| Wackelino | 25.01.2014 17:29 |
BSI positver Fund
Hallo,
bei einer meiner Email Adressen wurde ebenfalls festgestellt, dass diese gehackt wurde. - danke für Hilfe
habe schon einmal FRST laufen lassen Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-01-2014
Ran by sweety (administrator) on NOTEBOOK on 25-01-2014 16:36:24
Running from C:\Users\sweety\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) ===================
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Empolis GmbH) C:\Program Files\Common Files\Gnab\Service\ServiceController.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Empolis GmbH) C:\Program Files\Medion\MEDIONbox\Program\GCS.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Windows\System32\PnkBstrB.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Secunia) C:\Program Files\Secunia\PSI\sua.exe
(Buhl Data Service GmbH) C:\Program Files\Sceneo\Bonavista\Services\PVR\pvrservice.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Motorola Inc.) C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ODSoft multimedia) C:\Program Files\Sceneo\Bonavista\Services\ODSBC\ODSBCApp.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
() C:\Program Files\Launch Manager\LaunchAp.exe
(Wistron) C:\Program Files\Launch Manager\HotkeyApp.exe
(Wistron Corp.) C:\Program Files\Launch Manager\OSD.exe
() C:\Program Files\Launch Manager\WButton.exe
(Microsoft Corporation) D:\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdSync.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
(Secure Banking) C:\Program Files\Secure Banking\SecureBanking.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Wistron Corp.) C:\Program Files\Launch Manager\WisLMSvc.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files\Secure Banking\sbservice.exe
(RealNetworks, Inc.) C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4390912 2007-02-15] (Realtek Semiconductor)
HKLM\...\Run: [SMSERIAL] - C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [630784 2006-11-22] (Motorola Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [857648 2007-02-15] (Synaptics, Inc.)
HKLM\...\Run: [NeroFilterCheck] - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM\...\Run: [TVBroadcast] - C:\Program Files\Sceneo\Bonavista\Services\ODSBC\ODSBCApp.exe [790016 2007-05-08] (ODSoft multimedia)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [151552 2006-11-15] (Intel Corporation)
HKLM\...\Run: [LaunchAp] - C:\Program Files\Launch Manager\LaunchAp.exe [32768 2005-07-25] ()
HKLM\...\Run: [HotkeyApp] - C:\Program Files\Launch Manager\HotkeyApp.exe [192512 2006-12-14] (Wistron)
HKLM\...\Run: [LMgrOSD] - C:\Program Files\Launch Manager\OSD.exe [180224 2006-12-26] (Wistron Corp.)
HKLM\...\Run: [Wbutton] - C:\Program Files\Launch Manager\Wbutton.exe [86016 2006-11-09] ()
HKLM\...\Run: [GrooveMonitor] - D:\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [Windows Mobile-based device management] - C:\Windows\WindowsMobile\wmdSync.exe [215552 2006-11-02] (Microsoft Corporation)
HKLM\...\Run: [AppleSyncNotifier] - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [111936 2008-09-03] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [DivXMediaServer] - C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-09-11] (DivX, LLC)
HKLM\...\Run: [TkBellExe] - C:\Program Files\Real\RealPlayer\update\realsched.exe [295512 2013-05-09] (RealNetworks, Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [CtrlVol] - C:\Program Files\Launch Manager\CtrlVol.exe
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-18] (AVAST Software)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
HKCU\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [143360 2006-12-23] (Nero AG)
HKCU\...\Run: [SecureBanking] - C:\Program Files\Secure Banking\SecureBanking.exe [507904 2013-06-30] (Secure Banking)
HKCU\...\InprocServer32: [Default-pngfilt] <==== ATTENTION!
HKU\Administrator\...\Run: [WindowsWelcomeCenter] - C:\Windows\system32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\system32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\system32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fortuna-duesseldorf.de/
SearchScopes: HKLM - DefaultScope value is missing.
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} http://www.ipix.com/viewers/ipixx.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1183949065925
DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
DPF: {7527E129-A524-434A-A337-8C19F6F25C91} https://shop.aldisued-fotos-druck.de/shop/activex/aldi_sued_express_upload.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} http://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.203.0.cab
DPF: {80AEEC0E-A2BE-4B8D-985F-350FE869DC40} http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsVista.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-08-16] (SuperAdBlocker.com)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\sweety\AppData\Roaming\Mozilla\Firefox\Profiles\dtxr0eqj.default
FF Homepage: www.fortuna-duesseldorf.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @real.com/nppl3260;version=16.0.1.18 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.1.18 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @videolan.org/vlc,version=2.0.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @octoshape.com/Octoshape Streaming Services,version=1.0 - C:\Users\sweety\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\sweety\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\sweety\AppData\Roaming\mozilla\plugins\npoctoshape.dll (Octoshape ApS)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WOT - C:\Users\sweety\AppData\Roaming\Mozilla\Firefox\Profiles\dtxr0eqj.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-12-01]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-12-14]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-05-09]
========================== Services (Whitelisted) =================
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2012-09-22] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-18] (AVAST Software)
S3 FirebirdServerMAGIXInstance; C:\Program Files\ALDI Sued Foto Service\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®)
R2 GnabService; c:\program files\common files\gnab\service\servicecontroller.exe [36864 2007-04-13] (Empolis GmbH)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 Microsoft Office Groove Audit Service; D:\Microsoft Office\Office12\GrooveAuditService.exe [64856 2009-02-26] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2013-09-29] ()
R2 PnkBstrB; C:\Windows\system32\PnkBstrB.exe [189248 2013-09-29] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-03-06] ()
S3 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1228504 2013-10-14] (Secunia)
R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [660184 2013-10-14] (Secunia)
R2 srvcPVR; C:\Program Files\Sceneo\Bonavista\Services\PVR\PVRService.exe [1600512 2007-05-04] (Buhl Data Service GmbH)
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-09-28] (Ulead Systems, Inc.)
R3 WisLMSvc; C:\Program Files\Launch Manager\WisLMSvc.exe [118784 2006-11-17] (Wistron Corp.)
S3 MozillaMaintenance; "C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe" [x]
==================== Drivers (Whitelisted) ====================
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [26136 2013-12-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2013-12-18] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2013-12-18] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2013-12-14] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2013-12-18] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410528 2013-12-18] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2013-12-18] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [180248 2013-12-18] ()
S3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd5.sys [45568 2006-11-02] (VIA Technologies, Inc. )
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36640 2010-07-26] ()
R1 Hotkey; C:\Windows\System32\Drivers\Hotkey.sys [9867 2003-04-28] ()
R3 Iviaspi; C:\Windows\System32\drivers\iviaspi.sys [16024 2006-11-22] (InterVideo, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2013-10-14] (Secunia)
R3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [350720 2010-03-31] (Realtek Semiconductor Corporation )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-08-16] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-08-16] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1729152 2007-02-07] ()
S3 sscebus; C:\Windows\System32\DRIVERS\sscebus.sys [98560 2010-04-27] (MCCI Corporation)
S3 sscemdfl; C:\Windows\System32\DRIVERS\sscemdfl.sys [14848 2010-04-27] (MCCI Corporation)
S3 sscemdm; C:\Windows\System32\DRIVERS\sscemdm.sys [123648 2010-04-27] (MCCI Corporation)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 catchme; \??\C:\Users\sweety\AppData\Local\Temp\catchme.sys [x]
S3 dgderdrv; System32\drivers\dgderdrv.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S1 mailKmd; No ImagePath
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-25 16:33 - 2014-01-25 16:33 - 01222144 _____ (Farbar) C:\Users\sweety\Desktop\FRST.exe.sz8uqrr.partial
2014-01-18 13:10 - 2014-01-18 13:10 - 01236282 _____ C:\Users\sweety\Desktop\adwcleaner_3.017.exe
2014-01-18 11:14 - 2014-01-18 11:13 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-18 11:14 - 2014-01-18 11:13 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-18 11:14 - 2014-01-18 11:13 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-18 11:14 - 2014-01-18 11:13 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-01-11 11:45 - 2014-01-11 11:45 - 00000946 _____ C:\Windows\PFRO.log
==================== One Month Modified Files and Folders =======
2014-01-25 16:36 - 2013-07-06 06:38 - 00019813 _____ C:\Users\sweety\Desktop\FRST.txt
2014-01-25 16:33 - 2014-01-25 16:33 - 01222144 _____ (Farbar) C:\Users\sweety\Desktop\FRST.exe.sz8uqrr.partial
2014-01-25 16:33 - 2013-11-24 09:37 - 01222144 _____ (Farbar) C:\Users\sweety\Desktop\FRST.exe
2014-01-25 16:31 - 2011-08-07 18:33 - 01767302 _____ C:\Windows\WindowsUpdate.log
2014-01-25 16:26 - 2006-11-02 13:47 - 00003568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-25 16:26 - 2006-11-02 13:47 - 00003568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-19 08:28 - 2007-06-20 13:02 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-19 08:23 - 2013-08-18 08:17 - 00000000 ____D C:\Windows\system32\MRT
2014-01-19 08:14 - 2006-11-02 11:24 - 83425928 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-01-18 13:44 - 2011-01-17 19:49 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2014-01-18 13:19 - 2013-09-28 08:22 - 00000000 ____D C:\AdwCleaner
2014-01-18 13:10 - 2014-01-18 13:10 - 01236282 _____ C:\Users\sweety\Desktop\adwcleaner_3.017.exe
2014-01-18 11:16 - 2013-08-03 06:32 - 00000866 _____ C:\Users\Public\Desktop\VLC media player.lnk
2014-01-18 11:13 - 2014-01-18 11:14 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-18 11:13 - 2014-01-18 11:14 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-18 11:13 - 2014-01-18 11:14 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-18 11:13 - 2014-01-18 11:14 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-01-18 11:13 - 2007-12-19 22:33 - 00000000 ____D C:\Program Files\Java
2014-01-18 11:05 - 2013-11-23 13:22 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-01-18 11:05 - 2013-11-23 13:22 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-01-18 11:05 - 2013-11-23 13:22 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-11 11:45 - 2014-01-11 11:45 - 00000946 _____ C:\Windows\PFRO.log
2013-12-26 18:58 - 2008-08-04 19:32 - 00000000 ____D C:\Windows\Minidump
Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.4880.dll
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-25 16:33
==================== End Of Log ============================
Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-01-2014
Ran by sweety at 2014-01-25 16:36:54
Running from C:\Users\sweety\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
Update for Microsoft Office 2007 (KB2508958) (Version: - Microsoft)
32 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden
7-Zip 4.57 (Version: - )
Adobe Flash Player 12 ActiveX (Version: 12.0.0.38 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) - Deutsch (Version: 10.1.9 - Adobe Systems Incorporated)
AIO_CDA_ProductContext (Version: 82.0.233.000 - Hewlett-Packard) Hidden
AIO_CDA_Software (Version: 82.0.233.000 - Hewlett-Packard) Hidden
AIO_Scan (Version: 82.0.173.000 - Hewlett-Packard) Hidden
Apple Application Support (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (Version: 3.4.1.2 - Apple Inc.)
Apple Software Update (Version: 2.1.3.127 - Apple Inc.)
avast! Pro Antivirus (Version: 9.0.2011 - Avast Software)
AVS Update Manager 1.0 (Version: - Online Media Technologies Ltd.)
Bonjour (Version: 2.0.5.0 - Apple Inc.)
BrettspielWelt (Version: - )
BufferChm (Version: 82.0.173.000 - Hewlett-Packard) Hidden
C4100 (Version: 82.0.233.000 - Hewlett-Packard) Hidden
c4100_Help (Version: 82.0.233.000 - Hewlett-Packard) Hidden
CCleaner (Version: 4.07 - Piriform)
ClearProg 1.5.0 Final (Version: 1.5.0 Final - Sven Hoffman)
Club Cooee (HKCU Version: 1.6.5.0 - cooee GmbH)
CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
DivX Converter (Version: 7.1.0 - DivX, Inc.)
DivX Plus DirectShow Filters (Version: - DivX, Inc.)
DivX Version Checker (Version: 7.1.0.9 - DivX, Inc.)
DivX-Setup (Version: 2.6.1.87 - DivX, LLC)
Fax (Version: 82.0.188.000 - Hewlett-Packard) Hidden
Firebird SQL Server - MAGIX Edition 2.0.0.1 (D) (Version: 2.0.0.1 - MAGIX AG)
HiJackThis (Version: 1.0.0 - Trend Micro)
HP Customer Participation Program 8.0 (Version: 8.0 - HP)
HP Driver Diagnostics (Version: 1.02.0010 - Ihr Firmenname)
HP Photosmart.All-In-One Driver Software 8.0 .A (Version: 8.0 - HP)
HP Update (Version: 5.002.001.004 - Hewlett-Packard)
Intel(R) Graphics Media Accelerator Driver (Version: - )
Intel(R) Matrix Storage Manager (Version: - )
InterVideo MediaOne Gallery (Version: - )
InterVideo WinDVD 8 (Version: 8.0-B6.195 - InterVideo Inc.)
InterVideo WinDVD 8 (Version: 8.0-B6.195 - InterVideo Inc.) Hidden
Java 7 Update 51 (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Launch Manager V1.3.9 (Version: 1.3.9 - Wistron Corp.)
LetsTrade Komponenten (Version: - )
LightScribe 1.4.124.1 (Version: 1.4.124.1 - http://www.lightscribe.com) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300 - Malwarebytes Corporation)
MarketResearch (Version: 82.0.174.000 - Hewlett-Packard) Hidden
MEDIONbox (Version: 1.09.0000.00050 - Medion)
Microsoft .NET Framework 1.1 (Version: - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2656353) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2656370) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (Version: - )
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Office 2007 Primary Interop Assemblies (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (Version: 08.05.0822 - Microsoft Corporation)
Microsoft XML Parser (Version: 8.0.7820.0 - Microsoft Corporation) Hidden
Microsoft XML Parser (Version: 8.20.8730.4 - Microsoft Corporation) Hidden
Motorola SM56 Data Fax Modem (Version: - )
Mozilla Firefox 26.0 (x86 de) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (Version: 26.0 - Mozilla)
MSXML 4.0 SP2 (KB925672) (Version: 4.20.9839.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Essentials (Version: 7.02.5182 - Nero AG)
Octoshape Streaming Services (HKCU Version: - )
OutlookAddInNet3Setup (Version: 1.0.0 - Samsung)
Pando Media Booster (Version: 2.6.0.2 - Pando Networks Inc.)
PunkBuster Services (Version: 0.990 - Even Balance, Inc.)
QuickTime (Version: 7.74.80.86 - Apple Inc.)
RealDownloader (Version: 1.3.1 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (Version: 16.0.0 - RealNetworks)
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (Version: 6.0.1.5374 - Realtek Semiconductor Corp.)
REALTEK RTL8187B Wireless LAN Driver (Version: Package:1.00.0006 Driver:6.1095.705.2007 - REALTEK Semiconductor Corp.)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Red Light Center 3D Client (Version: 1.9.3857 - Utherverse Digital Inc)
Revo Uninstaller 1.95 (Version: 1.95 - VS Revo Group)
SAMSUNG USB Driver for Mobile Phones (Version: 1.3.850.0 - SAMSUNG Electronics Co., Ltd.)
Scan (Version: 8.1.0.0 - Hewlett-Packard) Hidden
Sceneo AbsolutTV (Version: - )
Secunia PSI (3.0.0.8013) (Version: 3.0.0.8013 - Secunia)
Secure Banking Version 1.5.2 (Version: 1.5.2 - Hopfgartner Niklas)
SUPERAntiSpyware (Version: 4.48.1000 - SUPERAntiSpyware.com)
Suyin Live Camera (Version: 1.0.0.3 - Suyin OPTO)
SUYIN webcam (Version: 1.0.1 - SUYIN)
Synaptics Pointing Device Driver (Version: 9.1.17.0 - Synaptics)
Systemsteuerung "MobileMe" (Version: 2.1.0.24 - Apple Inc.)
Toolbox (Version: 82.0.173.000 - Hewlett-Packard) Hidden
TVsweeper (Version: 3.0.2 - Sonavis)
Ulead PhotoImpact 12 (Version: 12.0 - Ulead System)
Ulead VideoStudio SE DVD (Version: 10.0 - Ulead Systems)
Unity Web Player (HKCU Version: - Unity Technologies ApS)
UnloadSupport (Version: 1.00.0000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (Version: - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (Version: - Microsoft)
Utherverse VWW Client (Version: 1.9.3857 - Utherverse Digital Inc)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VirtualDJ Home FREE (Version: 7.0.5 - Atomix Productions)
Visual Studio Tools for the Office system 3.0 Runtime (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (Version: 1 - Microsoft Corporation)
VLC media player 2.1.2 (Version: 2.1.2 - VideoLAN)
WebReg (Version: 82.0.173.000 - Hewlett-Packard) Hidden
Winamp (Version: 5.63 - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU Version: 1.0.0.1 - Nullsoft, Inc)
Windows Media Player Firefox Plugin (Version: 1.0.0.8 - Microsoft Corp)
Xvid Video Codec (Version: 1.3.2 - Xvid Team)
==================== Restore Points =========================
==================== Hosts content: ==========================
2006-11-02 11:23 - 2013-11-24 09:27 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {090EA739-FEF5-4676-9D41-2D60FF6EF6B9} - System32\Tasks\RNUpgradeHelperResumePrompt_sweety => C:\Users\sweety\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.60\agent\rnupgagent.exe [2013-09-01] (RealNetworks, Inc.)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {3E424977-7196-445E-86F1-8C715D13D457} - System32\Tasks\1-Klick-Wartung => C:\Program Files\TuneUp Utilities 2009\OneClickStarter.exe
Task: {3EE79391-EB4D-4946-8A00-ED33501E1CB1} - System32\Tasks\RNUpgradeHelperLogonPrompt_sweety => C:\Users\sweety\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.60\agent\rnupgagent.exe [2013-09-01] (RealNetworks, Inc.)
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {4EB85BE6-DA7A-4D64-8E7E-BF88C9CFF420} - System32\Tasks\Microsoft\Windows\RestartManager\{344665FA-EE14-4e00-B038-CEFEC765E27D} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {6D6EDF3C-28FE-40DF-BED0-B9066D6DC8EA} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4191780963-2002099150-675310161-1003 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-03-06] (RealNetworks, Inc.)
Task: {93285806-0492-491B-A6B6-8A4E632B66B5} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4191780963-2002099150-675310161-1003 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-03-06] (RealNetworks, Inc.)
Task: {936A0FAA-B39A-4B53-A409-19963F751414} - System32\Tasks\Test TimeTrigger => C:\Users\sweety\AppData\Local\Temp\Runner.exe <==== ATTENTION
Task: {A068D508-3E65-46D9-B00E-831B24F0058B} - System32\Tasks\ReclaimerUpdateFiles_sweety => C:\Users\sweety\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.60\agent\rnupgagent.exe [2013-09-01] (RealNetworks, Inc.)
Task: {A18807DB-C6F6-47CC-9CB5-38034B03D0A8} - System32\Tasks\QUAD => C:\Program Files\QUAD Utilities\QUAD Registry Cleaner\QUAD Registry Cleaner.exe
Task: {B453B3C8-51CE-4B81-A7F5-912A5B2A8E46} - System32\Tasks\ReclaimerUpdateXML_sweety => C:\Users\sweety\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.60\agent\rnupgagent.exe [2013-09-01] (RealNetworks, Inc.)
Task: {B5D330CC-CCF6-4E82-8CB2-930A836BD76D} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-4191780963-2002099150-675310161-1003 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-03-06] (RealNetworks, Inc.)
Task: {CAFB64E0-51C8-474E-8775-A86E617963C1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-18] (Adobe Systems Incorporated)
Task: {D76161CB-17E6-4513-BAEE-D9AD60C08B01} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {E127EE87-C86C-4C35-86D4-58F0E09DF39D} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {E41997B4-7A30-4DCA-8C70-EDA95A3D8A29} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-12-10] (Hewlett-Packard Co.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: {F13F33F0-8C19-4A1F-9662-B3A9EE767D6D} - System32\Tasks\Java Update Scheduler => C:\Program Files\Java\jre6\bin\jusched.exe
Task: {FF55B865-F243-4AA9-B49E-23E6383CF1C6} - System32\Tasks\Real Networks Scheduler => C:\Program Files\Common Files\Real\Update_OB\realsched.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\Windows\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4191780963-2002099150-675310161-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
==================== Loaded Modules (whitelisted) =============
2014-01-25 11:15 - 2014-01-25 09:26 - 02166272 _____ () C:\Program Files\AVAST Software\Avast\defs\14012500\algo.dll
2012-01-08 09:18 - 2012-01-08 09:18 - 03391488 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_16873971\mscorlib.dll
2012-01-08 09:17 - 2012-01-08 09:17 - 01966080 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_8a5407a8\system.dll
2012-06-17 06:45 - 2012-06-17 06:45 - 03035136 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_04dcb12a\system.windows.forms.dll
2012-01-08 09:18 - 2012-01-08 09:18 - 02088960 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_c95cde61\system.xml.dll
2007-07-06 06:32 - 2007-04-13 17:14 - 00006656 _____ () c:\program files\medion\medionbox\program\structconverter.dll
2009-09-25 19:42 - 2009-04-11 07:28 - 00368640 _____ () C:\Windows\system32\msjetoledb40.dll
2007-06-20 12:39 - 2006-06-26 12:34 - 00098304 _____ () C:\Program Files\Sceneo\Bonavista\Services\PVR\tvtvRemote.dll
2007-06-11 13:43 - 2006-11-22 16:31 - 00065536 _____ () C:\Program Files\Motorola\SMSERIAL\sm56fra.dll
2007-06-11 13:43 - 2006-11-22 16:31 - 00065536 _____ () C:\Program Files\Motorola\SMSERIAL\sm56brz.dll
2007-06-11 13:43 - 2006-11-22 16:31 - 00053248 _____ () C:\Program Files\Motorola\SMSERIAL\sm56chs.dll
2007-06-11 13:43 - 2006-11-22 16:31 - 00053248 _____ () C:\Program Files\Motorola\SMSERIAL\sm56cht.dll
2007-06-11 13:43 - 2006-11-22 16:31 - 00065536 _____ () C:\Program Files\Motorola\SMSERIAL\sm56ger.dll
2007-06-11 13:43 - 2006-11-22 16:31 - 00065536 _____ () C:\Program Files\Motorola\SMSERIAL\sm56ita.dll
2007-06-11 13:43 - 2006-11-22 16:31 - 00057344 _____ () C:\Program Files\Motorola\SMSERIAL\sm56jpn.dll
2007-06-11 13:43 - 2006-11-22 16:31 - 00065536 _____ () C:\Program Files\Motorola\SMSERIAL\sm56esp.dll
2007-06-11 13:43 - 2006-11-22 16:31 - 00053248 _____ () C:\Program Files\Motorola\SMSERIAL\sm56kor.dll
2007-06-11 13:43 - 2006-11-22 16:31 - 00065536 _____ () C:\Program Files\Motorola\SMSERIAL\sm56dnk.dll
2013-12-14 12:10 - 2013-12-14 12:10 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-08-29 01:25 - 2013-08-29 01:25 - 00100688 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2013-08-02 17:44 - 2013-06-30 16:01 - 00017920 _____ () C:\Program Files\Secure Banking\SecureBanking.dll
2013-08-02 17:44 - 2013-05-26 12:13 - 00008704 _____ () C:\Program Files\Secure Banking\funcs.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/25/2014 01:11:22 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung TFC.exe, Version 3.1.9.0, Zeitstempel 0x2a425e19, fehlerhaftes Modul ole32.dll, Version 6.0.6002.18277, Zeitstempel 0x4c28d53e, Ausnahmecode 0xc0000005, Fehleroffset 0x000240a1,
Prozess-ID 0x1bc0, Anwendungsstartzeit TFC.exe0.
Error: (01/25/2014 11:21:27 AM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft .NET Framework 1.1 - Update "{C0F0DCDC-99EA-4405-BDAE-CACABD3D2DF0}" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\Windows\TEMP\NDP1.1sp1-KB2833941-X86\NDP1.1sp1-KB2833941-X86-msi.0.log enthalten.
Error: (01/25/2014 11:21:07 AM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft .NET Framework 1.1 -- Fehler 1706.Für das Produkt "Microsoft .NET Framework 1.1" wurde kein gültiger Quellcode gefunden. Windows Installer kann nicht fortfahren.
Error: (01/21/2014 00:20:35 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft .NET Framework 1.1 - Update "{C0F0DCDC-99EA-4405-BDAE-CACABD3D2DF0}" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\Windows\TEMP\NDP1.1sp1-KB2833941-X86\NDP1.1sp1-KB2833941-X86-msi.0.log enthalten.
Error: (01/21/2014 00:20:16 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft .NET Framework 1.1 -- Fehler 1706.Für das Produkt "Microsoft .NET Framework 1.1" wurde kein gültiger Quellcode gefunden. Windows Installer kann nicht fortfahren.
Error: (01/19/2014 01:26:05 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung plugin-container.exe, Version 26.0.0.5087, Zeitstempel 0x52a0d293, fehlerhaftes Modul mozalloc.dll, Version 26.0.0.5087, Zeitstempel 0x52a0af28, Ausnahmecode 0x80000003, Fehleroffset 0x0000119c,
Prozess-ID 0x2b1c, Anwendungsstartzeit plugin-container.exe0.
Error: (01/19/2014 00:51:29 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\SWEETY\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\DTXR0EQJ.DEFAULT\CACHE\1\7D> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (01/19/2014 00:51:29 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\SWEETY\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\DTXR0EQJ.DEFAULT\CACHE\1\7D> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (01/19/2014 00:50:00 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung plugin-container.exe, Version 26.0.0.5087, Zeitstempel 0x52a0d293, fehlerhaftes Modul mozalloc.dll, Version 26.0.0.5087, Zeitstempel 0x52a0af28, Ausnahmecode 0x80000003, Fehleroffset 0x0000119c,
Prozess-ID 0x220, Anwendungsstartzeit plugin-container.exe0.
Error: (01/19/2014 08:29:48 AM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft .NET Framework 1.1 - Update "{C0F0DCDC-99EA-4405-BDAE-CACABD3D2DF0}" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\Windows\TEMP\NDP1.1sp1-KB2833941-X86\NDP1.1sp1-KB2833941-X86-msi.0.log enthalten.
System errors:
=============
Error: (01/25/2014 04:28:11 PM) (Source: Service Control Manager) (User: )
Description: mailKmd
Error: (01/25/2014 04:26:51 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (01/25/2014 04:26:35 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 25.01.2014 um 13:54:58 unerwartet heruntergefahren.
Error: (01/25/2014 11:36:22 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: 0x80070643Sicherheitsupdate für Microsoft .NET Framework 1.1 SP1 unter Windows XP, Windows Vista und Windows Server 2008 x86 (KB2833941){343E12E8-8772-4A72-9982-570122E959DB}203
Error: (01/25/2014 11:29:23 AM) (Source: DCOM) (User: )
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}
Error: (01/25/2014 11:15:44 AM) (Source: Service Control Manager) (User: )
Description: mailKmd
Error: (01/21/2014 08:02:15 PM) (Source: DCOM) (User: )
Description: {C2BFE331-6739-4270-86C9-493D9A04CD38}
Error: (01/21/2014 06:42:22 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (01/21/2014 06:36:59 PM) (Source: Service Control Manager) (User: )
Description: mailKmd
Error: (01/21/2014 02:36:36 PM) (Source: DCOM) (User: )
Description: {C2BFE331-6739-4270-86C9-493D9A04CD38}
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-01-19 11:29:01.776
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-19 11:29:00.918
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-19 11:29:00.060
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-19 11:28:59.202
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-19 11:28:58.359
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-19 11:28:57.501
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-19 11:28:56.518
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-19 11:28:55.660
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-19 11:28:54.818
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-19 11:28:53.976
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 48%
Total physical RAM: 2037.45 MB
Available physical RAM: 1039.23 MB
Total Pagefile: 4312.18 MB
Available Pagefile: 3158.66 MB
Total Virtual: 2047.88 MB
Available Virtual: 1934.37 MB
==================== Drives ================================
Drive c: (WINDOWS) (Fixed) (Total:60.63 GB) (Free:1.63 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATEN) (Fixed) (Total:29.18 GB) (Free:26.53 GB) NTFS
Drive e: (MULTIMEDIA) (Fixed) (Total:29.19 GB) (Free:1.04 GB) NTFS
Drive g: (USB-HDD) (Fixed) (Total:298.02 GB) (Free:68.82 GB) FAT32
Drive r: (RECOVER) (Fixed) (Total:30.04 GB) (Free:20.56 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149 GB) (Disk ID: 74BEA0E1)
Partition 1: (Active) - (Size=61 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=29 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=30 GB) - (Type=OF Extended)
========================================================
Disk: 1 (Size: 298 GB) (Disk ID: A2C2ADF9)
Partition 1: (Not Active) - (Size=298 GB) - (Type=0C)
==================== End Of Log ============================
|
So funktioniert es:
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
