|
Plagegeister aller Art und deren Bekämpfung: Windows 7 Trojana mit Avira gefunden(TR/Crypt.Xpack22716)Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
26.01.2014, 13:31 | #1 |
| Windows 7 Trojana mit Avira gefunden(TR/Crypt.Xpack22716) Hallo zusammen, Ich habe auf der Seite von BSI den Test mit der E-Mail durchgeführt. Meine Add. war natürlich betroffen. Auf der Internetseite hat man gleich ein paar Tipps bekommen wie man seine Probleme lösen kann. Habe gleich alle Passwörter geändert und den Avira PC cleaner runtergeladen. Dieser hat gleich einen Trojaner gefunden den mein Norton nicht bemerkt hat. Der Name des Trojaners ist TR/Crypt.Xpack22716 und irgendwie mit meiner web.de Mail verbunden. Der Avira PC cleaner bekommt ihn nicht gelöscht. Was ist jetzt das richtige ???? |
26.01.2014, 16:59 | #2 |
/// the machine /// TB-Ausbilder | Windows 7 Trojana mit Avira gefunden(TR/Crypt.Xpack22716) hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
26.01.2014, 18:36 | #3 |
| Windows 7 Trojana mit Avira gefunden(TR/Crypt.Xpack22716) FRST Logfile:
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-01-2014 02 Ran by Marc (administrator) on MARC-PC on 26-01-2014 18:32:45 Running from C:\Users\Marc\Desktop Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forums ==================== Processes (Whitelisted) =================== (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (REINER SCT) C:\Windows\System32\cjpcsc.exe (TuneUp Software) C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software) C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe (Google Inc.) C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler.exe (Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NIS.exe (Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NIS.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_12_0_0_38_ActiveX.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe (Microsoft Corporation) C:\Windows\System32\wuauclt.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation) HKLM\...\Run: [Acrobat Assistant 8.0] - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [821144 2010-10-25] (Adobe Systems Inc.) HKLM\...\Run: [] - [x] HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM\...\Run: [VirtualCloneDrive] - C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG) HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1425208 2012-09-20] (Logitech, Inc.) HKCU\...\Run: [SecretFolder] - C:\Program Files\SecretFolder\SecretFolder.exe [4144640 2013-10-22] (oh!soft) IFEO\billmind.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe" IFEO\excel.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe" IFEO\firefox.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe" IFEO\helplauncher.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe" IFEO\infopath.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe" IFEO\misc.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe" IFEO\msaccess.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe" IFEO\msoxmled.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe" IFEO\mspub.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe" IFEO\mstore.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe" IFEO\onenote.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe" IFEO\outlook.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe" IFEO\powerpnt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe" IFEO\vcd-uninst.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe" IFEO\vcdmount.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe" IFEO\vcdprefs.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe" IFEO\vscontentinstaller.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe" IFEO\vslauncher.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe" IFEO\Winword.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe" ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login. HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x425022F72638CE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=DE&ver=20&locale=de_DE&gct=kwd&qsrc=2869 BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation) BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation) BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\p9zwg99x.default FF user.js: detected! => C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\p9zwg99x.default\user.js FF Homepage: hxxp://www.sm.de FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll () FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml FF Extension: Adblock Plus - C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\p9zwg99x.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-04-08] FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\ FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\ [] FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-04-08] FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2013-12-29] Chrome: ======= CHR HomePage: hxxp://www.google.com/ CHR Extension: (Google Docs) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-23] CHR Extension: (Google Drive) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-23] CHR Extension: (YouTube) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-23] CHR Extension: (Google-Suche) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-23] CHR Extension: (Norton Identity Protection) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-01-23] CHR Extension: (Google Wallet) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-23] CHR Extension: (Google Mail) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-23] CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\Exts\Chrome.crx [2014-01-23] ========================== Services (Whitelisted) ================= R2 cjpcsc; C:\Windows\system32\cjpcsc.exe [514128 2012-03-19] (REINER SCT) S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [277616 2012-12-14] (Intel Corporation) R2 NIS; C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NIS.exe [275696 2013-10-08] (Symantec Corporation) R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [1529656 2013-12-11] (TuneUp Software) ==================== Drivers (Whitelisted) ==================== S3 athur; C:\Windows\System32\DRIVERS\athur.sys [1500160 2010-01-05] (Atheros Communications, Inc.) R1 BHDrvx86; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140121.001\BHDrvx86.sys [1098968 2013-12-18] (Symantec Corporation) R1 bizVSerial; C:\Windows\System32\drivers\bizVSerialNT.sys [14949 2007-05-31] (franson.biz) R1 ccSet_NIS; C:\Windows\system32\drivers\NIS\1501000.012\ccSetx86.sys [127064 2013-09-26] (Symantec Corporation) R3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [28144 2011-03-29] (REINER SCT) R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2013-12-16] (Symantec Corporation) R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [31088 2010-12-16] (Elaborate Bytes AG) R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2013-12-16] (Symantec Corporation) R2 hfFilter; C:\Windows\System32\drivers\hfFilter.sys [28040 2013-10-22] () R1 IDSVix86; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140124.001\IDSvix86.sys [394456 2014-01-21] (Symantec Corporation) R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [55104 2012-07-17] (Intel Corporation) R3 NAVENG; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140125.005\NAVENG.SYS [93272 2013-12-16] (Symantec Corporation) R3 NAVEX15; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140125.005\NAVEX15.SYS [1612376 2013-12-16] (Symantec Corporation) R3 SRTSP; C:\Windows\System32\Drivers\NIS\1501000.012\SRTSP.SYS [651352 2013-09-27] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\NIS\1501000.012\SRTSPX.SYS [32344 2013-09-10] (Symantec Corporation) R0 SymDS; C:\Windows\System32\drivers\NIS\1501000.012\SYMDS.SYS [367704 2013-09-10] (Symantec Corporation) R0 SymEFA; C:\Windows\System32\drivers\NIS\1501000.012\SYMEFA.SYS [935512 2013-09-27] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142936 2013-12-17] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\NIS\1501000.012\Ironx86.SYS [206936 2013-09-27] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\NIS\1501000.012\SYMNETS.SYS [446552 2013-09-26] (Symantec Corporation) R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [10064 2012-02-09] (TuneUp Software) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-01-26 18:32 - 2014-01-26 18:32 - 00015882 _____ C:\Users\Marc\Desktop\FRST.txt 2014-01-26 18:32 - 2014-01-26 18:32 - 00000000 ____D C:\FRST 2014-01-26 18:31 - 2014-01-26 18:31 - 01222144 _____ (Farbar) C:\Users\Marc\Desktop\FRST.exe 2014-01-26 18:28 - 2014-01-26 18:28 - 00000000 ____D C:\Program Files\Allin1Convert_8hEI 2014-01-26 18:23 - 2014-01-26 18:23 - 00000000 ____D C:\Users\Marc\Documents\My Received Files 2014-01-26 18:23 - 2014-01-26 18:23 - 00000000 ____D C:\Users\Marc\AppData\Roaming\MusicNet 2014-01-23 19:02 - 2014-01-23 19:02 - 00000000 ____D C:\ProgramData\Google 2014-01-22 20:29 - 2014-01-22 20:29 - 00002025 _____ C:\Users\Marc\Desktop\Entfernen des Avira PC Cleaners.lnk 2014-01-22 20:29 - 2014-01-22 20:29 - 00001969 _____ C:\Users\Marc\Desktop\Avira PC Cleaner.lnk 2014-01-17 20:42 - 2013-11-27 02:14 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2014-01-17 20:42 - 2013-11-27 02:13 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2014-01-17 20:42 - 2013-11-27 02:13 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2014-01-17 20:42 - 2013-11-27 02:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2014-01-17 20:42 - 2013-11-27 02:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2014-01-17 20:42 - 2013-11-27 02:13 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2014-01-17 20:42 - 2013-11-27 02:13 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2014-01-17 20:41 - 2013-11-26 12:11 - 00240576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2014-01-17 20:41 - 2013-11-26 11:10 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-01-05 11:05 - 2014-01-05 14:12 - 00000000 ____D C:\Users\Marc\Desktop\Schnuky ==================== One Month Modified Files and Folders ======= 2014-01-26 18:32 - 2014-01-26 18:32 - 00015882 _____ C:\Users\Marc\Desktop\FRST.txt 2014-01-26 18:32 - 2014-01-26 18:32 - 00000000 ____D C:\FRST 2014-01-26 18:31 - 2014-01-26 18:31 - 01222144 _____ (Farbar) C:\Users\Marc\Desktop\FRST.exe 2014-01-26 18:28 - 2014-01-26 18:28 - 00000000 ____D C:\Program Files\Allin1Convert_8hEI 2014-01-26 18:23 - 2014-01-26 18:23 - 00000000 ____D C:\Users\Marc\Documents\My Received Files 2014-01-26 18:23 - 2014-01-26 18:23 - 00000000 ____D C:\Users\Marc\AppData\Roaming\MusicNet 2014-01-26 18:00 - 2013-04-13 19:20 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-01-26 17:48 - 2013-06-29 08:45 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-01-26 17:23 - 2013-04-06 18:14 - 01864078 _____ C:\Windows\WindowsUpdate.log 2014-01-26 13:05 - 2013-04-13 19:20 - 00001090 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-01-26 13:05 - 2013-04-08 19:27 - 00000000 ____D C:\ProgramData\Microsoft Help 2014-01-23 21:19 - 2013-04-13 19:19 - 00000000 ____D C:\Users\Marc\AppData\Local\Google 2014-01-23 19:06 - 2009-07-14 05:34 - 00017952 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-01-23 19:06 - 2009-07-14 05:34 - 00017952 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-01-23 19:03 - 2013-04-13 19:20 - 00000000 ____D C:\Program Files\Google 2014-01-23 19:03 - 2013-04-08 20:00 - 00000000 ____D C:\Users\Marc\AppData\Local\Adobe 2014-01-23 19:02 - 2014-01-23 19:02 - 00000000 ____D C:\ProgramData\Google 2014-01-23 19:02 - 2013-04-08 14:42 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-01-23 19:02 - 2013-04-08 14:42 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-01-23 18:59 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2014-01-23 18:59 - 2009-07-14 05:39 - 00029508 _____ C:\Windows\setupact.log 2014-01-23 18:58 - 2013-04-08 19:09 - 00045698 _____ C:\Windows\PFRO.log 2014-01-22 20:29 - 2014-01-22 20:29 - 00002025 _____ C:\Users\Marc\Desktop\Entfernen des Avira PC Cleaners.lnk 2014-01-22 20:29 - 2014-01-22 20:29 - 00001969 _____ C:\Users\Marc\Desktop\Avira PC Cleaner.lnk 2014-01-18 12:02 - 2009-07-14 05:33 - 00422024 _____ C:\Windows\system32\FNTCACHE.DAT 2014-01-18 11:50 - 2013-08-04 21:08 - 00000000 ____D C:\Windows\system32\MRT 2014-01-18 11:48 - 2013-04-08 18:19 - 83425928 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-01-17 07:10 - 2013-12-21 10:01 - 00000154 _____ C:\Windows\HFIT.hff 2014-01-17 07:10 - 2013-05-28 15:04 - 00000000 ____D C:\Users\Marc\AppData\Roaming\vlc 2014-01-10 15:50 - 2013-04-08 17:06 - 01498506 _____ C:\Windows\system32\PerfStringBackup.INI 2014-01-05 14:12 - 2014-01-05 11:05 - 00000000 ____D C:\Users\Marc\Desktop\Schnuky 2013-12-30 07:49 - 2013-04-08 17:15 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared 2013-12-29 23:07 - 2013-04-08 17:14 - 00000000 ____D C:\Windows\system32\Drivers\NIS 2013-12-29 22:04 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-01-26 18:00 ==================== End Of Log ============================ --- --- --- FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 26-01-2014 02 Ran by Marc at 2014-01-26 18:33:20 Running from C:\Users\Marc\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Norton Internet Security (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Norton Internet Security (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton Internet Security (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} ==================== Installed Programs ====================== 7-Zip 9.20 (Version: - ) Adobe Acrobat X Pro - English, Français, Deutsch (Version: 10.0.0 - Adobe Systems) Adobe Flash Player 11 Plugin (Version: 11.9.900.170 - Adobe Systems Incorporated) Adobe Flash Player 12 ActiveX (Version: 12.0.0.38 - Adobe Systems Incorporated) Apple Application Support (Version: 2.3.6 - Apple Inc.) Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.) Apple Software Update (Version: 2.1.3.127 - Apple Inc.) Bonjour (Version: 3.0.0.10 - Apple Inc.) cyberJack Base Components (Version: 6.10.0 - REINER SCT) DDBAC (Version: 5.3.6 - DataDesign) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (Version: - Microsoft) funScreenScraping Client Version (Version: 1.0.173 - fun communications GmbH) funScreenScraping Microsoft Systemdateien (Version: 1.0.6 - fun communications GmbH) Google Chrome (Version: 32.0.1700.76 - Google Inc.) Google Earth (Version: 7.1.2.2041 - Google) Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden Google Toolbar for Internet Explorer (Version: 7.5.4805.320 - Google Inc.) Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden iCloud (Version: 3.1.0.40 - Apple Inc.) iMesh (Version: 12.5.0.134600 - iMesh Inc) Intel(R) Processor Graphics (Version: 9.17.10.2932 - Intel Corporation) Intel(R) Rapid Storage Technology (Version: 11.1.0.1006 - Intel Corporation) iTunes (Version: 11.1.3.8 - Apple Inc.) Java 7 Update 45 (Version: 7.0.450 - Oracle) Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden Java(TM) SE Runtime Environment 6 (Version: 1.6.0.0 - Sun Microsystems, Inc.) Lexware Info Service (Version: 2.61.00.0033 - Lexware GmbH & Co. KG) Lexware online banking (Version: 10.00.00.0102 - Lexware GmbH & Co. KG) Lexware online banking 4.90 (Version: 4.90 - Lexware) Hidden Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft Office 2010 Service Pack 1 (SP1) (Version: - Microsoft) Microsoft Office 2010 Service Pack 1 (SP1) (Version: - Microsoft) Hidden Microsoft Office Access MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden Microsoft Office Groove MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Italian) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation) Mozilla Firefox 20.0.1 (x86 de) (Version: 20.0.1 - Mozilla) Mozilla Maintenance Service (Version: 20.0.1 - Mozilla) Norton Internet Security (Version: 21.1.0.18 - Symantec Corporation) PartyPoker (Version: - PartyGaming) Quicken 2011 - ServicePack 4 (Version: 18.04.00.0123 - Haufe-Lexware GmbH & Co KG) Quicken 2011 (Version: 18.00.00.0084 - Lexware GmbH & Co. KG) Hidden Quicken Deluxe 2011 (Version: 18.00.00.0084 - Lexware GmbH & Co. KG) Quicken Import Export Server 2008 (Version: 15.0.1.1 - Lexware GmbH & Co KG) Quicken Import Export Server 2011 (Version: 18.00.00.0081 - Lexware GmbH & Co. KG) SecretFolder version 2.5.0.0 (Version: 2.5.0.0 - Oh!Soft(ohsoft.net) - Best Software Developer) Servicepack Datumsaktualisierung (Version: 1.00.00.0005 - Haufe-Lexware) Hidden Skype™ 6.3 (Version: 6.3.105 - Skype Technologies S.A.) TuneUp Utilities 2012 (Version: 12.0.3600.193 - TuneUp Software) TuneUp Utilities 2012 (Version: 12.0.3600.193 - TuneUp Software) Hidden TuneUp Utilities Language Pack (de-DE) (Version: 12.0.3600.193 - TuneUp Software) Hidden Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3 - Microsoft Corporation) Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (Version: - Microsoft) Update for Microsoft Office 2010 (KB2553065) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (Version: - Microsoft) Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (Version: - Microsoft) Update for Microsoft Office 2010 (KB2566458) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (Version: - Microsoft) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (Version: - Microsoft) Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (Version: - Microsoft) Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (Version: - Microsoft) Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (Version: - Microsoft) Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (Version: - Microsoft) Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (Version: - Microsoft) Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (Version: - Microsoft) Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (Version: - Microsoft) Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (Version: - Microsoft) Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (Version: - Microsoft) VirtualCloneDrive (Version: - Elaborate Bytes) VLC media player 2.0.6 (Version: 2.0.6 - VideoLAN) ==================== Restore Points ========================= 29-12-2013 21:04:14 Geplanter Prüfpunkt 18-01-2014 10:47:58 Windows Modules Installer 22-01-2014 21:01:20 Windows Update 24-01-2014 13:54:32 Windows Update 26-01-2014 11:59:35 Windows Update ==================== Hosts content: ========================== 2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {496ADDBD-82AE-40A1-8BC5-B52BEA96F8D2} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files\Norton Internet Security\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation) Task: {4A37AED2-27C6-49C9-A7A1-1967DDE43A9A} - System32\Tasks\Sun Microsystems-Online-Aktualisierungsprogramm => C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe Task: {510C50A7-A836-4266-B491-71AA31B8A075} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03] (Adobe Systems Incorporated) Task: {52C39379-FB58-4A0C-B18E-4B9A6A111F1B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-04-13] (Google Inc.) Task: {607B8C64-60CC-43F1-A644-DA4A5C556ECB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-23] (Adobe Systems Incorporated) Task: {7A984A20-4A00-417A-BF9A-D466B51F2D5E} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Internet Security\Engine\21.1.0.18\WSCStub.exe [2013-10-08] (Symantec Corporation) Task: {9EE2993A-3A57-4C63-AF22-1423DBC3363C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {A0CC5ED8-1BBA-4AC9-AF8B-9DC1E874FA8F} - System32\Tasks\Lexware-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe [2008-11-03] (Lexware GmbH & Co. KG) Task: {ACF82745-632A-4329-87AC-851CFF1EDD10} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation) Task: {C1BAF64E-14B1-4E14-A4AF-83281870BCA9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-04-13] (Google Inc.) Task: {CEBBFB00-C8D2-418F-9076-59874F9AFA93} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files\Norton Internet Security\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation) Task: {DC31053E-AC1B-4C2E-B3BB-CB304611867A} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012 => C:\Program Files\TuneUp Utilities 2012\OneClick.exe [2013-12-11] (TuneUp Software) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2012-12-14 01:02 - 2012-12-14 01:02 - 00094208 _____ () C:\Windows\System32\IccLibDll.dll 2010-10-25 14:15 - 2010-10-25 14:15 - 00019968 _____ () C:\Program Files\Adobe\Acrobat 10.0\Acrobat\locale\de_de\acrotray.deu ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== Faulty Device Manager Devices ============= Name: Ethernet-Controller Description: Ethernet-Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Basissystemgerät Description: Basissystemgerät Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Basissystemgerät Description: Basissystemgerät Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (01/26/2014 06:03:40 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1". Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (01/26/2014 01:05:50 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT) Description: Produkt: Microsoft Office Professional Plus 2010 - Update "Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition" konnte nicht installiert werden. Fehlercode 1603. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: How to enable Windows Installer logging Error: (01/24/2014 03:04:01 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT) Description: Produkt: Microsoft Office Professional Plus 2010 - Update "Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition" konnte nicht installiert werden. Fehlercode 1603. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: How to enable Windows Installer logging Error: (01/24/2014 02:56:52 PM) (Source: Application Hang) (User: ) Description: Programm iexplore.exe, Version 11.0.9600.16428 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 11bc Startzeit: 01cf190bc8b68ac2 Endzeit: 50 Anwendungspfad: C:\Program Files\Internet Explorer\iexplore.exe Berichts-ID: Error: (01/22/2014 10:06:32 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT) Description: Produkt: Microsoft Office Professional Plus 2010 - Update "Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition" konnte nicht installiert werden. Fehlercode 1603. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: How to enable Windows Installer logging Error: (01/18/2014 03:00:14 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 11.0.9600.16428, Zeitstempel: 0x525b664c Name des fehlerhaften Moduls: Acrobat.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x4cc5f7e2 Ausnahmecode: 0xc0000005 Fehleroffset: 0x5800134b ID des fehlerhaften Prozesses: 0xbe8 Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0 Pfad der fehlerhaften Anwendung: iexplore.exe1 Pfad des fehlerhaften Moduls: iexplore.exe2 Berichtskennung: iexplore.exe3 Error: (01/18/2014 01:21:52 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1". Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (01/18/2014 11:47:46 AM) (Source: System Restore) (User: ) Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Fehler = 0x81000101). Error: (01/05/2014 02:35:13 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1341 Error: (01/05/2014 02:35:13 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1341 System errors: ============= Error: (01/26/2014 03:49:53 PM) (Source: Schannel) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10. Error: (01/26/2014 03:49:53 PM) (Source: Schannel) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10. Error: (01/26/2014 03:49:52 PM) (Source: Schannel) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10. Error: (01/26/2014 03:49:52 PM) (Source: Schannel) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10. Error: (01/26/2014 03:49:52 PM) (Source: Schannel) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10. Error: (01/26/2014 03:49:52 PM) (Source: Schannel) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10. Error: (01/26/2014 02:22:43 PM) (Source: Schannel) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10. Error: (01/26/2014 02:22:43 PM) (Source: Schannel) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10. Error: (01/26/2014 02:22:43 PM) (Source: Schannel) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10. Error: (01/26/2014 02:22:42 PM) (Source: Schannel) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10. Microsoft Office Sessions: ========================= Error: (01/26/2014 06:03:40 PM) (Source: SideBySide)(User: ) Description: Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"c:\Programs\partygaming\partypoker\PL.exe Error: (01/26/2014 01:05:50 PM) (Source: MsiInstaller)(User: NT-AUTORITÄT) Description: Microsoft Office Professional Plus 2010Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition1603(NULL)(NULL)(NULL) Error: (01/24/2014 03:04:01 PM) (Source: MsiInstaller)(User: NT-AUTORITÄT) Description: Microsoft Office Professional Plus 2010Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition1603(NULL)(NULL)(NULL) Error: (01/24/2014 02:56:52 PM) (Source: Application Hang)(User: ) Description: iexplore.exe11.0.9600.1642811bc01cf190bc8b68ac250C:\Program Files\Internet Explorer\iexplore.exe Error: (01/22/2014 10:06:32 PM) (Source: MsiInstaller)(User: NT-AUTORITÄT) Description: Microsoft Office Professional Plus 2010Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition1603(NULL)(NULL)(NULL) Error: (01/18/2014 03:00:14 PM) (Source: Application Error)(User: ) Description: iexplore.exe11.0.9600.16428525b664cAcrobat.dll_unloaded0.0.0.04cc5f7e2c00000055800134bbe801cf1454eeba57caC:\Program Files\Internet Explorer\iexplore.exeAcrobat.dlld9c3d772-8048-11e3-a37b-c0baac06d829 Error: (01/18/2014 01:21:52 PM) (Source: SideBySide)(User: ) Description: Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"c:\Programs\partygaming\partypoker\PL.exe Error: (01/18/2014 11:47:46 AM) (Source: System Restore)(User: ) Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x81000101 Error: (01/05/2014 02:35:13 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1341 Error: (01/05/2014 02:35:13 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1341 ==================== Memory info =========================== Percentage of memory in use: 54% Total physical RAM: 2642.36 MB Available physical RAM: 1200.87 MB Total Pagefile: 5283.01 MB Available Pagefile: 3764.41 MB Total Virtual: 2047.88 MB Available Virtual: 1881.93 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:146.39 GB) (Free:89.56 GB) NTFS Drive d: () (Fixed) (Total:319.28 GB) (Free:285.75 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 44E8CA32) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=146 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=319 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
27.01.2014, 12:17 | #4 |
/// the machine /// TB-Ausbilder | Windows 7 Trojana mit Avira gefunden(TR/Crypt.Xpack22716) Rechner ist sauber, mal abgesehen von der Tatsache dass Du anscheinend vor hast ihn zu toasten mit Tune Up
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
27.01.2014, 18:43 | #5 |
| Windows 7 Trojana mit Avira gefunden(TR/Crypt.Xpack22716) Das ist doch mal schön zu hören. :-) aber was sagt mir Avira dann? Kann ich das einfach Ignorieren ???? Marc-..... @web.de.pst TR/Crypt.Xpack.22716 so stehtes da geschrieben. Würdest du mir von Tune up abraten? |
28.01.2014, 15:08 | #6 |
/// the machine /// TB-Ausbilder | Windows 7 Trojana mit Avira gefunden(TR/Crypt.Xpack22716) Das bedeutet nur dass in deiner komprimierten PST Datei eine Mail dabei ist die nen schädlichen Anhang oder so hat. Ja würde ich, das Programm ist der letzte Scheiss.
__________________ --> Windows 7 Trojana mit Avira gefunden(TR/Crypt.Xpack22716) |
28.01.2014, 16:21 | #7 |
| Windows 7 Trojana mit Avira gefunden(TR/Crypt.Xpack22716) Dann möchte ich erst ein mal Danke sagen. Hat mir sehr geholfen. gibt es denn eine gute alternative zu tune up? |
29.01.2014, 10:46 | #8 | |
/// the machine /// TB-Ausbilder | Windows 7 Trojana mit Avira gefunden(TR/Crypt.Xpack22716)Zitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Themen zu Windows 7 Trojana mit Avira gefunden(TR/Crypt.Xpack22716) |
avira, cleaner, e-mail, gefunde, geändert, hallo zusammen, inter, interne, internetseite, lösen, natürlich, norton, passwörter, probleme, rojaner gefunden, runter, seite, test, tipps, tr/crypt.xpack, troja, trojana, trojaner, trojaners, windos7, windows, windows 7, zusammen |