search & Destroy (Version: 2.1.20)
TerraTec Home Cinema (Version: 6.12.0)
TVCenter (Version: 6.4.0.784)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
==================== Restore Points =========================
Could not list Restore Points.
==================== Hosts content: ==========================
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
There are 1000 more lines starting with "127.0.0.1"
==================== Scheduled Tasks (whitelisted) =============
Task: {3CC9DEEE-CAB2-4ACD-A56A-DA004F54DC19} - System32\Tasks\WPD\SqmUpload_S-1-5-21-1183666969-3596124452-2290006970-1000 => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {42F02F1B-6A77-466E-872B-533D4BE217C3} - System32\Tasks\PC Checkup 3 Weekly Scan => C:\Program Files\Norton PC Checkup 3.0\NLAppLauncher.exe [2013-03-22] (Symantec Corporation)
Task: {6ECEC8F6-4809-4FF9-8EB1-BF0F280E3AFE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-06-26] (Google Inc.)
Task: {75C75264-3504-4C14-A663-043B9B1BACBE} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{F624586E-AEDB-43A0-89C8-A1E1D42631E1}.exe No File
Task: {768936E6-03BD-4B03-AA61-B4B743C55994} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-11] (Microsoft Corporation)
Task: {7F3E1A6E-6BFF-4A71-B824-39060F4C69FC} - System32\Tasks\{7A090BE2-CD03-415A-B304-18DCB5C67766} => C:\Users\Weber\AppData\Local\97d3d210-0ade-4a3f-83fd-48de09197f40ad\ddadeaffddefad.exe No File
Task: {8C50CC78-B822-402B-B85B-FB6026D092BD} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe No File
Task: {A80B7CE8-E0B5-42FE-9DEA-F6A492128DA5} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {AD13ED2A-9F9A-4D77-BACA-BE32B788EE69} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-14] (Adobe Systems Incorporated)
Task: {E1FE792B-3E34-402B-9410-A24A4EEE2D2E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe No File
Task: {E5A2CCFD-3934-463F-810A-D9882266E42A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-06-26] (Google Inc.)
Task: {E5B91674-3E61-458F-ADAE-F91BD43D5C15} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {F2D30A06-61DE-4015-BDED-8F63464B2D78} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {F819B469-6868-466C-9B22-193984BA188D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation)
Task: {FBF4BFBD-879F-4758-884D-7CF156FDA3CC} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe No File
==================== Faulty Device Manager Devices =============
Could not list Devices.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/20/2013 06:14:35 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (06/20/2013 04:49:12 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 1.9.2.3814, Zeitstempel: 0x4c12b3eb
Name des fehlerhaften Moduls: dbghelp.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x4ce7b7bc
Ausnahmecode: 0xc0000005
Fehleroffset: 0x64de5d38
ID des fehlerhaften Prozesses: 0xde4
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3
Error: (06/16/2013 04:52:24 PM) (Source: ESENT) (User: )
Description: taskhost (2552) WebCacheLocal: Bei Datenbankwiederherstellung trat ein unerwarteter Fehler -1032 auf.
Error: (06/16/2013 04:52:24 PM) (Source: ESENT) (User: )
Description: DllHost (2340) WebCacheLocal: Bei Datenbankwiederherstellung trat ein unerwarteter Fehler -1032 auf.
Error: (06/16/2013 04:52:24 PM) (Source: ESENT) (User: )
Description: taskhost (2552) WebCacheLocal: Versuch, Datei "C:\Users\Weber\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
Error: (06/16/2013 04:52:24 PM) (Source: ESENT) (User: )
Description: DllHost (2340) WebCacheLocal: Versuch, Datei "C:\Users\Weber\AppData\Local\Microsoft\Windows\WebCache\V01.log" für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
Error: (06/15/2013 06:46:13 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Vom Kryptografiedienst konnte das VSS-Sicherungsobjekt "System Writer" nicht initialisiert werden.
Details:
Could not query the status of the EventSystem service.
System Error:
Der Computer wird heruntergefahren.
.
Error: (06/14/2013 10:54:36 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 10.0.9200.16576, Zeitstempel: 0x515e30fe
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec49b60
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003224d
ID des fehlerhaften Prozesses: 0xe44
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3
Error: (06/02/2013 10:58:17 PM) (Source: Application Hang) (User: )
Description: Programm iexplore.exe, Version 10.0.9200.16576 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: e1c
Startzeit: 01ce5fd3bf668a99
Endzeit: 31
Anwendungspfad: C:\Program Files\Internet Explorer\iexplore.exe
Berichts-ID:
Error: (05/30/2013 01:37:31 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: insecure.exe, Version: 5.4.7.0, Zeitstempel: 0x4ee3d1c5
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18015, Zeitstempel: 0x50b83b16
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000812f
ID des fehlerhaften Prozesses: 0xdf0
Startzeit der fehlerhaften Anwendung: 0xinsecure.exe0
Pfad der fehlerhaften Anwendung: insecure.exe1
Pfad des fehlerhaften Moduls: insecure.exe2
Berichtskennung: insecure.exe3
System errors:
=============
Error: (06/20/2013 08:06:01 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet:
%%126
Error: (06/20/2013 08:05:25 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet:
%%126
Error: (06/20/2013 08:02:22 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet:
%%126
Error: (06/20/2013 05:50:47 PM) (Source: DCOM) (User: )
Description: {8BC3F05E-D86B-11D0-A075-00C04FB68820}
Error: (06/20/2013 05:50:34 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet:
%%126
Error: (06/20/2013 05:50:17 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet:
%%126
Error: (06/20/2013 05:35:43 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Sicherheitscenter" ist vom Dienst "Windows-Verwaltungsinstrumentation" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%126
Error: (06/20/2013 05:35:43 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet:
%%126
Error: (06/20/2013 05:34:13 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet:
%%126
Error: (06/20/2013 05:33:43 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet:
%%126
Microsoft Office Sessions:
=========================
Error: (06/20/2013 06:14:35 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Users\Weber\Desktop\PPPFScan\PPFScan64.exe
Error: (06/20/2013 04:49:12 PM) (Source: Application Error)(User: )
Description: firefox.exe1.9.2.38144c12b3ebdbghelp.dll_unloaded0.0.0.04ce7b7bcc000000564de5d38de401ce6dc4a34ab927C:\Program Files\Mozilla Firefox\firefox.exedbghelp.dll91cd3098-d9b8-11e2-837d-001d60dc6c50
Error: (06/16/2013 04:52:24 PM) (Source: ESENT)(User: )
Description: taskhost2552WebCacheLocal: -1032
Error: (06/16/2013 04:52:24 PM) (Source: ESENT)(User: )
Description: DllHost2340WebCacheLocal: -1032
Error: (06/16/2013 04:52:24 PM) (Source: ESENT)(User: )
Description: taskhost2552WebCacheLocal: C:\Users\Weber\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat-1032 (0xfffffbf8)32 (0x00000020)Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
Error: (06/16/2013 04:52:24 PM) (Source: ESENT)(User: )
Description: DllHost2340WebCacheLocal: C:\Users\Weber\AppData\Local\Microsoft\Windows\WebCache\V01.log-1032 (0xfffffbf8)32 (0x00000020)Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
Error: (06/15/2013 06:46:13 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
Could not query the status of the EventSystem service.
System Error:
Der Computer wird heruntergefahren.
Error: (06/14/2013 10:54:36 PM) (Source: Application Error)(User: )
Description: iexplore.exe10.0.9200.16576515e30fentdll.dll6.1.7601.177254ec49b60c00000050003224de4401ce6932fbbd34f4C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\SYSTEM32\ntdll.dll9ea6b628-d534-11e2-a2a2-001d60dc6c50
Error: (06/02/2013 10:58:17 PM) (Source: Application Hang)(User: )
Description: iexplore.exe10.0.9200.16576e1c01ce5fd3bf668a9931C:\Program Files\Internet Explorer\iexplore.exe
Error: (05/30/2013 01:37:31 PM) (Source: Application Error)(User: )
Description: insecure.exe5.4.7.04ee3d1c5KERNELBASE.dll6.1.7601.1801550b83b160eedfade0000812fdf001ce5d2a0d45f0cfC:\Users\Weber\AppData\Roaming\insecure.exeC:\Windows\system32\KERNELBASE.dll500631c6-c91d-11e2-be03-001d60dc6c50
CodeIntegrity Errors:
===================================
Date: 2013-06-20 18:28:41.203
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-20 18:28:41.201
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-20 18:28:41.199
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-20 18:28:41.197
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-20 18:28:41.194
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-20 18:28:41.191
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-20 18:26:28.449
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 58%
Total physical RAM: 1919.3 MB
Available physical RAM: 794.66 MB
Total Pagefile: 3838.61 MB
Available Pagefile: 2153.22 MB
Total Virtual: 2047.88 MB
Available Virtual: 1929.47 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:195.21 GB) (Free:3.55 GB) NTFS
Drive e: (KINGSTON) (Removable) (Total:14.91 GB) (Free:14.84 GB) FAT32
Drive g: () (Removable) (Total:15.02 GB) (Free:8.42 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 7BA128B1)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=195 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 15 GB) (Disk ID: 04030201)
Partition 1: (Not Active) - (Size=15 GB) - (Type=0C)
========================================================
Disk: 3 (Size: 15 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=15 GB) - (Type=0C)
==================== End Of Log ============================ |