| |
| |||||||
Log-Analyse und Auswertung: tcbhn wurde beendetWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
24.07.2013, 11:55
| #16 |
| /// the machine /// TB-Ausbilder    |  tcbhn wurde beendet Lass ESET weg, mach nen Vollscan mit deinem AV Programm und poste die Funde, dann Securitycheck und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
24.07.2013, 14:22
| #17 |
 | tcbhn wurde beendet Securitycheck
__________________Code:
ATTFilter Results of screen317's Security Check version 0.99.70
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 9
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
CCleaner
Java(TM) 6 Update 29
Java 7 Update 11
Java(TM) SE Runtime Environment 6 Update 1
Java(TM) 6 Update 2
Java 2 Runtime Environment, SE v1.4.2_14
Java version out of Date!
Adobe Flash Player 11.7.700.224
Adobe Reader 8 Adobe Reader out of Date!
Adobe Reader 10.1.4 Adobe Reader out of Date!
Mozilla Firefox 16.0.2 Firefox out of Date!
````````Process Check: objlist.exe by Laurent````````
Kaspersky Lab Kaspersky Security Suite CBE avp.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
Code:
ATTFilter gefunden: potentiell gefährliche Software Hidden data sending Prozess: C:\Program Files\eBay\Turbo Lister2\Tl.exe
gelöscht: trojanisches Programm Trojan.Win32.KillDisk.dw Datei: C:\Program Files\Lugert Verlag\Forte Free\Update.exe
gefunden: potentiell gefährliche Software Trojan.generic Prozess: C:\USERS\OLAF\APPDATA\LOCAL\TEMP\0.2542783034437336.EXE
gefunden: potentiell gefährliche Software Worm.P2P.generic Prozess: C:\USERS\OLAF\APPDATA\LOCAL\TEMP\GUM7313.TMP\FACEBOOKUPDATE.EXE
gefunden: potentiell gefährliche Software Worm.P2P.generic Prozess: C:\USERS\OLAF\APPDATA\LOCAL\TEMP\GUM7187.TMP\FACEBOOKUPDATE.EXE
gefunden: potentiell gefährliche Software Trojan.generic Prozess: C:\USERS\OLAF\APPDATA\LOCAL\TEMP\GUM7187.TMP\FACEBOOKUPDATE.EXE
gelöscht: trojanisches Programm Trojan-Ransom.Win32.Gimemo.uof E-Mail-Anhang: [From:ricoshea@centurylink.net][Subject:Tanja Rose deine Premiummitgliedschaft Nr 86715337][Time:2012/05/20 14:35:46]\Kunde9465374002.zip/Kunde9465374002.exe
gefunden: potentiell gefährliche Software Hidden data sending Prozess: C:\Users\Olaf\Downloads\avc-free(1).exe
verboten: Phishing-Adresse hxxp://*.battlestar-galactica.bigpoint.com/* URL: hxxp://de.battlestar-galactica.bigpoint.com/16?aid=1422&aip=${aip}
gefunden: potentiell gefährliche Software Hidden data sending Prozess: C:\Users\Olaf\Downloads\VideoSpin_2_0_Setup.exe
gefunden: potentiell gefährliche Software Hidden data sending Prozess: C:\Users\Olaf\Downloads\vppsetup.exe
verboten: Phishing-Adresse hxxp://*.battlestar-galactica.bigpoint.com/* URL: hxxp://de.battlestar-galactica.bigpoint.com/big/bgo_01_de/?aid=1422&zanpid=18973783C1305740427T1730710747912526850
gefunden: Virus Heur.Invader (Modifikation) URL: hxxp://download.bleepingcomputer.com/sUBs/ComboFix.exe//UPX//FileKill.3XE
nicht gefunden: Virus Heur.Invader (Modifikation) Datei: c:\users\olaf\downloads\combofix.exe//UPX//FileKill.3XE
nicht gefunden: Virus Heur.Invader (Modifikation) Datei: c:\users\olaf\downloads\combofix.exe//UPX//catchme.3XE
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-07-2013
Ran by Olaf (administrator) on 24-07-2013 15:21:02
Running from C:\Users\Olaf\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe
(InterVideo Inc.) C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
() C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
(Hewlett-Packard Company) c:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
() C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\tv_w32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Hewlett-Packard Company) C:\hp\support\hpsysdrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
() C:\Program Files\Steganos Safe Home\SteganosHotKeyService.exe
(Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
() C:\Program Files\radio ffn Rekorder\phonostarTimer.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Company) C:\hp\kbd\kbd.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
() C:\Users\Olaf\Desktop\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\system32\cmd.exe
(Microsoft Corporation) C:\Windows\system32\sdclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(RealNetworks, Inc.) C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
==================== Registry (Whitelisted) ==================
Winlogon\Notify\klogon: C:\Windows\system32\klogon.dll (Kaspersky Lab)
MountPoints2: {f75312be-89cf-11de-a996-001a92486b3f} - J:\Menu.exe
HKU\IUSR_NMPR\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [ 2008-01-18] (Microsoft Corporation)
HKU\IUSR_NMPR\...\Run: [ICQ] - "C:\Program Files\ICQ6\ICQ.exe" silent [x]
HKU\IUSR_NMPR\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [x]
HKU\IUSR_NMPR\...\RunOnce: [ICQ Lite] - C:\Program Files\ICQLite\ICQLite.exe -trayboot [x]
HKU\IUSR_NMPR\...\RunOnce: [DATA BECKER Registrierung] - "C:\Program Files\Internet Explorer\Iexplore.exe" C:\Program Files\DATA BECKER\Visitenkarten-Druckerei 10\Support\Online\index.htm [x]
==================== Internet (Whitelisted) ====================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=71&bd=Pavilion&pf=desktop
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=71&bd=Pavilion&pf=desktop
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {99BF4F38-A3A2-412A-996F-AAD9A3406746} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06
SearchScopes: HKCU - {639C8579-AFEB-4039-886E-D4B7612A0244} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=YYYYYYYYDE&apn_uid=E918B100-3F16-4AFE-9A56-655241D70738&apn_sauid=FA585939-A01E-4CF2-B412-32F822B64359
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Super Lyrics - {30B87EBD-E91B-498B-B25D-DF116AF00393} - C:\Program Files\Super_Lyrics\125.dll (Super Add-on Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Super Lyrics - {B9020890-9E08-446B-87B0-0C5CD0436D86} - C:\Program Files\Super_Lyrics\116.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU -&Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value -
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default
FF SelectedSearchEngine: Google.de
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/JavaPlugin,version=10.11.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.0.282 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/npracplug;version=1.0.0.0 - C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.0.282 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @phonostar.de/radio ffn Rekorder - C:\Program Files\radio ffn Rekorder\npphonostarDetectNP.dll ( )
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Olaf\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\searchplugins\googlede-pws.xml
FF SearchPlugin: C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\searchplugins\googlede.xml
FF Extension: No Name - C:\Users\Olaf\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: No Name - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com
FF Extension: No Name - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\plugin@starstable.com
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: ciuvo-extension - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\ciuvo-extension@icq.de.xpi
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKCU\...\Firefox\Extensions: [{F7EC2BAD-F77B-4020-B3C6-58B97D0859E5}] C:\Program Files\Super_Lyrics\125.xpi
FF Extension: No Name - C:\Program Files\Super_Lyrics\125.xpi
Chrome:
=======
CHR Extension: () - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\1.0.5_0\back.html
CHR HKLM\...\Chrome\Extension: [bgnjcnjlaajofpendibcoodneacalfho] - C:\Program Files\Super_Lyrics\125.crx
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
========================== Services (Whitelisted) =================
S3 AlertService; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [188416 2006-09-11] (Intel(R) Corporation)
R2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe [221184 2008-05-01] (Kaspersky Lab)
R2 Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
R2 DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [208896 2006-09-03] ()
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG)
S3 FirebirdServerMAGIXInstance; C:\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-08-10] (The Firebird Project)
S2 IntelDHSvcConf; C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe [29696 2006-05-10] (Intel(R) Corporation)
S3 ISSM; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [75264 2006-09-11] (Intel(R) Corporation)
S3 M1 Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [26624 2006-09-01] ()
S3 MCLServiceATL; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [167936 2006-09-11] (Intel(R) Corporation)
R2 OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
S3 Remote UI Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [544256 2006-09-11] (Intel(R) Corporation)
S3 stllssvr; "c:\Program Files\Common Files\SureThing Shared\stllssvr.exe" [x]
==================== Drivers (Whitelisted) ====================
R2 ACEDRV07; C:\Windows\system32\drivers\ACEDRV07.sys [101376 2007-09-27] (Protect Software GmbH)
R3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.)
R1 kl1; C:\Windows\System32\DRIVERS\kl1.sys [110096 2007-10-31] (Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [147984 2007-12-13] (Kaspersky Lab)
R3 pfc; C:\Windows\System32\drivers\pfc.sys [21248 2003-09-20] (Padus, Inc.)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [90536 2008-05-27] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [15016 2008-05-27] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [122152 2008-05-27] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [115496 2008-05-27] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [25768 2008-05-27] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [111912 2008-05-27] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [117672 2008-05-27] (MCCI Corporation)
R1 SLEE_14_DRIVER; C:\Windows\system32\drivers\Sleen14.sys [72480 2006-11-08] (Softwareentwicklung Remus - ArchiCrypt )
S3 TSHWMDTCP; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys [4608 2006-07-13] ()
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 massfilter; system32\drivers\massfilter.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 ZD1211BU(ZyDAS); system32\DRIVERS\zd1211Bu.sys [x]
S3 ZDPSp60; System32\Drivers\ZDPSp60.sys [x]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-07-23 21:19 - 2013-07-23 21:19 - 00891062 _____ C:\Users\Olaf\Desktop\SecurityCheck.exe
2013-07-23 20:32 - 2013-07-23 20:32 - 00000000 ____D C:\Program Files\ESET
2013-07-23 20:31 - 2013-07-23 20:31 - 02347384 _____ (ESET) C:\Users\Olaf\Downloads\esetsmartinstaller_enu.exe
2013-07-23 18:43 - 2013-07-23 18:43 - 00000000 ____D C:\2e25bc9a05b08dace7427c46ed41c1
2013-07-23 18:36 - 2013-07-23 18:36 - 00377856 _____ C:\Users\Olaf\Desktop\gmer_2.1.19163.exe
2013-07-23 18:34 - 2013-07-23 18:34 - 00602112 _____ (OldTimer Tools) C:\Users\Olaf\Desktop\OTL.exe
2013-07-23 18:18 - 2013-07-22 20:26 - 01219874 _____ (Farbar) C:\Users\Olaf\Desktop\FRST.exe
2013-07-23 18:09 - 2013-07-23 18:09 - 00155632 _____ C:\Windows\Minidump\Mini072313-01.dmp
2013-07-23 16:25 - 2013-07-23 16:25 - 00000000 ____D C:\Windows\ERUNT
2013-07-23 16:21 - 2013-07-23 16:21 - 00560934 _____ (Oleg N. Scherbakov) C:\Users\Olaf\Desktop\JRT.exe
2013-07-23 15:32 - 2013-07-23 15:38 - 00030353 _____ C:\AdwCleaner[S1].txt
2013-07-23 15:32 - 2013-07-23 15:38 - 00000105 _____ C:\Windows\DeleteOnReboot.bat
2013-07-23 15:27 - 2013-07-23 15:28 - 00031376 _____ C:\AdwCleaner[R1].txt
2013-07-23 15:14 - 2013-07-23 15:14 - 00666633 _____ C:\Users\Olaf\Desktop\adwcleaner.exe
2013-07-23 15:09 - 2013-07-23 15:09 - 00000000 ____D C:\Program Files\Super_Lyrics
2013-07-22 23:36 - 2013-07-22 23:36 - 00000853 _____ C:\Users\Olaf\Desktop\ComboFix(1) - Verknüpfung.lnk
2013-07-22 23:27 - 2013-07-22 23:28 - 05091940 _____ (Swearware) C:\Users\Olaf\Downloads\ComboFix.exe
2013-07-22 22:10 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-07-22 22:10 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-07-22 22:10 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-07-22 22:07 - 2013-07-22 22:09 - 00000000 ____D C:\Qoobox
2013-07-22 22:03 - 2013-07-22 22:03 - 00000000 ____D C:\Windows\erdnt
2013-07-22 22:02 - 2013-07-22 23:56 - 00000000 ___SD C:\32788R22FWJFW
2013-07-22 21:07 - 2013-05-29 03:56 - 12333568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-22 21:07 - 2013-05-29 03:50 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-22 21:07 - 2013-05-29 03:48 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-22 21:07 - 2013-05-29 03:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-22 21:07 - 2013-05-29 03:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-22 21:07 - 2013-05-29 03:41 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-22 21:07 - 2013-05-29 03:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-22 21:07 - 2013-05-29 03:38 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-22 21:07 - 2013-05-29 03:37 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-22 21:07 - 2013-05-29 03:36 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-22 21:07 - 2013-05-29 03:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-22 21:07 - 2013-05-29 03:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-22 21:07 - 2013-05-29 03:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-22 21:07 - 2013-05-29 03:33 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-22 21:07 - 2013-05-29 03:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-22 21:07 - 2013-05-29 03:29 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-22 21:06 - 2013-07-22 21:06 - 00050477 _____ C:\Users\Olaf\Downloads\Defogger.exe
2013-07-22 20:34 - 2013-07-22 20:34 - 00000000 ____D C:\FRST
2013-07-20 23:19 - 2013-07-20 23:19 - 00156160 _____ C:\Windows\Minidump\Mini072013-02.dmp
2013-07-20 23:16 - 2013-07-24 14:46 - 00000374 _____ C:\Windows\Tasks\Super Lyrics Update.job
2013-07-20 22:49 - 2013-07-20 22:49 - 00001991 _____ C:\Users\Olaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
2013-07-20 22:14 - 2013-07-24 14:44 - 00000372 _____ C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Olaf.job
2013-07-20 22:11 - 2013-07-23 22:16 - 00000362 _____ C:\Windows\Tasks\ReclaimerUpdateXML_Olaf.job
2013-07-20 22:11 - 2013-07-22 21:16 - 00000366 _____ C:\Windows\Tasks\ReclaimerUpdateFiles_Olaf.job
2013-07-20 19:31 - 2013-07-20 19:32 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-20 19:22 - 2013-04-17 14:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-07-20 19:20 - 2013-06-04 03:50 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-20 19:20 - 2013-05-08 06:37 - 00905576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-07-20 19:19 - 2013-06-01 06:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-20 19:19 - 2013-05-03 00:03 - 03603832 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-07-20 19:19 - 2013-05-03 00:03 - 03551096 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-07-20 19:19 - 2013-05-02 06:04 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-07-20 19:19 - 2013-05-02 06:03 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\printcom.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00985600 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2013-07-20 19:19 - 2013-04-24 03:46 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-07-20 19:19 - 2013-04-17 13:28 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-07-20 19:19 - 2013-04-17 13:28 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-07-20 19:19 - 2013-04-17 13:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-07-20 19:19 - 2013-04-17 13:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-07-20 19:19 - 2013-04-17 12:34 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-07-20 19:19 - 2013-04-17 12:33 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-07-20 19:19 - 2013-04-17 12:14 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-07-20 19:19 - 2013-04-17 12:10 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-20 19:19 - 2013-04-17 12:10 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-07-20 19:18 - 2013-05-08 06:04 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-20 18:51 - 2013-07-20 18:51 - 00160000 _____ C:\Windows\Minidump\Mini072013-01.dmp
2013-07-20 18:37 - 2013-07-24 14:47 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-20 18:37 - 2013-07-24 14:44 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-20 18:32 - 2013-07-20 18:32 - 02195988 _____ C:\Users\Olaf\Desktop\tdsskiller-2-8-14-0.zip
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\PiccShare
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\Common
2013-07-20 18:29 - 2013-07-20 18:30 - 00393064 _____ (Softonic ) C:\Users\Olaf\Downloads\SoftonicDownloader_fuer_kaspersky-tdsskiller.exe
==================== One Month Modified Files and Folders =======
2013-07-24 15:09 - 2011-11-23 21:41 - 00001134 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1566220321-2446519374-2048356015-1001UA.job
2013-07-24 15:09 - 2011-11-23 21:41 - 00001112 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1566220321-2446519374-2048356015-1001Core.job
2013-07-24 14:58 - 2011-12-12 16:11 - 02048337 _____ C:\Windows\WindowsUpdate.log
2013-07-24 14:54 - 2007-04-02 16:15 - 00000000 ___RD C:\Users\Olaf\Desktop
2013-07-24 14:53 - 2012-04-25 14:17 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-24 14:51 - 2006-11-02 12:33 - 01586480 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-24 14:47 - 2013-07-20 18:37 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-24 14:47 - 2007-06-27 14:40 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-07-24 14:46 - 2013-07-20 23:16 - 00000374 _____ C:\Windows\Tasks\Super Lyrics Update.job
2013-07-24 14:44 - 2013-07-20 22:14 - 00000372 _____ C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Olaf.job
2013-07-24 14:44 - 2013-07-20 18:37 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-24 14:44 - 2008-01-08 16:06 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-24 14:44 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-24 14:44 - 2006-11-02 14:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-24 14:44 - 2006-11-02 14:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-24 01:18 - 2009-12-30 18:13 - 2666201056 _____ C:\Windows\system32\Drivers\fidbox.dat
2013-07-24 00:16 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-07-23 22:16 - 2013-07-20 22:11 - 00000362 _____ C:\Windows\Tasks\ReclaimerUpdateXML_Olaf.job
2013-07-23 21:19 - 2013-07-23 21:19 - 00891062 _____ C:\Users\Olaf\Desktop\SecurityCheck.exe
2013-07-23 20:32 - 2013-07-23 20:32 - 00000000 ____D C:\Program Files\ESET
2013-07-23 20:31 - 2013-07-23 20:31 - 02347384 _____ (ESET) C:\Users\Olaf\Downloads\esetsmartinstaller_enu.exe
2013-07-23 18:43 - 2013-07-23 18:43 - 00000000 ____D C:\2e25bc9a05b08dace7427c46ed41c1
2013-07-23 18:36 - 2013-07-23 18:36 - 00377856 _____ C:\Users\Olaf\Desktop\gmer_2.1.19163.exe
2013-07-23 18:34 - 2013-07-23 18:34 - 00602112 _____ (OldTimer Tools) C:\Users\Olaf\Desktop\OTL.exe
2013-07-23 18:09 - 2013-07-23 18:09 - 00155632 _____ C:\Windows\Minidump\Mini072313-01.dmp
2013-07-23 18:09 - 2009-05-13 17:54 - 00000000 ____D C:\Windows\Minidump
2013-07-23 18:08 - 2013-04-13 13:15 - 403665842 _____ C:\Windows\MEMORY.DMP
2013-07-23 18:08 - 2013-04-10 15:28 - 00003668 _____ C:\Windows\PFRO.log
2013-07-23 17:52 - 2007-04-02 21:35 - 00000000 ____D C:\Users\Olaf\AppData\Local\Google
2013-07-23 17:52 - 2007-01-20 20:04 - 00000000 ____D C:\Program Files\Google
2013-07-23 17:42 - 2006-11-02 13:18 - 00000000 __RHD C:\Users\Public\Desktop
2013-07-23 17:38 - 2008-07-29 10:55 - 00000000 ____D C:\Users\Gast\Desktop
2013-07-23 17:38 - 2007-05-12 17:08 - 00000000 ____D C:\Program Files\InterActual
2013-07-23 17:38 - 2007-01-20 19:54 - 00000000 ___RD C:\Users\IUSR_NMPR\Desktop
2013-07-23 17:37 - 2011-05-03 15:47 - 00000000 ____D C:\Program Files\Medion GoPal Assistant
2013-07-23 17:22 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-07-23 16:25 - 2013-07-23 16:25 - 00000000 ____D C:\Windows\ERUNT
2013-07-23 16:21 - 2013-07-23 16:21 - 00560934 _____ (Oleg N. Scherbakov) C:\Users\Olaf\Desktop\JRT.exe
2013-07-23 15:38 - 2013-07-23 15:32 - 00030353 _____ C:\AdwCleaner[S1].txt
2013-07-23 15:38 - 2013-07-23 15:32 - 00000105 _____ C:\Windows\DeleteOnReboot.bat
2013-07-23 15:33 - 2013-01-27 13:53 - 00000000 ____D C:\ProgramData\GinyasBrowserCompanion
2013-07-23 15:28 - 2013-07-23 15:27 - 00031376 _____ C:\AdwCleaner[R1].txt
2013-07-23 15:23 - 2006-11-02 15:01 - 00032636 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-23 15:14 - 2013-07-23 15:14 - 00666633 _____ C:\Users\Olaf\Desktop\adwcleaner.exe
2013-07-23 15:09 - 2013-07-23 15:09 - 00000000 ____D C:\Program Files\Super_Lyrics
2013-07-23 00:21 - 2007-01-20 19:51 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-07-22 23:56 - 2013-07-22 22:02 - 00000000 ___SD C:\32788R22FWJFW
2013-07-22 23:36 - 2013-07-22 23:36 - 00000853 _____ C:\Users\Olaf\Desktop\ComboFix(1) - Verknüpfung.lnk
2013-07-22 23:28 - 2013-07-22 23:27 - 05091940 _____ (Swearware) C:\Users\Olaf\Downloads\ComboFix.exe
2013-07-22 23:18 - 2006-11-02 14:47 - 00443208 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-22 23:14 - 2009-12-30 18:13 - 28240388 ___SH C:\Windows\system32\Drivers\fidbox.idx
2013-07-22 23:14 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2013-07-22 23:14 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2013-07-22 22:09 - 2013-07-22 22:07 - 00000000 ____D C:\Qoobox
2013-07-22 22:03 - 2013-07-22 22:03 - 00000000 ____D C:\Windows\erdnt
2013-07-22 21:16 - 2013-07-20 22:11 - 00000366 _____ C:\Windows\Tasks\ReclaimerUpdateFiles_Olaf.job
2013-07-22 21:06 - 2013-07-22 21:06 - 00050477 _____ C:\Users\Olaf\Downloads\Defogger.exe
2013-07-22 20:50 - 2012-11-06 23:48 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-22 20:45 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-22 20:34 - 2013-07-22 20:34 - 00000000 ____D C:\FRST
2013-07-22 20:26 - 2013-07-23 18:18 - 01219874 _____ (Farbar) C:\Users\Olaf\Desktop\FRST.exe
2013-07-20 23:25 - 2013-04-13 03:02 - 00000796 _____ C:\Windows\setupact.log
2013-07-20 23:19 - 2013-07-20 23:19 - 00156160 _____ C:\Windows\Minidump\Mini072013-02.dmp
2013-07-20 22:49 - 2013-07-20 22:49 - 00001991 _____ C:\Users\Olaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
2013-07-20 22:34 - 2012-05-09 17:31 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-07-20 19:32 - 2013-07-20 19:31 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-20 18:56 - 2012-04-25 14:17 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-07-20 18:56 - 2011-08-28 08:50 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-07-20 18:51 - 2013-07-20 18:51 - 00160000 _____ C:\Windows\Minidump\Mini072013-01.dmp
2013-07-20 18:32 - 2013-07-20 18:32 - 02195988 _____ C:\Users\Olaf\Desktop\tdsskiller-2-8-14-0.zip
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\PiccShare
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\Common
2013-07-20 18:31 - 2006-11-02 13:18 - 00000000 ___RD C:\Users\Public
2013-07-20 18:30 - 2013-07-20 18:29 - 00393064 _____ (Softonic ) C:\Users\Olaf\Downloads\SoftonicDownloader_fuer_kaspersky-tdsskiller.exe
2013-06-24 00:16 - 2006-11-02 12:24 - 75699896 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-07-24 14:52
==================== End Of Log ============================
|
|
24.07.2013, 15:51
| #18 |
| /// the machine /// TB-Ausbilder | tcbhn wurde beendet Java, Adobe Reader und Firefox updaten.
__________________Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop. Schließe nun alle offenen Programme und trenne Dich von dem Internet. Doppelklick auf die TFC.exe und drücke auf Start. Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen. Noch Probleme? 
__________________ |
|
24.07.2013, 17:12
| #19 |
| | tcbhn wurde beendet TFC hat 520Mb temp gelöscht. Das ist bestimmt viel oder? Mal sehen ob ich den Broser jetzt ohne festfrieren (wie sagt man in Computersprache?) beendet bekomme. Kann dass schon die Lösung sein? Hier noch FRST FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-07-2013
Ran by Olaf (administrator) on 24-07-2013 18:07:04
Running from C:\Users\Olaf\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(InterVideo Inc.) C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
() C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
(Hewlett-Packard Company) c:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
() C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(RealNetworks, Inc.) C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe
(Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
==================== Registry (Whitelisted) ==================
Winlogon\Notify\klogon: C:\Windows\system32\klogon.dll (Kaspersky Lab)
MountPoints2: {f75312be-89cf-11de-a996-001a92486b3f} - J:\Menu.exe
HKU\IUSR_NMPR\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [ 2008-01-18] (Microsoft Corporation)
HKU\IUSR_NMPR\...\Run: [ICQ] - "C:\Program Files\ICQ6\ICQ.exe" silent [x]
HKU\IUSR_NMPR\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [x]
HKU\IUSR_NMPR\...\RunOnce: [ICQ Lite] - C:\Program Files\ICQLite\ICQLite.exe -trayboot [x]
HKU\IUSR_NMPR\...\RunOnce: [DATA BECKER Registrierung] - "C:\Program Files\Internet Explorer\Iexplore.exe" C:\Program Files\DATA BECKER\Visitenkarten-Druckerei 10\Support\Online\index.htm [x]
==================== Internet (Whitelisted) ====================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=71&bd=Pavilion&pf=desktop
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=71&bd=Pavilion&pf=desktop
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {99BF4F38-A3A2-412A-996F-AAD9A3406746} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06
SearchScopes: HKCU - {639C8579-AFEB-4039-886E-D4B7612A0244} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=YYYYYYYYDE&apn_uid=E918B100-3F16-4AFE-9A56-655241D70738&apn_sauid=FA585939-A01E-4CF2-B412-32F822B64359
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Super Lyrics - {30B87EBD-E91B-498B-B25D-DF116AF00393} - C:\Program Files\Super_Lyrics\125.dll (Super Add-on Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Super Lyrics - {B9020890-9E08-446B-87B0-0C5CD0436D86} - C:\Program Files\Super_Lyrics\116.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU -&Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value -
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default
FF SelectedSearchEngine: Google.de
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/JavaPlugin,version=10.11.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.0.282 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/npracplug;version=1.0.0.0 - C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.0.282 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @phonostar.de/radio ffn Rekorder - C:\Program Files\radio ffn Rekorder\npphonostarDetectNP.dll ( )
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Olaf\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\searchplugins\googlede-pws.xml
FF SearchPlugin: C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\searchplugins\googlede.xml
FF Extension: No Name - C:\Users\Olaf\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: No Name - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com
FF Extension: No Name - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\plugin@starstable.com
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: ciuvo-extension - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\ciuvo-extension@icq.de.xpi
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKCU\...\Firefox\Extensions: [{F7EC2BAD-F77B-4020-B3C6-58B97D0859E5}] C:\Program Files\Super_Lyrics\125.xpi
FF Extension: No Name - C:\Program Files\Super_Lyrics\125.xpi
Chrome:
=======
CHR Extension: () - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\1.0.5_0\back.html
CHR HKLM\...\Chrome\Extension: [bgnjcnjlaajofpendibcoodneacalfho] - C:\Program Files\Super_Lyrics\125.crx
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
========================== Services (Whitelisted) =================
S3 AlertService; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [188416 2006-09-11] (Intel(R) Corporation)
R2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe [221184 2008-05-01] (Kaspersky Lab)
R2 Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
R2 DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [208896 2006-09-03] ()
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG)
S3 FirebirdServerMAGIXInstance; C:\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-08-10] (The Firebird Project)
S2 IntelDHSvcConf; C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe [29696 2006-05-10] (Intel(R) Corporation)
S3 ISSM; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [75264 2006-09-11] (Intel(R) Corporation)
S3 M1 Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [26624 2006-09-01] ()
S3 MCLServiceATL; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [167936 2006-09-11] (Intel(R) Corporation)
R2 OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
S3 Remote UI Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [544256 2006-09-11] (Intel(R) Corporation)
S3 stllssvr; "c:\Program Files\Common Files\SureThing Shared\stllssvr.exe" [x]
==================== Drivers (Whitelisted) ====================
R2 ACEDRV07; C:\Windows\system32\drivers\ACEDRV07.sys [101376 2007-09-27] (Protect Software GmbH)
R3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.)
R1 kl1; C:\Windows\System32\DRIVERS\kl1.sys [110096 2007-10-31] (Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [147984 2007-12-13] (Kaspersky Lab)
R3 pfc; C:\Windows\System32\drivers\pfc.sys [21248 2003-09-20] (Padus, Inc.)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [90536 2008-05-27] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [15016 2008-05-27] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [122152 2008-05-27] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [115496 2008-05-27] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [25768 2008-05-27] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [111912 2008-05-27] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [117672 2008-05-27] (MCCI Corporation)
R1 SLEE_14_DRIVER; C:\Windows\system32\drivers\Sleen14.sys [72480 2006-11-08] (Softwareentwicklung Remus - ArchiCrypt )
S3 TSHWMDTCP; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys [4608 2006-07-13] ()
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 massfilter; system32\drivers\massfilter.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 ZD1211BU(ZyDAS); system32\DRIVERS\zd1211Bu.sys [x]
S3 ZDPSp60; System32\Drivers\ZDPSp60.sys [x]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-07-24 17:24 - 2013-07-24 17:24 - 00448512 _____ (OldTimer Tools) C:\Users\Olaf\Desktop\TFC.exe
2013-07-23 21:19 - 2013-07-23 21:19 - 00891062 _____ C:\Users\Olaf\Desktop\SecurityCheck.exe
2013-07-23 20:32 - 2013-07-23 20:32 - 00000000 ____D C:\Program Files\ESET
2013-07-23 20:31 - 2013-07-23 20:31 - 02347384 _____ (ESET) C:\Users\Olaf\Downloads\esetsmartinstaller_enu.exe
2013-07-23 18:43 - 2013-07-23 18:43 - 00000000 ____D C:\2e25bc9a05b08dace7427c46ed41c1
2013-07-23 18:36 - 2013-07-23 18:36 - 00377856 _____ C:\Users\Olaf\Desktop\gmer_2.1.19163.exe
2013-07-23 18:34 - 2013-07-23 18:34 - 00602112 _____ (OldTimer Tools) C:\Users\Olaf\Desktop\OTL.exe
2013-07-23 18:18 - 2013-07-22 20:26 - 01219874 _____ (Farbar) C:\Users\Olaf\Desktop\FRST.exe
2013-07-23 18:09 - 2013-07-23 18:09 - 00155632 _____ C:\Windows\Minidump\Mini072313-01.dmp
2013-07-23 16:25 - 2013-07-23 16:25 - 00000000 ____D C:\Windows\ERUNT
2013-07-23 16:21 - 2013-07-23 16:21 - 00560934 _____ (Oleg N. Scherbakov) C:\Users\Olaf\Desktop\JRT.exe
2013-07-23 15:32 - 2013-07-23 15:38 - 00030353 _____ C:\AdwCleaner[S1].txt
2013-07-23 15:32 - 2013-07-23 15:38 - 00000105 _____ C:\Windows\DeleteOnReboot.bat
2013-07-23 15:27 - 2013-07-23 15:28 - 00031376 _____ C:\AdwCleaner[R1].txt
2013-07-23 15:14 - 2013-07-23 15:14 - 00666633 _____ C:\Users\Olaf\Desktop\adwcleaner.exe
2013-07-23 15:09 - 2013-07-23 15:09 - 00000000 ____D C:\Program Files\Super_Lyrics
2013-07-22 23:36 - 2013-07-22 23:36 - 00000853 _____ C:\Users\Olaf\Desktop\ComboFix(1) - Verknüpfung.lnk
2013-07-22 23:27 - 2013-07-22 23:28 - 05091940 _____ (Swearware) C:\Users\Olaf\Downloads\ComboFix.exe
2013-07-22 22:10 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-07-22 22:10 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-07-22 22:10 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-07-22 22:07 - 2013-07-22 22:09 - 00000000 ____D C:\Qoobox
2013-07-22 22:03 - 2013-07-22 22:03 - 00000000 ____D C:\Windows\erdnt
2013-07-22 22:02 - 2013-07-22 23:56 - 00000000 ___SD C:\32788R22FWJFW
2013-07-22 21:07 - 2013-05-29 03:56 - 12333568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-22 21:07 - 2013-05-29 03:50 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-22 21:07 - 2013-05-29 03:48 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-22 21:07 - 2013-05-29 03:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-22 21:07 - 2013-05-29 03:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-22 21:07 - 2013-05-29 03:41 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-22 21:07 - 2013-05-29 03:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-22 21:07 - 2013-05-29 03:38 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-22 21:07 - 2013-05-29 03:37 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-22 21:07 - 2013-05-29 03:36 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-22 21:07 - 2013-05-29 03:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-22 21:07 - 2013-05-29 03:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-22 21:07 - 2013-05-29 03:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-22 21:07 - 2013-05-29 03:33 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-22 21:07 - 2013-05-29 03:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-22 21:07 - 2013-05-29 03:29 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-22 21:06 - 2013-07-22 21:06 - 00050477 _____ C:\Users\Olaf\Downloads\Defogger.exe
2013-07-22 20:34 - 2013-07-22 20:34 - 00000000 ____D C:\FRST
2013-07-20 23:19 - 2013-07-20 23:19 - 00156160 _____ C:\Windows\Minidump\Mini072013-02.dmp
2013-07-20 23:16 - 2013-07-24 17:44 - 00000374 _____ C:\Windows\Tasks\Super Lyrics Update.job
2013-07-20 22:49 - 2013-07-20 22:49 - 00001991 _____ C:\Users\Olaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
2013-07-20 22:14 - 2013-07-24 17:42 - 00000372 _____ C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Olaf.job
2013-07-20 22:11 - 2013-07-23 22:16 - 00000362 _____ C:\Windows\Tasks\ReclaimerUpdateXML_Olaf.job
2013-07-20 22:11 - 2013-07-22 21:16 - 00000366 _____ C:\Windows\Tasks\ReclaimerUpdateFiles_Olaf.job
2013-07-20 19:31 - 2013-07-20 19:32 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-20 19:22 - 2013-04-17 14:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-07-20 19:20 - 2013-06-04 03:50 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-20 19:20 - 2013-05-08 06:37 - 00905576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-07-20 19:19 - 2013-06-01 06:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-20 19:19 - 2013-05-03 00:03 - 03603832 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-07-20 19:19 - 2013-05-03 00:03 - 03551096 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-07-20 19:19 - 2013-05-02 06:04 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-07-20 19:19 - 2013-05-02 06:03 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\printcom.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00985600 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2013-07-20 19:19 - 2013-04-24 03:46 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-07-20 19:19 - 2013-04-17 13:28 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-07-20 19:19 - 2013-04-17 13:28 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-07-20 19:19 - 2013-04-17 13:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-07-20 19:19 - 2013-04-17 13:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-07-20 19:19 - 2013-04-17 12:34 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-07-20 19:19 - 2013-04-17 12:33 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-07-20 19:19 - 2013-04-17 12:14 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-07-20 19:19 - 2013-04-17 12:10 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-20 19:19 - 2013-04-17 12:10 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-07-20 19:18 - 2013-05-08 06:04 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-20 18:51 - 2013-07-20 18:51 - 00160000 _____ C:\Windows\Minidump\Mini072013-01.dmp
2013-07-20 18:37 - 2013-07-24 17:47 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-20 18:37 - 2013-07-24 17:42 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-20 18:32 - 2013-07-20 18:32 - 02195988 _____ C:\Users\Olaf\Desktop\tdsskiller-2-8-14-0.zip
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\PiccShare
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\Common
2013-07-20 18:29 - 2013-07-20 18:30 - 00393064 _____ (Softonic ) C:\Users\Olaf\Downloads\SoftonicDownloader_fuer_kaspersky-tdsskiller.exe
==================== One Month Modified Files and Folders =======
2013-07-24 18:09 - 2011-11-23 21:41 - 00001134 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1566220321-2446519374-2048356015-1001UA.job
2013-07-24 18:07 - 2007-04-02 16:15 - 00000000 ___RD C:\Users\Olaf\Desktop
2013-07-24 18:06 - 2007-06-27 14:40 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-07-24 17:53 - 2012-04-25 14:17 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-24 17:49 - 2006-11-02 12:33 - 01586480 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-24 17:47 - 2013-07-20 18:37 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-24 17:44 - 2013-07-20 23:16 - 00000374 _____ C:\Windows\Tasks\Super Lyrics Update.job
2013-07-24 17:42 - 2013-07-20 22:14 - 00000372 _____ C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Olaf.job
2013-07-24 17:42 - 2013-07-20 18:37 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-24 17:42 - 2008-01-08 16:06 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-24 17:42 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-24 17:42 - 2006-11-02 14:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-24 17:42 - 2006-11-02 14:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-24 17:24 - 2013-07-24 17:24 - 00448512 _____ (OldTimer Tools) C:\Users\Olaf\Desktop\TFC.exe
2013-07-24 17:17 - 2011-12-12 16:11 - 02072194 _____ C:\Windows\WindowsUpdate.log
2013-07-24 15:09 - 2011-11-23 21:41 - 00001112 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1566220321-2446519374-2048356015-1001Core.job
2013-07-24 01:18 - 2009-12-30 18:13 - 2666201056 _____ C:\Windows\system32\Drivers\fidbox.dat
2013-07-24 00:16 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-07-23 22:16 - 2013-07-20 22:11 - 00000362 _____ C:\Windows\Tasks\ReclaimerUpdateXML_Olaf.job
2013-07-23 21:19 - 2013-07-23 21:19 - 00891062 _____ C:\Users\Olaf\Desktop\SecurityCheck.exe
2013-07-23 20:32 - 2013-07-23 20:32 - 00000000 ____D C:\Program Files\ESET
2013-07-23 20:31 - 2013-07-23 20:31 - 02347384 _____ (ESET) C:\Users\Olaf\Downloads\esetsmartinstaller_enu.exe
2013-07-23 18:43 - 2013-07-23 18:43 - 00000000 ____D C:\2e25bc9a05b08dace7427c46ed41c1
2013-07-23 18:36 - 2013-07-23 18:36 - 00377856 _____ C:\Users\Olaf\Desktop\gmer_2.1.19163.exe
2013-07-23 18:34 - 2013-07-23 18:34 - 00602112 _____ (OldTimer Tools) C:\Users\Olaf\Desktop\OTL.exe
2013-07-23 18:09 - 2013-07-23 18:09 - 00155632 _____ C:\Windows\Minidump\Mini072313-01.dmp
2013-07-23 18:09 - 2009-05-13 17:54 - 00000000 ____D C:\Windows\Minidump
2013-07-23 18:08 - 2013-04-13 13:15 - 403665842 _____ C:\Windows\MEMORY.DMP
2013-07-23 18:08 - 2013-04-10 15:28 - 00003668 _____ C:\Windows\PFRO.log
2013-07-23 17:52 - 2007-04-02 21:35 - 00000000 ____D C:\Users\Olaf\AppData\Local\Google
2013-07-23 17:52 - 2007-01-20 20:04 - 00000000 ____D C:\Program Files\Google
2013-07-23 17:42 - 2006-11-02 13:18 - 00000000 __RHD C:\Users\Public\Desktop
2013-07-23 17:38 - 2008-07-29 10:55 - 00000000 ____D C:\Users\Gast\Desktop
2013-07-23 17:38 - 2007-05-12 17:08 - 00000000 ____D C:\Program Files\InterActual
2013-07-23 17:38 - 2007-01-20 19:54 - 00000000 ___RD C:\Users\IUSR_NMPR\Desktop
2013-07-23 17:37 - 2011-05-03 15:47 - 00000000 ____D C:\Program Files\Medion GoPal Assistant
2013-07-23 17:22 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-07-23 16:25 - 2013-07-23 16:25 - 00000000 ____D C:\Windows\ERUNT
2013-07-23 16:21 - 2013-07-23 16:21 - 00560934 _____ (Oleg N. Scherbakov) C:\Users\Olaf\Desktop\JRT.exe
2013-07-23 15:38 - 2013-07-23 15:32 - 00030353 _____ C:\AdwCleaner[S1].txt
2013-07-23 15:38 - 2013-07-23 15:32 - 00000105 _____ C:\Windows\DeleteOnReboot.bat
2013-07-23 15:33 - 2013-01-27 13:53 - 00000000 ____D C:\ProgramData\GinyasBrowserCompanion
2013-07-23 15:28 - 2013-07-23 15:27 - 00031376 _____ C:\AdwCleaner[R1].txt
2013-07-23 15:23 - 2006-11-02 15:01 - 00032636 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-23 15:14 - 2013-07-23 15:14 - 00666633 _____ C:\Users\Olaf\Desktop\adwcleaner.exe
2013-07-23 15:09 - 2013-07-23 15:09 - 00000000 ____D C:\Program Files\Super_Lyrics
2013-07-23 00:21 - 2007-01-20 19:51 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-07-22 23:56 - 2013-07-22 22:02 - 00000000 ___SD C:\32788R22FWJFW
2013-07-22 23:36 - 2013-07-22 23:36 - 00000853 _____ C:\Users\Olaf\Desktop\ComboFix(1) - Verknüpfung.lnk
2013-07-22 23:28 - 2013-07-22 23:27 - 05091940 _____ (Swearware) C:\Users\Olaf\Downloads\ComboFix.exe
2013-07-22 23:18 - 2006-11-02 14:47 - 00443208 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-22 23:14 - 2009-12-30 18:13 - 28240388 ___SH C:\Windows\system32\Drivers\fidbox.idx
2013-07-22 23:14 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2013-07-22 23:14 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2013-07-22 22:09 - 2013-07-22 22:07 - 00000000 ____D C:\Qoobox
2013-07-22 22:03 - 2013-07-22 22:03 - 00000000 ____D C:\Windows\erdnt
2013-07-22 21:16 - 2013-07-20 22:11 - 00000366 _____ C:\Windows\Tasks\ReclaimerUpdateFiles_Olaf.job
2013-07-22 21:06 - 2013-07-22 21:06 - 00050477 _____ C:\Users\Olaf\Downloads\Defogger.exe
2013-07-22 20:50 - 2012-11-06 23:48 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-22 20:45 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-22 20:34 - 2013-07-22 20:34 - 00000000 ____D C:\FRST
2013-07-22 20:26 - 2013-07-23 18:18 - 01219874 _____ (Farbar) C:\Users\Olaf\Desktop\FRST.exe
2013-07-20 23:25 - 2013-04-13 03:02 - 00000796 _____ C:\Windows\setupact.log
2013-07-20 23:19 - 2013-07-20 23:19 - 00156160 _____ C:\Windows\Minidump\Mini072013-02.dmp
2013-07-20 22:49 - 2013-07-20 22:49 - 00001991 _____ C:\Users\Olaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
2013-07-20 22:34 - 2012-05-09 17:31 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-07-20 19:32 - 2013-07-20 19:31 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-20 18:56 - 2012-04-25 14:17 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-07-20 18:56 - 2011-08-28 08:50 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-07-20 18:51 - 2013-07-20 18:51 - 00160000 _____ C:\Windows\Minidump\Mini072013-01.dmp
2013-07-20 18:32 - 2013-07-20 18:32 - 02195988 _____ C:\Users\Olaf\Desktop\tdsskiller-2-8-14-0.zip
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\PiccShare
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\Common
2013-07-20 18:31 - 2006-11-02 13:18 - 00000000 ___RD C:\Users\Public
2013-07-20 18:30 - 2013-07-20 18:29 - 00393064 _____ (Softonic ) C:\Users\Olaf\Downloads\SoftonicDownloader_fuer_kaspersky-tdsskiller.exe
2013-06-24 00:16 - 2006-11-02 12:24 - 75699896 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-07-24 17:57
==================== End Of Log ============================
--- --- --- --- --- --- was ist mit dieser Datei? Code:
ATTFilter C:\Windows\Minidump\Mini072313-01.dmp
Schreibe gerade vom Teblet . Du bist mich also noch nicht los...lach, ich hab mich auch schon richtig an dich gewöhnt :-) Geändert von Rosanja (24.07.2013 um 17:19 Uhr) |
|
24.07.2013, 21:33
| #20 |
| /// the machine /// TB-Ausbilder | tcbhn wurde beendet Welcher Browser? Versuch mal einen andern, gleiches Problem?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
28.07.2013, 20:21
| #21 |
| | tcbhn wurde beendet Hallo Schrauber, bin wieder da. Firefox und Internetexplorer lassen sich beide nicht schließen, dann ist wieder stillstand. Ich habe auch versucht Picasa zu starten, leider auch ohne Erfolg (stillstand). Die Meldung tcbhn kommt auf jeden Fall nicht mehr. Aber warum friert der PC immer ein?????????? Wenn ich arbeite geht er aber wenn ich mehr als 15 Min nicht dran bin, steht das Bild wieder! Hast du eine Idee womit es zusammen hängt? Bis bald Gruß Tanja |
|
29.07.2013, 08:20
| #22 |
| /// the machine /// TB-Ausbilder | tcbhn wurde beendet Downloade dir bitte Windows Repair (All In One) von hier.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
05.08.2013, 22:06
| #23 |
| | tcbhn wurde beendet Ich habe das Programm zweimal durchlaufen lassen! Beim automatischem runterfahren hat er sich wieder aufgehängt und eigenständig wieder hochgefahren nach Bestätigung "Windows normal starten". Hier ein neues FRST: FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-07-2013 (ATTENTION: FRST version is 15 days old)
Ran by Olaf (administrator) on 05-08-2013 21:50:20
Running from C:\Users\Olaf\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe
(InterVideo Inc.) C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
() C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
(Microsoft Corporation) C:\Windows\ehome\ehRecvr.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
(Hewlett-Packard Company) c:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
() C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\tv_w32.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Hewlett-Packard Company) C:\hp\support\hpsysdrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
() C:\Program Files\Steganos Safe Home\SteganosHotKeyService.exe
(Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
() C:\Program Files\radio ffn Rekorder\phonostarTimer.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Company) C:\hp\kbd\kbd.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Microsoft Corporation) C:\Windows\system32\sdclt.exe
(Microsoft Corporation) C:\Windows\ehome\mcupdate.EXE
==================== Registry (Whitelisted) ==================
Winlogon\Notify\klogon: C:\Windows\system32\klogon.dll (Kaspersky Lab)
MountPoints2: {f75312be-89cf-11de-a996-001a92486b3f} - J:\Menu.exe
HKU\IUSR_NMPR\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [ 2008-01-18] (Microsoft Corporation)
HKU\IUSR_NMPR\...\Run: [ICQ] - "C:\Program Files\ICQ6\ICQ.exe" silent [x]
HKU\IUSR_NMPR\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [x]
HKU\IUSR_NMPR\...\RunOnce: [ICQ Lite] - C:\Program Files\ICQLite\ICQLite.exe -trayboot [x]
HKU\IUSR_NMPR\...\RunOnce: [DATA BECKER Registrierung] - "C:\Program Files\Internet Explorer\Iexplore.exe" C:\Program Files\DATA BECKER\Visitenkarten-Druckerei 10\Support\Online\index.htm [x]
==================== Internet (Whitelisted) ====================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=71&bd=Pavilion&pf=desktop
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=71&bd=Pavilion&pf=desktop
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {99BF4F38-A3A2-412A-996F-AAD9A3406746} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06
SearchScopes: HKCU - {639C8579-AFEB-4039-886E-D4B7612A0244} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=YYYYYYYYDE&apn_uid=E918B100-3F16-4AFE-9A56-655241D70738&apn_sauid=FA585939-A01E-4CF2-B412-32F822B64359
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Super Lyrics - {30B87EBD-E91B-498B-B25D-DF116AF00393} - C:\Program Files\Super_Lyrics\125.dll (Super Add-on Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Super Lyrics - {B9020890-9E08-446B-87B0-0C5CD0436D86} - C:\Program Files\Super_Lyrics\116.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU -&Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value -
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default
FF SelectedSearchEngine: Google.de
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/JavaPlugin,version=10.11.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.0.282 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/npracplug;version=1.0.0.0 - C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.0.282 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @phonostar.de/radio ffn Rekorder - C:\Program Files\radio ffn Rekorder\npphonostarDetectNP.dll ( )
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Olaf\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\searchplugins\googlede-pws.xml
FF SearchPlugin: C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\searchplugins\googlede.xml
FF Extension: No Name - C:\Users\Olaf\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: No Name - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com
FF Extension: No Name - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\plugin@starstable.com
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: ciuvo-extension - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\ciuvo-extension@icq.de.xpi
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKCU\...\Firefox\Extensions: [{F7EC2BAD-F77B-4020-B3C6-58B97D0859E5}] C:\Program Files\Super_Lyrics\125.xpi
FF Extension: No Name - C:\Program Files\Super_Lyrics\125.xpi
Chrome:
=======
CHR Extension: () - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\1.0.5_0\back.html
CHR HKLM\...\Chrome\Extension: [bgnjcnjlaajofpendibcoodneacalfho] - C:\Program Files\Super_Lyrics\125.crx
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
========================== Services (Whitelisted) =================
S3 AlertService; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [188416 2006-09-11] (Intel(R) Corporation)
R2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe [221184 2008-05-01] (Kaspersky Lab)
R2 Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
R2 DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [208896 2006-09-03] ()
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG)
S3 FirebirdServerMAGIXInstance; C:\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-08-10] (The Firebird Project)
S2 IntelDHSvcConf; C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe [29696 2006-05-10] (Intel(R) Corporation)
S3 ISSM; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [75264 2006-09-11] (Intel(R) Corporation)
S3 M1 Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [26624 2006-09-01] ()
S3 MCLServiceATL; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [167936 2006-09-11] (Intel(R) Corporation)
R2 OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
S3 Remote UI Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [544256 2006-09-11] (Intel(R) Corporation)
S3 stllssvr; "c:\Program Files\Common Files\SureThing Shared\stllssvr.exe" [x]
==================== Drivers (Whitelisted) ====================
R2 ACEDRV07; C:\Windows\system32\drivers\ACEDRV07.sys [101376 2007-09-27] (Protect Software GmbH)
R3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.)
R1 kl1; C:\Windows\System32\DRIVERS\kl1.sys [110096 2007-10-31] (Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [147984 2007-12-13] (Kaspersky Lab)
R3 pfc; C:\Windows\System32\drivers\pfc.sys [21248 2003-09-20] (Padus, Inc.)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [90536 2008-05-27] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [15016 2008-05-27] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [122152 2008-05-27] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [115496 2008-05-27] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [25768 2008-05-27] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [111912 2008-05-27] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [117672 2008-05-27] (MCCI Corporation)
R1 SLEE_14_DRIVER; C:\Windows\system32\drivers\Sleen14.sys [72480 2006-11-08] (Softwareentwicklung Remus - ArchiCrypt )
S3 TSHWMDTCP; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys [4608 2006-07-13] ()
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 massfilter; system32\drivers\massfilter.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 ZD1211BU(ZyDAS); system32\DRIVERS\zd1211Bu.sys [x]
S3 ZDPSp60; System32\Drivers\ZDPSp60.sys [x]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-05 21:31 - 2013-08-05 21:31 - 00155712 _____ C:\Windows\Minidump\Mini080513-01.dmp
2013-07-31 17:59 - 2013-07-31 17:59 - 00000207 _____ C:\Windows\tweaking.com-regbackup-OLAF-PC-Microsoft®-Windows-Vista™-Home-Premium-(32-Bit).dat
2013-07-31 17:57 - 2013-07-31 17:57 - 00000000 ____D C:\RegBackup
2013-07-30 15:50 - 2013-08-05 21:27 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-07-30 15:49 - 2011-10-24 13:35 - 00000000 ____D C:\Users\Olaf\Downloads\Tweaking.com - Windows Repair
2013-07-30 15:47 - 2013-07-30 15:47 - 00000000 ____D C:\Users\Olaf\Desktop\tweaking.com_windows_repair_aio
2013-07-30 15:45 - 2013-07-30 15:45 - 00000000 ____D C:\Users\Olaf\Downloads\tweaking.com_windows_repair_aio
2013-07-30 15:40 - 2013-07-30 15:40 - 03517580 _____ C:\Users\Olaf\Downloads\tweaking.com_windows_repair_aio.zip
2013-07-30 15:34 - 2013-07-30 15:34 - 00139496 _____ C:\Windows\Minidump\Mini073013-01.dmp
2013-07-24 17:24 - 2013-07-24 17:24 - 00448512 _____ (OldTimer Tools) C:\Users\Olaf\Desktop\TFC.exe
2013-07-23 21:19 - 2013-07-23 21:19 - 00891062 _____ C:\Users\Olaf\Desktop\SecurityCheck.exe
2013-07-23 20:32 - 2013-07-23 20:32 - 00000000 ____D C:\Program Files\ESET
2013-07-23 20:31 - 2013-07-23 20:31 - 02347384 _____ (ESET) C:\Users\Olaf\Downloads\esetsmartinstaller_enu.exe
2013-07-23 18:43 - 2013-07-23 18:43 - 00000000 ____D C:\2e25bc9a05b08dace7427c46ed41c1
2013-07-23 18:36 - 2013-07-23 18:36 - 00377856 _____ C:\Users\Olaf\Desktop\gmer_2.1.19163.exe
2013-07-23 18:34 - 2013-07-23 18:34 - 00602112 _____ (OldTimer Tools) C:\Users\Olaf\Desktop\OTL.exe
2013-07-23 18:18 - 2013-07-22 20:26 - 01219874 _____ (Farbar) C:\Users\Olaf\Desktop\FRST.exe
2013-07-23 18:09 - 2013-07-23 18:09 - 00155632 _____ C:\Windows\Minidump\Mini072313-01.dmp
2013-07-23 16:25 - 2013-07-23 16:25 - 00000000 ____D C:\Windows\ERUNT
2013-07-23 16:21 - 2013-07-23 16:21 - 00560934 _____ (Oleg N. Scherbakov) C:\Users\Olaf\Desktop\JRT.exe
2013-07-23 15:32 - 2013-07-23 15:38 - 00030353 _____ C:\AdwCleaner[S1].txt
2013-07-23 15:32 - 2013-07-23 15:38 - 00000105 _____ C:\Windows\DeleteOnReboot.bat
2013-07-23 15:27 - 2013-07-23 15:28 - 00031376 _____ C:\AdwCleaner[R1].txt
2013-07-23 15:14 - 2013-07-23 15:14 - 00666633 _____ C:\Users\Olaf\Desktop\adwcleaner.exe
2013-07-23 15:09 - 2013-07-23 15:09 - 00000000 ____D C:\Program Files\Super_Lyrics
2013-07-22 23:36 - 2013-07-22 23:36 - 00000853 _____ C:\Users\Olaf\Desktop\ComboFix(1) - Verknüpfung.lnk
2013-07-22 23:27 - 2013-07-22 23:28 - 05091940 _____ (Swearware) C:\Users\Olaf\Downloads\ComboFix.exe
2013-07-22 22:10 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-07-22 22:10 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-07-22 22:10 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-07-22 22:07 - 2013-07-22 22:09 - 00000000 ____D C:\Qoobox
2013-07-22 22:03 - 2013-07-22 22:03 - 00000000 ____D C:\Windows\erdnt
2013-07-22 22:02 - 2013-07-22 23:56 - 00000000 ___SD C:\32788R22FWJFW
2013-07-22 21:07 - 2013-05-29 03:56 - 12333568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-22 21:07 - 2013-05-29 03:50 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-22 21:07 - 2013-05-29 03:48 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-22 21:07 - 2013-05-29 03:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-22 21:07 - 2013-05-29 03:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-22 21:07 - 2013-05-29 03:41 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-22 21:07 - 2013-05-29 03:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-22 21:07 - 2013-05-29 03:38 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-22 21:07 - 2013-05-29 03:37 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-22 21:07 - 2013-05-29 03:36 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-22 21:07 - 2013-05-29 03:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-22 21:07 - 2013-05-29 03:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-22 21:07 - 2013-05-29 03:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-22 21:07 - 2013-05-29 03:33 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-22 21:07 - 2013-05-29 03:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-22 21:07 - 2013-05-29 03:29 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-22 21:06 - 2013-07-22 21:06 - 00050477 _____ C:\Users\Olaf\Downloads\Defogger.exe
2013-07-22 20:34 - 2013-07-22 20:34 - 00000000 ____D C:\FRST
2013-07-20 23:19 - 2013-07-20 23:19 - 00156160 _____ C:\Windows\Minidump\Mini072013-02.dmp
2013-07-20 23:16 - 2013-08-05 21:33 - 00000374 _____ C:\Windows\Tasks\Super Lyrics Update.job
2013-07-20 22:49 - 2013-07-20 22:49 - 00001991 _____ C:\Users\Olaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
2013-07-20 19:31 - 2013-07-20 19:32 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-20 19:22 - 2013-04-17 14:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-07-20 19:20 - 2013-06-04 03:50 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-20 19:20 - 2013-05-08 06:37 - 00905576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-07-20 19:19 - 2013-06-01 06:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-20 19:19 - 2013-05-03 00:03 - 03603832 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-07-20 19:19 - 2013-05-03 00:03 - 03551096 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-07-20 19:19 - 2013-05-02 06:04 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-07-20 19:19 - 2013-05-02 06:03 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\printcom.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00985600 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2013-07-20 19:19 - 2013-04-24 03:46 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-07-20 19:19 - 2013-04-17 13:28 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-07-20 19:19 - 2013-04-17 13:28 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-07-20 19:19 - 2013-04-17 13:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-07-20 19:19 - 2013-04-17 13:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-07-20 19:19 - 2013-04-17 12:34 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-07-20 19:19 - 2013-04-17 12:33 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-07-20 19:19 - 2013-04-17 12:14 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-07-20 19:19 - 2013-04-17 12:10 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-20 19:19 - 2013-04-17 12:10 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-07-20 19:18 - 2013-05-08 06:04 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-20 18:51 - 2013-07-20 18:51 - 00160000 _____ C:\Windows\Minidump\Mini072013-01.dmp
2013-07-20 18:37 - 2013-08-05 21:47 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-20 18:37 - 2013-08-05 21:31 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-20 18:32 - 2013-07-20 18:32 - 02195988 _____ C:\Users\Olaf\Desktop\tdsskiller-2-8-14-0.zip
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\PiccShare
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\Common
2013-07-20 18:29 - 2013-07-20 18:30 - 00393064 _____ (Softonic ) C:\Users\Olaf\Downloads\SoftonicDownloader_fuer_kaspersky-tdsskiller.exe
==================== One Month Modified Files and Folders =======
2013-08-05 21:53 - 2012-04-25 14:17 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-05 21:50 - 2007-04-02 16:15 - 00000000 ___RD C:\Users\Olaf\Desktop
2013-08-05 21:47 - 2013-07-20 18:37 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-05 21:39 - 2006-11-02 12:33 - 01586480 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-05 21:36 - 2007-06-27 14:40 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-08-05 21:35 - 2007-04-02 16:27 - 00146568 _____ C:\Users\Olaf\AppData\Local\GDIPFONTCACHEV1.DAT
2013-08-05 21:33 - 2013-07-20 23:16 - 00000374 _____ C:\Windows\Tasks\Super Lyrics Update.job
2013-08-05 21:32 - 2006-11-02 14:47 - 00443208 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-05 21:32 - 2006-11-02 14:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-05 21:32 - 2006-11-02 14:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-05 21:31 - 2013-08-05 21:31 - 00155712 _____ C:\Windows\Minidump\Mini080513-01.dmp
2013-08-05 21:31 - 2013-07-20 18:37 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-05 21:31 - 2013-04-13 13:15 - 295539634 _____ C:\Windows\MEMORY.DMP
2013-08-05 21:31 - 2013-04-10 15:28 - 00004364 _____ C:\Windows\PFRO.log
2013-08-05 21:31 - 2009-05-13 17:54 - 00000000 ____D C:\Windows\Minidump
2013-08-05 21:31 - 2008-01-08 16:06 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-05 21:31 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-05 21:31 - 2006-11-02 14:37 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-08-05 21:27 - 2013-07-30 15:50 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-08-05 21:25 - 2011-12-12 16:11 - 01501267 _____ C:\Windows\WindowsUpdate.log
2013-08-05 21:09 - 2011-11-23 21:41 - 00001134 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1566220321-2446519374-2048356015-1001UA.job
2013-08-03 15:09 - 2011-11-23 21:41 - 00001112 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1566220321-2446519374-2048356015-1001Core.job
2013-08-03 14:48 - 2007-07-10 16:43 - 03716436 _____ C:\Users\Mariessa\01 Heul Doch.wma
2013-07-31 17:59 - 2013-07-31 17:59 - 00000207 _____ C:\Windows\tweaking.com-regbackup-OLAF-PC-Microsoft®-Windows-Vista™-Home-Premium-(32-Bit).dat
2013-07-31 17:57 - 2013-07-31 17:57 - 00000000 ____D C:\RegBackup
2013-07-30 15:47 - 2013-07-30 15:47 - 00000000 ____D C:\Users\Olaf\Desktop\tweaking.com_windows_repair_aio
2013-07-30 15:45 - 2013-07-30 15:45 - 00000000 ____D C:\Users\Olaf\Downloads\tweaking.com_windows_repair_aio
2013-07-30 15:40 - 2013-07-30 15:40 - 03517580 _____ C:\Users\Olaf\Downloads\tweaking.com_windows_repair_aio.zip
2013-07-30 15:34 - 2013-07-30 15:34 - 00139496 _____ C:\Windows\Minidump\Mini073013-01.dmp
2013-07-24 17:24 - 2013-07-24 17:24 - 00448512 _____ (OldTimer Tools) C:\Users\Olaf\Desktop\TFC.exe
2013-07-24 01:18 - 2009-12-30 18:13 - 2666201056 _____ C:\Windows\system32\Drivers\fidbox.dat
2013-07-24 00:16 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-07-23 21:19 - 2013-07-23 21:19 - 00891062 _____ C:\Users\Olaf\Desktop\SecurityCheck.exe
2013-07-23 20:32 - 2013-07-23 20:32 - 00000000 ____D C:\Program Files\ESET
2013-07-23 20:31 - 2013-07-23 20:31 - 02347384 _____ (ESET) C:\Users\Olaf\Downloads\esetsmartinstaller_enu.exe
2013-07-23 18:43 - 2013-07-23 18:43 - 00000000 ____D C:\2e25bc9a05b08dace7427c46ed41c1
2013-07-23 18:36 - 2013-07-23 18:36 - 00377856 _____ C:\Users\Olaf\Desktop\gmer_2.1.19163.exe
2013-07-23 18:34 - 2013-07-23 18:34 - 00602112 _____ (OldTimer Tools) C:\Users\Olaf\Desktop\OTL.exe
2013-07-23 18:09 - 2013-07-23 18:09 - 00155632 _____ C:\Windows\Minidump\Mini072313-01.dmp
2013-07-23 17:52 - 2007-04-02 21:35 - 00000000 ____D C:\Users\Olaf\AppData\Local\Google
2013-07-23 17:52 - 2007-01-20 20:04 - 00000000 ____D C:\Program Files\Google
2013-07-23 17:42 - 2006-11-02 13:18 - 00000000 __RHD C:\Users\Public\Desktop
2013-07-23 17:38 - 2008-07-29 10:55 - 00000000 ____D C:\Users\Gast\Desktop
2013-07-23 17:38 - 2007-05-12 17:08 - 00000000 ____D C:\Program Files\InterActual
2013-07-23 17:38 - 2007-01-20 19:54 - 00000000 ___RD C:\Users\IUSR_NMPR\Desktop
2013-07-23 17:37 - 2011-05-03 15:47 - 00000000 ____D C:\Program Files\Medion GoPal Assistant
2013-07-23 17:22 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-07-23 16:25 - 2013-07-23 16:25 - 00000000 ____D C:\Windows\ERUNT
2013-07-23 16:21 - 2013-07-23 16:21 - 00560934 _____ (Oleg N. Scherbakov) C:\Users\Olaf\Desktop\JRT.exe
2013-07-23 15:38 - 2013-07-23 15:32 - 00030353 _____ C:\AdwCleaner[S1].txt
2013-07-23 15:38 - 2013-07-23 15:32 - 00000105 _____ C:\Windows\DeleteOnReboot.bat
2013-07-23 15:33 - 2013-01-27 13:53 - 00000000 ____D C:\ProgramData\GinyasBrowserCompanion
2013-07-23 15:28 - 2013-07-23 15:27 - 00031376 _____ C:\AdwCleaner[R1].txt
2013-07-23 15:23 - 2006-11-02 15:01 - 00032636 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-23 15:14 - 2013-07-23 15:14 - 00666633 _____ C:\Users\Olaf\Desktop\adwcleaner.exe
2013-07-23 15:09 - 2013-07-23 15:09 - 00000000 ____D C:\Program Files\Super_Lyrics
2013-07-23 00:21 - 2007-01-20 19:51 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-07-22 23:56 - 2013-07-22 22:02 - 00000000 ___SD C:\32788R22FWJFW
2013-07-22 23:36 - 2013-07-22 23:36 - 00000853 _____ C:\Users\Olaf\Desktop\ComboFix(1) - Verknüpfung.lnk
2013-07-22 23:28 - 2013-07-22 23:27 - 05091940 _____ (Swearware) C:\Users\Olaf\Downloads\ComboFix.exe
2013-07-22 23:14 - 2009-12-30 18:13 - 28240388 ___SH C:\Windows\system32\Drivers\fidbox.idx
2013-07-22 23:14 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2013-07-22 23:14 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2013-07-22 22:09 - 2013-07-22 22:07 - 00000000 ____D C:\Qoobox
2013-07-22 22:03 - 2013-07-22 22:03 - 00000000 ____D C:\Windows\erdnt
2013-07-22 21:06 - 2013-07-22 21:06 - 00050477 _____ C:\Users\Olaf\Downloads\Defogger.exe
2013-07-22 20:50 - 2012-11-06 23:48 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-22 20:45 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-22 20:34 - 2013-07-22 20:34 - 00000000 ____D C:\FRST
2013-07-22 20:26 - 2013-07-23 18:18 - 01219874 _____ (Farbar) C:\Users\Olaf\Desktop\FRST.exe
2013-07-20 23:25 - 2013-04-13 03:02 - 00000796 _____ C:\Windows\setupact.log
2013-07-20 23:19 - 2013-07-20 23:19 - 00156160 _____ C:\Windows\Minidump\Mini072013-02.dmp
2013-07-20 22:49 - 2013-07-20 22:49 - 00001991 _____ C:\Users\Olaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
2013-07-20 22:34 - 2012-05-09 17:31 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-07-20 19:32 - 2013-07-20 19:31 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-20 18:56 - 2012-04-25 14:17 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-07-20 18:56 - 2011-08-28 08:50 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-07-20 18:51 - 2013-07-20 18:51 - 00160000 _____ C:\Windows\Minidump\Mini072013-01.dmp
2013-07-20 18:32 - 2013-07-20 18:32 - 02195988 _____ C:\Users\Olaf\Desktop\tdsskiller-2-8-14-0.zip
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\PiccShare
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\Common
2013-07-20 18:31 - 2006-11-02 13:18 - 00000000 ___RD C:\Users\Public
2013-07-20 18:30 - 2013-07-20 18:29 - 00393064 _____ (Softonic ) C:\Users\Olaf\Downloads\SoftonicDownloader_fuer_kaspersky-tdsskiller.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-05 21:49
==================== End Of Log ============================
--- --- --- --- --- --- PC hat sich gerade wieder verabschiedet, die Fehlermeldung lautet: Code:
ATTFilter Problemsignatur:
Problemereignisname: BlueScreen
Betriebsystemversion: 6.0.6002.2.2.0.768.3
Gebietsschema-ID: 1031
Zusatzinformationen zum Problem:
BCCode: 124
BCP1: 00000000
BCP2: 900FC3F0
BCP3: F2000040
BCP4: 00000800
OS Version: 6_0_6002
Service Pack: 2_0
Product: 768_1
Dateien, die bei der Beschreibung des Problems hilfreich sind:
C:\Windows\Minidump\Mini080513-01.dmp
C:\Users\Olaf\AppData\Local\Temp\WER-177014-0.sysdata.xml
C:\Users\Olaf\AppData\Local\Temp\WERCA.tmp.version.txt
Lesen Sie unsere Datenschutzrichtlinie:
hxxp://go.microsoft.com/fwlink/?linkid=50163&clcid=0x0407
|
|
06.08.2013, 16:21
| #24 |
| /// the machine /// TB-Ausbilder | tcbhn wurde beendet Das AV Programm. Die sorgen oft für Stress. Wenn Du das bezahlt hast bekommste auch nen Schlüssel, neu kaufen brauchst nit, gibt dutzend Freeware-Alternativen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.08.2013, 20:26
| #25 |
| | tcbhn wurde beendet Welches Av kannst du empfehlen ? |
|
07.08.2013, 10:26
| #26 |
| /// the machine /// TB-Ausbilder | tcbhn wurde beendet Emsisoft oder Avast
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
10.08.2013, 16:02
| #27 |
| | tcbhn wurde beendet Emsisoft ist installiert und Googlecrome als neuer Browser! Ich kann immer noch nicht runterfahren oder neustarten. Und Programme frieren immer noch ab und an ein. :-( Was kann ich noch machen? ein frisches FRST FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-07-2013 (ATTENTION: FRST version is 20 days old)
Ran by Olaf (administrator) on 10-08-2013 17:05:12
Running from C:\Users\Olaf\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Emsisoft GmbH) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(InterVideo Inc.) C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
() C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
(Microsoft Corporation) C:\Windows\ehome\ehRecvr.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
(Hewlett-Packard Company) c:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
() C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Iminent) C:\Program Files\Common Files\Umbrella\umbrella.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Hewlett-Packard Company) C:\hp\support\hpsysdrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
() C:\Program Files\Steganos Safe Home\SteganosHotKeyService.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\tv_w32.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Hewlett-Packard Company) C:\hp\kbd\kbd.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\sdclt.exe
==================== Registry (Whitelisted) ==================
MountPoints2: {f75312be-89cf-11de-a996-001a92486b3f} - J:\Menu.exe
HKU\IUSR_NMPR\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [ 2008-01-18] (Microsoft Corporation)
HKU\IUSR_NMPR\...\Run: [ICQ] - "C:\Program Files\ICQ6\ICQ.exe" silent [x]
HKU\IUSR_NMPR\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [x]
HKU\IUSR_NMPR\...\RunOnce: [ICQ Lite] - C:\Program Files\ICQLite\ICQLite.exe -trayboot [x]
HKU\IUSR_NMPR\...\RunOnce: [DATA BECKER Registrierung] - "C:\Program Files\Internet Explorer\Iexplore.exe" C:\Program Files\DATA BECKER\Visitenkarten-Druckerei 10\Support\Online\index.htm [x]
==================== Internet (Whitelisted) ====================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=71&bd=Pavilion&pf=desktop
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=71&bd=Pavilion&pf=desktop
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {99BF4F38-A3A2-412A-996F-AAD9A3406746} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06
SearchScopes: HKCU - {639C8579-AFEB-4039-886E-D4B7612A0244} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=YYYYYYYYDE&apn_uid=E918B100-3F16-4AFE-9A56-655241D70738&apn_sauid=FA585939-A01E-4CF2-B412-32F822B64359
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Super Lyrics - {30B87EBD-E91B-498B-B25D-DF116AF00393} - C:\Program Files\Super_Lyrics\125.dll (Super Add-on Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Super Lyrics - {B9020890-9E08-446B-87B0-0C5CD0436D86} - C:\Program Files\Super_Lyrics\116.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU -&Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value -
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default
FF user.js: detected! => C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\user.js
FF SelectedSearchEngine: Google.de
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/JavaPlugin,version=10.11.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.0.282 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/npracplug;version=1.0.0.0 - C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.0.282 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @phonostar.de/radio ffn Rekorder - C:\Program Files\radio ffn Rekorder\npphonostarDetectNP.dll ( )
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Olaf\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\searchplugins\googlede-pws.xml
FF SearchPlugin: C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\searchplugins\googlede.xml
FF Extension: No Name - C:\Users\Olaf\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: No Name - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com
FF Extension: No Name - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\plugin@starstable.com
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: ciuvo-extension - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\ciuvo-extension@icq.de.xpi
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKCU\...\Firefox\Extensions: [{F7EC2BAD-F77B-4020-B3C6-58B97D0859E5}] C:\Program Files\Super_Lyrics\125.xpi
FF Extension: No Name - C:\Program Files\Super_Lyrics\125.xpi
Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Shockwave for Director) - C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (RealArcade Mozilla Plugin) - C:\Program Files\Mozilla Firefox\plugins\npracplug.dll (RealNetworks)
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpplugin.dll (RealPlayer)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U11) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (phonostar Detector) - C:\Program Files\radio ffn Rekorder\npphonostarDetectNP.dll ( )
CHR Plugin: (RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Olaf\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Docs) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
CHR Extension: (Google Drive) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (Super Lyrics) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjcnjlaajofpendibcoodneacalfho\1.125_0
CHR Extension: (YouTube) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (RealDownloader) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.0_0
CHR Extension: (Gmail) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [bgnjcnjlaajofpendibcoodneacalfho] - C:\Program Files\Super_Lyrics\125.crx
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
========================== Services (Whitelisted) =================
R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [2938408 2013-07-02] (Emsisoft GmbH)
S3 AlertService; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [188416 2006-09-11] (Intel(R) Corporation)
R2 Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
R2 DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [208896 2006-09-03] ()
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG)
S3 FirebirdServerMAGIXInstance; C:\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-08-10] (The Firebird Project)
S2 IntelDHSvcConf; C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe [29696 2006-05-10] (Intel(R) Corporation)
S3 ISSM; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [75264 2006-09-11] (Intel(R) Corporation)
S3 M1 Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [26624 2006-09-01] ()
S3 MCLServiceATL; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [167936 2006-09-11] (Intel(R) Corporation)
R2 OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
S3 Remote UI Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [544256 2006-09-11] (Intel(R) Corporation)
R2 SProtection; C:\Program Files\Common Files\Umbrella\umbrella.exe [2864448 2013-08-05] (Iminent)
S3 stllssvr; "c:\Program Files\Common Files\SureThing Shared\stllssvr.exe" [x]
==================== Drivers (Whitelisted) ====================
S3 a2acc; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys [54072 2012-04-30] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys [22056 2013-03-28] (Emsisoft GmbH)
R2 ACEDRV07; C:\Windows\system32\drivers\ACEDRV07.sys [101376 2007-09-27] (Protect Software GmbH)
R3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.)
S3 cleanhlp; C:\Program Files\Emsisoft Anti-Malware\cleanhlp32.sys [50208 2013-07-02] (Emsisoft GmbH)
R3 pfc; C:\Windows\System32\drivers\pfc.sys [21248 2003-09-20] (Padus, Inc.)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [90536 2008-05-27] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [15016 2008-05-27] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [122152 2008-05-27] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [115496 2008-05-27] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [25768 2008-05-27] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [111912 2008-05-27] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [117672 2008-05-27] (MCCI Corporation)
R1 SLEE_14_DRIVER; C:\Windows\system32\drivers\Sleen14.sys [72480 2006-11-08] (Softwareentwicklung Remus - ArchiCrypt )
S3 TSHWMDTCP; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys [4608 2006-07-13] ()
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 massfilter; system32\drivers\massfilter.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 ZD1211BU(ZyDAS); system32\DRIVERS\zd1211Bu.sys [x]
S3 ZDPSp60; System32\Drivers\ZDPSp60.sys [x]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-10 14:37 - 2013-08-10 14:37 - 00000850 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2013-08-10 14:35 - 2013-08-10 15:24 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware
2013-08-10 14:35 - 2013-08-10 14:35 - 00001933 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-08-10 14:35 - 2013-08-10 14:35 - 00000000 ____D C:\Users\Olaf\Downloads\Documents\Anti-Malware
2013-08-10 14:30 - 2013-08-10 14:34 - 187662064 _____ (Emsisoft GmbH ) C:\Users\Olaf\Downloads\EmsisoftAntiMalwareSetup.exe
2013-08-05 22:38 - 2013-08-05 22:38 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\Iminent
2013-08-05 22:38 - 2013-08-05 22:38 - 00000000 ____D C:\ProgramData\Iminent
2013-08-05 22:20 - 2013-08-05 22:20 - 00000611 _____ C:\Windows\system32\InstallUtil.InstallLog
2013-08-05 22:19 - 2013-08-10 10:21 - 00000000 ____D C:\Program Files\Common Files\Umbrella
2013-08-05 22:19 - 2013-08-05 22:20 - 00000000 ____D C:\Program Files\Iminent
2013-08-05 22:13 - 2013-08-05 22:13 - 00288672 _____ C:\Users\Olaf\Downloads\Adobe%20Reader.exe
2013-08-05 22:11 - 2013-08-05 22:11 - 03400936 _____ C:\Users\Olaf\Downloads\installer_pdf_reader_Deutsch.exe
2013-08-05 21:31 - 2013-08-05 21:31 - 00155712 _____ C:\Windows\Minidump\Mini080513-01.dmp
2013-07-31 17:59 - 2013-07-31 17:59 - 00000207 _____ C:\Windows\tweaking.com-regbackup-OLAF-PC-Microsoft®-Windows-Vista™-Home-Premium-(32-Bit).dat
2013-07-31 17:57 - 2013-07-31 17:57 - 00000000 ____D C:\RegBackup
2013-07-30 15:50 - 2013-08-05 21:27 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-07-30 15:49 - 2011-10-24 13:35 - 00000000 ____D C:\Users\Olaf\Downloads\Tweaking.com - Windows Repair
2013-07-30 15:47 - 2013-07-30 15:47 - 00000000 ____D C:\Users\Olaf\Desktop\tweaking.com_windows_repair_aio
2013-07-30 15:45 - 2013-07-30 15:45 - 00000000 ____D C:\Users\Olaf\Downloads\tweaking.com_windows_repair_aio
2013-07-30 15:40 - 2013-07-30 15:40 - 03517580 _____ C:\Users\Olaf\Downloads\tweaking.com_windows_repair_aio.zip
2013-07-30 15:34 - 2013-07-30 15:34 - 00139496 _____ C:\Windows\Minidump\Mini073013-01.dmp
2013-07-24 17:24 - 2013-07-24 17:24 - 00448512 _____ (OldTimer Tools) C:\Users\Olaf\Desktop\TFC.exe
2013-07-23 21:19 - 2013-07-23 21:19 - 00891062 _____ C:\Users\Olaf\Desktop\SecurityCheck.exe
2013-07-23 20:31 - 2013-07-23 20:31 - 02347384 _____ (ESET) C:\Users\Olaf\Downloads\esetsmartinstaller_enu.exe
2013-07-23 18:43 - 2013-07-23 18:43 - 00000000 ____D C:\2e25bc9a05b08dace7427c46ed41c1
2013-07-23 18:36 - 2013-07-23 18:36 - 00377856 _____ C:\Users\Olaf\Desktop\gmer_2.1.19163.exe
2013-07-23 18:34 - 2013-07-23 18:34 - 00602112 _____ (OldTimer Tools) C:\Users\Olaf\Desktop\OTL.exe
2013-07-23 18:18 - 2013-07-22 20:26 - 01219874 _____ (Farbar) C:\Users\Olaf\Desktop\FRST.exe
2013-07-23 18:09 - 2013-07-23 18:09 - 00155632 _____ C:\Windows\Minidump\Mini072313-01.dmp
2013-07-23 16:25 - 2013-07-23 16:25 - 00000000 ____D C:\Windows\ERUNT
2013-07-23 16:21 - 2013-07-23 16:21 - 00560934 _____ (Oleg N. Scherbakov) C:\Users\Olaf\Desktop\JRT.exe
2013-07-23 15:32 - 2013-07-23 15:38 - 00030353 _____ C:\AdwCleaner[S1].txt
2013-07-23 15:32 - 2013-07-23 15:38 - 00000105 _____ C:\Windows\DeleteOnReboot.bat
2013-07-23 15:27 - 2013-07-23 15:28 - 00031376 _____ C:\AdwCleaner[R1].txt
2013-07-23 15:14 - 2013-07-23 15:14 - 00666633 _____ C:\Users\Olaf\Desktop\adwcleaner.exe
2013-07-23 15:09 - 2013-07-23 15:09 - 00000000 ____D C:\Program Files\Super_Lyrics
2013-07-22 23:36 - 2013-07-22 23:36 - 00000853 _____ C:\Users\Olaf\Desktop\ComboFix(1) - Verknüpfung.lnk
2013-07-22 23:27 - 2013-07-22 23:28 - 05091940 _____ (Swearware) C:\Users\Olaf\Downloads\ComboFix.exe
2013-07-22 22:10 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-07-22 22:10 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-07-22 22:10 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-07-22 22:07 - 2013-07-22 22:09 - 00000000 ____D C:\Qoobox
2013-07-22 22:03 - 2013-07-22 22:03 - 00000000 ____D C:\Windows\erdnt
2013-07-22 22:02 - 2013-07-22 23:56 - 00000000 ___SD C:\32788R22FWJFW
2013-07-22 21:07 - 2013-05-29 03:56 - 12333568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-22 21:07 - 2013-05-29 03:50 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-22 21:07 - 2013-05-29 03:48 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-22 21:07 - 2013-05-29 03:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-22 21:07 - 2013-05-29 03:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-22 21:07 - 2013-05-29 03:41 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-22 21:07 - 2013-05-29 03:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-22 21:07 - 2013-05-29 03:38 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-22 21:07 - 2013-05-29 03:37 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-22 21:07 - 2013-05-29 03:36 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-22 21:07 - 2013-05-29 03:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-22 21:07 - 2013-05-29 03:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-22 21:07 - 2013-05-29 03:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-22 21:07 - 2013-05-29 03:33 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-22 21:07 - 2013-05-29 03:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-22 21:07 - 2013-05-29 03:29 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-22 21:06 - 2013-07-22 21:06 - 00050477 _____ C:\Users\Olaf\Downloads\Defogger.exe
2013-07-22 20:34 - 2013-07-22 20:34 - 00000000 ____D C:\FRST
2013-07-20 23:19 - 2013-07-20 23:19 - 00156160 _____ C:\Windows\Minidump\Mini072013-02.dmp
2013-07-20 23:16 - 2013-08-10 16:50 - 00000374 _____ C:\Windows\Tasks\Super Lyrics Update.job
2013-07-20 22:49 - 2013-07-20 22:49 - 00001991 _____ C:\Users\Olaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
2013-07-20 19:31 - 2013-07-20 19:32 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-20 19:22 - 2013-04-17 14:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-07-20 19:20 - 2013-06-04 03:50 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-20 19:20 - 2013-05-08 06:37 - 00905576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-07-20 19:19 - 2013-06-01 06:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-20 19:19 - 2013-05-03 00:03 - 03603832 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-07-20 19:19 - 2013-05-03 00:03 - 03551096 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-07-20 19:19 - 2013-05-02 06:04 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-07-20 19:19 - 2013-05-02 06:03 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\printcom.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00985600 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2013-07-20 19:19 - 2013-04-24 03:46 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-07-20 19:19 - 2013-04-17 13:28 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-07-20 19:19 - 2013-04-17 13:28 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-07-20 19:19 - 2013-04-17 13:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-07-20 19:19 - 2013-04-17 13:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-07-20 19:19 - 2013-04-17 12:34 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-07-20 19:19 - 2013-04-17 12:33 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-07-20 19:19 - 2013-04-17 12:14 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-07-20 19:19 - 2013-04-17 12:10 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-20 19:19 - 2013-04-17 12:10 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-07-20 19:18 - 2013-05-08 06:04 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-20 18:51 - 2013-07-20 18:51 - 00160000 _____ C:\Windows\Minidump\Mini072013-01.dmp
2013-07-20 18:37 - 2013-08-10 16:50 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-20 18:37 - 2013-08-10 15:47 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-20 18:32 - 2013-07-20 18:32 - 02195988 _____ C:\Users\Olaf\Desktop\tdsskiller-2-8-14-0.zip
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\PiccShare
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\Common
2013-07-20 18:29 - 2013-07-20 18:30 - 00393064 _____ (Softonic ) C:\Users\Olaf\Downloads\SoftonicDownloader_fuer_kaspersky-tdsskiller.exe
==================== One Month Modified Files and Folders =======
2013-08-10 17:04 - 2007-04-02 16:15 - 00000000 ___RD C:\Users\Olaf\Desktop
2013-08-10 16:57 - 2006-11-02 12:33 - 01586480 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-10 16:53 - 2012-04-25 14:17 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-10 16:53 - 2011-12-12 16:11 - 01734657 _____ C:\Windows\WindowsUpdate.log
2013-08-10 16:50 - 2013-07-20 23:16 - 00000374 _____ C:\Windows\Tasks\Super Lyrics Update.job
2013-08-10 16:50 - 2013-07-20 18:37 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-10 16:50 - 2008-01-08 16:06 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-10 16:50 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-10 16:50 - 2006-11-02 14:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-10 16:50 - 2006-11-02 14:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-10 16:50 - 2006-11-02 14:37 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-08-10 15:47 - 2013-07-20 18:37 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-10 15:24 - 2013-08-10 14:35 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware
2013-08-10 15:23 - 2013-04-10 15:28 - 00006374 _____ C:\Windows\PFRO.log
2013-08-10 15:09 - 2011-11-23 21:41 - 00001134 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1566220321-2446519374-2048356015-1001UA.job
2013-08-10 15:09 - 2011-11-23 21:41 - 00001112 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1566220321-2446519374-2048356015-1001Core.job
2013-08-10 14:37 - 2013-08-10 14:37 - 00000850 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2013-08-10 14:37 - 2006-11-02 13:18 - 00000000 __RHD C:\Users\Public\Desktop
2013-08-10 14:35 - 2013-08-10 14:35 - 00001933 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-08-10 14:35 - 2013-08-10 14:35 - 00000000 ____D C:\Users\Olaf\Downloads\Documents\Anti-Malware
2013-08-10 14:34 - 2013-08-10 14:30 - 187662064 _____ (Emsisoft GmbH ) C:\Users\Olaf\Downloads\EmsisoftAntiMalwareSetup.exe
2013-08-10 14:34 - 2007-01-20 20:04 - 00000000 ____D C:\Program Files\Google
2013-08-10 11:56 - 2007-06-27 14:40 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-08-10 10:21 - 2013-08-05 22:19 - 00000000 ____D C:\Program Files\Common Files\Umbrella
2013-08-05 22:38 - 2013-08-05 22:38 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\Iminent
2013-08-05 22:38 - 2013-08-05 22:38 - 00000000 ____D C:\ProgramData\Iminent
2013-08-05 22:20 - 2013-08-05 22:20 - 00000611 _____ C:\Windows\system32\InstallUtil.InstallLog
2013-08-05 22:20 - 2013-08-05 22:19 - 00000000 ____D C:\Program Files\Iminent
2013-08-05 22:16 - 2007-04-12 17:11 - 00000000 ____D C:\Users\Olaf\AppData\Local\Adobe
2013-08-05 22:13 - 2013-08-05 22:13 - 00288672 _____ C:\Users\Olaf\Downloads\Adobe%20Reader.exe
2013-08-05 22:11 - 2013-08-05 22:11 - 03400936 _____ C:\Users\Olaf\Downloads\installer_pdf_reader_Deutsch.exe
2013-08-05 21:35 - 2007-04-02 16:27 - 00146568 _____ C:\Users\Olaf\AppData\Local\GDIPFONTCACHEV1.DAT
2013-08-05 21:32 - 2006-11-02 14:47 - 00443208 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-05 21:31 - 2013-08-05 21:31 - 00155712 _____ C:\Windows\Minidump\Mini080513-01.dmp
2013-08-05 21:31 - 2013-04-13 13:15 - 295539634 _____ C:\Windows\MEMORY.DMP
2013-08-05 21:31 - 2009-05-13 17:54 - 00000000 ____D C:\Windows\Minidump
2013-08-05 21:27 - 2013-07-30 15:50 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-08-03 14:48 - 2007-07-10 16:43 - 03716436 _____ C:\Users\Mariessa\01 Heul Doch.wma
2013-07-31 17:59 - 2013-07-31 17:59 - 00000207 _____ C:\Windows\tweaking.com-regbackup-OLAF-PC-Microsoft®-Windows-Vista™-Home-Premium-(32-Bit).dat
2013-07-31 17:57 - 2013-07-31 17:57 - 00000000 ____D C:\RegBackup
2013-07-30 15:47 - 2013-07-30 15:47 - 00000000 ____D C:\Users\Olaf\Desktop\tweaking.com_windows_repair_aio
2013-07-30 15:45 - 2013-07-30 15:45 - 00000000 ____D C:\Users\Olaf\Downloads\tweaking.com_windows_repair_aio
2013-07-30 15:40 - 2013-07-30 15:40 - 03517580 _____ C:\Users\Olaf\Downloads\tweaking.com_windows_repair_aio.zip
2013-07-30 15:34 - 2013-07-30 15:34 - 00139496 _____ C:\Windows\Minidump\Mini073013-01.dmp
2013-07-24 17:24 - 2013-07-24 17:24 - 00448512 _____ (OldTimer Tools) C:\Users\Olaf\Desktop\TFC.exe
2013-07-24 00:16 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-07-23 21:19 - 2013-07-23 21:19 - 00891062 _____ C:\Users\Olaf\Desktop\SecurityCheck.exe
2013-07-23 20:31 - 2013-07-23 20:31 - 02347384 _____ (ESET) C:\Users\Olaf\Downloads\esetsmartinstaller_enu.exe
2013-07-23 18:43 - 2013-07-23 18:43 - 00000000 ____D C:\2e25bc9a05b08dace7427c46ed41c1
2013-07-23 18:36 - 2013-07-23 18:36 - 00377856 _____ C:\Users\Olaf\Desktop\gmer_2.1.19163.exe
2013-07-23 18:34 - 2013-07-23 18:34 - 00602112 _____ (OldTimer Tools) C:\Users\Olaf\Desktop\OTL.exe
2013-07-23 18:09 - 2013-07-23 18:09 - 00155632 _____ C:\Windows\Minidump\Mini072313-01.dmp
2013-07-23 17:52 - 2007-04-02 21:35 - 00000000 ____D C:\Users\Olaf\AppData\Local\Google
2013-07-23 17:38 - 2008-07-29 10:55 - 00000000 ____D C:\Users\Gast\Desktop
2013-07-23 17:38 - 2007-05-12 17:08 - 00000000 ____D C:\Program Files\InterActual
2013-07-23 17:38 - 2007-01-20 19:54 - 00000000 ___RD C:\Users\IUSR_NMPR\Desktop
2013-07-23 17:37 - 2011-05-03 15:47 - 00000000 ____D C:\Program Files\Medion GoPal Assistant
2013-07-23 17:22 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-07-23 16:25 - 2013-07-23 16:25 - 00000000 ____D C:\Windows\ERUNT
2013-07-23 16:21 - 2013-07-23 16:21 - 00560934 _____ (Oleg N. Scherbakov) C:\Users\Olaf\Desktop\JRT.exe
2013-07-23 15:38 - 2013-07-23 15:32 - 00030353 _____ C:\AdwCleaner[S1].txt
2013-07-23 15:38 - 2013-07-23 15:32 - 00000105 _____ C:\Windows\DeleteOnReboot.bat
2013-07-23 15:33 - 2013-01-27 13:53 - 00000000 ____D C:\ProgramData\GinyasBrowserCompanion
2013-07-23 15:28 - 2013-07-23 15:27 - 00031376 _____ C:\AdwCleaner[R1].txt
2013-07-23 15:23 - 2006-11-02 15:01 - 00032636 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-23 15:14 - 2013-07-23 15:14 - 00666633 _____ C:\Users\Olaf\Desktop\adwcleaner.exe
2013-07-23 15:09 - 2013-07-23 15:09 - 00000000 ____D C:\Program Files\Super_Lyrics
2013-07-23 00:21 - 2007-01-20 19:51 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-07-22 23:56 - 2013-07-22 22:02 - 00000000 ___SD C:\32788R22FWJFW
2013-07-22 23:36 - 2013-07-22 23:36 - 00000853 _____ C:\Users\Olaf\Desktop\ComboFix(1) - Verknüpfung.lnk
2013-07-22 23:28 - 2013-07-22 23:27 - 05091940 _____ (Swearware) C:\Users\Olaf\Downloads\ComboFix.exe
2013-07-22 23:14 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2013-07-22 23:14 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2013-07-22 22:09 - 2013-07-22 22:07 - 00000000 ____D C:\Qoobox
2013-07-22 22:03 - 2013-07-22 22:03 - 00000000 ____D C:\Windows\erdnt
2013-07-22 21:06 - 2013-07-22 21:06 - 00050477 _____ C:\Users\Olaf\Downloads\Defogger.exe
2013-07-22 20:50 - 2012-11-06 23:48 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-22 20:45 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-22 20:34 - 2013-07-22 20:34 - 00000000 ____D C:\FRST
2013-07-22 20:26 - 2013-07-23 18:18 - 01219874 _____ (Farbar) C:\Users\Olaf\Desktop\FRST.exe
2013-07-20 23:25 - 2013-04-13 03:02 - 00000796 _____ C:\Windows\setupact.log
2013-07-20 23:19 - 2013-07-20 23:19 - 00156160 _____ C:\Windows\Minidump\Mini072013-02.dmp
2013-07-20 22:49 - 2013-07-20 22:49 - 00001991 _____ C:\Users\Olaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
2013-07-20 19:32 - 2013-07-20 19:31 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-20 18:56 - 2012-04-25 14:17 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-07-20 18:56 - 2011-08-28 08:50 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-07-20 18:51 - 2013-07-20 18:51 - 00160000 _____ C:\Windows\Minidump\Mini072013-01.dmp
2013-07-20 18:32 - 2013-07-20 18:32 - 02195988 _____ C:\Users\Olaf\Desktop\tdsskiller-2-8-14-0.zip
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\PiccShare
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\Common
2013-07-20 18:31 - 2006-11-02 13:18 - 00000000 ___RD C:\Users\Public
2013-07-20 18:30 - 2013-07-20 18:29 - 00393064 _____ (Softonic ) C:\Users\Olaf\Downloads\SoftonicDownloader_fuer_kaspersky-tdsskiller.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-10 16:56
==================== End Of Log ============================
Gruß Tanja |
|
10.08.2013, 21:24
| #28 | |
| /// the machine /// TB-Ausbilder | tcbhn wurde beendetZitat:
. Beschreib das mal bitte genauer.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
10.08.2013, 22:58
| #29 |
| | tcbhn wurde beendet Beim arbeiten in verschiedene Programmen z.B. Windows mediaplayer bleibt der Bildschirm stehen und es passiert nichts mehr. Dann Schalte ich den Computer am Schalter aus. Beim erneuten hochfahren kommt ein schwarzes Bild, wo ich den Pc aus dem normalen Modus starte. Wenn ich den Broser beenden möchte friert er wieder ein. Wenn ich keinen Browser geöffnet habe und den Pc herrunterfahren will, friert er wieder ein. Auch wenn ich mal den 20 bis 30 Min nicht am Rechner bin, habe ich nur noch ein schwarzes Bild und nichts geht mehr. Ich beende den Pc ausschliesslich mit dem Schalter. Ich weiss nicht wie lange der Pc das noch aushält? |
|
11.08.2013, 08:21
| #30 |
| /// the machine /// TB-Ausbilder | tcbhn wurde beendet Ich hab glaub schonmal gefragt, aber hast Du ne DVD von Windows? Das klingt so als müsste man ne Rep-Install machen. Öffne bitte mal FRST, setz nen Haken bei Addditional und scanne, poste beide Logfiles.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu tcbhn wurde beendet |
| beendet, bild, computer, erhalte, fehler, firefox, fotogalerie, funktioniert, funktioniert nicht, funktioniert nicht mehr, jahre, kaspersky, kostenlose, medion, meldung, neu, nicht mehr, nichts, picasa, probleme, runter, schließe, schwarzes, schwere, sieben, tdss, version, virus, vista, weißer, windows, zeitlupe |
Linear-Darstellung
