![]() |
|
Log-Analyse und Auswertung: System startet langsam - Open Office Wiederherstellungs"Ketten"Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
![]() | #5 |
![]() ![]() | ![]() System startet langsam - Open Office Wiederherstellungs"Ketten" Hi, FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-07-2013 (ATTENTION: FRST version is 9 days old) Ran by peter (administrator) on 23-07-2013 19:12:50 Running from C:\Users\Standartkonto\Desktop Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard Internet Explorer Version 9 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe (Microsoft Corporation) C:\Windows\system32\SLsvc.exe (ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe (SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE () C:\Program Files\Acer\Empowering Technology\Service\ETService.exe (Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe () c:\Program Files\Cyberlink\Shared files\RichVideo.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe (Secunia) C:\Program Files\Secunia\PSI\PSIA.exe (Secunia) C:\Program Files\Secunia\PSI\sua.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe (Nokia) C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe (BillP Studios) C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Windows\ehome\ehtray.exe (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe (Microsoft Corporation) C:\Windows\ehome\ehmsas.exe (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin (Microsoft Corporation) C:\Windows\System32\mspaint.exe (Microsoft Corporation) C:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaire.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [PCSuiteTrayApplication] - C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup [227328 2007-03-23] (Nokia) HKLM\...\Run: [WinPatrol] - C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot [363752 2012-09-20] (BillP Studios) HKLM\...\Run: [MSC] - "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [995176 2013-06-20] (Microsoft Corporation) HKLM\...\Run: [avgnt] - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min [345144 2013-07-07] (Avira Operations GmbH & Co. KG) HKLM\...\Run: [SDTray] - "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" [3825176 2012-11-13] (Safer-Networking Ltd.) HKLM\...\Run: [Adobe ARM] - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [SunJavaUpdateSched] - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation) HKLM\...\RunOnce: [SpybotSnD] - "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck [5365592 2009-01-26] (Safer Networking Limited) HKLM\...\RunOnce: [*Restore] - C:\Windows\System32\rstrui.exe /runonce [318464 2008-01-21] (Microsoft Corporation) HKLM\...\RunOnce: [ Malwarebytes Anti-Malware ] - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation) HKLM\...\RunOnce: [InnoSetupRegFile.0000000001] - "C:\Windows\is-OP4HO.exe" /REG /REGSVRMODE [712264 2013-04-27] () Winlogon\Notify\SDWinLogon: () HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation) HKCU\...\Run: [SystemExplorerAutoStart] - "C:\Program Files\System Explorer\SystemExplorer.exe" /TRAY [2757080 2012-11-20] (Mister Group) HKCU\...\Run: [SpybotSD TeaTimer] - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.) HKU\Default\...\Run: [ProductReg] - C:\Program Files\Acer\WR_PopUp\ProductReg.exe [ 2008-11-17] (Acer) HKU\Default\...\RunOnce: [AcerScrSav] - C:\Windows\Acer\run_NB.exe [ 2007-08-21] () HKU\Default User\...\Run: [ProductReg] - C:\Program Files\Acer\WR_PopUp\ProductReg.exe [ 2008-11-17] (Acer) HKU\Default User\...\RunOnce: [AcerScrSav] - C:\Windows\Acer\run_NB.exe [ 2007-08-21] () HKU\Gast\...\Run: [ProductReg] - C:\Program Files\Acer\WR_PopUp\ProductReg.exe [ 2008-11-17] (Acer) Startup: C:\ProgramData\Start Menu\Programs\Startup\Secunia PSI Tray.lnk ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia) Startup: C:\Users\Standartkonto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) Startup: C:\Users\Standartkonto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote Inhaltsverzeichnis.onetoc2 () Startup: C:\Users\Standartkonto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe () Startup: C:\Users\Standartkonto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe () BootExecute: autocheck autochk * sdnclean.exe ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.searchnu.com/421 HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank StartMenuInternet: IEXPLORE.EXE - "C:\Program Files\Internet Explorer\iexplore.exe" HKLM SearchScopes: DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL = BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (Safer Networking Limited) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKCU -No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-19] (SuperAdBlocker.com) FireFox: ======== FF ProfilePath: C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=14.0.8051.1204 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml FF Extension: No Name - C:\Users\peter\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com FF Extension: No Name - C:\Users\peter\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} FF Extension: DoNotTrackPlus - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\donottrackplus@abine.com FF Extension: Ghostery - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\firefox@ghostery.com FF Extension: No Name - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\staged FF Extension: Flagfox - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} FF Extension: Clippings - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\{91aa5abe-9de4-4347-b7b5-322c38dd9271} FF Extension: WOT - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} FF Extension: FoxLingo - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66} FF Extension: copy-urls-expert - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\copy-urls-expert@kashiif-gmail.com.xpi FF Extension: savedpasswordeditor - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\savedpasswordeditor@daniel.dawson.xpi FF Extension: testpilot - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\testpilot@labs.mozilla.com.xpi FF Extension: No Name - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\{6bdc61ae-7b80-44a3-9476-e1d121ec2238}.xpi FF Extension: No Name - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi FF Extension: No Name - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi FF Extension: No Name - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi FF Extension: No Name - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\{cd617372-6743-4ee4-bac4-fbf60f35719e}.xpi FF Extension: Default - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF StartMenuInternet: FIREFOX.EXE - D:\Program Files\Mozilla Firefox\firefox.exe Chrome: ======= CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll No File CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\21.0.1180.89\gcswf32.dll No File CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll No File CHR Plugin: (Remoting Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll No File CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\21.0.1180.89\pdf.dll No File CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.1.288_0\plugin/npVKPlugin.dll (Kaspersky Lab ZAO) CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.1.288_0\plugin/npUrlAdvisor.dll (Kaspersky Lab ZAO) CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.1.288_0\plugin/npABPlugin.dll (Kaspersky Lab ZAO) CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Authorware Web Player) - C:\Program Files\Mozilla Firefox\plugins\np32asw.dll (Macromedia, Inc.) CHR Plugin: (Windows Genuine Advantage) - C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation) CHR Plugin: (Kaspersky Password Manager) - C:\PROGRA~1\KASPER~1\KASPER~1.0\KASPER~2\MODULE~1\npkpmAutofill.dll No File CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File CHR Plugin: (Java(TM) Platform SE 7 U7) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Java Deployment Toolkit 7.0.70.10) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) CHR Extension: (Kaspersky URL Advisor) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.1.288_0 CHR Extension: (Virtual Keyboard) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.1.288_0 CHR Extension: (Anti-Banner) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.1.288_0 ========================== Services (Whitelisted) ================= R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2012-07-11] (SUPERAntiSpyware.com) R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-07-07] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-07] (Avira Operations GmbH & Co. KG) S4 CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [69632 2008-10-04] () R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE [102400 2006-04-18] (SEIKO EPSON CORPORATION) R2 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576 2008-11-28] () R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) S4 MobilityService; C:\Acer\Mobility Center\MobilityService.exe [110592 2007-12-06] () S2 MpsSvc; C:\Windows\System32\. [0 2013-07-23] () R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-06-20] (Microsoft Corporation) R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [295376 2013-06-20] (Microsoft Corporation) R2 RichVideo; c:\Program Files\Cyberlink\Shared files\RichVideo.exe [272024 2007-01-09] () R2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.) R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.) R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1326176 2012-07-25] (Secunia) R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [681056 2012-07-25] (Secunia) S3 SystemExplorerHelpService; C:\Program Files\System Explorer\service\SystemExplorerService.exe [567256 2012-08-21] (Mister Group) ==================== Drivers (Whitelisted) ==================== R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [84744 2013-04-09] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135136 2013-04-09] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-04-09] (Avira Operations GmbH & Co. KG) R3 hidshim; C:\Windows\System32\DRIVERS\hidshim.sys [5632 2008-10-08] (Windows (R) Codename Longhorn DDK provider) R2 int15; C:\Windows\system32\drivers\int15.sys [12832 2008-10-01] (Acer, Inc.) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [211560 2013-06-18] (Microsoft Corporation) R3 nuvotonhidgeneric; C:\Windows\System32\DRIVERS\nuvotonhidgeneric.sys [22528 2008-10-08] (Nuvoton Technology Corporation) S3 PSI; C:\Windows\System32\DRIVERS\psi_mf.sys [15544 2010-09-01] (Secunia) R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [150560 2008-08-26] (Realtek Semiconductor Corp.) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH) S2 adfs; No ImagePath S3 BIOSCHK; \??\C:\Users\peter\AppData\Local\Temp\TII200A.tmp\disk1\BIOSCHK.SYS [x] S3 IpInIp; system32\DRIVERS\ipinip.sys [x] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-07-23 19:07 - 2013-07-14 16:46 - 01218214 _____ (Farbar) C:\Users\Standartkonto\Desktop\FRST.exe 2013-07-23 16:22 - 2013-07-23 16:26 - 00000000 ____D C:\Windows\system32\MRT 2013-07-23 13:44 - 2013-07-23 13:43 - 00983543 _____ C:\Users\Standartkonto\Documents\BMW%20KFZ%20Schein%20b%20001.jpg_0_1.odg 2013-07-23 13:43 - 2013-07-23 13:41 - 00990581 _____ C:\Users\Standartkonto\Documents\BMW%20KFZ%20Schein%20b%20001.jpg_0.odg 2013-07-15 03:14 - 2013-07-15 03:14 - 00000000 ____D C:\FRST 2013-07-13 19:12 - 2013-05-29 03:56 - 12333568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-07-13 19:12 - 2013-05-29 03:50 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-07-13 19:12 - 2013-05-29 03:48 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-07-13 19:12 - 2013-05-29 03:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2013-07-13 19:12 - 2013-05-29 03:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-07-13 19:12 - 2013-05-29 03:41 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-07-13 19:12 - 2013-05-29 03:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2013-07-13 19:12 - 2013-05-29 03:38 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-07-13 19:12 - 2013-05-29 03:37 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2013-07-13 19:12 - 2013-05-29 03:36 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2013-07-13 19:12 - 2013-05-29 03:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-07-13 19:12 - 2013-05-29 03:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-07-13 19:12 - 2013-05-29 03:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-07-13 19:12 - 2013-05-29 03:33 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-07-13 19:12 - 2013-05-29 03:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2013-07-13 19:12 - 2013-05-29 03:29 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-07-13 11:46 - 2013-07-13 11:46 - 01269137 _____ C:\Users\Standartkonto\Desktop\TeamSpybot-20130713-114643.cab 2013-07-13 11:41 - 2013-07-13 11:41 - 00000000 ____D C:\Users\peter\AppData\Roaming\SUPERAntiSpyware.com 2013-07-10 20:32 - 2013-06-04 03:50 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-07-10 20:32 - 2013-04-17 13:28 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll 2013-07-10 20:32 - 2013-04-17 13:28 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll 2013-07-10 20:32 - 2013-04-17 13:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll 2013-07-10 20:32 - 2013-04-17 13:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll 2013-07-10 20:32 - 2013-04-17 12:34 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2013-07-10 20:32 - 2013-04-17 12:33 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2013-07-10 20:32 - 2013-04-17 12:14 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2013-07-10 20:32 - 2013-04-17 12:10 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2013-07-10 20:32 - 2013-04-17 12:10 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2013-07-10 20:31 - 2013-06-01 06:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2013-07-10 20:31 - 2013-05-08 06:04 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2013-06-23 21:11 - 2013-06-23 21:11 - 00263592 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2013-06-23 21:11 - 2013-06-23 21:11 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2013-06-23 21:11 - 2013-06-23 21:11 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2013-06-23 21:11 - 2013-06-23 21:11 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2013-06-23 21:11 - 2013-06-23 21:11 - 00000000 ____D C:\Program Files\Java 2013-06-23 21:11 - 2013-06-23 21:11 - 00000000 ____D C:\Program Files\Common Files\Java ==================== One Month Modified Files and Folders ======= 2013-07-23 19:07 - 2009-11-04 21:31 - 00000000 ___RD C:\Users\Standartkonto\Desktop 2013-07-23 19:02 - 2009-08-17 17:19 - 01818287 _____ C:\Windows\WindowsUpdate.log 2013-07-23 18:57 - 2012-12-01 10:14 - 00000620 _____ C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job 2013-07-23 18:57 - 2012-10-06 19:25 - 00001092 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-07-23 18:53 - 2009-08-17 17:39 - 00000000 _____ C:\Windows\system32\LogConfigTemp.xml 2013-07-23 18:52 - 2009-11-04 21:48 - 00065536 _____ C:\Windows\system32\Ikeext.etl 2013-07-23 18:52 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-07-23 18:52 - 2006-11-02 14:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2013-07-23 18:52 - 2006-11-02 14:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2013-07-23 17:38 - 2012-10-04 12:42 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-07-23 17:30 - 2013-05-01 22:46 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-07-23 16:44 - 2012-10-06 19:25 - 00001096 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-07-23 16:26 - 2013-07-23 16:22 - 00000000 ____D C:\Windows\system32\MRT 2013-07-23 15:40 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\tracing 2013-07-23 13:43 - 2013-07-23 13:44 - 00983543 _____ C:\Users\Standartkonto\Documents\BMW%20KFZ%20Schein%20b%20001.jpg_0_1.odg 2013-07-23 13:41 - 2013-07-23 13:43 - 00990581 _____ C:\Users\Standartkonto\Documents\BMW%20KFZ%20Schein%20b%20001.jpg_0.odg 2013-07-17 20:47 - 2006-11-02 12:33 - 01445310 _____ C:\Windows\system32\PerfStringBackup.INI 2013-07-15 03:14 - 2013-07-15 03:14 - 00000000 ____D C:\FRST 2013-07-14 16:46 - 2013-07-23 19:07 - 01218214 _____ (Farbar) C:\Users\Standartkonto\Desktop\FRST.exe 2013-07-14 16:45 - 2012-11-10 21:56 - 00000000 ____D C:\Users\Standartkonto\Desktop\Desktop 2013-07-14 10:51 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET 2013-07-13 20:54 - 2006-11-02 14:47 - 02259568 _____ C:\Windows\system32\FNTCACHE.DAT 2013-07-13 20:51 - 2010-10-06 23:25 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-07-13 20:46 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer 2013-07-13 19:35 - 2011-03-10 21:39 - 00001912 _____ C:\Windows\epplauncher.mif 2013-07-13 19:33 - 2012-11-22 07:59 - 00000000 ____D C:\Program Files\Microsoft Security Client 2013-07-13 19:13 - 2009-01-22 20:17 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-07-13 19:03 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Journal 2013-07-13 11:46 - 2013-07-13 11:46 - 01269137 _____ C:\Users\Standartkonto\Desktop\TeamSpybot-20130713-114643.cab 2013-07-13 11:41 - 2013-07-13 11:41 - 00000000 ____D C:\Users\peter\AppData\Roaming\SUPERAntiSpyware.com 2013-07-13 11:41 - 2013-04-25 10:39 - 00000000 ____D C:\Program Files\SUPERAntiSpyware 2013-06-24 14:50 - 2013-05-25 17:29 - 00008106 _____ C:\Users\Standartkonto\Documents\Spider Solitär Prozent-Rechnung 2013.ods 2013-06-24 00:37 - 2006-11-02 12:24 - 75733144 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe 2013-06-23 21:11 - 2013-06-23 21:11 - 00263592 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2013-06-23 21:11 - 2013-06-23 21:11 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2013-06-23 21:11 - 2013-06-23 21:11 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2013-06-23 21:11 - 2013-06-23 21:11 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2013-06-23 21:11 - 2013-06-23 21:11 - 00000000 ____D C:\Program Files\Java 2013-06-23 21:11 - 2013-06-23 21:11 - 00000000 ____D C:\Program Files\Common Files\Java 2013-06-23 21:11 - 2012-05-27 13:29 - 00867240 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll 2013-06-23 21:11 - 2010-10-17 18:18 - 00789416 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-07-23 19:02 ==================== End Of Log ============================ --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 14-07-2013 Ran by peter at 2013-07-23 19:13:31 Running from C:\Users\Standartkonto\Desktop Boot Mode: Normal ========================================================== Update for Microsoft Office 2007 (KB2508958) 7-Zip 9.07 beta Acer Arcade Deluxe (Version: 2.0.5817) Acer Crystal Eye Webcam 2.0.9.2 (Version: 2.0.9.2) Acer eAudio Management (Version: 3.0.3009) Acer eDataSecurity Management (Version: 3.0.3065) Acer Empowering Technology (Version: 3.0.3013) Acer ePower Management (Version: 3.0.3016) Acer eRecovery Management (Version: 3.0.3014) Acer eSettings Management (Version: 3.0.3007) Acer GridVista (Version: 2.72.317) Acer Mobility Center Plug-In (Version: 3.0.3000) Acer Product Registration (Version: 3.0.0.10) Acer ScreenSaver (Version: 1.01.1111) Adobe Flash Player 11 Plugin (Version: 11.7.700.224) Adobe Reader X (10.1.7) - Deutsch (Version: 10.1.7) Advanced IP Scanner (Version: 2.2.224) ATI Catalyst Install Manager (Version: 3.0.704.0) Avira Free Antivirus (Version: 13.0.0.3737) C:\Program Files\Acer GameZone\GameConsole (Version: 2.0.1.2) Catalyst Control Center Core Implementation (Version: 2008.1210.1623.29379) Catalyst Control Center Graphics Full Existing (Version: 2008.1210.1623.29379) Catalyst Control Center Graphics Full New (Version: 2008.1210.1623.29379) Catalyst Control Center Graphics Light (Version: 2008.1210.1623.29379) Catalyst Control Center Graphics Previews Vista (Version: 2008.1210.1623.29379) Catalyst Control Center InstallProxy (Version: 2008.1210.1623.29379) Catalyst Control Center Localization Chinese Standard (Version: 2008.1210.1623.29379) Catalyst Control Center Localization Chinese Traditional (Version: 2008.1210.1623.29379) Catalyst Control Center Localization Czech (Version: 2008.1210.1623.29379) Catalyst Control Center Localization Danish (Version: 2008.1210.1623.29379) Catalyst Control Center Localization Dutch (Version: 2008.1210.1623.29379) Catalyst Control Center Localization Finnish (Version: 2008.1210.1623.29379) Catalyst Control Center Localization French (Version: 2008.1210.1623.29379) Catalyst Control Center Localization German (Version: 2008.1210.1623.29379) Catalyst Control Center Localization Greek (Version: 2008.1210.1623.29379) Catalyst Control Center Localization Hungarian (Version: 2008.1210.1623.29379) Catalyst Control Center Localization Italian (Version: 2008.1210.1623.29379) Catalyst Control Center Localization Japanese (Version: 2008.1210.1623.29379) Catalyst Control Center Localization Korean (Version: 2008.1210.1623.29379) Catalyst Control Center Localization Norwegian (Version: 2008.1210.1623.29379) Catalyst Control Center Localization Polish (Version: 2008.1210.1623.29379) Catalyst Control Center Localization Portuguese (Version: 2008.1210.1623.29379) Catalyst Control Center Localization Russian (Version: 2008.1210.1623.29379) Catalyst Control Center Localization Spanish (Version: 2008.1210.1623.29379) Catalyst Control Center Localization Swedish (Version: 2008.1210.1623.29379) Catalyst Control Center Localization Thai (Version: 2008.1210.1623.29379) Catalyst Control Center Localization Turkish (Version: 2008.1210.1623.29379) CCC Help Chinese Standard (Version: 2008.1210.1622.29379) CCC Help Chinese Traditional (Version: 2008.1210.1622.29379) CCC Help Czech (Version: 2008.1210.1622.29379) CCC Help Danish (Version: 2008.1210.1622.29379) CCC Help Dutch (Version: 2008.1210.1622.29379) CCC Help English (Version: 2008.1210.1622.29379) CCC Help Finnish (Version: 2008.1210.1622.29379) CCC Help French (Version: 2008.1210.1622.29379) CCC Help German (Version: 2008.1210.1622.29379) CCC Help Greek (Version: 2008.1210.1622.29379) CCC Help Hungarian (Version: 2008.1210.1622.29379) CCC Help Italian (Version: 2008.1210.1622.29379) CCC Help Japanese (Version: 2008.1210.1622.29379) CCC Help Korean (Version: 2008.1210.1622.29379) CCC Help Norwegian (Version: 2008.1210.1622.29379) CCC Help Polish (Version: 2008.1210.1622.29379) CCC Help Portuguese (Version: 2008.1210.1622.29379) CCC Help Russian (Version: 2008.1210.1622.29379) CCC Help Spanish (Version: 2008.1210.1622.29379) CCC Help Swedish (Version: 2008.1210.1622.29379) CCC Help Thai (Version: 2008.1210.1622.29379) CCC Help Turkish (Version: 2008.1210.1622.29379) ccc-core-static (Version: 2008.1210.1623.29379) ccc-utility (Version: 2008.1210.1623.29379) Choice Guard (Version: 1.2.87.0) CyberLink PowerDirector (Version: 6.5.3023d) Data Lifeguard Diagnostic for Windows 1.24 Defraggler (Version: 2.10) EPSON-Drucker-Software ESET Online Scanner v3 eSobi v2 (Version: 2.0.3.000201) Google Update Helper (Version: 1.3.21.135) HDAUDIO Soft Data Fax Modem with SmartCP HiJackThis (Version: 1.0.0) HijackThis 2.0.2 (Version: 2.0.2) Java 7 Update 25 (Version: 7.0.250) Java Auto Updater (Version: 2.1.9.5) Junk Mail filter update (Version: 14.0.8050.1202) Launch Manager LightScribe 1.4.142.1 (Version: 1.4.142.1) LOGO!Soft Comfort V7.0 (Version: 7.0.0.0) Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300) Microsoft .NET Framework 3.5 Language Pack SP1 - DEU Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729) Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319) Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8107.0) Microsoft Application Error Reporting (Version: 12.0.6012.5000) Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office File Validation Add-In (Version: 14.0.5130.5003) Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000) Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000) Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014) Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Suite Activation Assistant (Version: 2.9) Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Security Client (Version: 4.3.0215.0) Microsoft Security Essentials (Version: 4.3.215.0) Microsoft Silverlight (Version: 5.1.20513.0) Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (Version: 9.0.21022.218) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Works (Version: 08.05.0822) Mozilla Firefox 16.0 (x86 de) (Version: 16.0) Mozilla Firefox 22.0 (x86 de) (Version: 22.0) Mozilla Maintenance Service (Version: 17.0) MSVCRT (Version: 14.0.1468.721) MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0) MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0) MSXML 4.0 SP3 Parser (Version: 4.30.2100.0) Mystery Solitaire - Secret Island Mythic Mahjong Nero Digital Nero OEM Nokia Connectivity Cable Driver (Version: 6.83.9.0) Nokia PC Suite (Version: 6.83.14.1) Nuvoton EC Generic HID Driver (Version: 7.80.5000) OpenOffice.org 3.3 Language Pack (German) (Version: 3.3.9567) OpenOffice.org 3.4.1 (Version: 3.41.9593) Orion (Version: 2.0.1) PC Connectivity Solution (Version: 7.7.10.0) PC Inspector smart recovery (Version: 4.50) Print Server Support (Version: 1.00.0000) Realtek High Definition Audio Driver (Version: 6.0.1.5704) Realtek USB 2.0 Card Reader (Version: 3.0.1.3) RegAlyzer (Version: 1.6.2.16) Secunia CSI (4.1.0.1010) Secunia PSI (3.0.0.3001) (Version: 3.0.0.3001) Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7 (Version: 6.2.00) Skins (Version: 2008.1210.1623.29379) Spybot - Search & Destroy (Version: 1.6.2) Spybot - Search & Destroy (Version: 2.0.12) SUPERAntiSpyware (Version: 5.5.1016) System Explorer 3.9.9 TomTom HOME 2.7.3.1894 (Version: 2.7.3.1894) TomTom HOME Visual Studio Merge Modules (Version: 1.0.2) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (Version: 1) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update für Microsoft Office Excel 2007 Help (KB963678) Update für Microsoft Office Powerpoint 2007 Help (KB963669) Update für Microsoft Office Word 2007 Help (KB963665) Windows Live Call (Version: 14.0.8050.1202) Windows Live Communications Platform (Version: 14.0.8050.1202) Windows Live Essentials (Version: 14.0.8050.1202) Windows Live Fotogalerie (Version: 14.0.8051.1204) Windows Live Mail (Version: 14.0.8050.1202) Windows Live Messenger (Version: 14.0.8050.1202) Windows Live Sync (Version: 14.0.8050.1202) Windows Live Writer (Version: 14.0.8050.1202) Windows Live-Uploadtool (Version: 14.0.8014.1029) WinPatrol (Version: 25.6.2012.1) ==================== Restore Points ========================= 21-06-2013 22:00:06 Geplanter Prüfpunkt 22-06-2013 12:29:10 Geplanter Prüfpunkt 23-06-2013 19:04:54 JavaFX 2.1.1 wird entfernt 23-06-2013 19:07:37 Removed Java 7 Update 21 23-06-2013 19:10:44 Installed Java 7 Update 25 24-06-2013 19:01:05 Windows Update 29-06-2013 20:32:38 Geplanter Prüfpunkt 03-07-2013 17:29:59 Geplanter Prüfpunkt 04-07-2013 21:57:59 Geplanter Prüfpunkt 06-07-2013 03:17:17 Geplanter Prüfpunkt 07-07-2013 16:43:02 Windows Update 10-07-2013 18:31:54 Windows Update 13-07-2013 14:18:22 Geplanter Prüfpunkt 13-07-2013 17:03:07 Windows Update 14-07-2013 10:25:36 Geplanter Prüfpunkt 17-07-2013 18:19:40 Windows Update 20-07-2013 08:21:57 Geplanter Prüfpunkt 21-07-2013 13:56:11 Geplanter Prüfpunkt 22-07-2013 12:09:44 Windows Update 23-07-2013 13:54:14 Geplanter Prüfpunkt 23-07-2013 14:21:45 Windows Update ==================== Hosts content: ========================== 2006-11-02 12:23 - 2012-10-07 15:12 - 00000098 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {18B30BA7-99DC-498C-8290-2471D2A81067} - System32\Tasks\Scan the system (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe No File Task: {1B633EA0-B459-4C1F-81B4-6248065FF374} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-21] (Microsoft Corp.) Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM Task: {1E646C92-3908-4263-9631-F3F9F306812E} - System32\Tasks\User_Feed_Synchronization-{F301875A-A68A-4528-8553-CDA8BF71143E} => C:\Windows\system32\msfeedssync.exe [2011-07-17] (Microsoft Corporation) Task: {2444ED81-626D-4E17-AB7A-756B19F7398C} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-21] (Microsoft Corporation) Task: {2E06B68F-27A1-4CC5-80C9-8A658DB3B8E3} - System32\Tasks\Check for updates (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe No File Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation) Task: {4F834927-E617-460C-BAE8-435401407DA3} - System32\Tasks\DriverScanner => C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe No File Task: {544E5642-7F52-4FCC-ACC7-61A451BC249E} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Standartkonto => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation) Task: {5B1FDAE0-63DD-4DCE-B2C1-DC794A1FE545} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-12] (Microsoft Corporation) Task: {60934507-F379-458D-8BC3-94C8EAF9537D} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe [2013-06-20] (Microsoft Corporation) Task: {6E836A2F-FC15-4510-A13F-C7E454CE8D97} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-10-06] (Google Inc.) Task: {A61555D3-7840-45C1-A5A9-0D49851DE37A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-21] (Microsoft Corporation) Task: {B2882190-AE6E-4272-B0CE-098336B45A46} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-10-06] (Google Inc.) Task: {B6680894-A4A7-4751-87BE-24EA6559718F} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - peter => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation) Task: {C7A558D9-B94C-4068-9437-48ACC78341C6} - System32\Tasks\Refresh immunization (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe No File Task: {D6C3D114-6D9C-403D-AA23-BB370DF6ECE2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-21] (Adobe Systems Incorporated) Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] () Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe Task: C:\Windows\Tasks\User_Feed_Synchronization-{F301875A-A68A-4528-8553-CDA8BF71143E}.job => C:\Windows\system32\msfeedssync.exe ==================== Faulty Device Manager Devices ============= Name: Nokia 6300 Description: Nokia Windows Portable Device Driver Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a} Manufacturer: Nokia Service: WUDFRd Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (07/23/2013 06:53:12 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/23/2013 01:24:38 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/22/2013 01:59:42 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/22/2013 11:06:22 AM) (Source: EventSystem) (User: ) Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000} Error: (07/22/2013 10:43:09 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/21/2013 10:23:19 PM) (Source: EventSystem) (User: ) Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000} Error: (07/21/2013 00:01:56 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/20/2013 08:18:08 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/19/2013 10:08:20 PM) (Source: EventSystem) (User: ) Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000} Error: (07/19/2013 07:58:12 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (07/23/2013 07:02:57 PM) (Source: Microsoft Antimalware) (User: ) Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt. Neue Signaturversion: Vorherige Signaturversion: 1.155.493.0 Aktualisierungsquelle: %NT-AUTORITÄT59 Aktualisierungsphase: 4.3.0215.00 Quellpfad: 4.3.0215.01 Signaturtyp: %NT-AUTORITÄT602 Aktualisierungstyp: %NT-AUTORITÄT604 Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: %NT-AUTORITÄT605 Vorherige Modulversion: %NT-AUTORITÄT606 Fehlercode: %NT-AUTORITÄT607 Fehlerbeschreibung: %NT-AUTORITÄT608 Error: (07/23/2013 06:55:23 PM) (Source: Service Control Manager) (User: ) Description: Google Update Service (gupdate)%%1053 Error: (07/23/2013 06:55:23 PM) (Source: Service Control Manager) (User: ) Description: 30000Google Update Service (gupdate) Error: (07/23/2013 06:53:12 PM) (Source: Service Control Manager) (User: ) Description: MpsSvc%%2 Error: (07/23/2013 06:53:12 PM) (Source: Service Control Manager) (User: ) Description: adfs%%2 Error: (07/23/2013 06:53:12 PM) (Source: Service Control Manager) (User: ) Description: Parallel port driver%%1058 Error: (07/23/2013 06:52:51 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT) Description: C:\Windows\system32\RAIHV.dll126 Error: (07/23/2013 06:52:36 PM) (Source: volmgr) (User: ) Description: Die Konfiguration der Auslagerungsdatei für das Speicherabbild ist fehlgeschlagen. Stellen Sie sicher, dass eine Auslagerungsdatei auf der Startpartition vorhanden ist und dass diese groß genug ist, um den gesamten physikalischen Speicher abbilden zu können. Error: (07/23/2013 06:52:25 PM) (Source: volmgr) (User: ) Description: Die Konfiguration der Auslagerungsdatei für das Speicherabbild ist fehlgeschlagen. Stellen Sie sicher, dass eine Auslagerungsdatei auf der Startpartition vorhanden ist und dass diese groß genug ist, um den gesamten physikalischen Speicher abbilden zu können. Error: (07/23/2013 03:23:46 PM) (Source: bowser) (User: ) Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "SE551", der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{8E7D015B-C8E3-4106-894D-F3F008C7580A-Transport zu sein scheint. Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen. Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2013-07-13 19:33:17.799 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Microsoft Security Client\Drivers\NisDrv\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-07-13 19:33:17.189 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Microsoft Security Client\Drivers\NisDrv\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-07-13 19:33:16.611 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Microsoft Security Client\Drivers\NisDrv\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-07-13 19:33:16.012 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Microsoft Security Client\Drivers\NisDrv\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-07-13 19:33:08.868 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-07-13 19:33:08.217 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-07-13 19:33:07.657 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-07-13 19:33:07.019 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-07-13 19:32:57.699 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Microsoft Security Client\Drivers\NisDrv\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-07-13 19:32:57.077 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Microsoft Security Client\Drivers\NisDrv\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Memory info =========================== Percentage of memory in use: 44% Total physical RAM: 3065.93 MB Available physical RAM: 1695.91 MB Total Pagefile: 6569.1 MB Available Pagefile: 5007.49 MB Total Virtual: 2047.88 MB Available Virtual: 1916.12 MB ==================== Drives ================================ Drive c: (ACER) (Fixed) (Total:225.99 GB) (Free:152.59 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (DATA) (Fixed) (Total:226.03 GB) (Free:150.97 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 466 GB) (Disk ID: 9DAD3428) Partition 1: (Not Active) - (Size=11 GB) - (Type=27) Partition 2: (Active) - (Size=226 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=226 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=3 GB) - (Type=12) ==================== End Of Log ============================ |
Themen zu System startet langsam - Open Office Wiederherstellungs"Ketten" |
32 bit, adobe, antivir, autorun, avira, bho, defender, desktop, error, firefox, flash player, format, funktioniert nicht mehr, home, langsam, logfile, mozilla, nodrives, plug-in, realtek, registry, safer networking, scan, secunia psi, security, senden, software, system, tastatur, updates, vista |