ältere Logs von Antivierenprogrammen habe ich nicht. Die Infektion war gestern und ich hatte gestern kein Antivierenprogramm drüber laufen lassen, sondern erst hier ins Board geschrieben. Nach einem Warten von ca. 20 Minuten hat das WLAN jetzt heute morgen geklappt.
Anbei noch die Logs
FRST
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:11-06-2014
Ran by x (administrator) on X-PC on 11-06-2014 06:10:52
Running from C:\Users\x\Desktop
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(ABBYY) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(AOL LLC) C:\Program Files\Common Files\aol\acs\AOLacsd.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(JME) C:\Program Files\jmesoft\hotkey.exe
(Lenovo) C:\Program Files\Lenovo\HealthCare\HealthCare.exe
(CyberLink) C:\Program Files\Lenovo\Power2Go\CLMLSvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(America Online, Inc.) C:\Program Files\Common Files\aol\1351923310\ee\aolsoftware.exe
(shbox.de) C:\Program Files\FreePDF_XP\fpassist.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6600\Bin\HPNetworkCommunicator.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Unattend0000000001{BFA3D12B-66DD-4617-923A-E864BC7D20B5}] => C:\Windows\test.bat
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7596576 2009-06-26] (Realtek Semiconductor)
HKLM\...\Run: [jmekey] => C:\Program Files\jmesoft\hotkey.exe [114688 2009-07-16] (JME)
HKLM\...\Run: [Healthcare] => C:\Program Files\Lenovo\HealthCare\HealthCare.exe [827392 2009-09-28] (Lenovo)
HKLM\...\Run: [CLMLServer] => C:\Program Files\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-06-03] (CyberLink)
HKLM\...\Run: [UpdateP2GoShortCut] => C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-15] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [HostManager] => C:\Program Files\Common Files\AOL\1351923310\ee\AOLSoftware.exe [50736 2006-09-26] (America Online, Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM\...\Run: [FreePDF Assistant] => C:\Program Files\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\.DEFAULT\...\RunOnce: [WLStart] - C:\Program Files\Windows Live\Installer\wlstart.exe [786760 2009-07-26] (Microsoft Corporation)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\windows\System32\SPReview\SPReview.exe [280576 2013-03-19] (Microsoft Corporation)
HKU\S-1-5-21-778311526-149397778-2507139628-1004\...\Run: [HP Officejet 6600 (NET)] => C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-778311526-149397778-2507139628-1004\...\Run: [iDevice Manager Launcher] => "C:\Program Files\Software4u\iDevice Manager\Software4u.IDMLauncher.exe" /run
Startup: C:\Users\x\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x58E50B11C719CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKLM - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKCU - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} - No File
DPF: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\x\AppData\Roaming\Mozilla\Firefox\Profiles\bq3uvkiv.default
FF Homepage: user_pref("browser.startup.homepage", );
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\x\AppData\Roaming\Mozilla\Firefox\Profiles\bq3uvkiv.default\searchplugins\icq-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: FireFTP - C:\Users\x\AppData\Roaming\Mozilla\Firefox\Profiles\bq3uvkiv.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi [2012-12-30]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff [2013-08-21]
========================== Services (Whitelisted) =================
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-05-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-15] (Avira Operations GmbH & Co. KG)
R2 AOL ACS; C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe [46640 2006-10-23] (AOL LLC)
S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [45408 2008-11-24] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R3 athur; C:\windows\System32\DRIVERS\athur.sys [1570304 2011-04-20] (Atheros Communications, Inc.)
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [93528 2014-05-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\System32\DRIVERS\avipbb.sys [136216 2014-05-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-26] (Avira Operations GmbH & Co. KG)
R1 ssmdrv; C:\windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
R3 wanatw; C:\windows\System32\DRIVERS\wanatw4.sys [33588 2006-11-30] (America Online, Inc.)
R2 WinI2C-DDC; C:\windows\system32\drivers\DDCDrv.sys [16200 2009-03-02] (Nicomsoft Ltd.)
S3 wsvd; C:\windows\System32\DRIVERS\wsvd.sys [81704 2009-07-21] (CyberLink)
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\usbccid.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-11 06:10 - 2014-06-11 06:11 - 00011200 _____ () C:\Users\x\Desktop\FRST.txt
2014-06-11 06:10 - 2014-06-11 06:11 - 00000000 ____D () C:\FRST
2014-06-11 06:09 - 2014-06-11 06:09 - 01072640 _____ (Farbar) C:\Users\x\Desktop\FRST.exe
2014-06-10 20:56 - 2014-06-10 21:14 - 00002440 _____ () C:\ProgramData\RUNDLL32.EXE-2288-F.txt
2014-06-10 19:53 - 2014-06-10 19:56 - 00000399 _____ () C:\ProgramData\RUNDLL32.EXE-2524-F.txt
2014-06-10 19:34 - 2014-06-10 19:39 - 00000725 _____ () C:\ProgramData\RUNDLL32.EXE-2512-F.txt
2014-06-10 18:50 - 2014-06-10 19:32 - 00023365 _____ () C:\ProgramData\RUNDLL32.EXE-2244-F.txt
2014-06-10 18:41 - 2014-06-10 18:48 - 00004430 _____ () C:\ProgramData\RUNDLL32.EXE-2352-F.txt
2014-06-10 18:31 - 2014-06-10 18:31 - 00000000 ____D () C:\ProgramData\38D81AAE10F279D1A0AF97A5B6F46084
2014-06-01 21:41 - 2014-06-02 19:33 - 00021719 _____ () C:\Users\x\UStVA2014_I._Quartal_Jörg_.elfo
2014-05-25 16:19 - 2014-05-25 16:19 - 00016576 _____ () C:\Users\x\Documents\Kündigung Handyvertrag Vodafone .odt
2014-05-25 16:13 - 2014-05-25 16:13 - 00016545 _____ () C:\Users\x\Documents\Kündigung Handyvertrag Vodafone .odt
2014-05-25 15:49 - 2014-05-25 15:49 - 00016142 _____ () C:\Users\x\Documents\Kündigung Handyvertrag Vodafone und .odt
2014-05-23 07:07 - 2014-05-23 07:08 - 433592022 _____ () C:\Users\x\Desktop\gold-mitglied-589247-teil6.zip
2014-05-22 19:34 - 2014-05-22 19:34 - 149484621 _____ () C:\Users\x\Desktop\gold-mitglied-589247-teil5.zip
2014-05-22 19:08 - 2014-05-22 19:08 - 559083927 _____ () C:\Users\x\Desktop\gold-mitglied-589247-teil4.zip
2014-05-22 18:05 - 2014-05-22 18:05 - 158696403 _____ () C:\Users\x\Desktop\gold-mitglied-589247-teil2.zip
2014-05-22 18:05 - 2014-05-22 18:05 - 00304896 _____ () C:\Users\x\Desktop\gold-mitglied-589247-teil3.zip
2014-05-22 17:48 - 2014-05-22 17:49 - 1028352171 _____ () C:\Users\x\Desktop\gold-mitglied-589247-teil1.zip
2014-05-22 16:37 - 2014-05-22 16:37 - 00105956 _____ () C:\Users\x\Documents\INV_467554135_200020242_201404302004.zip
2014-05-22 16:37 - 2014-05-22 16:37 - 00000000 ____D () C:\Users\x\Documents\INV_467554135_200020242_201404302004
2014-05-19 10:38 - 2014-06-09 15:37 - 00211456 _____ () C:\Users\x\Desktop\Buchführung.xls
2014-05-18 17:08 - 2014-05-18 17:08 - 00017323 _____ () C:\Users\x\Documents\Rückforderung .odt
2014-05-16 17:21 - 2014-05-16 17:26 - 00004991 _____ () C:\Users\x\Desktop\USt2013_.elfo
2014-05-16 17:14 - 2014-05-16 17:14 - 00004468 _____ () C:\Users\x\Desktop\GewSt2013_.elfo
2014-05-15 19:25 - 2014-05-16 16:34 - 00007586 _____ () C:\Users\x\Desktop\EUER2013_.elfo
2014-05-15 11:41 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-15 11:41 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-15 11:41 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-05-15 07:52 - 2014-05-09 09:06 - 00369664 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-05-15 07:52 - 2014-05-09 09:04 - 00302592 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-05-15 07:51 - 2014-04-12 04:15 - 00136640 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-05-15 07:51 - 2014-04-12 04:15 - 00067520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2014-05-15 07:51 - 2014-04-12 04:12 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2014-05-15 07:51 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2014-05-15 07:51 - 2014-04-12 04:12 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2014-05-15 07:51 - 2014-04-12 04:11 - 01059840 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-05-15 07:51 - 2014-04-12 04:11 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2014-05-15 07:51 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-05-15 07:51 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2014-05-15 07:51 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-05-15 07:51 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-05-15 07:51 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll
2014-05-15 07:51 - 2014-03-04 11:17 - 00304128 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-05-15 07:51 - 2014-03-04 11:17 - 00293376 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-05-15 07:51 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-05-15 07:51 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-05-15 07:51 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-05-15 07:51 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-05-15 07:51 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\cngprovider.dll
2014-05-15 07:51 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\windows\system32\adprovider.dll
2014-05-15 07:51 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\capiprovider.dll
2014-05-15 07:51 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\dpapiprovider.dll
2014-05-15 07:51 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll
2014-05-15 07:51 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\windows\system32\wincredprovider.dll
2014-05-15 07:51 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-05-13 19:34 - 2014-05-15 18:48 - 00013471 _____ () C:\Users\x\Desktop\ESt2013_.elfo
==================== One Month Modified Files and Folders =======
2014-06-11 06:11 - 2014-06-11 06:10 - 00011200 _____ () C:\Users\x\Desktop\FRST.txt
2014-06-11 06:11 - 2014-06-11 06:10 - 00000000 ____D () C:\FRST
2014-06-11 06:11 - 2012-11-02 20:39 - 00000000 ____D () C:\Users\x\AppData\Local\Temp
2014-06-11 06:11 - 2010-06-24 15:15 - 01933409 _____ () C:\windows\WindowsUpdate.log
2014-06-11 06:10 - 2010-06-24 15:16 - 01768052 _____ () C:\windows\system32\PerfStringBackup.INI
2014-06-11 06:09 - 2014-06-11 06:09 - 01072640 _____ (Farbar) C:\Users\x\Desktop\FRST.exe
2014-06-11 06:09 - 2009-07-14 06:34 - 00013424 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-11 06:09 - 2009-07-14 06:34 - 00013424 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-11 05:52 - 2009-07-14 06:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-06-11 05:52 - 2009-07-14 06:39 - 00082920 _____ () C:\windows\setupact.log
2014-06-10 21:56 - 2012-11-02 20:39 - 00000000 ____D () C:\Users\x
2014-06-10 21:56 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\wfp
2014-06-10 21:55 - 2014-01-04 17:30 - 00000000 ____D () C:\Users\x\Desktop\Bereinigung
2014-06-10 21:55 - 2013-12-21 11:16 - 00000000 ____D () C:\Users\x\Desktop\Stick
2014-06-10 21:55 - 2013-05-21 08:39 - 00000000 ____D () C:\ProgramData\elsterformular
2014-06-10 21:55 - 2012-12-03 20:24 - 00000000 ____D () C:\ProgramData\Adobe
2014-06-10 21:55 - 2012-11-03 07:53 - 00000000 ____D () C:\Users\x\Desktop\Installationsprogramme
2014-06-10 21:55 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\NDF
2014-06-10 21:55 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\AppCompat
2014-06-10 21:54 - 2013-03-01 17:54 - 00000000 ____D () C:\Users\x\Desktop\shop
2014-06-10 21:54 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\registration
2014-06-10 21:14 - 2014-06-10 20:56 - 00002440 _____ () C:\ProgramData\RUNDLL32.EXE-2288-F.txt
2014-06-10 19:56 - 2014-06-10 19:53 - 00000399 _____ () C:\ProgramData\RUNDLL32.EXE-2524-F.txt
2014-06-10 19:39 - 2014-06-10 19:34 - 00000725 _____ () C:\ProgramData\RUNDLL32.EXE-2512-F.txt
2014-06-10 19:32 - 2014-06-10 18:50 - 00023365 _____ () C:\ProgramData\RUNDLL32.EXE-2244-F.txt
2014-06-10 18:48 - 2014-06-10 18:41 - 00004430 _____ () C:\ProgramData\RUNDLL32.EXE-2352-F.txt
2014-06-10 18:31 - 2014-06-10 18:31 - 00000000 ____D () C:\ProgramData\38D81AAE10F279D1A0AF97A5B6F46084
2014-06-09 15:37 - 2014-05-19 10:38 - 00211456 _____ () C:\Users\x\Desktop\Buchführung.xls
2014-06-08 13:03 - 2014-04-04 19:41 - 00011984 _____ () C:\Users\x\Documents\Paypack.ods
2014-06-08 12:52 - 2013-12-11 14:30 - 00168448 _____ () C:\Users\x\Desktop\Haushaltsbuch.xls
2014-06-02 19:33 - 2014-06-01 21:41 - 00021719 _____ () C:\Users\x\UStVA2014_I._Quartal_.elfo
2014-06-01 10:42 - 2012-12-03 20:28 - 00426496 ___SH () C:\Users\x\Documents\Thumbs.db
2014-05-25 16:19 - 2014-05-25 16:19 - 00016576 _____ () C:\Users\x\Documents\Kündigung Handyvertrag Vodafone .odt
2014-05-25 16:13 - 2014-05-25 16:13 - 00016545 _____ () C:\Users\x\Documents\Kündigung Handyvertrag Vodafone .odt
2014-05-25 15:49 - 2014-05-25 15:49 - 00016142 _____ () C:\Users\x\Documents\Kündigung Handyvertrag Vodafone und .odt
2014-05-23 07:08 - 2014-05-23 07:07 - 433592022 _____ () C:\Users\x\Desktop\gold-mitglied-589247-teil6.zip
2014-05-22 19:34 - 2014-05-22 19:34 - 149484621 _____ () C:\Users\x\Desktop\gold-mitglied-589247-teil5.zip
2014-05-22 19:08 - 2014-05-22 19:08 - 559083927 _____ () C:\Users\x\Desktop\gold-mitglied-589247-teil4.zip
2014-05-22 18:05 - 2014-05-22 18:05 - 158696403 _____ () C:\Users\x\Desktop\gold-mitglied-589247-teil2.zip
2014-05-22 18:05 - 2014-05-22 18:05 - 00304896 _____ () C:\Users\x\Desktop\gold-mitglied-589247-teil3.zip
2014-05-22 17:49 - 2014-05-22 17:48 - 1028352171 _____ () C:\Users\x\Desktop\gold-mitglied-589247-teil1.zip
2014-05-22 16:37 - 2014-05-22 16:37 - 00105956 _____ () C:\Users\x\Documents\INV_467554135_200020242_201404302004.zip
2014-05-22 16:37 - 2014-05-22 16:37 - 00000000 ____D () C:\Users\x\Documents\INV_467554135_200020242_201404302004
2014-05-18 17:08 - 2014-05-18 17:08 - 00017323 _____ () C:\Users\x\Documents\Rückforderung .odt
2014-05-16 17:26 - 2014-05-16 17:21 - 00004991 _____ () C:\Users\x\Desktop\USt2013_.elfo
2014-05-16 17:14 - 2014-05-16 17:14 - 00004468 _____ () C:\Users\x\Desktop\GewSt2013_.elfo
2014-05-16 17:06 - 2013-05-26 14:04 - 00239616 _____ () C:\Users\x\Desktop\Buchführung.xls
2014-05-16 16:34 - 2014-05-15 19:25 - 00007586 _____ () C:\Users\x\Desktop\EUER2013_.elfo
2014-05-15 18:48 - 2014-05-13 19:34 - 00013471 _____ () C:\Users\x\Desktop\ESt2013_.elfo
2014-05-15 14:22 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\rescache
2014-05-15 13:38 - 2012-11-03 07:50 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2014-05-15 13:38 - 2012-11-03 07:50 - 00093528 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2014-05-15 13:16 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\Microsoft.NET
2014-05-15 13:06 - 2014-05-08 10:15 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-05-15 13:06 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\de-DE
2014-05-15 11:45 - 2013-08-16 08:34 - 00000000 ____D () C:\windows\system32\MRT
2014-05-15 11:44 - 2012-11-02 21:53 - 90547776 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-05-14 19:36 - 2014-05-09 15:50 - 00014613 _____ () C:\Users\x\Documents\Steuer 2013.ods
2014-05-12 13:28 - 2013-05-21 08:39 - 00000000 ____D () C:\Program Files\ElsterFormular
2014-05-12 13:04 - 2010-06-24 15:48 - 00663990 _____ () C:\windows\PFRO.log
Files to move or delete:
====================
C:\ProgramData\flashax10.exe
Some content of TEMP:
====================
C:\Users\x\AppData\Local\Temp\avgnt.exe
C:\Users\x\AppData\Local\Temp\icqsetup.exe
==================== Bamital & volsnap Check =================
C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-09 10:00
==================== End Of Log ============================ --- --- ---
--- --- ---
--- --- ---
Addition Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version:11-06-2014
Ran by x at 2014-06-11 06:11:56
Running from C:\Users\x\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Out of date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Out of date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
2007 Microsoft Office Suite Service Pack 1 (SP1) (Version: - Microsoft) Hidden
2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.6425.1000 - Microsoft Corporation)
ABBYY FineReader 9.0 Sprint (HKLM\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (Version: 9.01.513.58212 - ABBYY) Hidden
Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.38 - Adobe Systems Incorporated)
Adobe Reader XI - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Any DVD Converter Professional 4.6.0 (HKLM\...\Any DVD Converter Professional_is1) (Version: - Any-DVD-Converter.com)
AOL Deinstallation (HKLM\...\AOL Deinstallation) (Version: - )
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.4.642 - Avira)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Business Contact Manager für Outlook 2007 SP1 (HKLM\...\Business Contact Manager) (Version: 3.0.7311.0 - Microsoft Corporation)
Business Contact Manager für Outlook 2007 SP1 (Version: 3.0.7311.0 - Microsoft Corporation) Hidden
CC-Bar (HKLM\...\CC-Bar_is1) (Version: - Cashcrawler)
ElsterFormular (HKLM\...\ElsterFormular) (Version: 15.1.13904 - Landesfinanzdirektion Thüringen)
Free YouTube Download version 3.2.11.812 (HKLM\...\Free YouTube Download_is1) (Version: 3.2.11.812 - DVDVideoSoft Ltd.)
FreePDF (Remove only) (HKLM\...\FreePDF_XP) (Version: - )
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
HP Officejet 6600 - Grundlegende Software für das Gerät (HKLM\...\{48C5B91E-E794-4179-9FBF-A9A1635B9F66}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6600 Hilfe (HKLM\...\{2FA81482-5570-4CF0-9A10-D61D2F164916}) (Version: 140.0.2.2 - Hewlett Packard)
HP Update (HKLM\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
I.R.I.S. OCR (HKLM\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iDevice Manager (HKLM\...\FE5AE7DC-7B01-4263-A94C-B4526C276550_is1) (Version: 2.4.0.0 - Marx Softwareentwicklung)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
iTunes (HKLM\...\{C197BC08-3D82-4651-8886-E68C21578A38}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Lenovo Healthcare Software (HKLM\...\{9610EC3A-C7A0-4C31-9F3B-F9020C582B47}) (Version: 3.0.0.090928 - Lenovo)
Lenovo Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3321a3 - CyberLink Corp.)
Lenovo Power2Go (Version: 6.0.3321a3 - CyberLink Corp.) Hidden
Lenovo Rescue System (HKLM\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 3.0.1029 - CyberLink Corp.)
Lenovo Rescue System (Version: 3.0.1029 - CyberLink Corp.) Hidden
Lenovo Software Instruction (HKLM\...\{A79C1D34-2831-4A5D-91C7-279EF892B5CF}) (Version: 1.0.0.090907 - Lenovo)
Lenovo Treiber- und Anwendungsinstallation (HKLM\...\{45970CD1-D599-47D4-938F-3E9800D54ED1}) (Version: 5.1.0.1126 - Lenovo)
LVT (HKLM\...\{D3063097-EC84-4D21-84A4-9D852E974355}) (Version: 4.1.1.0930 - Lenovo)
LXH-JME2207FN Hotkey Driver (HKLM\...\{42B21298-C850-4272-AFD9-636CBC005421}) (Version: 5.1.0804 - Lenovo)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2003 Web Components (HKLM\...\{90A40407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8003.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 2 (SP2) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version: - Microsoft)
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Hybrid 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6213.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6213.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6213.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6213.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Small Business Connectivity Components (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.7 - Microsoft Corporation)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.10411.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (Version: 9.3.4035.00 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Tools Express Edition (Version: 9.2.3042.00 - Microsoft Corporation) Hidden
Microsoft SQL Server Native Client (HKLM\...\{7FB12670-0F93-4E1E-B2F5-4F339199A03A}) (Version: 9.00.4035.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.3042.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{849A32C3-E75A-4791-9B11-E568BA3525A4}) (Version: 9.00.4035.00 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 16.0.2 (x86 de) (HKLM\...\Mozilla Firefox 16.0.2 (x86 de)) (Version: 16.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 16.0.2 - Mozilla)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
OpenOffice.org 3.4.1 (HKLM\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Pazera Free MP4 to AVI Converter 1.6 (HKLM\...\{42442BC6-5A92-4BC2-9E0C-3D359D548A21}_is1) (Version: 1.6 - Pazera Jacek)
Realtek 8136 8168 8169 Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0006 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5911 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30116 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: - )
Studie zur Verbesserung von HP Officejet 6600 Produkten (HKLM\...\{81EFD067-B84F-423C-85BF-5CC11DFB0A3E}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
TL-WN822N/TL-WN821N Driver (HKLM\...\{62FE0726-9652-4CD2-9F09-C769D8699C21}) (Version: 1.0.0 - TP-LINK)
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (HKLM\...\{07629207-FAA0-4F1A-8092-BF5085BE511F}) (Version: 9.00.4035.00 - Microsoft Corporation)
Windows Live Anmelde-Assistent (HKLM\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Toolbar (Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
YTD Video Downloader 3.9.5 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: - GreenTree Applications SRL)
==================== Restore Points =========================
08-05-2014 08:15:35 Windows Update
15-05-2014 09:41:12 Windows Update
23-05-2014 05:12:42 Geplanter Prüfpunkt
30-05-2014 14:53:57 Geplanter Prüfpunkt
06-06-2014 15:31:36 Geplanter Prüfpunkt
10-06-2014 19:40:27 Wiederherstellungsvorgang
==================== Hosts content: ==========================
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {15F7CA89-AB97-4181-B095-578C4A843142} - System32\Tasks\HPCustParticipation HP Officejet 6600 => C:\Program Files\HP\HP Officejet 6600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {2BC7B2E0-B2E1-4704-BE17-0738C8DBFB97} - System32\Tasks\HP AR Program Upload - 27ddc8153b0f42cf8882366fd2e6eb72510e1dfd3a7b4e5ab5e314a75de2c6d7 => C:\Program Files\HP\HP Officejet 6600\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {356C7648-79A7-4AE1-8FB6-B5037D096BD7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7EC2C909-5187-438F-9A12-4253BAA2332F} - System32\Tasks\HP AR Program Upload - c3f8d686829146daafd725834ec8e32750a48322bb5944a99be8d8dda0bb630a => C:\Program Files\HP\HP Officejet 6600\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
==================== Loaded Modules (whitelisted) =============
2013-01-22 21:43 - 2010-06-17 22:56 - 00116224 _____ () C:\windows\System32\redmonnt.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 01242512 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2010-06-24 15:17 - 2009-07-16 09:20 - 00032768 _____ () C:\Program Files\jmesoft\Keyhook.dll
2010-06-24 15:17 - 2007-12-31 10:27 - 00007168 _____ () C:\Program Files\jmesoft\VistaVolume.dll
2010-06-24 15:26 - 2008-09-27 08:39 - 00045056 _____ () C:\Program Files\Lenovo\HealthCare\HOOK.dll
2010-06-24 15:26 - 2009-09-09 09:24 - 00057344 _____ () C:\Program Files\Lenovo\HealthCare\de-de\de-de.dll
2009-06-03 20:59 - 2009-06-03 20:59 - 00619816 _____ () C:\Program Files\Lenovo\Power2Go\CLMediaLibrary.dll
2009-06-03 20:59 - 2009-06-03 20:59 - 00013096 _____ () C:\Program Files\Lenovo\Power2Go\CLMLSvcPS.dll
2012-08-10 17:51 - 2012-08-10 17:51 - 00985088 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/10/2014 09:46:38 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!
Error: (06/10/2014 09:27:41 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Unbekannter Fehler bei der Systemwiederherstellung: (Windows Update). Zusätzliche Informationen: 0x8000ffff.
Error: (06/10/2014 09:27:29 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!
Error: (06/09/2014 03:01:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iexplore.exe, Version 11.0.9600.17041 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 54a04
Startzeit: 01cf83e222d59347
Endzeit: 100
Anwendungspfad: C:\Program Files\Internet Explorer\iexplore.exe
Berichts-ID:
Error: (06/09/2014 10:00:44 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (06/08/2014 06:40:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 11.0.9600.17041, Zeitstempel: 0x531807e4
Name des fehlerhaften Moduls: Flash32_12_0_0_38.ocx, Version: 12.0.0.38, Zeitstempel: 0x52abb62d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001d9021
ID des fehlerhaften Prozesses: 0x228c
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3
Error: (06/03/2014 08:06:36 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/31/2014 05:23:54 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/29/2014 10:49:59 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/26/2014 08:47:06 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
System errors:
=============
Error: (06/10/2014 09:14:54 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet:
%%126
Error: (06/10/2014 09:14:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet:
%%126
Error: (06/10/2014 09:13:54 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet:
%%126
Error: (06/10/2014 09:04:00 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet:
%%126
Error: (06/10/2014 09:03:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet:
%%126
Error: (06/10/2014 09:03:00 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet:
%%126
Error: (06/10/2014 09:02:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet:
%%126
Error: (06/10/2014 09:02:00 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet:
%%126
Error: (06/10/2014 09:01:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet:
%%126
Error: (06/10/2014 09:01:00 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet:
%%126
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 54%
Total physical RAM: 1917.24 MB
Available physical RAM: 874.6 MB
Total Pagefile: 3834.48 MB
Available Pagefile: 2622.52 MB
Total Virtual: 2047.88 MB
Available Virtual: 1897.07 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:458.38 GB) (Free:406.73 GB) NTFS
Drive e: (Volume) (Fixed) (Total:447.96 GB) (Free:419.53 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 9B9B96D4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=458 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=448 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=25 GB) - (Type=12)
==================== End Of Log ============================ Danke für die Hilfe |