Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Startfenster.de nach dämlichem Download von vlc.de

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 01.07.2013, 11:06   #1
EclectiCyst
 
Startfenster.de nach dämlichem Download von vlc.de - Standard

Startfenster.de nach dämlichem Download von vlc.de



Hallo, wie hier häufig beschrieben bin auch ich beim Download des VLC-Player auf die falsche Webseite (vlc.de) hereigefallen und "Startseite.de" wurde (mit)installiert. Die Startseite meines Browsers (Firefox) war entsprechend umgestellt und das Icon "Startseite" erschien auf dem Desktop.

Zur Behebung des Problems habe ich folgende Frage: Neben den vielen in diesem Forum dokumentierten, recht umfangreichen Prozeduren erklärt ein Eintrag (von ryder, 05.10.2012, 16:05), dass lediglich die Startseite des Browsers zurückgesetzt werden muss (habe ich bereits erledigt) und dann das Icon "Startseite" vom Desktop entfernt werden kann (habe ich noch nicht getan). Ist es tatsächlich so einfach? Es sollte mich freuen.

Vielen Dank für eure Hilfe!

M.

Alt 01.07.2013, 11:11   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Startfenster.de nach dämlichem Download von vlc.de - Standard

Startfenster.de nach dämlichem Download von vlc.de



Hi,

Systemscan mit FRST
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Start > Computer (Rechtsklick) > Eigenschaften)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Scan.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)
__________________

__________________

Alt 01.07.2013, 11:59   #3
EclectiCyst
 
Startfenster.de nach dämlichem Download von vlc.de - Standard

Startfenster.de nach dämlichem Download von vlc.de



Hi,

vielen Dank für die schnelle Antwort. Der von mir erwähnte Hinweis von ryder trifft also definitiv nicht zu? Du merkst, ich würde gerne so wenig Aufwand wie möglich/nötig betreiben...

Viele Grüße,

M.
__________________

Alt 01.07.2013, 13:02   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Startfenster.de nach dämlichem Download von vlc.de - Standard

Startfenster.de nach dämlichem Download von vlc.de



Klar geht das, Kontrolle des Rechner ist halt besser. Der Scan dauert 2 Minuten.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 01.07.2013, 13:39   #5
EclectiCyst
 
Startfenster.de nach dämlichem Download von vlc.de - Standard

Startfenster.de nach dämlichem Download von vlc.de



OK, danke, ging wirklich schnell. Dann hoffe ich mal, dass ich mir nicht noch was anderes eingefangen habe. Hier die beiden Logfiles.

Gruß,

M.


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-07-2013 01
Ran by Martin (administrator) on 01-07-2013 14:23:19
Running from C:\Users\Martin\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
() C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(SMART Technologies) C:\Program Files\SMART Technologies\Education Software\SMARTHelperService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(SAMSUNG Electronics co., LTD.) C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(ScanSoft, Inc) C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(SMART Technologies ULC) C:\Program Files\SMART Technologies\Education Software\SMARTBoardTools.exe
(SMART Technologies) C:\Program Files\SMART Technologies\Education Software\SMARTBoardService.exe
(SMART Technologies) C:\Program Files\SMART Technologies\Education Software\SMARTInk.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(TomTom) C:\Program Files\MyTomTom 3\MyTomTomSA.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Joyent, Inc) C:\Program Files\SMART Technologies\Education Software\sbsdk-server\SBWDKService.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(SMART Technologies) C:\Program Files\SMART Technologies\Education Software\Office\SMARTInk-SBSDKProxy.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(SMART Technologies) C:\Program Files\SMART Technologies\Education Software\SMARTInkPrivilegedAccess.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
() C:\Program Files\Samsung\Samsung Update Plus\SLUTrayNotifier.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
(SAMSUNG Electronics co., LTD.) C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(ScanSoft, Inc) C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(SMART Technologies ULC) C:\Program Files\SMART Technologies\Education Software\SMARTBoardTools.exe
(SMART Technologies) C:\Program Files\SMART Technologies\Education Software\SMARTBoardService.exe
(SMART Technologies) C:\Program Files\SMART Technologies\Education Software\SMARTInk.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Joyent, Inc) C:\Program Files\SMART Technologies\Education Software\sbsdk-server\SBWDKService.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\EXCEL.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
(Microsoft Corporation) C:\PROGRA~1\MICROS~2\Office12\OIS.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup [13548064 2008-07-26] (NVIDIA Corporation)
HKLM\...\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit [92704 2008-07-26] (NVIDIA Corporation)
HKLM\...\Run: [RtHDVCpl] RtHDVCpl.exe [x]
HKLM\...\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416 2007-10-26] (Synaptics, Inc.)
HKLM\...\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [71216 2007-03-14] (Cyberlink Corp.)
HKLM\...\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [52256 2007-01-08] ()
HKLM\...\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe [49152 2002-02-20] (ScanSoft, Inc)
HKLM\...\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [947152 2013-01-27] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [152392 2013-05-31] (Apple Inc.)
HKLM\...\Run: [SMART Board Tools] "C:\Program Files\SMART Technologies\Education Software\SMARTBoardTools.exe" [9279824 2013-01-31] (SMART Technologies ULC)
HKLM\...\Run: [sbsdk-server] "C:\Program Files\SMART Technologies\Education Software\sbsdk-server\NodeLauncher.exe" [62800 2013-03-07] (SMART Technologies)
HKLM\...\Run: [SMART Board Service] "C:\Program Files\SMART Technologies\Education Software\SMARTBoardService.exe" -d [2111824 2013-03-07] (SMART Technologies)
HKLM\...\Run: [SMART Ink] "C:\Program Files\SMART Technologies\Education Software\SMARTInk.exe" -a [99152 2013-03-04] (SMART Technologies)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKCU\...\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [2289664 2008-03-17] (Hewlett-Packard Company)
HKCU\...\Run: [MyTomTomSA.exe] "C:\Program Files\MyTomTom 3\MyTomTomSA.exe" [435672 2011-11-14] (TomTom)
HKCU\...\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun [18678376 2013-04-19] (Skype Technologies S.A.)
HKCR\...0c966feabec1\InprocServer32: [Default-shell32] %SystemRoot%\system32\shell32.dll ATTENTION! ====> ZeroAccess?
HKCR\...409d6c4515e9\InprocServer32: [Default-shell32] %SystemRoot%\system32\shell32.dll ATTENTION! ====> ZeroAccess?
HKU\Gast\...\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [ 2008-03-17] (Hewlett-Packard Company)
Startup: C:\ProgramData\Start Menu\Programs\Startup\BTTray.lnk
ShortcutTarget: BTTray.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Michelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startfenster.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
SearchScopes: HKCU - {667A9285-7735-4AED-A8A4-C9738AA7189C} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=0DE5EAD1-A2A8-4DAD-B60D-24F248DAF670&apn_sauid=928F066F-3BE7-4CF1-8EFC-EA9BCFF2A616
BHO: SMART Notebook Download Utility - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files\SMART Technologies\Education Software\Win32\NotebookPlugin.dll (SMART Technologies ULC.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 06 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\iswdtyb2.default
FF user.js: detected! => C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\iswdtyb2.default\user.js
FF Homepage: hxxp://ecosia.org/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: No Name - C:\Users\Martin\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\iswdtyb2.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: Yahoo! Toolbar - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\iswdtyb2.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

========================== Services (Whitelisted) =================

R2 AAV UpdateService; C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
S3 FlexNet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [1074480 2013-06-20] (Flexera Software LLC)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [20456 2013-01-27] (Microsoft Corporation)
S3 MSSQL$MSSMLBIZ; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [295232 2013-01-27] (Microsoft Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2006-12-19] ()
S2 Samsung Update Plus; C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe [77480 2008-05-13] ()
R2 SMARTHelperService; C:\Program Files\SMART Technologies\Education Software\SMARTHelperService.exe [582992 2013-03-07] (SMART Technologies)

==================== Drivers (Whitelisted) ====================

R2 ACEDRV08; C:\Windows\system32\drivers\ACEDRV08.sys [108768 2011-08-01] (Protect Software GmbH)
R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [185472 2010-02-24] (Protect Software GmbH)
R2 KMDFMEMIO; C:\Windows\System32\DRIVERS\kmdfmemio.sys [13312 2007-05-23] (SAMSUNG ELECTRONICS CO., LTD.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [195296 2013-01-20] (Microsoft Corporation)
R1 MpKsldd82a70e; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A114A989-C480-4D86-84A6-CC4F535BF31B}\MpKsldd82a70e.sys [29904 2013-07-01] (Microsoft Corporation)
R3 SMARTMouseFilterx86; C:\Windows\System32\DRIVERS\SMARTMouseFilterx86.sys [8192 2013-03-07] (SMART Technologies)
R3 SMARTVHidMini2000x86; C:\Windows\System32\DRIVERS\SMARTVHidMini2000x86.sys [7680 2013-03-07] (SMART Technologies)
R3 SMARTVTabletPCx86; C:\Windows\System32\DRIVERS\SMARTVTabletPCx86.sys [15872 2013-03-07] (SMART Technologies ULC)
R3 VMC326; C:\Windows\System32\Drivers\VMC326.sys [238464 2008-09-03] (Vimicro Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 VMC302; System32\Drivers\VMC302.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-01 14:22 - 2013-07-01 14:22 - 00000000 ____D C:\FRST
2013-07-01 14:20 - 2013-07-01 14:20 - 01372463 ____A (Farbar) C:\Users\Martin\Desktop\FRST.exe
2013-07-01 08:23 - 2013-07-01 08:23 - 00000000 ____D C:\Users\Michelle\AppData\Roaming\SMART Technologies
2013-06-23 21:56 - 2013-06-23 21:56 - 00263592 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-06-23 21:56 - 2013-06-23 21:56 - 00175016 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-06-23 21:56 - 2013-06-23 21:56 - 00175016 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2013-06-23 21:56 - 2013-06-23 21:56 - 00094632 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
2013-06-23 21:38 - 2013-06-23 21:38 - 00000000 ____D C:\Users\Gast\AppData\Roaming\SMART Technologies
2013-06-23 12:56 - 2013-07-01 13:00 - 00000000 ____D C:\Users\Martin\AppData\Local\Deployment
2013-06-23 12:56 - 2013-06-23 12:56 - 00000000 ____D C:\Users\Martin\AppData\Local\Apps\2.0
2013-06-20 20:17 - 2013-06-20 20:31 - 00000000 ____D C:\Users\Martin\AppData\Roaming\vlc
2013-06-20 20:17 - 2013-06-20 20:17 - 00000859 ____A C:\Users\Public\Desktop\VLC media player.lnk
2013-06-20 20:16 - 2013-06-20 20:16 - 00001150 ____A C:\Users\Martin\Desktop\Startfenster.lnk
2013-06-20 20:16 - 2013-06-20 20:16 - 00000000 ____D C:\Program Files\VideoLAN
2013-06-20 20:15 - 2013-06-20 20:15 - 23077120 ____A C:\Users\Martin\Downloads\vlc-2.0.7-win32.exe
2013-06-20 20:03 - 2013-06-20 20:03 - 00000000 ____D C:\Users\Martin\Documents\LabVIEW Data
2013-06-20 20:02 - 2013-06-20 20:02 - 00000000 ____D C:\Users\Martin\Documents\SMART Notebook
2013-06-20 20:02 - 2013-06-20 20:02 - 00000000 ____D C:\Users\Martin\Documents\My Notebook Content
2013-06-20 20:02 - 2013-06-20 20:02 - 00000000 ____D C:\Users\Martin\AppData\Local\SMART Technologies
2013-06-20 19:50 - 2013-06-20 20:02 - 00000000 ____D C:\Users\Martin\AppData\Roaming\SMART Technologies
2013-06-20 19:46 - 2013-06-20 19:48 - 00000000 ____D C:\ProgramData\LAT 2.0 Deutsch
2013-06-20 19:45 - 2013-06-20 19:45 - 00000000 ____D C:\ProgramData\FLEXnet
2013-06-20 19:31 - 2013-06-20 19:31 - 00002031 ____A C:\Users\Public\Desktop\SMART Notebook 11.lnk
2013-06-20 19:31 - 2013-06-20 19:31 - 00000000 ____D C:\Users\Martin\AppData\Roaming\SMART Technologies Inc
2013-06-20 19:31 - 2013-06-20 19:31 - 00000000 ____D C:\Users\Martin\AppData\Local\SMART Technologies Inc
2013-06-20 19:31 - 2010-07-12 16:40 - 00033680 ____A (SMART Technologies ULC) C:\Windows\System32\smrtlocalmon.dll
2013-06-20 19:31 - 2010-07-12 16:40 - 00023848 ____A (SMART Technologies Inc.) C:\Windows\System32\smrtlocalui.dll
2013-06-20 19:31 - 2010-05-26 11:41 - 01998168 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_43.dll
2013-06-20 19:30 - 2013-06-20 19:30 - 00000000 ____D C:\Program Files\National Instruments
2013-06-20 19:29 - 2013-06-20 19:29 - 00001985 ____A C:\Users\Public\Desktop\SMART Ink Dokumentenbetrachtungsprogramm.lnk
2013-06-20 19:25 - 2003-02-14 19:14 - 00110592 ____A (TechSmith Corporation) C:\Windows\System32\tsccvid.dll
2013-06-20 19:24 - 2013-06-20 19:31 - 00000000 ____D C:\ProgramData\SMART Technologies
2013-06-20 19:24 - 2013-06-20 19:24 - 00000000 ____D C:\Program Files\SMART Technologies
2013-06-20 19:23 - 2013-06-20 19:31 - 00000000 ____D C:\Program Files\Common Files\SMART Technologies
2013-06-20 19:11 - 2013-06-20 19:49 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-06-20 19:04 - 2013-06-20 19:04 - 00000000 ____D C:\Program Files\Common Files\Macrovision Shared
2013-06-20 18:59 - 2013-06-20 18:59 - 16526672 ____A (SMART Technologies) C:\Users\Martin\Downloads\smartesi2013junewebinstaller.exe
2013-06-13 03:26 - 2013-05-17 00:23 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-13 03:26 - 2013-05-17 00:21 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-13 03:26 - 2013-05-17 00:20 - 00420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-13 03:26 - 2013-05-17 00:19 - 00607744 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-13 03:26 - 2013-05-17 00:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-13 03:26 - 2013-05-17 00:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-13 03:26 - 2013-05-17 00:12 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-13 03:25 - 2013-05-17 01:08 - 12329984 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-13 03:25 - 2013-05-17 00:49 - 09738752 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-13 03:25 - 2013-05-17 00:39 - 01800704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-13 03:25 - 2013-05-17 00:28 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-13 03:25 - 2013-05-17 00:28 - 01104384 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-13 03:25 - 2013-05-17 00:27 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-13 03:25 - 2013-05-17 00:26 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-13 03:25 - 2013-05-17 00:21 - 00717824 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-13 03:25 - 2013-05-17 00:17 - 01796096 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-13 03:09 - 2013-05-08 05:40 - 00914792 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-13 03:09 - 2013-05-08 03:58 - 00031232 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpipreg.sys
2013-06-13 03:09 - 2013-05-03 00:03 - 03603832 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
2013-06-13 03:09 - 2013-05-03 00:03 - 03551096 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-06-13 03:09 - 2013-05-02 06:04 - 00443904 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-13 03:09 - 2013-05-02 06:03 - 00037376 ____A (Microsoft Corporation) C:\Windows\System32\printcom.dll
2013-06-13 03:09 - 2013-04-24 06:00 - 00985600 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-13 03:09 - 2013-04-24 06:00 - 00133120 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-13 03:09 - 2013-04-24 06:00 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-13 03:09 - 2013-04-24 06:00 - 00041984 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-13 03:09 - 2013-04-24 03:46 - 00812544 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-13 03:09 - 2013-04-17 14:30 - 00024576 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-11 11:36 - 2013-06-11 11:36 - 00001664 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-06-11 11:35 - 2013-06-11 11:35 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-06-11 11:35 - 2013-06-11 11:35 - 00000000 ____D C:\Program Files\iTunes
2013-06-11 11:35 - 2013-06-11 11:35 - 00000000 ____D C:\Program Files\iPod

==================== One Month Modified Files and Folders ========

2013-07-01 14:22 - 2013-07-01 14:22 - 00000000 ____D C:\FRST
2013-07-01 14:21 - 2009-03-16 05:37 - 00190440 ____A C:\ProgramData\nvModes.001
2013-07-01 14:21 - 2009-03-16 05:37 - 00190378 ____A C:\ProgramData\nvModes.dat
2013-07-01 14:21 - 2006-11-02 14:47 - 00004784 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-01 14:21 - 2006-11-02 14:47 - 00004784 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-01 14:20 - 2013-07-01 14:20 - 01372463 ____A (Farbar) C:\Users\Martin\Desktop\FRST.exe
2013-07-01 13:51 - 2012-08-16 21:01 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-01 13:47 - 2009-03-16 06:27 - 01986523 ____A C:\Windows\WindowsUpdate.log
2013-07-01 13:35 - 2010-05-13 17:55 - 00001098 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-01 13:11 - 2013-01-24 19:23 - 00000000 ____D C:\Users\Martin\Documents\Oz
2013-07-01 13:00 - 2013-06-23 12:56 - 00000000 ____D C:\Users\Martin\AppData\Local\Deployment
2013-07-01 11:35 - 2012-03-20 09:44 - 00001094 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cd066d39eae630.job
2013-07-01 08:25 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\System32\spool
2013-07-01 08:23 - 2013-07-01 08:23 - 00000000 ____D C:\Users\Michelle\AppData\Roaming\SMART Technologies
2013-07-01 08:23 - 2009-07-09 08:52 - 00122760 ____A C:\Users\Michelle\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-30 08:50 - 2006-11-02 12:33 - 01606662 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-30 08:43 - 2006-11-02 15:01 - 00032586 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-30 08:43 - 2006-11-02 15:01 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-30 08:42 - 2008-10-10 04:51 - 00000012 ____A C:\Windows\bthservsdp.dat
2013-06-28 18:18 - 2010-07-27 22:41 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Canon
2013-06-28 18:16 - 2010-07-27 22:32 - 00000000 ____D C:\Users\Martin\Desktop\Accessories
2013-06-27 16:37 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-06-23 21:56 - 2013-06-23 21:56 - 00263592 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-06-23 21:56 - 2013-06-23 21:56 - 00175016 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-06-23 21:56 - 2013-06-23 21:56 - 00175016 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2013-06-23 21:56 - 2013-06-23 21:56 - 00094632 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
2013-06-23 21:56 - 2012-08-13 11:41 - 00867240 ____A (Oracle Corporation) C:\Windows\System32\npdeployJava1.dll
2013-06-23 21:56 - 2010-05-23 14:22 - 00789416 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2013-06-23 21:45 - 2009-07-06 01:47 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Skype
2013-06-23 21:38 - 2013-06-23 21:38 - 00000000 ____D C:\Users\Gast\AppData\Roaming\SMART Technologies
2013-06-23 21:38 - 2009-08-28 19:37 - 00122760 ____A C:\Users\Gast\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-23 21:36 - 2006-11-02 14:47 - 00461248 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-23 21:35 - 2008-01-21 04:47 - 00049520 ____A C:\Windows\PFRO.log
2013-06-23 13:41 - 2006-11-02 13:18 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-06-23 12:56 - 2013-06-23 12:56 - 00000000 ____D C:\Users\Martin\AppData\Local\Apps\2.0
2013-06-20 20:31 - 2013-06-20 20:17 - 00000000 ____D C:\Users\Martin\AppData\Roaming\vlc
2013-06-20 20:17 - 2013-06-20 20:17 - 00000859 ____A C:\Users\Public\Desktop\VLC media player.lnk
2013-06-20 20:16 - 2013-06-20 20:16 - 00001150 ____A C:\Users\Martin\Desktop\Startfenster.lnk
2013-06-20 20:16 - 2013-06-20 20:16 - 00000000 ____D C:\Program Files\VideoLAN
2013-06-20 20:15 - 2013-06-20 20:15 - 23077120 ____A C:\Users\Martin\Downloads\vlc-2.0.7-win32.exe
2013-06-20 20:03 - 2013-06-20 20:03 - 00000000 ____D C:\Users\Martin\Documents\LabVIEW Data
2013-06-20 20:02 - 2013-06-20 20:02 - 00000000 ____D C:\Users\Martin\Documents\SMART Notebook
2013-06-20 20:02 - 2013-06-20 20:02 - 00000000 ____D C:\Users\Martin\Documents\My Notebook Content
2013-06-20 20:02 - 2013-06-20 20:02 - 00000000 ____D C:\Users\Martin\AppData\Local\SMART Technologies
2013-06-20 20:02 - 2013-06-20 19:50 - 00000000 ____D C:\Users\Martin\AppData\Roaming\SMART Technologies
2013-06-20 20:01 - 2009-07-02 15:44 - 00122760 ____A C:\Users\Martin\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-20 19:51 - 2012-05-02 15:55 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-06-20 19:51 - 2011-05-22 19:30 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-06-20 19:49 - 2013-06-20 19:11 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-06-20 19:48 - 2013-06-20 19:46 - 00000000 ____D C:\ProgramData\LAT 2.0 Deutsch
2013-06-20 19:45 - 2013-06-20 19:45 - 00000000 ____D C:\ProgramData\FLEXnet
2013-06-20 19:31 - 2013-06-20 19:31 - 00002031 ____A C:\Users\Public\Desktop\SMART Notebook 11.lnk
2013-06-20 19:31 - 2013-06-20 19:31 - 00000000 ____D C:\Users\Martin\AppData\Roaming\SMART Technologies Inc
2013-06-20 19:31 - 2013-06-20 19:31 - 00000000 ____D C:\Users\Martin\AppData\Local\SMART Technologies Inc
2013-06-20 19:31 - 2013-06-20 19:24 - 00000000 ____D C:\ProgramData\SMART Technologies
2013-06-20 19:31 - 2013-06-20 19:23 - 00000000 ____D C:\Program Files\Common Files\SMART Technologies
2013-06-20 19:31 - 2009-07-02 15:40 - 00000000 ____D C:\users\Martin
2013-06-20 19:31 - 2008-10-09 13:02 - 00055750 ____A C:\Windows\DPINST.LOG
2013-06-20 19:30 - 2013-06-20 19:30 - 00000000 ____D C:\Program Files\National Instruments
2013-06-20 19:29 - 2013-06-20 19:29 - 00001985 ____A C:\Users\Public\Desktop\SMART Ink Dokumentenbetrachtungsprogramm.lnk
2013-06-20 19:28 - 2006-11-02 14:52 - 00144709 ____A C:\Windows\setupact.log
2013-06-20 19:25 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\twain_32
2013-06-20 19:24 - 2013-06-20 19:24 - 00000000 ____D C:\Program Files\SMART Technologies
2013-06-20 19:04 - 2013-06-20 19:04 - 00000000 ____D C:\Program Files\Common Files\Macrovision Shared
2013-06-20 18:59 - 2013-06-20 18:59 - 16526672 ____A (SMART Technologies) C:\Users\Martin\Downloads\smartesi2013junewebinstaller.exe
2013-06-19 11:33 - 2012-09-30 22:32 - 00000000 ____D C:\Users\Martin\Documents\Jonathan Schule
2013-06-13 16:02 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-06-13 12:21 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\System32\de-DE
2013-06-13 03:26 - 2008-10-09 13:25 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-06-13 03:24 - 2006-11-02 12:24 - 73381792 ____A (Microsoft Corporation) C:\Windows\System32\mrt.exe
2013-06-11 11:36 - 2013-06-11 11:36 - 00001664 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-06-11 11:35 - 2013-06-11 11:35 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-06-11 11:35 - 2013-06-11 11:35 - 00000000 ____D C:\Program Files\iTunes
2013-06-11 11:35 - 2013-06-11 11:35 - 00000000 ____D C:\Program Files\iPod
2013-06-11 11:35 - 2009-07-03 23:57 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-06-11 11:31 - 2011-07-14 20:56 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Skype
2013-06-02 13:24 - 2013-04-21 12:26 - 00000000 ____D C:\Users\Michelle\Documents\Uni
2013-06-02 13:15 - 2013-04-21 12:16 - 00002627 ____A C:\Users\Michelle\Desktop\Microsoft Office Word 2007.lnk
2013-06-01 16:42 - 2009-07-09 08:50 - 00000000 ____D C:\Users\Michelle\AppData\Local\Microsoft Help

Files to move or delete:
====================
C:\ProgramData\nvModes.dat

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-30 08:49

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 01-07-2013 01
Ran by Martin at 2013-07-01 14:25:37
Running from C:\Users\Martin\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

 Update for Microsoft Office 2007 (KB2508958)
32 Bit HP BiDi Channel Components Installer (Version: 1.1.0.2)
AAVUpdateManager (Version: 18.00.0000)
Adobe Digital Editions
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Reader X (10.1.7) - Deutsch (Version: 10.1.7)
Adobe Shockwave Player 11.5 (Version: 11.5.1.601)
Agere Systems HDA Modem
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
ArcSoft PhotoBase 3
ArcSoft PhotoStudio 5
At the Cutting Edge
Atheros WLAN Client (Version: 1.00.000)
Autos bauen mit Willy Werkel
Bonjour (Version: 3.0.0.10)
Business Contact Manager für Outlook 2007 SP2 (Version: 3.0.8619.1)
Canon CanoScan Toolbox 4.0
CyberLink DVD Suite (Version: 5.0.2403)
CyberLink Power2Go (Version: 5.0.3825)
Duden-Bibliothek (Version: 5.1.0)
Easy Battery Manager (Version: 3.2.1.7)
Easy Display Manager (Version: 2.0.0.0)
Easy Network Manager 3.0 (Version: 3.0.0.0)
Easy SpeedUp Manager (Version: 2.0.1.3)
FreeMind (Version: 0.9.0_RC_10)
Geschäftskontakte für Smartphone (Version: 3.0.7312.0)
Google Earth (Version: 5.2.1.1588)
Google Update Helper (Version: 1.3.21.145)
HP Color LaserJet CP1510 Series 4.0 (Version: 4.0)
hppFonts (Version: 001.001.00061)
imagine digital freedom - Samsung (Version: 1.0.2.2)
Intel PROSet Wireless
Intel(R) PROSet/Wireless WiFi-Software (Version: 12.00.4000)
Intel® Matrix Storage Manager
iTunes (Version: 11.0.4.4)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
LabelPrint (Version: .2406)
LightScribe System Software  1.12.37.1 (Version: 1.12.37.1)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2003 Web Components (Version: 11.0.8003.0)
Microsoft Office 2007 Primary Interop Assemblies (Version: 12.0.4518.1014)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Small Business Connectivity Components (Version: 2.0.7024.0)
Microsoft Office Standard 2007 (Version: 12.0.6612.1000)
Microsoft Office Standard 2007-Testversion (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft SOAP Toolkit 2.0 SP2 (Version: 623.1)
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (Version: 9.4.5000.00)
Microsoft SQL Server Native Client (Version: 9.00.5000.00)
Microsoft SQL Server VSS Writer (Version: 9.00.5000.00)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.40303)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.40308)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU (Version: 10.0.40303)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (Version: 10.0.40303)
Mozilla Firefox 21.0 (x86 de) (Version: 21.0)
Mozilla Maintenance Service (Version: 21.0)
MyTomTom 3.1.0.530 (Version: 3.1.0.530)
Namuga 1.3M Webcam (Version: 1.00.0000)
NVIDIA Drivers
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
OmniPage SE (Version: 11.00.0001)
Play Camera (Version: 2.0.0.13)
PowerDirector (Version: 5.0.3927)
PowerDVD (Version: 7.0.3118.0)
PowerProducer (Version: 085120(3.7)_Vista_SSPC)
Product_SF_Min_QFolder (Version: 1.00.0000)
ProtectDisc Driver, Version 11 (Version: 11.0.0.14)
QuickTime (Version: 7.74.80.86)
Realtek High Definition Audio Driver (Version: 6.0.1.5605)
Samsung Magic Doctor (Version: 5.0)
Samsung Recovery Solution III (Version: 3.0.0.6)
Samsung Update Plus (Version: 1.3.0.11)
Skype Click to Call (Version: 5.9.9216)
Skype™ 6.3 (Version: 6.3.107)
SMART Common Files (Version: 11.3.267.0)
SMART English (United Kingdom) Language Pack (Version: 11.2.29.0)
SMART German Language Pack (Version: 11.2.29.0)
SMART Ink (Version: 1.1.549.1)
SMART Notebook (Version: 11.2.637.0)
SMART Product Drivers (Version: 11.1.669.0)
Steuer-Spar-Erklärung 2011 (Version: 16.14)
Steuer-Spar-Erklärung 2012 (Version: 17.11)
Synaptics Pointing Device Driver (Version: 10.1.2.0)
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (Version: 9.00.5000.00)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (Version: 1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817327) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Outlook 2007 Help (KB963677)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
User Guide (Version: 1.0)
Vimicro UVC Camera (Version: 1.00.0000)
Visual Studio C++ 10.0 Runtime (Version: 10.0.0)
VLC media player 2.0.7 (Version: 2.0.7)
WebReg (Version: 90.0.146.000)
WIDCOMM Bluetooth Software 6.0.1.6300 (Version: 6.0.1.6300)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows Mobile Device Center Driver Update (Version: 6.1.6965.0)
Windows Mobile-Gerätecenter (Version: 6.1.6965.0)
WinRAR

==================== Restore Points  =========================

11-06-2013 12:08:14 Geplanter Prüfpunkt
13-06-2013 01:22:37 Windows Update
15-06-2013 05:30:57 Geplanter Prüfpunkt
16-06-2013 20:38:35 Windows Update
20-06-2013 17:11:42 Installed SMART Common Files
20-06-2013 17:24:20 Installed SMART Product Drivers.
20-06-2013 17:28:12 Gerätetreiber-Paketinstallation: SMART Technologies ULC
20-06-2013 17:28:24 Installed SMART Ink.
20-06-2013 17:29:11 Installed SMART Notebook.
20-06-2013 17:45:45 Installed SMART German Language Pack.
20-06-2013 17:48:41 Installed SMART English (United Kingdom) Language Pack.
20-06-2013 17:49:35 Installed Adobe Flash Player 11 ActiveX.
23-06-2013 10:54:50 Windows Update
23-06-2013 11:39:31 Windows Update
23-06-2013 19:55:38 Installed Java 7 Update 25
27-06-2013 09:29:10 Windows Update
27-06-2013 13:05:49 Windows Update
30-06-2013 07:24:13 Geplanter Prüfpunkt
01-07-2013 08:25:57 Windows Update

==================== Scheduled Tasks (whitelisted) =============

Task: {0190C24F-D2C1-4C34-8414-6E2E253E68F7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {0A8FD1C8-E89D-468D-8F09-831FFBFD45D0} - System32\Tasks\GoogleUpdateTaskMachineCore1cd066d39eae630 => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-05-13] (Google Inc.)
Task: {0F5753FB-D4F2-45A1-B98C-76DA3AA73877} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe [2013-01-27] (Microsoft Corporation)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {1EA96E14-058E-4739-BB31-5ADD10CAB218} - System32\Tasks\{932F1336-C5A8-4F1A-9BF5-E7A39604CC46} => c:\program files\mozilla firefox\firefox.exe [2013-05-24] (Mozilla Corporation)
Task: {2B6EF32C-4D1D-4DB8-9D60-A1FE457938BB} - System32\Tasks\EasySpeedUpManager => C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2008-10-08] (Samsung Electronics Co., Ltd.)
Task: {2BB1C3D2-FA9F-4BF7-AB43-88A6568239DC} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Martin => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {488E5FBF-314A-49D0-A6D3-4EED3E81AEB7} - System32\Tasks\WPD\SqmUpload_S-1-5-21-3361709523-82609340-2664753716-1003 => C:\Windows\system32\rundll32.exe [2006-11-02] (Microsoft Corporation)
Task: {5AF78F3B-6404-4700-BED2-B93A43F85071} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [2008-10-06] (SAMSUNG Electronics)
Task: {7482AB61-435A-43A0-AC40-25B98A066D40} - System32\Tasks\WPD\SqmUpload_S-1-5-21-3361709523-82609340-2664753716-1004 => C:\Windows\system32\rundll32.exe [2006-11-02] (Microsoft Corporation)
Task: {7E37EEA0-B69E-4E4F-8D15-DD3FD207E1D7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-20] (Adobe Systems Incorporated)
Task: {83F1A9FF-C1DA-4340-8819-784E40474E86} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2008-01-21] (Microsoft Corporation)
Task: {8F2183E9-7EC7-4D75-AEE3-3A27370E676B} - System32\Tasks\{828BF2AB-87D8-4FB5-BF94-B927EDDB0230} => c:\program files\mozilla firefox\firefox.exe [2013-05-24] (Mozilla Corporation)
Task: {8F7BFBAF-1D16-4401-988C-4A624DD9423F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-05-13] (Google Inc.)
Task: {91DE9E3C-0C7C-4C27-8F4C-73EE2432FD89} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-21] (Microsoft Corp.)
Task: {94FA3A02-C841-4F6B-8A68-F1DF0DA78AF2} - System32\Tasks\{91077476-388F-4C3D-A759-8AD4358FC058} => c:\program files\mozilla firefox\firefox.exe [2013-05-24] (Mozilla Corporation)
Task: {9A64BECD-56F9-4812-A167-2CA4F2914D0F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-05-13] (Google Inc.)
Task: {A61555D3-7840-45C1-A5A9-0D49851DE37A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-21] (Microsoft Corporation)
Task: {ABB867E8-6CDE-4051-BA1F-B3BF1B1F55BE} - System32\Tasks\SamsungMagicDoctor => C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe [2008-08-26] (Samsung Electronics Co., Ltd.)
Task: {AD588772-4CD2-4713-B67F-67C026FC50A1} - System32\Tasks\{AAF8A59D-C45C-4BAE-9944-12F0C7D7E7BE} => c:\program files\mozilla firefox\firefox.exe [2013-05-24] (Mozilla Corporation)
Task: {AECE18D1-45D6-40A1-9A4F-6C54803F66A5} - System32\Tasks\{F02871FF-0B0E-4E4D-A49F-90505E401078} => c:\program files\mozilla firefox\firefox.exe [2013-05-24] (Mozilla Corporation)
Task: {AFCFACD3-5444-45D2-9E7E-7EFF6E6CA2AC} - System32\Tasks\{47864EE4-8C72-4832-BF62-0213D55356F7} => c:\program files\mozilla firefox\firefox.exe [2013-05-24] (Mozilla Corporation)
Task: {B21563E7-8EA3-47F4-9734-FCEFD88300D5} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe [2008-08-07] (SAMSUNG Electronics co., LTD.)
Task: {B6C295A7-8489-466C-890C-F78BEE3C8F8C} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-21] (Microsoft Corporation)
Task: {BC375218-6EFA-495E-B039-6358135862DF} - System32\Tasks\User_Feed_Synchronization-{8DE27BCB-DD20-432F-80A4-5A5F7EAC61F3} => C:\Windows\system32\msfeedssync.exe [2012-03-07] (Microsoft Corporation)
Task: {CB8AC6CE-8D94-4E4D-A2DA-AF0C23F07A35} - System32\Tasks\{37A03A77-7B56-413C-8437-D85011FD70DC} => c:\program files\mozilla firefox\firefox.exe [2013-05-24] (Mozilla Corporation)
Task: {D821EB6A-3273-455A-A49E-6F1C5DEB5684} - System32\Tasks\User_Feed_Synchronization-{56CA025E-0F67-4390-BA06-88659B95A627} => C:\Windows\system32\msfeedssync.exe [2012-03-07] (Microsoft Corporation)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {EB4839A2-9225-454F-BAED-4FA829520D4A} - System32\Tasks\{309E7BE3-6F13-4404-BB45-D59D5CF36FF1} => C:\Program Files\Skype\Phone\Skype.exe [2013-04-19] (Skype Technologies S.A.)
Task: {F455D404-51DA-43C6-B39C-4EF97A30C8B4} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2008-01-21] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cd066d39eae630.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/01/2013 10:12:42 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5775282

Error: (07/01/2013 10:12:42 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5775282

Error: (07/01/2013 10:12:42 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/01/2013 10:12:41 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5774112

Error: (07/01/2013 10:12:41 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5774112

Error: (07/01/2013 10:12:41 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/01/2013 10:12:39 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5773083

Error: (07/01/2013 10:12:39 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5773083

Error: (07/01/2013 10:12:39 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/01/2013 10:12:38 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5772053


System errors:
=============
Error: (08/07/2011 08:41:02 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 07.08.2011 um 01:42:13 unerwartet heruntergefahren.

Error: (08/04/2011 10:42:48 PM) (Source: Service Control Manager) (User: )
Description: 30000Netman

Error: (08/04/2011 08:55:12 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (08/04/2011 08:55:08 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: 0x80070032

Error: (08/04/2011 08:53:35 PM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueueKerberos

Error: (08/04/2011 04:18:58 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: 0x80070032

Error: (08/04/2011 04:16:40 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (08/04/2011 04:15:03 PM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueueKerberos

Error: (08/04/2011 01:18:16 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: 0x80070032

Error: (08/04/2011 01:17:17 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058


Microsoft Office Sessions:
=========================
Error: (04/20/2013 10:11:54 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 409309 seconds with 10320 seconds of active time.  This session ended with a crash.

Error: (03/13/2013 04:24:14 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 227807 seconds with 18300 seconds of active time.  This session ended with a crash.

Error: (02/24/2013 10:42:21 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 193 seconds with 180 seconds of active time.  This session ended with a crash.

Error: (02/24/2013 10:38:57 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 17065 seconds with 3840 seconds of active time.  This session ended with a crash.

Error: (01/24/2013 08:10:57 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 135163 seconds with 180 seconds of active time.  This session ended with a crash.

Error: (07/19/2012 11:08:19 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 169162 seconds with 11220 seconds of active time.  This session ended with a crash.

Error: (06/17/2012 11:51:59 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 191684 seconds with 6240 seconds of active time.  This session ended with a crash.

Error: (09/03/2011 00:42:11 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6557.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 712 seconds with 660 seconds of active time.  This session ended with a crash.

Error: (04/29/2011 04:32:35 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 97575 seconds with 5400 seconds of active time.  This session ended with a crash.

Error: (03/23/2010 11:43:35 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5083 seconds with 60 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2013-07-01 14:24:57.160
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-01 14:24:56.493
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-01 14:24:55.765
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-01 14:24:55.075
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-02-14 04:58:22.399
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Microsoft Security Client\Drivers\NisDrv\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-02-14 04:58:21.564
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Microsoft Security Client\Drivers\NisDrv\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-02-14 04:58:20.096
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Microsoft Security Client\Drivers\NisDrv\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-02-14 04:58:19.202
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Microsoft Security Client\Drivers\NisDrv\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-02-14 04:58:13.808
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-02-14 04:58:13.015
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 72%
Total physical RAM: 3065.88 MB
Available physical RAM: 830.72 MB
Total Pagefile: 6356.11 MB
Available Pagefile: 3750.18 MB
Total Virtual: 2047.88 MB
Available Virtual: 1901.04 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:144.09 GB) (Free:5.53 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:144 GB) (Free:3.48 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: B079B6F4)
Partition 1: (Not Active) - (Size=10 GB) - (Type=27)
Partition 2: (Active) - (Size=144 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=144 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         


Alt 01.07.2013, 13:46   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Startfenster.de nach dämlichem Download von vlc.de - Standard

Startfenster.de nach dämlichem Download von vlc.de



Nee schaut gut aus
__________________
--> Startfenster.de nach dämlichem Download von vlc.de

Alt 01.07.2013, 13:52   #7
EclectiCyst
 
Startfenster.de nach dämlichem Download von vlc.de - Standard

Startfenster.de nach dämlichem Download von vlc.de



Nachtrag - Mein Antivirenprogramm (MS Security Essentials) hat mir gerade eine mögliche Bedrohung gemeldet: Exploit:Java/CVE-2010-4452.

Gruß,

M.

Ah, danke für die fixe Rückmeldung, hatte ich vor meinem letzten Post gar nicht gesehen! Super Service hier!

Viele Grüße,

M.

Geändert von EclectiCyst (01.07.2013 um 13:57 Uhr)

Alt 01.07.2013, 14:12   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Startfenster.de nach dämlichem Download von vlc.de - Standard

Startfenster.de nach dämlichem Download von vlc.de



Wo wurde das denn gefunden?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 01.07.2013, 16:19   #9
EclectiCyst
 
Startfenster.de nach dämlichem Download von vlc.de - Standard

Startfenster.de nach dämlichem Download von vlc.de



Hallo,

Fundort ist

file:C:\Users\Martin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\78a7dab-29edbfb0

Gruß,

M.

Alt 01.07.2013, 16:26   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Startfenster.de nach dämlichem Download von vlc.de - Standard

Startfenster.de nach dämlichem Download von vlc.de



War klar, nur Temp Files

Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Startfenster.de nach dämlichem Download von vlc.de
behebung, bereits, download, einfach, eintrag, entfern, entfernt, erklärt, erledigt, falsche, firefox, folge, folgende, forum, frage, freue, häufig, icon, installier, problems, recht, startfenster.de, vlc-player, vlc.de, webseite, zurückgesetzt




Ähnliche Themen: Startfenster.de nach dämlichem Download von vlc.de


  1. Windows 8.1: Browserstartseite wird durch Startfenster.de umgeleitet nach VLC Player download
    Log-Analyse und Auswertung - 03.01.2014 (16)
  2. Nach Download einer Amazon-Rechnung (nicht geöffnet) TR/Buzus Trojaner per Avira gefunden nach Virenprüfung hier der Bericht
    Log-Analyse und Auswertung - 16.09.2013 (6)
  3. Nach "BKA" Virus Rechner neu aufgestzt jetzt Startfenster.de Problem
    Plagegeister aller Art und deren Bekämpfung - 13.08.2013 (6)
  4. startfenster.com Windows 8 vcl player download
    Plagegeister aller Art und deren Bekämpfung - 06.03.2013 (17)
  5. Startfenster.com nach vlc.player download
    Plagegeister aller Art und deren Bekämpfung - 24.01.2013 (2)
  6. Nach VLC-Player Installation von Vlc.de Problem mit www.startfenster.com
    Log-Analyse und Auswertung - 22.10.2012 (14)
  7. startfenster.de nach vlc-player installation von vlc.de
    Log-Analyse und Auswertung - 05.10.2012 (9)
  8. Startfenster.com nach Neuintallation wie entfernen
    Log-Analyse und Auswertung - 03.10.2012 (1)
  9. Startfenster.com taucht nach google Sync auf
    Plagegeister aller Art und deren Bekämpfung - 30.09.2012 (9)
  10. Nach Download VLC-Player erscheint startfenster.com
    Log-Analyse und Auswertung - 28.09.2012 (7)
  11. startfenster.com nach VLC-Player Download
    Log-Analyse und Auswertung - 27.09.2012 (18)
  12. Startfenster.com nach VLC-Player Download
    Plagegeister aller Art und deren Bekämpfung - 27.09.2012 (29)
  13. Startfenster.com nach Flash / Shockwave Update, Flash Plugin stürzt dauernd ab
    Log-Analyse und Auswertung - 26.09.2012 (41)
  14. Startfenster.com nach Installation von VLC
    Plagegeister aller Art und deren Bekämpfung - 04.09.2012 (1)
  15. antivir findet trojaner nach download, ist mein pc sicher nach Dateilöschung
    Log-Analyse und Auswertung - 19.02.2010 (11)
  16. Virenbefall nach Download
    Log-Analyse und Auswertung - 18.12.2008 (2)
  17. probleme nach sp2 download
    Alles rund um Windows - 22.01.2005 (4)

Zum Thema Startfenster.de nach dämlichem Download von vlc.de - Hallo, wie hier häufig beschrieben bin auch ich beim Download des VLC-Player auf die falsche Webseite (vlc.de) hereigefallen und "Startseite.de" wurde (mit)installiert. Die Startseite meines Browsers (Firefox) war entsprechend umgestellt - Startfenster.de nach dämlichem Download von vlc.de...
Archiv
Du betrachtest: Startfenster.de nach dämlichem Download von vlc.de auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.