| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Trojaner eingefangen: TR/Crypt-XPACK.Gen und noch mehr?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
02.10.2013, 15:02
| #1 |
| |  Trojaner eingefangen: TR/Crypt-XPACK.Gen und noch mehr? Ja alles hat damit angefangen, dass ich das Skype nicht mehr öffnen konnte irgendwie war die exe-Datei weg, ich hab versucht Skype neu zu installieren und dann hat mein Avira immer beim installieren losgepiepst und diese Meldung losgelassen: TR/Crypt-XPACK.Gen gefunden Dann hab ichs immer in Quarantäne verschoben, aber ich kann Skype trotzdem nicht mehr installieren. Und auch andere Sachen sind komisch... Ich habe einen bißchen älteren Laptop, der arbeitet mit Windows XP, das Windows Service Center ist seit Jahren bei mir einfach ausgeschalten, weils mir auf dir Nerven geht. Ich kann z.B. das Avira nicht wirklich updaten, weil dann immer eine Fehlermeldung kommt. Ich verwende seit 2 Wochen eine für meinen Computer neue, türkische Internetverbindung. Einige Dinge funktionieren hier irgendwie anders, oder langsamer, ich hab das Gefühl das im Hintergrund irgendwelche Prozesse ablaufen. Könnt ihr mir vielleicht helfen? Zumindest mal diese Trojaner loszuwerden, damit ich wieder skypen kann... Sonst is mir das alles meistens ziemlich egal, ich hab ohnehin das Gefühl, dass beim Sicherheitsstatus meines Computers jeder alles lesen kann... Aber dieser Umgang ist vielleicht auch nicht der gscheiteste... Vielen lieben Dank!!! hier die logs: frst: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-09-2013 01 Ran by Andrea (administrator) on ANDREABOOKI on 02-10-2013 16:19:03 Running from C:\Dokumente und Einstellungen\Andrea\Desktop Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: German Standard Internet Explorer Version 6 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (Sygate Technologies, Inc.) C:\Programme\Sygate\SPF\smc.exe (Lexmark International, Inc.) C:\WINDOWS\system32\LEXBCES.EXE (Lexmark International, Inc.) C:\WINDOWS\system32\LEXPPS.EXE (Avira GmbH) C:\Programme\Avira\AntiVir Desktop\sched.exe (Synaptics, Inc.) C:\Programme\Synaptics\SynTP\SynTPEnh.exe (Hewlett-Packard Development Company, L.P.) C:\Programme\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Analog Devices, Inc.) C:\Programme\Analog Devices\Core\smax4pnp.exe (Intel Corporation) C:\WINDOWS\system32\igfxtray.exe (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe (Avira GmbH) C:\Programme\Avira\AntiVir Desktop\avgnt.exe (mquadr.at software engineering and consulting GmbH, web: www.mquadr.at, mail: office@mquadr.at) C:\Programme\A1\A1 Webassistent\A1Webassistent.exe (Adobe Systems Incorporated) C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Spigot, Inc.) C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\SearchSettings.exe (Sun Microsystems, Inc.) C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe () C:\Programme\IVT Corporation\BlueSoleil\BtTray.exe (SAMSUNG ELECTRONICS) C:\Programme\Samsung\EmoDio\SMSTray.exe (Nero AG) C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe (Microsoft Corporation) C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE (McAfee, Inc.) C:\Programme\McAfee Security Scan\3.0.318\SSScheduler.exe () C:\Programme\Office-Bibliothek\PCLib.exe () C:\WINDOWS\system32\txtuser.exe (Mozilla Corporation) C:\Programme\Mozilla Firefox\firefox.exe (Agere Systems) C:\WINDOWS\system32\agrsmsvc.exe (Avira GmbH) C:\Programme\Avira\AntiVir Desktop\avguard.exe (Spigot, Inc.) C:\Programme\Application Updater\ApplicationUpdater.exe (Avira GmbH) C:\Programme\Avira\AntiVir Desktop\avshadow.exe () C:\Programme\IVT Corporation\BlueSoleil\BlueSoleilCS.exe () C:\Programme\IVT Corporation\BlueSoleil\BsMobileCS.exe (Oracle Corporation) C:\Programme\Java\jre7\bin\jqs.exe (Nero AG) C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe (Prolific Technology Inc.) C:\WINDOWS\system32\IoctlSvc.exe (Hewlett-Packard Development Company, L.P.) C:\Programme\Hewlett-Packard\Shared\hpqwmiex.exe (Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe () C:\Programme\IVT Corporation\BlueSoleil\BsHelpCS.exe (Nero AG) C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe (Microsoft Corporation) C:\WINDOWS\System32\wbem\unsecapp.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [SynTPEnh] - C:\Programme\Synaptics\SynTP\SynTPEnh.exe [1040384 2008-03-27] (Synaptics, Inc.) HKLM\...\Run: [hpWirelessAssistant] - C:\Programme\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752 2008-04-15] (Hewlett-Packard Development Company, L.P.) HKLM\...\Run: [Cpqset] - C:\Programme\Hewlett-Packard\Default Settings\cpqset.exe [61440 2008-05-14] () HKLM\...\Run: [SoundMAXPnP] - C:\Programme\Analog Devices\Core\smax4pnp.exe [872448 2007-01-05] (Analog Devices, Inc.) HKLM\...\Run: [SoundMAX] - C:\Programme\Analog Devices\SoundMAX\Smax4.exe [729088 2006-07-13] (Analog Devices, Inc.) HKLM\...\Run: [HotKeysCmds] - C:\WINDOWS\system32\hkcmd.exe [ ] () HKLM\...\Run: [SmcService] - C:\PROGRA~1\Sygate\SPF\smc.exe [2372760 2004-02-24] (Sygate Technologies, Inc.) HKLM\...\Run: [NeroFilterCheck] - C:\Programme\Gemeinsame Dateien\Nero\Lib\NeroCheck.exe [570664 2008-02-28] (Nero AG) HKLM\...\Run: [NBKeyScan] - C:\Programme\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2221352 2008-02-18] (Nero AG) HKLM\...\Run: [avgnt] - C:\Programme\Avira\AntiVir Desktop\avgnt.exe [281768 2011-05-15] (Avira GmbH) HKLM\...\Run: [QuickTime Task] - C:\Programme\QuickTime\qttask.exe [98304 2010-02-02] (Apple Computer, Inc.) HKLM\...\Run: [A1Webassistent] - C:\Programme\A1\A1 Webassistent\A1Webassistent.exe [18477432 2011-05-27] (mquadr.at software engineering and consulting GmbH, web: www.mquadr.at, mail: office@mquadr.at) HKLM\...\Run: [Adobe ARM] - C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [] - [x] HKLM\...\Run: [SearchSettings] - C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\SearchSettings.exe [1088904 2012-06-13] (Spigot, Inc.) HKLM\...\Run: [SunJavaUpdateSched] - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.) HKLM\...\Run: [BluetoothAuthenticationAgent] - rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent HKLM\...\Run: [BtTray] - C:\Programme\IVT Corporation\BlueSoleil\BtTray.exe [229888 2008-07-09] () HKLM\...\Run: [SMSTray] - C:\Programme\Samsung\EmoDio\SMSTray.exe [479232 2009-10-08] (SAMSUNG ELECTRONICS) HKCU\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe [1828136 2008-02-28] (Nero AG) HKCU\...\Run: [H/PC Connection Agent] - C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE [401493 2003-10-14] (Microsoft Corporation) HKCU\...\Run: [Akamai NetSession Interface] - "C:\Dokumente und Einstellungen\Andrea\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe" MountPoints2: J - J:\AutoRun.exe MountPoints2: {20d44a86-9e01-11df-b50c-0021005b80c3} - F:\AutoRun.exe MountPoints2: {20d44a88-9e01-11df-b50c-0021005b80c3} - F:\AutoRun.exe MountPoints2: {20d44a8a-9e01-11df-b50c-0021005b80c3} - F:\AutoRun.exe MountPoints2: {20d44a8b-9e01-11df-b50c-0021005b80c3} - F:\AutoRun.exe MountPoints2: {6e7b7ace-22eb-11e2-b6d8-001b100004e7} - F:\USBAutoRun.exe MountPoints2: {e0c8f3a0-216e-11e0-b5a3-0021005b80c3} - F:\AutoRun.exe MountPoints2: {e0c8f3a1-216e-11e0-b5a3-0021005b80c3} - J:\AutoRun.exe HKU\Default User\...\RunOnce: [NeroHomeFirstStart] - C:\Programme\Gemeinsame Dateien\Nero\Lib\NMFirstStart.exe [ 2008-02-28] (Nero AG) Lsa: [Authentication Packages] msv1_0 nwprovau Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Programme\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.) Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Office-Bibliothek-Direktsuche.lnk ShortcutTarget: Office-Bibliothek-Direktsuche.lnk -> C:\Programme\Office-Bibliothek\PCLib.exe () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.telefonica.net HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home URLSearchHook: ATTENTION ==> Default URLSearchHook is missing. URLSearchHook: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\5.9\pdfforgeToolbarIE.dll (Spigot, Inc.) SearchScopes: HKLM - DefaultScope value is missing. BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Programme\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.) BHO: AC-Pro - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Programme\AutocompletePro\AutocompletePro.dll (SimplyGen) BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\5.9\pdfforgeToolbarIE.dll (Spigot, Inc.) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\5.9\pdfforgeToolbarIE.dll (Spigot, Inc.) Toolbar: HKCU -&Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\System32\browseui.dll (Microsoft Corporation) Toolbar: HKCU - No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler: mctp - {d7b95390-b1c5-11d0-b111-0080c712fe82} - C:\Programme\Microsoft ActiveSync\aatp.dll (Microsoft Corporation) Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Dokumente und Einstellungen\Andrea\Anwendungsdaten\Mozilla\Firefox\Profiles\hno14889.default FF Homepage: hxxp://www.meduniwien.ac.at/index.php?id=92&content_id=sg/20/2023/6422.php|https://www.meduniwien.ac.at/sg/files/secure/16/323/einfuehrung_in_die_kommunikation_(hladschik-kermer).pdf|https://www.meduniwien.ac.at/sg/files/secure/16/323/psychologie-block1-lernunterlagensw.pdf|https://www.meduniwien.ac.at/sg/files/16/323/01_b_1_allg_anat_2_07..pdf FF Keyword.URL: hxxp://at.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=827316&p= FF NetworkProxy: "ftp", "journals.meduniwien.ac.at" FF NetworkProxy: "ftp_port", 3128 FF NetworkProxy: "gopher", "journals.meduniwien.ac.at" FF NetworkProxy: "gopher_port", 3128 FF NetworkProxy: "http", "journals.meduniwien.ac.at" FF NetworkProxy: "http_port", 3128 FF NetworkProxy: "socks", "journals.meduniwien.ac.at" FF NetworkProxy: "socks_port", 3128 FF NetworkProxy: "ssl", "journals.meduniwien.ac.at" FF NetworkProxy: "ssl_port", 3128 FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll () FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.7.2 - C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Programme\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Programme\Microsoft Silverlight\4.0.60129.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @Musicnotes.com/Musicnotes Viewer,version=1.17.3 - C:\Programme\Musicnotes\npmusicn.dll (Musicnotes, Inc.) FF Plugin: @Sibelius.com/Scorch Plugin,version=5.2.5.48 - C:\Programme\Musicnotes\npsibelius.dll () FF Plugin: Adobe Reader - C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Dokumente und Einstellungen\Andrea\Anwendungsdaten\Mozilla\Firefox\Profiles\hno14889.default\searchplugins\youtube-videosuche.xml FF SearchPlugin: C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Programme\mozilla firefox\searchplugins\eBay-de.xml FF SearchPlugin: C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml FF Extension: Ghostery - C:\Dokumente und Einstellungen\Andrea\Anwendungsdaten\Mozilla\Firefox\Profiles\hno14889.default\Extensions\firefox@ghostery.com FF Extension: pdfforge - C:\Dokumente und Einstellungen\Andrea\Anwendungsdaten\Mozilla\Firefox\Profiles\hno14889.default\Extensions\pdfforge@mybrowserbar.com FF Extension: wtxpcom - C:\Dokumente und Einstellungen\Andrea\Anwendungsdaten\Mozilla\Firefox\Profiles\hno14889.default\Extensions\wtxpcom@mybrowserbar.com FF Extension: No Name - C:\Dokumente und Einstellungen\Andrea\Anwendungsdaten\Mozilla\Firefox\Profiles\hno14889.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi FF Extension: Controller - C:\Programme\Mozilla Firefox\extensions\{B0BBFC8E-6697-4D2B-8FC4-B5AD9B3B1F11} FF HKLM\...\Firefox\Extensions: [support@predictad.com] - C:\Programme\AutocompletePro\support@predictad.com FF Extension: No Name - C:\Programme\AutocompletePro\support@predictad.com ========================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Programme\Avira\AntiVir Desktop\sched.exe [136360 2011-05-15] (Avira GmbH) R2 AntiVirService; C:\Programme\Avira\AntiVir Desktop\avguard.exe [269480 2011-05-15] (Avira GmbH) R2 Application Updater; C:\Programme\Application Updater\ApplicationUpdater.exe [792512 2012-06-13] (Spigot, Inc.) R2 BlueSoleilCS; C:\Programme\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [775168 2008-07-09] () R3 BsHelpCS; C:\Programme\IVT Corporation\BlueSoleil\BsHelpCS.exe [69735 2008-06-04] () R2 BsMobileCS; C:\Programme\IVT Corporation\BlueSoleil\BsMobileCS.exe [143467 2008-06-04] () R3 hpqwmiex; C:\Programme\Hewlett-Packard\Shared\hpqwmiex.exe [148832 2008-01-09] (Hewlett-Packard Development Company, L.P.) R2 LexBceS; C:\WINDOWS\system32\LEXBCES.EXE [307200 2003-11-06] (Lexmark International, Inc.) S3 McComponentHostService; C:\Programme\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.) S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [115168 2012-10-13] (Mozilla Foundation) R2 Nero BackItUp Scheduler 3; C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-02-18] (Nero AG) R3 NMIndexingService; C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe [529704 2008-02-28] (Nero AG) R2 NWCWorkstation; C:\Windows\System32\nwwks.dll [65536 2008-04-14] (Microsoft Corporation) S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [89136 2003-07-28] (Microsoft Corporation) S2 SkypeUpdate; C:\Programme\Skype\Updater\Updater.exe [162672 2013-07-25] (Skype Technologies) R2 SmcService; C:\Programme\Sygate\SPF\smc.exe [2372760 2004-02-24] (Sygate Technologies, Inc.) R2 JavaQuickStarterService; "C:\Programme\Java\jre7\bin\jqs.exe" -service -config "C:\Programme\Java\jre7\lib\deploy\jqs\jqs.conf" ==================== Drivers (Whitelisted) ==================== R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [19200 2006-06-09] (SlySoft, Inc.) R1 avgio; C:\Programme\Avira\AntiVir Desktop\avgio.sys [11608 2009-02-13] (Avira GmbH) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [61960 2011-05-15] (Avira GmbH) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137656 2011-05-15] (Avira GmbH) R3 BCM43XX; C:\Windows\System32\DRIVERS\bcmwl5.sys [1287552 2008-10-25] (Broadcom Corporation) R3 BT; C:\Windows\System32\DRIVERS\btnetdrv.sys [14600 2008-01-21] (IVT Corporation.) S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [38920 2008-03-06] (IVT Corporation.) R0 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [21512 2008-01-21] (IVT Corporation.) S3 Dot4Scan; C:\Windows\System32\DRIVERS\Dot4Scan.sys [8704 2001-08-17] (Microsoft Corporation) R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [25160 2007-08-07] (Elaborate Bytes AG) R3 ElbyDelay; C:\Windows\System32\Drivers\ElbyDelay.sys [11984 2007-02-16] (Elaborate Bytes AG) R0 imagedrv; C:\Windows\System32\Drivers\imagedrv.sys [11304 2008-02-18] (Ahead Software AG) R0 imagesrv; C:\Windows\System32\DRIVERS\imagesrv.sys [132904 2008-02-18] (Ahead Software AG) R3 IvtBtBUs; C:\Windows\System32\Drivers\IvtBtBus.sys [26248 2008-01-21] (IVT Corporation.) R3 LgBttPort; C:\Windows\System32\DRIVERS\lgbtport.sys [12160 2009-09-29] (LG Electronics Inc.) R3 lgbusenum; C:\Windows\System32\DRIVERS\lgbtbus.sys [10496 2009-09-29] (LG Electronics Inc.) R3 LGVMODEM; C:\Windows\System32\DRIVERS\lgvmodem.sys [12928 2009-09-29] (LG Electronics Inc.) R2 NwlnkIpx; C:\Windows\System32\DRIVERS\nwlnkipx.sys [88320 2008-04-14] (Microsoft Corporation) R2 NwlnkNb; C:\Windows\System32\DRIVERS\nwlnknb.sys [63232 2001-08-23] (Microsoft Corporation) R2 NwlnkSpx; C:\Windows\System32\DRIVERS\nwlnkspx.sys [55936 2001-08-23] (Microsoft Corporation) R3 NWRDR; C:\Windows\System32\DRIVERS\nwrdr.sys [163584 2008-04-14] (Microsoft Corporation) S3 SONYPVU1; C:\Windows\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation) S4 sptd; C:\Windows\System32\Drivers\sptd.sys [717296 2008-11-10] (Duplex Secure Ltd.) R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2009-05-11] (Avira GmbH) R0 Teefer; C:\Windows\System32\Drivers\Teefer.sys [55891 2004-02-02] (Sygate Technologies, Inc.) S3 usbbus; C:\Windows\System32\DRIVERS\lgusbbus.sys [13056 2009-08-21] (LG Electronics Inc.) S3 UsbDiag; C:\Windows\System32\DRIVERS\lgusbdiag.sys [20864 2009-08-21] (LG Electronics Inc.) S3 USBModem; C:\Windows\System32\DRIVERS\lgusbmodem.sys [24960 2009-08-21] (LG Electronics Inc.) S3 VComm; C:\Windows\System32\DRIVERS\VComm.sys [14856 2008-01-21] (IVT Corporation.) R3 VcommMgr; C:\Windows\System32\Drivers\VcommMgr.sys [29960 2008-01-21] (IVT Corporation.) S3 wceusbsh; C:\Windows\System32\DRIVERS\wceusbsh.sys [37992 2003-10-14] (Microsoft Corporation) R2 wg3n; C:\Windows\SYSTEM32\Drivers\wg3n.sys [11914 2004-02-02] (Sygate Technologies, Inc.) R1 wpsdrvnt; C:\WINDOWS\system32\drivers\wpsdrvnt.sys [18518 2004-02-02] (Sygate Technologies, Inc.) U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [33800 2008-03-06] (IVT Corporation.) S4 IntelIde; No ImagePath U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-10-02 16:18 - 2013-10-02 16:18 - 00000000 ____D C:\FRST 2013-10-02 16:16 - 2013-10-02 16:16 - 01086873 _____ (Farbar) C:\Dokumente und Einstellungen\Andrea\Desktop\FRST.exe 2013-10-02 16:15 - 2013-10-02 16:15 - 00070502 _____ C:\Dokumente und Einstellungen\Andrea\Desktop\69886-alle-hilfesuchenden-eroeffnung-themas-beachten.html 2013-10-02 16:09 - 2013-10-02 16:10 - 00000704 _____ C:\Dokumente und Einstellungen\Andrea\Desktop\defogger_disable.log 2013-10-02 16:09 - 2013-10-02 16:10 - 00000168 _____ C:\Dokumente und Einstellungen\Andrea\defogger_reenable 2013-10-02 16:08 - 2013-10-02 16:08 - 00050477 _____ C:\Dokumente und Einstellungen\Andrea\Desktop\Defogger.exe 2013-09-30 22:13 - 2013-09-30 22:18 - 00088731 _____ C:\Dokumente und Einstellungen\Andrea\Desktop\alles.xspf 2013-09-29 12:26 - 2013-09-29 12:26 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Skype 2013-09-26 11:30 - 2013-09-29 12:12 - 00000000 ____D C:\Dokumente und Einstellungen\Andrea\Desktop\Istanbuldreams ==================== One Month Modified Files and Folders ======= 2013-10-02 16:19 - 2008-10-25 20:33 - 00409222 _____ C:\WINDOWS\WindowsUpdate.log 2013-10-02 16:18 - 2013-10-02 16:18 - 00000000 ____D C:\FRST 2013-10-02 16:16 - 2013-10-02 16:16 - 01086873 _____ (Farbar) C:\Dokumente und Einstellungen\Andrea\Desktop\FRST.exe 2013-10-02 16:15 - 2013-10-02 16:15 - 00070502 _____ C:\Dokumente und Einstellungen\Andrea\Desktop\69886-alle-hilfesuchenden-eroeffnung-themas-beachten.html 2013-10-02 16:12 - 2008-10-25 20:09 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2013-10-02 16:12 - 2008-10-25 19:55 - 00000159 _____ C:\WINDOWS\wiadebug.log 2013-10-02 16:12 - 2008-10-25 19:55 - 00000050 _____ C:\WINDOWS\wiaservc.log 2013-10-02 16:12 - 2008-07-09 20:51 - 00000972 _____ C:\WINDOWS\system32\bscs.ini 2013-10-02 16:11 - 2008-10-25 20:14 - 00000300 ___SH C:\Dokumente und Einstellungen\Andrea\ntuser.ini 2013-10-02 16:11 - 2008-10-25 20:12 - 00032626 _____ C:\WINDOWS\SchedLgU.Txt 2013-10-02 16:10 - 2013-10-02 16:09 - 00000704 _____ C:\Dokumente und Einstellungen\Andrea\Desktop\defogger_disable.log 2013-10-02 16:10 - 2013-10-02 16:09 - 00000168 _____ C:\Dokumente und Einstellungen\Andrea\defogger_reenable 2013-10-02 16:09 - 2008-10-25 20:14 - 00000000 ____D C:\Dokumente und Einstellungen\Andrea 2013-10-02 16:08 - 2013-10-02 16:08 - 00050477 _____ C:\Dokumente und Einstellungen\Andrea\Desktop\Defogger.exe 2013-10-02 15:30 - 2008-12-27 22:31 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype 2013-10-02 15:16 - 2012-10-13 09:03 - 00000000 ____D C:\Programme\Mozilla Firefox 2013-10-02 01:20 - 2010-04-08 20:47 - 00000000 ____D C:\Dokumente und Einstellungen\Andrea\Anwendungsdaten\vlc 2013-10-01 23:29 - 2012-10-16 09:18 - 00004537 _____ C:\WINDOWS\system32\LOCALSERVICE.INI 2013-10-01 23:29 - 2008-10-30 22:33 - 00000069 _____ C:\WINDOWS\NeroDigital.ini 2013-10-01 23:04 - 2012-10-16 09:18 - 00000257 _____ C:\WINDOWS\system32\REMOTEDEVICE.INI 2013-10-01 22:23 - 2012-10-16 09:18 - 00001369 _____ C:\WINDOWS\system32\SHORTCUT.INI 2013-10-01 22:17 - 2012-10-16 09:18 - 00000667 _____ C:\WINDOWS\system32\LOCALDEVICE.INI 2013-10-01 21:57 - 2008-10-25 19:52 - 00983344 _____ C:\WINDOWS\setupapi.log 2013-10-01 21:26 - 2013-02-26 12:25 - 00000000 ____D C:\Dokumente und Einstellungen\Andrea\Desktop\Organmorphologie 2013-10-01 21:24 - 2013-04-22 19:29 - 00000000 ____D C:\Dokumente und Einstellungen\Andrea\Desktop\Istanbul + MED 5-6 2013-10-01 21:14 - 2008-10-27 22:00 - 00000000 ____D C:\Dokumente und Einstellungen\Andrea\Anwendungsdaten\dvdcss 2013-10-01 20:44 - 2012-10-23 09:25 - 00000000 ____D C:\Dokumente und Einstellungen\Andrea\Desktop\KLAXI 2013-10-01 20:37 - 2012-11-12 20:35 - 00000000 ____D C:\Dokumente und Einstellungen\Andrea\Desktop\MED alt 2013-10-01 20:22 - 2009-07-20 22:52 - 00000000 ____D C:\Dokumente und Einstellungen\Andrea\Desktop\private docs 2013-10-01 20:12 - 2001-08-23 18:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl 2013-09-30 22:18 - 2013-09-30 22:13 - 00088731 _____ C:\Dokumente und Einstellungen\Andrea\Desktop\alles.xspf 2013-09-30 18:58 - 2008-10-25 19:52 - 00195803 _____ C:\WINDOWS\setupact.log 2013-09-29 12:26 - 2013-09-29 12:26 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Skype 2013-09-29 12:26 - 2013-05-16 23:43 - 00000000 ___RD C:\Programme\Skype 2013-09-29 12:26 - 2008-12-27 22:31 - 00000000 ____D C:\Dokumente und Einstellungen\Andrea\Anwendungsdaten\Skype 2013-09-29 12:12 - 2013-09-26 11:30 - 00000000 ____D C:\Dokumente und Einstellungen\Andrea\Desktop\Istanbuldreams 2013-09-29 12:00 - 2008-10-25 20:06 - 00000000 ____D C:\WINDOWS\Registration 2013-09-28 22:50 - 2008-11-25 13:52 - 00000000 ____D C:\Dokumente und Einstellungen\Andrea\Desktop\FOTOS 2013-09-28 12:05 - 2008-11-25 13:49 - 00000000 ____D C:\WINDOWS\system32\NtmsData 2013-09-25 07:15 - 2008-10-25 19:53 - 00948376 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2013-09-15 23:55 - 2011-08-20 00:04 - 00033131 _____ C:\Dokumente und Einstellungen\Andrea\Eigene Dateien\NETRKDB.DAT 2013-09-15 23:55 - 2011-08-20 00:04 - 00004700 _____ C:\Dokumente und Einstellungen\Andrea\Eigene Dateien\NECDB.DAT 2013-09-15 23:55 - 2011-08-20 00:04 - 00003080 _____ C:\Dokumente und Einstellungen\Andrea\Eigene Dateien\CDBIDXL.DAT 2013-09-15 23:55 - 2011-08-20 00:04 - 00002056 _____ C:\Dokumente und Einstellungen\Andrea\Eigene Dateien\TDBIDXL.DAT 2013-09-15 23:55 - 2011-08-20 00:04 - 00000672 _____ C:\Dokumente und Einstellungen\Andrea\Eigene Dateien\ST54.IDX 2013-09-15 23:55 - 2011-08-20 00:04 - 00000442 _____ C:\Dokumente und Einstellungen\Andrea\Eigene Dateien\ST53.IDX 2013-09-15 23:55 - 2011-08-20 00:04 - 00000302 _____ C:\Dokumente und Einstellungen\Andrea\Eigene Dateien\SA41.IDX 2013-09-15 23:55 - 2011-08-20 00:04 - 00000222 _____ C:\Dokumente und Einstellungen\Andrea\Eigene Dateien\ST44.IDX 2013-09-15 23:55 - 2011-08-20 00:04 - 00000172 _____ C:\Dokumente und Einstellungen\Andrea\Eigene Dateien\ST42.IDX 2013-09-15 23:55 - 2011-08-20 00:04 - 00000112 _____ C:\Dokumente und Einstellungen\Andrea\Eigene Dateien\ST48.IDX 2013-09-15 23:55 - 2011-08-20 00:04 - 00000102 _____ C:\Dokumente und Einstellungen\Andrea\Eigene Dateien\ST41.IDX 2013-09-15 23:55 - 2011-08-20 00:04 - 00000082 _____ C:\Dokumente und Einstellungen\Andrea\Eigene Dateien\ST49.IDX 2013-09-15 23:55 - 2011-08-20 00:04 - 00000082 _____ C:\Dokumente und Einstellungen\Andrea\Eigene Dateien\ST46.IDX 2013-09-15 23:55 - 2011-08-20 00:04 - 00000052 _____ C:\Dokumente und Einstellungen\Andrea\Eigene Dateien\ST59.IDX 2013-09-15 23:55 - 2011-08-20 00:04 - 00000052 _____ C:\Dokumente und Einstellungen\Andrea\Eigene Dateien\ST4F.IDX 2013-09-15 23:55 - 2011-08-20 00:04 - 00000052 _____ C:\Dokumente und Einstellungen\Andrea\Eigene Dateien\CA41.IDX 2013-09-15 23:55 - 2011-08-20 00:04 - 00000042 _____ C:\Dokumente und Einstellungen\Andrea\Eigene Dateien\ST57.IDX 2013-09-15 23:55 - 2011-08-20 00:04 - 00000042 _____ C:\Dokumente und Einstellungen\Andrea\Eigene Dateien\CT44.IDX 2013-09-15 23:55 - 2011-08-20 00:04 - 00000038 _____ C:\Dokumente und Einstellungen\Andrea\Eigene Dateien\CH80.IDX 2013-09-15 22:17 - 2008-11-05 13:49 - 00000000 ____D C:\Programme\Mozilla Thunderbird 2013-09-15 22:10 - 2011-08-20 00:04 - 00000272 _____ C:\Dokumente und Einstellungen\Andrea\Eigene Dateien\ST50.IDX 2013-09-15 22:10 - 2011-08-20 00:04 - 00000192 _____ C:\Dokumente und Einstellungen\Andrea\Eigene Dateien\ST4C.IDX 2013-09-15 22:10 - 2011-08-20 00:04 - 00000102 _____ C:\Dokumente und Einstellungen\Andrea\Eigene Dateien\ST4D.IDX 2013-09-15 22:10 - 2011-08-20 00:04 - 00000062 _____ C:\Dokumente und Einstellungen\Andrea\Eigene Dateien\ST43.IDX 2013-09-15 22:10 - 2011-08-20 00:04 - 00000052 _____ C:\Dokumente und Einstellungen\Andrea\Eigene Dateien\CT4D.IDX 2013-09-15 22:10 - 2011-08-20 00:04 - 00000038 _____ C:\Dokumente und Einstellungen\Andrea\Eigene Dateien\CH88.IDX Some content of TEMP: ==================== C:\Dokumente und Einstellungen\Andrea\Lokale Einstellungen\Temp\AcPro.exe C:\Dokumente und Einstellungen\Andrea\Lokale Einstellungen\Temp\casinonet.exe C:\Dokumente und Einstellungen\Andrea\Lokale Einstellungen\Temp\contentDATs.exe C:\Dokumente und Einstellungen\Andrea\Lokale Einstellungen\Temp\DataCard_Setup.exe C:\Dokumente und Einstellungen\Andrea\Lokale Einstellungen\Temp\jre-6u20-windows-i586-iftw-rv.exe C:\Dokumente und Einstellungen\Andrea\Lokale Einstellungen\Temp\ResetDevice.exe C:\Dokumente und Einstellungen\Andrea\Lokale Einstellungen\Temp\Risweb32.exe C:\Dokumente und Einstellungen\Andrea\Lokale Einstellungen\Temp\SecurityScan_Release.exe C:\Dokumente und Einstellungen\Andrea\Lokale Einstellungen\Temp\setup_wm.exe C:\Dokumente und Einstellungen\Andrea\Lokale Einstellungen\Temp\SkypeSetup.exe C:\Dokumente und Einstellungen\Andrea\Lokale Einstellungen\Temp\Uninstaller.exe C:\Dokumente und Einstellungen\Andrea\Lokale Einstellungen\Temp\UninstallerGer.dll C:\Dokumente und Einstellungen\Andrea\Lokale Einstellungen\Temp\WtgDriverInstallX.dll ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe [2002-08-29 05:43] - [2008-04-14 07:52] - 1036800 ____A (Microsoft Corporation) 418045a93cd87a352098ab7dabe1b53e C:\Windows\System32\winlogon.exe [2002-08-29 05:43] - [2008-04-14 07:53] - 0513024 ____A (Microsoft Corporation) f09a527b422e25c478e38caa0e44417a C:\Windows\System32\svchost.exe [2001-08-23 18:00] - [2008-04-14 07:53] - 0014336 ____A (Microsoft Corporation) 4fbc75b74479c7a6f829e0ca19df3366 C:\Windows\System32\services.exe [2001-08-23 18:00] - [2008-04-14 07:53] - 0109056 ____A (Microsoft Corporation) 4bb6a83640f1d1792ad21ce767b621c6 C:\Windows\System32\User32.dll [2002-08-29 05:43] - [2008-04-14 07:52] - 0580096 ____A (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd C:\Windows\System32\userinit.exe [2002-08-29 05:43] - [2008-04-14 07:53] - 0026624 ____A (Microsoft Corporation) 788f95312e26389d596c0fa55834e106 C:\Windows\System32\Drivers\volsnap.sys [2001-08-23 18:00] - [2008-04-14 07:22] - 0053760 ____A (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d ==================== End Of Log ============================ und hier der andere, addition:FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 27-09-2013 01
Ran by Andrea at 2013-10-02 16:20:06
Running from C:\Dokumente und Einstellungen\Andrea\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: AntiVir Desktop (Disabled - Up to date) {AD166499-45F9-482A-A743-FDD3350758C7}
==================== Installed Programs ======================
7-PDF Maker Version 1.0.5 (Build 164) (Version: 7-PDF Maker - Version 1.0.5 (Build 164))
A1 Modemwechsel (Version: 3.0.0.49)
A1 Webassistent (Version: 4.0.0.153)
Adobe Flash Player 10 ActiveX (Version: 10.0.42.34)
Adobe Flash Player 11 Plugin (Version: 11.2.202.235)
Adobe Reader X (10.1.4) - Deutsch (Version: 10.1.4)
Agere Systems HDA Modem
Anki
AnyDVD
AutocompletePro
Avira AntiVir Personal - Free Antivirus (Version: 10.0.0.648)
Bluesoleil 6.2.227.10 (Version: 6.2.227.10)
Broadcom 802.11-WLAN-Adapter (Version: 4.170.77.3)
CaptureWizPro 4.40
Casino-On-Net
CloneDVD2
Compatibility Pack für 2007 Office System (Version: 12.0.6514.5001)
Computerkolleg Musik - Gehörbildung
ContentSAFER for Wizmax
Cool Edit Pro 2.0
EmoDio (Version: 1.0)
EndNote X5 (Version: 15.0.0.5478)
Exact Audio Copy 0.99pb5 (Version: 0.99pb5)
File Manager for Smartphone
Free Audio CD Burner version 1.2
Free Mp3 Wma Converter V 1.9 (Version: 1.9.0.0)
Free YouTube to MP3 Converter version 3.2
GetDataBack for NTFS (Version: 3.64.000)
Homepage-Werkstatt
HP Wireless Assistant (Version: 3.00 J1)
Intel(R) Graphics Media Accelerator Driver
Intel(R) PRO Network Connections Drivers
Internet Software (Version: 8.0.0.40)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
Java(TM) 6 Update 20 (Version: 6.0.200)
JavaFX 2.1.0 (Version: 2.1.0)
Langenscheidt Vokabeltrainer 3.0 Spanisch (Version: 3.0.1)
Lexmark 510 Series
LG Bluetooth Drivers (Version: 1.1)
LG PC Suite III deinstallieren
LG United Mobile Drivers (Version: 2.2)
LG USB Modem Drivers (Version: 4.9.6)
Magic M4A to MP3 Converter 3.72
McAfee Security Scan Plus (Version: 3.0.318.3)
Microsoft .NET Framework 2.0
Microsoft .NET Framework 2.0 (Version: 2.0.50727)
Microsoft ActiveSync 3.6
Microsoft Office Professional Edition 2003 (Version: 11.0.5614.0)
Microsoft Office Word Viewer 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 4.0.60129.0)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Mobile Connect (Version: 1.00.0000)
Mozilla Firefox 16.0.1 (x86 de) (Version: 16.0.1)
Mozilla Maintenance Service (Version: 16.0.1)
Mozilla Thunderbird 16.0.1 (x86 de) (Version: 16.0.1)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
Musicnotes Player
Musicnotes Software Suite 1.1 (Version: 1.1)
Nero 8 (Version: 8.3.51)
neroxml (Version: 1.0.0)
Office-Bibliothek 4.1
Open SPX-Viewer Plugin 3.3.0.1
PDFCreator (Version: 1.1.0)
pdfforge Toolbar v5.9 (Version: 5.9)
Pixia
Pixia (Version: 3.3b)
QuickTime
ResearchSoft Direct Export Helper
Scribus 1.4.1 (Version: 1.4.1)
Servicecenter (Version: 1.0.0.8)
Sibelius Scorch (Firefox, Opera, Netscape only) (Version: 6.2.0)
Skype™ 6.7 (Version: 6.7.102)
SnagIt 9 (Version: 9.0.2)
SoundMAX (Version: 5.10.01.5240)
Springer Lexikon Medizin - Die DVD (Version: 1.3)
swMSM (Version: 12.0.0.1)
Sygate Personal Firewall (Version: 5.5.2307)
Synaptics Pointing Device Driver (Version: 11.0.7.0)
Uninstall 1.0.0.1
VCRedistSetup (Version: 1.0.0)
VLC media player 1.0.5 (Version: 1.0.5)
VMD 1.8.7 (Version: 1.8.7)
WebFldrs XP (Version: 9.50.6513)
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (Version: 1.0)
Windows Media Format Runtime
Windows XP Service Pack 3 (Version: 20080414.031514)
WinRAR
==================== Restore Points =========================
30-09-2013 19:05:51 Systemprüfpunkt
==================== Hosts content: ==========================
2001-08-23 18:00 - 2001-08-23 18:00 - 00000820 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
==================== Loaded Modules (whitelisted) =============
2008-06-04 18:27 - 2008-06-04 18:27 - 00118880 _____ () C:\WINDOWS\system32\BsMobileSDK.dll
2008-07-09 18:16 - 2008-07-09 18:16 - 00102499 _____ () C:\WINDOWS\system32\Bs2Res.dll
2010-11-30 17:37 - 2001-10-28 17:42 - 00116224 _____ () C:\WINDOWS\system32\pdfcmnnt.dll
2009-08-12 00:11 - 2010-01-28 13:57 - 00355688 _____ () C:\Programme\Avira\AntiVir Desktop\sqlite3.dll
2010-02-02 16:54 - 2001-03-07 15:09 - 00049152 _____ () C:\Programme\Office-Bibliothek\KDHook.dll
2010-02-02 16:54 - 1999-12-16 10:33 - 00032768 _____ () C:\Programme\Office-Bibliothek\KapKey.dll
2008-03-07 13:54 - 2008-03-07 13:54 - 17907824 _____ () C:\WINDOWS\system32\BsLangInDepRes.dll
2008-06-04 18:27 - 2008-06-04 18:27 - 00028672 _____ () C:\WINDOWS\system32\BsMobileCSps.dll
2010-02-02 16:54 - 2001-03-12 18:02 - 00045056 _____ () C:\Programme\Office-Bibliothek\KDMod.dll
2010-02-02 16:54 - 2005-12-20 10:06 - 00176128 _____ () C:\Programme\Office-Bibliothek\PAGOFFBIB.dll
2010-02-02 16:54 - 2006-02-09 11:03 - 00040960 _____ () C:\Programme\Office-Bibliothek\OLEACC.dll
2010-02-02 16:54 - 2001-01-17 09:50 - 00266310 _____ () C:\Programme\Office-Bibliothek\activepg.dll
2012-10-13 09:03 - 2012-10-13 09:03 - 02294240 _____ () C:\Programme\Mozilla Firefox\mozjs.dll
2008-07-09 15:12 - 2008-07-09 15:12 - 00237568 _____ () C:\Programme\IVT Corporation\BlueSoleil\Mobile\BaseLib.dll
2008-07-09 15:12 - 2008-07-09 15:12 - 00061440 _____ () C:\Programme\IVT Corporation\BlueSoleil\Mobile\ExtraLib.dll
2003-05-01 17:23 - 2003-05-01 17:23 - 00041472 _____ () C:\Programme\IVT Corporation\BlueSoleil\Mobile\cscvt.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\WINDOWS:39B34853E5D672D0
AlternateDataStreams: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:C765C323
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nm => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nm.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UploadMgr => ""="Service"
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/02/2013 03:25:07 PM) (Source: MsiInstaller) (User: ANDREABOOKI)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)
Error: (10/02/2013 03:24:45 PM) (Source: MsiInstaller) (User: ANDREABOOKI)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)
Error: (10/02/2013 03:24:45 PM) (Source: MsiInstaller) (User: ANDREABOOKI)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)
Error: (10/02/2013 03:24:45 PM) (Source: MsiInstaller) (User: ANDREABOOKI)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)
Error: (10/02/2013 03:24:44 PM) (Source: MsiInstaller) (User: ANDREABOOKI)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)
Error: (10/02/2013 03:24:44 PM) (Source: MsiInstaller) (User: ANDREABOOKI)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)
Error: (10/02/2013 03:24:44 PM) (Source: MsiInstaller) (User: ANDREABOOKI)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)
Error: (10/02/2013 03:24:44 PM) (Source: MsiInstaller) (User: ANDREABOOKI)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)
Error: (10/02/2013 03:24:44 PM) (Source: MsiInstaller) (User: ANDREABOOKI)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)
Error: (10/02/2013 03:24:43 PM) (Source: MsiInstaller) (User: ANDREABOOKI)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)
System errors:
=============
Error: (09/18/2013 06:16:26 AM) (Source: SideBySide) (User: )
Description: Generate Activation Context ist für C:\Programme\Gemeinsame Dateien\Nero\AudioPlugins\MSAxp.dll fehlgeschlagen.
Referenzfehlermeldung: Der Vorgang wurde erfolgreich beendet.
.
Error: (09/18/2013 06:16:26 AM) (Source: SideBySide) (User: )
Description: Syntaxfehler in der Manifest- oder Richtliniendatei "Manifestverarbeitungsfehler: Ein ungültiges Zeichen wurde im Textinhalt gefunden.
1" in Zeile Manifestverarbeitungsfehler: Ein ungültiges Zeichen wurde im Textinhalt gefunden.
2.
Error: (09/18/2013 06:16:26 AM) (Source: SideBySide) (User: )
Description: Generate Activation Context ist für C:\Programme\Gemeinsame Dateien\Nero\AudioPlugins\msa.dll fehlgeschlagen.
Referenzfehlermeldung: Der Vorgang wurde erfolgreich beendet.
.
Error: (09/18/2013 06:16:26 AM) (Source: SideBySide) (User: )
Description: Syntaxfehler in der Manifest- oder Richtliniendatei "Manifestverarbeitungsfehler: Ein ungültiges Zeichen wurde im Textinhalt gefunden.
1" in Zeile Manifestverarbeitungsfehler: Ein ungültiges Zeichen wurde im Textinhalt gefunden.
2.
Error: (09/15/2013 10:10:04 PM) (Source: SideBySide) (User: )
Description: Generate Activation Context ist für C:\Programme\Gemeinsame Dateien\Nero\AudioPlugins\MSAxp.dll fehlgeschlagen.
Referenzfehlermeldung: Der Vorgang wurde erfolgreich beendet.
.
Error: (09/15/2013 10:10:04 PM) (Source: SideBySide) (User: )
Description: Syntaxfehler in der Manifest- oder Richtliniendatei "Manifestverarbeitungsfehler: Ein ungültiges Zeichen wurde im Textinhalt gefunden.
1" in Zeile Manifestverarbeitungsfehler: Ein ungültiges Zeichen wurde im Textinhalt gefunden.
2.
Error: (09/15/2013 10:10:04 PM) (Source: SideBySide) (User: )
Description: Generate Activation Context ist für C:\Programme\Gemeinsame Dateien\Nero\AudioPlugins\msa.dll fehlgeschlagen.
Referenzfehlermeldung: Der Vorgang wurde erfolgreich beendet.
.
Error: (09/15/2013 10:10:04 PM) (Source: SideBySide) (User: )
Description: Syntaxfehler in der Manifest- oder Richtliniendatei "Manifestverarbeitungsfehler: Ein ungültiges Zeichen wurde im Textinhalt gefunden.
1" in Zeile Manifestverarbeitungsfehler: Ein ungültiges Zeichen wurde im Textinhalt gefunden.
2.
Error: (09/14/2013 01:12:09 PM) (Source: Wechselmediendienst) (User: )
Description: Der Wechselmediendienst konnte die Medien in Laufwerk Laufwerk 0 der Bibliothek USB DISK 2.0 USB Device nicht laden.
Error: (09/14/2013 01:12:05 PM) (Source: Wechselmediendienst) (User: )
Description: Der Wechselmediendienst konnte die Medien in Laufwerk Laufwerk 0 der Bibliothek USB DISK 2.0 USB Device nicht laden.
Microsoft Office Sessions:
=========================
Error: (10/02/2013 03:25:07 PM) (Source: MsiInstaller)(User: ANDREABOOKI)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)
Error: (10/02/2013 03:24:45 PM) (Source: MsiInstaller)(User: ANDREABOOKI)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)
Error: (10/02/2013 03:24:45 PM) (Source: MsiInstaller)(User: ANDREABOOKI)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)
Error: (10/02/2013 03:24:45 PM) (Source: MsiInstaller)(User: ANDREABOOKI)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)
Error: (10/02/2013 03:24:44 PM) (Source: MsiInstaller)(User: ANDREABOOKI)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)
Error: (10/02/2013 03:24:44 PM) (Source: MsiInstaller)(User: ANDREABOOKI)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)
Error: (10/02/2013 03:24:44 PM) (Source: MsiInstaller)(User: ANDREABOOKI)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)
Error: (10/02/2013 03:24:44 PM) (Source: MsiInstaller)(User: ANDREABOOKI)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)
Error: (10/02/2013 03:24:44 PM) (Source: MsiInstaller)(User: ANDREABOOKI)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)
Error: (10/02/2013 03:24:43 PM) (Source: MsiInstaller)(User: ANDREABOOKI)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)
==================== Memory info ===========================
Percentage of memory in use: 53%
Total physical RAM: 1015.23 MB
Available physical RAM: 475.55 MB
Total Pagefile: 2444.52 MB
Available Pagefile: 1935.98 MB
Total Virtual: 2047.88 MB
Available Virtual: 1960.61 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.78 GB) (Free:3.98 GB) NTFS ==>[Drive with boot components (Windows XP)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 112 GB) (Disk ID: 075B075B)
Partition 1: (Active) - (Size=112 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Geändert von orcholanda (02.10.2013 um 15:25 Uhr) Grund: hatte noch keine logs beigefügt |
| Themen zu Trojaner eingefangen: TR/Crypt-XPACK.Gen und noch mehr? |
| arbeitet, avira, center, computer, device driver, farbar, farbar recovery scan tool, fehlermeldung, funktionieren, gen, hintergrund, jahre, langsamer, laptop, meldung, msiinstaller, nerven, neu, neue, nicht mehr, pdfforge toolbar, plug-in, prozesse, quarantäne, richtlinie, service, trojaner, ungültiges, update, updaten, windows, windows xp, öffnen |
Baum-Darstellung