|
Plagegeister aller Art und deren Bekämpfung: BSI test positivWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
31.01.2014, 09:59 | #1 |
| BSI test positiv Hallo, BSI test ist positiv, habe passwörter geändert. auf schadsoftware getestet, alles im Ordnung 3 Tage,jetzt BSI test wieder positiv, was tun? MfG Brigitte |
31.01.2014, 10:30 | #2 |
Ruhe in Frieden † 2019 | BSI test positivMein Name ist Sandra und ich werde Dir bei Deinem Problem behilflich sein.
Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der schnellere und immer der sicherste Weg. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Dir jemand vom Team sagt, dass Du clean bist. Bitte beachte, dass alle meine Antworten zuerst von einem Ausbilder freigegeben werden müssen, bevor ich diese hier posten darf. Dies garantiert, dass Du Hilfe von einem ausgebildeten Helfer bekommst. Ich bedanke mich für deine Geduld Ich guck mir das gerne einmal an: Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
31.01.2014, 12:44 | #3 |
| BSI test positiv Hallo Sandra wie kann ich download und im desktop öffnen ohne speichern?
__________________FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-01-2014 01 Ran by Brigitte (administrator) on BRIGITTE-PC on 31-01-2014 10:56:24 Running from C:\Users\Brigitte\Downloads Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard Internet Explorer Version 9 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forums ==================== Processes (Whitelisted) =================== (ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe (Microsoft Corporation) C:\Windows\System32\SLsvc.exe (ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe (Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe () C:\Program Files\Samsung\Samsung Recovery Solution II\WCScheduler.exe (SAMSUNG Electronics) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe (SAMSUNG Electronics co., LTD.) C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe (Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe (Agere Systems) C:\Windows\System32\agrsmsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe (APN LLC.) C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (C-Dilla Ltd) C:\Windows\System32\drivers\CDAC11BA.EXE (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) C:\Windows\ehome\ehtray.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Microsoft Corporation) C:\Windows\ehome\ehmsas.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe () C:\Program Files\CyberLink\Shared Files\RichVideo.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-12] (Avira Operations GmbH & Co. KG) HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation) HKCU\...\Run: [] - [x] HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\system32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus&rlz=1I7GZAZ_de SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus&rlz=1I7GZAZ_de BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.) Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKCU - No Name - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\ose23dg5.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll () FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1204144.dll No File FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @nokia.com/EnablerPlugin - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( ) FF Plugin: @RIM.com/WebSLLauncher,version=1.0 - C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll () FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10174.dll (Amazon.com, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np32dsw.dll (Adobe Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npOGAPlugin.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.) FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\SP_amazonde.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\SP_preispiraten_de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: WOT - C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\ose23dg5.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-01-28] FF Extension: Google Translator for Firefox - C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\ose23dg5.default\Extensions\translator@zoli.bod.xpi [2014-01-29] FF Extension: Adblock Plus - C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\ose23dg5.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-28] FF Extension: Google Settings - C:\Program Files\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com [2007-10-04] FF Extension: Google Toolbar for Firefox - C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2007-09-30] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [] ========================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376 2013-12-12] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-19] (Avira Operations GmbH & Co. KG) S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1011768 2013-12-12] (Avira Operations GmbH & Co. KG) R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-12-20] (APN LLC.) R2 C-DillaCdaC11BA; C:\Windows\system32\drivers\CDAC11BA.EXE [39936 2010-10-18] (C-Dilla Ltd) R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation) R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [171040 2007-01-08] () S3 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [x] ==================== Drivers (Whitelisted) ==================== R3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.) R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2012-01-13] () R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-12] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135648 2013-12-12] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-10] (Avira Operations GmbH & Co. KG) R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [105728 2013-09-12] (AVM Berlin) R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [13560 2013-09-19] (GFI Software) S3 GigasetGenericUSB; C:\Windows\System32\DRIVERS\GigasetGenericUSB.sys [44032 2013-04-25] (Siemens Home and Office Communication Devices GmbH & Co. KG) R2 KMDFMEMIO; C:\Windows\System32\DRIVERS\kmdfmemio.sys [13312 2007-08-07] (SAMSUNG ELECTRONICS CO., LTD.) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2012-01-13] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation) S3 NETw2v32; C:\Windows\System32\DRIVERS\NETw2v32.sys [2589184 2006-11-02] (Intel® Corporation) S3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10148480 2006-06-27] (Sonix Co. Ltd.) R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-02-24] (Avira GmbH) S1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [81232 2013-03-15] (Windows (R) 2000 DDK provider) S1 Uim_IM; C:\Windows\System32\Drivers\Uim_IM.sys [452816 2013-03-15] (Paragon) S1 Uim_Vim; C:\Windows\System32\Drivers\Uim_Vim.sys [283600 2013-03-15] (Paragon) S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x] S3 IpInIp; system32\DRIVERS\ipinip.sys [x] S0 Lbd; system32\DRIVERS\Lbd.sys [x] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x] S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [x] U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-01-31 10:56 - 2014-01-31 10:56 - 00013911 _____ C:\Users\Brigitte\Downloads\FRST.txt 2014-01-31 10:54 - 2014-01-31 10:55 - 01137152 _____ (Farbar) C:\Users\Brigitte\Downloads\FRST.exe 2014-01-29 14:50 - 2014-01-29 14:50 - 00001868 _____ C:\Users\Brigitte\Desktop\Entfernen des Avira PC Cleaners.lnk 2014-01-29 14:50 - 2014-01-29 14:50 - 00001812 _____ C:\Users\Brigitte\Desktop\Avira PC Cleaner.lnk 2014-01-29 14:49 - 2014-01-29 14:49 - 02278856 _____ C:\Users\Brigitte\Downloads\avira_pc_cleaner_de.exe 2014-01-29 07:55 - 2014-01-29 07:55 - 00000550 _____ C:\Windows\PFRO.log 2014-01-28 11:37 - 2013-12-18 21:10 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2014-01-28 11:37 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-01-28 11:37 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-01-28 11:37 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-01-28 11:35 - 2014-01-28 11:37 - 00005454 _____ C:\Windows\system32\jupdate-1.7.0_51-b13.log 2014-01-28 10:39 - 2014-01-28 10:39 - 00000000 ____D C:\Users\Brigitte\AppData\Local\Macromedia 2014-01-28 10:25 - 2014-01-28 10:25 - 00000846 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-01-28 10:25 - 2014-01-28 10:25 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2014-01-28 10:23 - 2014-01-28 10:24 - 23867560 _____ (Mozilla) C:\Users\Brigitte\Downloads\firefox_setup_26.0.exe ==================== One Month Modified Files and Folders ======= 2014-01-31 10:56 - 2014-01-31 10:56 - 00013911 _____ C:\Users\Brigitte\Downloads\FRST.txt 2014-01-31 10:56 - 2013-10-01 16:30 - 00000000 ____D C:\FRST 2014-01-31 10:55 - 2014-01-31 10:54 - 01137152 _____ (Farbar) C:\Users\Brigitte\Downloads\FRST.exe 2014-01-31 10:52 - 2013-08-27 21:19 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-01-31 09:42 - 2006-11-02 13:47 - 00003296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2014-01-31 09:42 - 2006-11-02 13:47 - 00003296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2014-01-31 08:08 - 2008-10-16 05:57 - 00000416 ____H C:\Windows\Tasks\SupBackGroundTask.job 2014-01-31 08:04 - 2012-07-23 08:18 - 01885381 _____ C:\Windows\WindowsUpdate.log 2014-01-31 07:42 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2014-01-30 10:46 - 2007-08-07 23:21 - 00000012 _____ C:\Windows\bthservsdp.dat 2014-01-30 10:46 - 2006-11-02 14:01 - 00032530 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2014-01-29 14:50 - 2014-01-29 14:50 - 00001868 _____ C:\Users\Brigitte\Desktop\Entfernen des Avira PC Cleaners.lnk 2014-01-29 14:50 - 2014-01-29 14:50 - 00001812 _____ C:\Users\Brigitte\Desktop\Avira PC Cleaner.lnk 2014-01-29 14:49 - 2014-01-29 14:49 - 02278856 _____ C:\Users\Brigitte\Downloads\avira_pc_cleaner_de.exe 2014-01-29 08:20 - 2007-12-22 18:56 - 00000000 ____D C:\Users\Brigitte\AppData\Local\Adobe 2014-01-29 08:08 - 2013-08-27 21:19 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-01-29 08:08 - 2012-01-20 14:18 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-01-29 07:55 - 2014-01-29 07:55 - 00000550 _____ C:\Windows\PFRO.log 2014-01-29 07:55 - 2007-09-30 10:42 - 00000000 ____D C:\Program Files\Google 2014-01-28 13:22 - 2007-12-05 17:45 - 00000000 ____D C:\Users\Brigitte\Documents\Unzipped 2014-01-28 11:40 - 2013-09-30 21:12 - 00000000 ____D C:\ProgramData\Oracle 2014-01-28 11:37 - 2014-01-28 11:35 - 00005454 _____ C:\Windows\system32\jupdate-1.7.0_51-b13.log 2014-01-28 11:37 - 2008-06-18 12:06 - 00000000 ____D C:\Program Files\Java 2014-01-28 10:39 - 2014-01-28 10:39 - 00000000 ____D C:\Users\Brigitte\AppData\Local\Macromedia 2014-01-28 10:31 - 2007-09-30 10:43 - 00000000 ____D C:\Users\Brigitte\AppData\Local\Google 2014-01-28 10:27 - 2007-09-30 15:46 - 00000000 ____D C:\Users\Brigitte\AppData\Roaming\Mozilla 2014-01-28 10:25 - 2014-01-28 10:25 - 00000846 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-01-28 10:25 - 2014-01-28 10:25 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2014-01-28 10:24 - 2014-01-28 10:23 - 23867560 _____ (Mozilla) C:\Users\Brigitte\Downloads\firefox_setup_26.0.exe 2014-01-28 10:24 - 2007-09-30 15:46 - 00000000 ____D C:\Program Files\Mozilla Firefox 2014-01-27 14:49 - 2010-04-11 09:57 - 00000000 ____D C:\Users\Brigitte\Documents\Brigitte 2014-01-26 14:44 - 2013-09-29 10:47 - 00000000 ____D C:\Users\Brigitte\AppData\Roaming\Skype 2014-01-17 08:20 - 2007-08-08 00:20 - 00000000 ____D C:\ProgramData\Microsoft Help 2014-01-17 08:17 - 2013-07-11 08:03 - 00000000 ____D C:\Windows\system32\MRT 2014-01-17 08:04 - 2006-11-02 11:24 - 83425928 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe 2014-01-10 13:38 - 2010-10-22 10:15 - 00000000 ____D C:\Users\Brigitte\Documents\Rechnungen-Garantie 2014-01-09 18:59 - 2009-04-21 07:03 - 00008783 _____ C:\Windows\system32\dmlg.dat 2014-01-09 14:47 - 2007-12-05 17:23 - 00000000 ____D C:\Users\Brigitte\Documents\Telekom 2014-01-09 14:35 - 2013-12-29 14:43 - 00000000 ____D C:\Users\Brigitte\AppData\Roaming\CANON INC 2014-01-09 13:47 - 2009-12-08 11:39 - 00000000 ____D C:\Users\Brigitte\AppData\Roaming\InstallShield 2014-01-09 13:46 - 2007-08-07 23:30 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2014-01-06 10:35 - 2008-11-30 13:07 - 00000000 ____D C:\Program Files\Canon 2014-01-05 12:41 - 2006-11-02 11:33 - 01718870 _____ C:\Windows\system32\PerfStringBackup.INI Files to move or delete: ==================== C:\Users\Brigitte\AppData\Roaming\desktop.ini Some content of TEMP: ==================== C:\Users\Brigitte\AppData\Local\Temp\avgnt.exe C:\Users\Brigitte\AppData\Local\Temp\_isFD13.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\system32\winlogon.exe => MD5 is legit C:\Windows\system32\wininit.exe => MD5 is legit C:\Windows\system32\svchost.exe => MD5 is legit C:\Windows\system32\services.exe => MD5 is legit C:\Windows\system32\User32.dll => MD5 is legit C:\Windows\system32\userinit.exe => MD5 is legit C:\Windows\system32\rpcss.dll => MD5 is legit C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-01-31 08:05 ==================== End Of Log ============================ --- --- --- --- --- --- --- --- --- --- --- --- Addition.txt ??? Übrigen habe ich die datei gespeicher das ich nicht wusste mit desktop ;-((( FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-01-2014 01 Ran by Brigitte (administrator) on BRIGITTE-PC on 31-01-2014 11:50:10 Running from C:\Users\Brigitte\Downloads Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard Internet Explorer Version 9 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forums ==================== Processes (Whitelisted) =================== (ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe (Microsoft Corporation) C:\Windows\System32\SLsvc.exe (ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe (Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe () C:\Program Files\Samsung\Samsung Recovery Solution II\WCScheduler.exe (SAMSUNG Electronics) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe (SAMSUNG Electronics co., LTD.) C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe (Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe (Agere Systems) C:\Windows\System32\agrsmsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe (APN LLC.) C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (C-Dilla Ltd) C:\Windows\System32\drivers\CDAC11BA.EXE (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) C:\Windows\ehome\ehtray.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Microsoft Corporation) C:\Windows\ehome\ehmsas.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe () C:\Program Files\CyberLink\Shared Files\RichVideo.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Microsoft Corporation) C:\Windows\System32\conime.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-12] (Avira Operations GmbH & Co. KG) HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation) HKCU\...\Run: [] - [x] HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\system32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus&rlz=1I7GZAZ_de SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus&rlz=1I7GZAZ_de BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.) Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKCU - No Name - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\ose23dg5.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll () FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1204144.dll No File FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @nokia.com/EnablerPlugin - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( ) FF Plugin: @RIM.com/WebSLLauncher,version=1.0 - C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll () FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10174.dll (Amazon.com, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np32dsw.dll (Adobe Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npOGAPlugin.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.) FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\SP_amazonde.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\SP_preispiraten_de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: WOT - C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\ose23dg5.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-01-28] FF Extension: Status-4-Evar - C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\ose23dg5.default\Extensions\status4evar@caligonstudios.com.xpi [2014-01-31] FF Extension: Google Translator for Firefox - C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\ose23dg5.default\Extensions\translator@zoli.bod.xpi [2014-01-29] FF Extension: Adblock Plus - C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\ose23dg5.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-28] FF Extension: Google Settings - C:\Program Files\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com [2007-10-04] FF Extension: Google Toolbar for Firefox - C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2007-09-30] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [] ========================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376 2013-12-12] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-19] (Avira Operations GmbH & Co. KG) S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1011768 2013-12-12] (Avira Operations GmbH & Co. KG) R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-12-20] (APN LLC.) R2 C-DillaCdaC11BA; C:\Windows\system32\drivers\CDAC11BA.EXE [39936 2010-10-18] (C-Dilla Ltd) R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation) R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [171040 2007-01-08] () S3 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [x] ==================== Drivers (Whitelisted) ==================== R3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.) R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2012-01-13] () R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-12] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135648 2013-12-12] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-10] (Avira Operations GmbH & Co. KG) R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [105728 2013-09-12] (AVM Berlin) R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [13560 2013-09-19] (GFI Software) S3 GigasetGenericUSB; C:\Windows\System32\DRIVERS\GigasetGenericUSB.sys [44032 2013-04-25] (Siemens Home and Office Communication Devices GmbH & Co. KG) R2 KMDFMEMIO; C:\Windows\System32\DRIVERS\kmdfmemio.sys [13312 2007-08-07] (SAMSUNG ELECTRONICS CO., LTD.) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2012-01-13] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation) S3 NETw2v32; C:\Windows\System32\DRIVERS\NETw2v32.sys [2589184 2006-11-02] (Intel® Corporation) S3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10148480 2006-06-27] (Sonix Co. Ltd.) R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-02-24] (Avira GmbH) S1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [81232 2013-03-15] (Windows (R) 2000 DDK provider) S1 Uim_IM; C:\Windows\System32\Drivers\Uim_IM.sys [452816 2013-03-15] (Paragon) S1 Uim_Vim; C:\Windows\System32\Drivers\Uim_Vim.sys [283600 2013-03-15] (Paragon) S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x] S3 IpInIp; system32\DRIVERS\ipinip.sys [x] S0 Lbd; system32\DRIVERS\Lbd.sys [x] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x] S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [x] U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-01-31 10:56 - 2014-01-31 11:50 - 00014133 _____ C:\Users\Brigitte\Downloads\FRST.txt 2014-01-31 10:54 - 2014-01-31 10:55 - 01137152 _____ (Farbar) C:\Users\Brigitte\Downloads\FRST.exe 2014-01-29 14:50 - 2014-01-29 14:50 - 00001868 _____ C:\Users\Brigitte\Desktop\Entfernen des Avira PC Cleaners.lnk 2014-01-29 14:50 - 2014-01-29 14:50 - 00001812 _____ C:\Users\Brigitte\Desktop\Avira PC Cleaner.lnk 2014-01-29 14:49 - 2014-01-29 14:49 - 02278856 _____ C:\Users\Brigitte\Downloads\avira_pc_cleaner_de.exe 2014-01-29 07:55 - 2014-01-29 07:55 - 00000550 _____ C:\Windows\PFRO.log 2014-01-28 11:37 - 2013-12-18 21:10 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2014-01-28 11:37 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-01-28 11:37 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-01-28 11:37 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-01-28 11:35 - 2014-01-28 11:37 - 00005454 _____ C:\Windows\system32\jupdate-1.7.0_51-b13.log 2014-01-28 10:39 - 2014-01-28 10:39 - 00000000 ____D C:\Users\Brigitte\AppData\Local\Macromedia 2014-01-28 10:25 - 2014-01-28 10:25 - 00000846 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-01-28 10:25 - 2014-01-28 10:25 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2014-01-28 10:23 - 2014-01-28 10:24 - 23867560 _____ (Mozilla) C:\Users\Brigitte\Downloads\firefox_setup_26.0.exe ==================== One Month Modified Files and Folders ======= 2014-01-31 11:50 - 2014-01-31 10:56 - 00014133 _____ C:\Users\Brigitte\Downloads\FRST.txt 2014-01-31 11:50 - 2013-10-01 16:30 - 00000000 ____D C:\FRST 2014-01-31 11:42 - 2006-11-02 13:47 - 00003296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2014-01-31 11:42 - 2006-11-02 13:47 - 00003296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2014-01-31 10:55 - 2014-01-31 10:54 - 01137152 _____ (Farbar) C:\Users\Brigitte\Downloads\FRST.exe 2014-01-31 10:52 - 2013-08-27 21:19 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-01-31 08:08 - 2008-10-16 05:57 - 00000416 ____H C:\Windows\Tasks\SupBackGroundTask.job 2014-01-31 08:04 - 2012-07-23 08:18 - 01887074 _____ C:\Windows\WindowsUpdate.log 2014-01-31 07:42 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2014-01-30 10:46 - 2007-08-07 23:21 - 00000012 _____ C:\Windows\bthservsdp.dat 2014-01-30 10:46 - 2006-11-02 14:01 - 00032530 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2014-01-29 14:50 - 2014-01-29 14:50 - 00001868 _____ C:\Users\Brigitte\Desktop\Entfernen des Avira PC Cleaners.lnk 2014-01-29 14:50 - 2014-01-29 14:50 - 00001812 _____ C:\Users\Brigitte\Desktop\Avira PC Cleaner.lnk 2014-01-29 14:49 - 2014-01-29 14:49 - 02278856 _____ C:\Users\Brigitte\Downloads\avira_pc_cleaner_de.exe 2014-01-29 08:20 - 2007-12-22 18:56 - 00000000 ____D C:\Users\Brigitte\AppData\Local\Adobe 2014-01-29 08:08 - 2013-08-27 21:19 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-01-29 08:08 - 2012-01-20 14:18 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-01-29 07:55 - 2014-01-29 07:55 - 00000550 _____ C:\Windows\PFRO.log 2014-01-29 07:55 - 2007-09-30 10:42 - 00000000 ____D C:\Program Files\Google 2014-01-28 13:22 - 2007-12-05 17:45 - 00000000 ____D C:\Users\Brigitte\Documents\Unzipped 2014-01-28 11:40 - 2013-09-30 21:12 - 00000000 ____D C:\ProgramData\Oracle 2014-01-28 11:37 - 2014-01-28 11:35 - 00005454 _____ C:\Windows\system32\jupdate-1.7.0_51-b13.log 2014-01-28 11:37 - 2008-06-18 12:06 - 00000000 ____D C:\Program Files\Java 2014-01-28 10:39 - 2014-01-28 10:39 - 00000000 ____D C:\Users\Brigitte\AppData\Local\Macromedia 2014-01-28 10:31 - 2007-09-30 10:43 - 00000000 ____D C:\Users\Brigitte\AppData\Local\Google 2014-01-28 10:27 - 2007-09-30 15:46 - 00000000 ____D C:\Users\Brigitte\AppData\Roaming\Mozilla 2014-01-28 10:25 - 2014-01-28 10:25 - 00000846 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-01-28 10:25 - 2014-01-28 10:25 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2014-01-28 10:24 - 2014-01-28 10:23 - 23867560 _____ (Mozilla) C:\Users\Brigitte\Downloads\firefox_setup_26.0.exe 2014-01-28 10:24 - 2007-09-30 15:46 - 00000000 ____D C:\Program Files\Mozilla Firefox 2014-01-27 14:49 - 2010-04-11 09:57 - 00000000 ____D C:\Users\Brigitte\Documents\Brigitte 2014-01-26 14:44 - 2013-09-29 10:47 - 00000000 ____D C:\Users\Brigitte\AppData\Roaming\Skype 2014-01-17 08:20 - 2007-08-08 00:20 - 00000000 ____D C:\ProgramData\Microsoft Help 2014-01-17 08:17 - 2013-07-11 08:03 - 00000000 ____D C:\Windows\system32\MRT 2014-01-17 08:04 - 2006-11-02 11:24 - 83425928 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe 2014-01-10 13:38 - 2010-10-22 10:15 - 00000000 ____D C:\Users\Brigitte\Documents\Rechnungen-Garantie 2014-01-09 18:59 - 2009-04-21 07:03 - 00008783 _____ C:\Windows\system32\dmlg.dat 2014-01-09 14:47 - 2007-12-05 17:23 - 00000000 ____D C:\Users\Brigitte\Documents\Telekom 2014-01-09 14:35 - 2013-12-29 14:43 - 00000000 ____D C:\Users\Brigitte\AppData\Roaming\CANON INC 2014-01-09 13:47 - 2009-12-08 11:39 - 00000000 ____D C:\Users\Brigitte\AppData\Roaming\InstallShield 2014-01-09 13:46 - 2007-08-07 23:30 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2014-01-06 10:35 - 2008-11-30 13:07 - 00000000 ____D C:\Program Files\Canon 2014-01-05 12:41 - 2006-11-02 11:33 - 01718870 _____ C:\Windows\system32\PerfStringBackup.INI Files to move or delete: ==================== C:\Users\Brigitte\AppData\Roaming\desktop.ini Some content of TEMP: ==================== C:\Users\Brigitte\AppData\Local\Temp\avgnt.exe C:\Users\Brigitte\AppData\Local\Temp\_isFD13.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\system32\winlogon.exe => MD5 is legit C:\Windows\system32\wininit.exe => MD5 is legit C:\Windows\system32\svchost.exe => MD5 is legit C:\Windows\system32\services.exe => MD5 is legit C:\Windows\system32\User32.dll => MD5 is legit C:\Windows\system32\userinit.exe => MD5 is legit C:\Windows\system32\rpcss.dll => MD5 is legit C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-01-31 08:05 ==================== End Of Log ============================ --- --- --- |
01.02.2014, 09:27 | #4 |
Ruhe in Frieden † 2019 | BSI test positiv Hallo Brigitteg, ich sehe auf deinem PC nichts Schädliches. Wenn deine Emailadresse auf der Liste steht, heißt das ja noch lange nicht, dass dein Rechner mit Schadsoftware befallen ist. Deine Emailadresse wird auch weiterhin als positiv gemeldet werden, weil sie eben in dieser Liste steht und der Abgleich jedesmal zu einem Treffer führt. Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter SearchScopes: HKLM - DefaultScope value is missing. C:\Users\Brigitte\AppData\Roaming\desktop.ini Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 Downloade Dir bitte Malwarebytes Anti-Malware
Schritt 3 Starte noch einmal FRST.
|
01.02.2014, 10:38 | #5 |
| BSI test positiv Guten morgen Sandra erst fixlog Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 29-01-2014 01 Ran by Brigitte at 2014-02-01 10:13:10 Run:1 Running from C:\Users\Brigitte\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** SearchScopes: HKLM - DefaultScope value is missing. C:\Users\Brigitte\AppData\Roaming\desktop.ini ***************** HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. C:\Users\Brigitte\AppData\Roaming\desktop.ini => Moved successfully. ==== End of Fixlog ==== Malwarebytes anti malware habe ich als pro version am Computer, läuft jeder Morgen ;-)) Code:
ATTFilter Malwarebytes Anti-Malware (PRO) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.02.01.03 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Brigitte :: BRIGITTE-PC [limitiert] Schutz: Aktiviert 01.02.2014 10:18:13 mbam-log-2014-02-01 (10-18-13).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 225785 Laufzeit: 15 Minute(n), 35 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 29-01-2014 01 Ran by Brigitte at 2014-02-01 10:36:22 Running from C:\Users\Brigitte\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) (Version: - Microsoft) 2007 Microsoft Office system (Version: 12.0.6612.1000 - Microsoft Corporation) ABBYY FineReader 5.0 Sprint (Version: 5.0.0.3347 - ABBYY Software House) ABBYY FineReader 6.0 (Version: 6.0.759.29410 - ABBYY Software House) Activation Assistant for the 2007 Microsoft Office suites (Version: - Microsoft Corporation) Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden Adobe Flash Player 11 ActiveX (Version: 11.9.900.170 - Adobe Systems Incorporated) Adobe Flash Player 12 Plugin (Version: 12.0.0.43 - Adobe Systems Incorporated) Adobe Reader X (10.1.8) - Deutsch (Version: 10.1.8 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (Version: 12.0.4.144 - Adobe Systems, Inc.) Agere Systems HDA Modem (Version: - Agere Systems) Amazon MP3-Downloader 1.0.17 (Version: 1.0.17 - Amazon Services LLC) AMD Catalyst Install Manager (Version: 8.0.911.0 - Advanced Micro Devices, Inc.) Apple Application Support (Version: 2.3.6 - Apple Inc.) Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.) Apple Software Update (Version: 2.1.3.127 - Apple Inc.) Atheros WLAN Client (Version: 1.00.000 - ) Avira Free Antivirus (Version: 14.0.2.286 - Avira) Avira SearchFree Toolbar (Version: 12.10.0.2949 - APN, LLC) AVStation Now (Version: 4.0.10.6 - Ihr Firmenname) AVStation Now (Version: 4.0.10.6 - Ihr Firmenname) Hidden BlackBerry Desktop Software 5.0.1 (Version: 5.0.1.37 - Research in Motion Ltd.) BlackBerry Desktop Software 5.0.1 (Version: 5.0.1.37 - Research in Motion Ltd.) Hidden BlackBerry Device Software Updater (Version: 7.1.0.34 - Research In Motion Ltd) BlackBerry® Media Sync (Version: 3.0.0.39 - Research In Motion) Bonjour (Version: 3.0.0.10 - Apple Inc.) Canon Easy-PhotoPrint EX (Version: - ) Canon Easy-WebPrint EX (Version: - ) Canon IJ Network Scanner Selector EX (Version: - ) Canon IJ Network Tool (Version: 3.1.1 - Canon Inc.) Canon MG5300 series Benutzerregistrierung (Version: - ) Canon MG5300 series MP Drivers (Version: - Canon Inc.) Canon MG5300 series On-screen Manual (Version: - ) Canon MP Navigator EX 5.0 (Version: - ) Canon My Printer (Version: - ) Canon Solution Menu EX (Version: - ) Canon Utilities Digital Photo Professional (Version: 3.12.10.2 - Canon Inc.) Canon Utilities ImageBrowser EX (Version: 1.4.0.5 - Canon Inc.) Canon Utilities PhotoStitch (Version: 3.1.23.47 - Canon Inc.) Catalyst Control Center Core Implementation (Version: 2007.0730.2152.37233 - ATI) Hidden Catalyst Control Center Graphics Full Existing (Version: 2007.0730.2152.37233 - ATI) Hidden Catalyst Control Center Graphics Full New (Version: 2007.0730.2152.37233 - ATI) Hidden Catalyst Control Center Graphics Light (Version: 2007.0730.2152.37233 - ATI) Hidden Catalyst Control Center Graphics Previews Vista (Version: 2007.0730.2152.37233 - ATI) Hidden Catalyst Control Center Localization Chinese Standard (Version: 2007.0730.2152.37233 - ATI) Hidden Catalyst Control Center Localization Chinese Traditional (Version: 2007.0730.2152.37233 - ATI) Hidden Catalyst Control Center Localization Czech (Version: 2007.0730.2152.37233 - ATI) Hidden Catalyst Control Center Localization Danish (Version: 2007.0730.2152.37233 - ATI) Hidden Catalyst Control Center Localization Dutch (Version: 2007.0730.2152.37233 - ATI) Hidden Catalyst Control Center Localization Finnish (Version: 2007.0730.2152.37233 - ATI) Hidden Catalyst Control Center Localization French (Version: 2007.0730.2152.37233 - ATI) Hidden Catalyst Control Center Localization German (Version: 2007.0730.2152.37233 - ATI) Hidden Catalyst Control Center Localization Greek (Version: 2007.0730.2152.37233 - ATI) Hidden Catalyst Control Center Localization Hungarian (Version: 2007.0730.2152.37233 - ATI) Hidden Catalyst Control Center Localization Italian (Version: 2007.0730.2152.37233 - ATI) Hidden Catalyst Control Center Localization Japanese (Version: 2007.0730.2152.37233 - ATI) Hidden Catalyst Control Center Localization Korean (Version: 2007.0730.2152.37233 - ATI) Hidden Catalyst Control Center Localization Norwegian (Version: 2007.0730.2152.37233 - ATI) Hidden Catalyst Control Center Localization Polish (Version: 2007.0730.2152.37233 - ATI) Hidden Catalyst Control Center Localization Portuguese (Version: 2007.0730.2152.37233 - ATI) Hidden Catalyst Control Center Localization Russian (Version: 2007.0730.2152.37233 - ATI) Hidden Catalyst Control Center Localization Spanish (Version: 2007.0730.2152.37233 - ATI) Hidden Catalyst Control Center Localization Swedish (Version: 2007.0730.2152.37233 - ATI) Hidden Catalyst Control Center Localization Thai (Version: 2007.0730.2152.37233 - ATI) Hidden Catalyst Control Center Localization Turkish (Version: 2007.0730.2152.37233 - ATI) Hidden CCC Help Chinese Standard (Version: 2007.0730.2151.37233 - ATI) Hidden CCC Help Chinese Traditional (Version: 2007.0730.2151.37233 - ATI) Hidden CCC Help Czech (Version: 2007.0730.2151.37233 - ATI) Hidden CCC Help Danish (Version: 2007.0730.2151.37233 - ATI) Hidden CCC Help Dutch (Version: 2007.0730.2151.37233 - ATI) Hidden CCC Help English (Version: 2007.0730.2151.37233 - ATI) Hidden CCC Help Finnish (Version: 2007.0730.2151.37233 - ATI) Hidden CCC Help French (Version: 2007.0730.2151.37233 - ATI) Hidden CCC Help German (Version: 2007.0730.2151.37233 - ATI) Hidden CCC Help Greek (Version: 2007.0730.2151.37233 - ATI) Hidden CCC Help Hungarian (Version: 2007.0730.2151.37233 - ATI) Hidden CCC Help Italian (Version: 2007.0730.2151.37233 - ATI) Hidden CCC Help Japanese (Version: 2007.0730.2151.37233 - ATI) Hidden CCC Help Korean (Version: 2007.0730.2151.37233 - ATI) Hidden CCC Help Norwegian (Version: 2007.0730.2151.37233 - ATI) Hidden CCC Help Polish (Version: 2007.0730.2151.37233 - ATI) Hidden CCC Help Portuguese (Version: 2007.0730.2151.37233 - ATI) Hidden CCC Help Russian (Version: 2007.0730.2151.37233 - ATI) Hidden CCC Help Spanish (Version: 2007.0730.2151.37233 - ATI) Hidden CCC Help Swedish (Version: 2007.0730.2151.37233 - ATI) Hidden CCC Help Thai (Version: 2007.0730.2151.37233 - ATI) Hidden CCC Help Turkish (Version: 2007.0730.2151.37233 - ATI) Hidden ccc-core-static (Version: 2007.0730.2152.37233 - Ihr Firmenname) Hidden ccc-utility (Version: 2007.0730.2152.37233 - ATI) Hidden CCleaner (Version: 4.06 - Piriform) CDex - Open Source Digital Audio CD Extractor (Version: 1.70.4.2009 - Georgy Berdyshev) CD-LabelPrint (Version: - ) Dokumentation zu Microsoft Office Communicator 2007-Richtlinien (Version: 3.0.6362.0 - Microsoft Corporation) DVD Suite (Version: 5.0.1603 - CyberLink Corporation) Easy Battery Manager (Version: 3.2.1.1 - ) Easy Display Manager (Version: 2.0.0.0 - Samsung) Easy Network Manager 3.0 (Version: 3.0.0.0 - Ihr Firmenname) Easy Network Manager 3.0 (Version: 3.0.0.0 - Ihr Firmenname) Hidden Easy SpeedUp Manager (Version: 2.0.0.11 - ) ElsterFormular (Version: 14.1.20130301 - Landesfinanzdirektion Thüringen) Free WMA to MP3 Converter 1.16 (Version: - Jodix Technologies Ltd.) Free YouTube Download version 3.2.9.725 (Version: 3.2.9.725 - DVDVideoSoft Ltd.) Free YouTube to iPhone Converter version 2.12.9.725 (Version: 2.12.9.725 - DVDVideoSoft Ltd.) FRITZ!Box USB-Fernanschluss (HKCU Version: 2.3.1.0 - AVM Berlin) FUJIdirekt Bestellsoftware 5.1 (Version: - ) Gigaset QuickSync (Version: 8.3.0868.3 - Gigaset Communications GmbH) imagine digital freedom - Samsung (Version: 1.0.2.0 - Samsung Electronics Co., LTD) IrfanView (remove only) (Version: 4.36 - Irfan Skiljan) iTunes (Version: 11.1.3.8 - Apple Inc.) Java 7 Update 51 (Version: 7.0.510 - Oracle) Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden Junk Mail filter update (Version: 14.0.8117.416 - Microsoft Corporation) Hidden Kyodai Mahjongg 2006 v1.42 (Version: - Rene-Gilles Deberdt) LSI HDA Modem (Version: 2.2.97 - LSI Corporation) MagicBerry for Blackberry version 3.5 (Version: 3.5 - Mena Step Innovative Solutions (Ashraf Awwad)) Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300 - Malwarebytes Corporation) Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (Version: - Microsoft Corporation) Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden Microsoft .NET Framework 3.5 SP1 (Version: - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden Microsoft Office 2003 Web Components (Version: 11.0.8003.0 - Microsoft Corporation) Microsoft Office 2007 Primary Interop Assemblies (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Communicator 2007 (Version: 2.0.6362.0 - Microsoft Corporation) Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office File Validation Add-In (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Professional Hybrid 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Small Business Connectivity Components (Version: 2.0.7024.0 - Microsoft Corporation) Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation) Microsoft SOAP Toolkit 2.0 SP2 (Version: 623.1 - Microsoft Corporation) Microsoft SQL Server 2005 (Version: - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (Version: 9.4.5000.00 - Microsoft Corporation) Hidden Microsoft SQL Server Native Client (Version: 9.00.5000.00 - Microsoft Corporation) Microsoft SQL Server VSS Writer (Version: 9.00.5000.00 - Microsoft Corporation) Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0 - Microsoft Corporation) Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation) Microsoft XML Parser (Version: 8.70.1104.04 - Microsoft Corporation) Hidden Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1 - Nokia) Hidden MobileMe Control Panel (Version: 2.1.1.13 - Apple Inc.) Mozilla Firefox 26.0 (x86 de) (Version: 26.0 - Mozilla) Mozilla Maintenance Service (Version: 26.0 - Mozilla) MSVC80_x86 (Version: 1.0.1.0 - Nokia) Hidden MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation) Nero 8 Demo (Version: 8.10.214 - Nero AG) neroxml (Version: 1.0.0 - Nero AG) Hidden Nokia Connectivity Cable Driver (Version: 7.1.92.0 - Nokia) Nokia Suite (Version: 3.6.36.0 - Nokia) Nokia Suite (Version: 3.6.36.0 - Nokia) Hidden NVIDIA GAME System Software 2.8.1 (Version: 2.8.1 - NVIDIA Corporation) OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden OpenOffice.org Installer 1.0 (Version: 1.0.9221 - Sun Microsystems) PC Connectivity Solution (Version: 12.0.48.0 - Nokia) Personal Backup 5.4 (Version: 5.3 - J. Rathlev) PhotoDose 5.1 (Version: - ) PhotoScape (Version: - ) Play AVStation (Version: 4.1.20.46 - Ihr Firmenname) Play AVStation (Version: 4.1.20.46 - Ihr Firmenname) Hidden PowerDVD (Version: 7.0.2802.0 - CyberLink Corporation) QuickTime (Version: 7.74.80.86 - Apple Inc.) Realtek High Definition Audio Driver (Version: 6.0.1.5659 - Realtek Semiconductor Corp.) Recuva (Version: 1.47 - Piriform) Roxio Media Manager (Version: 9.4.067 - Roxio) Hidden Safari (Version: 5.34.57.2 - Apple Inc.) Samsung Magic Doctor (Version: 5.00 - ) Samsung Recovery Solution II (Version: 2.0 - Samsung) Samsung Update Plus (Version: 2.0 - Samsung Electronics Co., LTD) Samsung Update Plus (Version: 2.0 - Samsung Electronics Co., LTD) Hidden Sherlock Holmes jagt Jack the Ripper (Version: 1.00.0777 - Frogwares) Skins (Version: 2007.0730.2152.37233 - ATI) Hidden Skype™ 6.7 (Version: 6.7.102 - Skype Technologies S.A.) Slim310NB (Version: 5.16.1.300 - KYE) swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (Version: 9.1.22.0 - Synaptics) Unlocker 1.9.1 (Version: 1.9.1 - Cedrick Collomb) Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (Version: 9.00.5000.00 - Microsoft Corporation) Update for 2007 Microsoft Office System (KB967642) (Version: - Microsoft) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (Version: 3 - Microsoft Corporation) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (Version: - Microsoft) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (Version: - Microsoft) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (Version: - Microsoft) Update für Microsoft Office Excel 2007 Help (KB963678) (Version: - Microsoft) Update für Microsoft Office Outlook 2007 Help (KB963677) (Version: - Microsoft) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (Version: - Microsoft) Update für Microsoft Office Word 2007 Help (KB963665) (Version: - Microsoft) User Guide (Version: 1.0 - ) VCRedistSetup (Version: 1.0.0 - Nero AG) Hidden Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729 - Microsoft Corporation) Hidden Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01 - Microsoft Corporation) VLC media player 2.0.8 (Version: 2.0.8 - VideoLAN) WIDCOMM Bluetooth Software 6.0.1.5000 (Version: 6.0.1.5000 - WIDCOMM, Inc.) Windows Live Communications Platform (Version: 14.0.8117.416 - Microsoft Corporation) Hidden Windows Live Essentials (Version: 14.0.8117.0416 - Microsoft Corporation) Windows Live Essentials (Version: 14.0.8117.416 - Microsoft Corporation) Hidden Windows Live Fotogalerie (Version: 14.0.8117.416 - Microsoft Corporation) Hidden Windows Live Mail (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden Windows Live Writer (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden Windows Live-Uploadtool (Version: 14.0.8014.1029 - Microsoft Corporation) Windows Media Player Firefox Plugin (Version: 1.0.0.8 - Microsoft Corp) Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0 - Nokia) WinZip (Version: 11.0 (7347g) - WinZip Computing LP) ==================== Restore Points ========================= 21-01-2014 06:43:10 Windows Update 22-01-2014 14:36:38 Geplanter Prüfpunkt 23-01-2014 08:17:08 Geplanter Prüfpunkt 24-01-2014 07:03:16 Windows Update 28-01-2014 07:51:52 Windows Update 28-01-2014 10:34:06 Installed Java 7 Update 51 30-01-2014 08:14:38 Geplanter Prüfpunkt ==================== Hosts content: ========================== 2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM Task: {21B3A717-1472-4723-9C6D-86A4C91E2260} - System32\Tasks\SupBackGroundTask => C:\Program Files\Samsung\Samsung Update Plus\SUPBackGround.exe [2010-04-20] () Task: {2E73D919-5704-48F5-BD45-2DA050634DD6} - System32\Tasks\advSRSII => C:\Program Files\Samsung\Samsung Recovery Solution II\WCScheduler.exe [2007-04-04] () Task: {36CC60E7-F073-45B7-92D3-2D0FCA4284BD} - System32\Tasks\SamsungMagicDoctor => C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe [2007-04-26] (Samsung Electronics Co., Ltd.) Task: {37EEFB0D-210F-4FB3-A6F7-14106AAFEAEF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-29] (Adobe Systems Incorporated) Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation) Task: {678BFEA2-0A29-46AA-9EB9-9802BD48E510} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-09-19] (Piriform Ltd) Task: {80AF346F-AA8E-4BBC-8A2E-87C003976B06} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [2007-06-01] (SAMSUNG Electronics) Task: {8256809C-BE6E-4F92-B919-7FF62FD83B20} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation) Task: {9DBC4E1A-1A47-4365-985F-7EE43499F7AB} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe [2007-06-29] (SAMSUNG Electronics co., LTD.) Task: {DD2B15F8-372B-4139-A62F-2544A4383927} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] () Task: {E90E0C26-3D38-4B64-893D-954ADAFB7503} - System32\Tasks\EasySpeedUpManager => C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2007-04-24] (Samsung Electronics Co., Ltd.) Task: {EFACF2F1-DA3B-4428-8F01-192221D8074D} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3801056569-3724766084-3036744875-1003 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe Task: {F28FA356-6A6F-4CC3-931C-E7555E8CE672} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup Task: {F8F4B8BB-1BAE-4D8E-840E-158703022361} - System32\Tasks\Microsoft\Windows\RestartManager\{F0099369-5385-435d-98A4-7EB320CE2F35} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\SupBackGroundTask.job => C:\Program Files\Samsung\Samsung Update Plus\SUPBackGround.exe ==================== Loaded Modules (whitelisted) ============= 2013-02-24 13:05 - 2013-10-10 19:14 - 00394824 _____ () C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll 2010-07-04 22:32 - 2010-07-04 22:32 - 00010752 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll 2007-08-07 06:06 - 2007-08-07 01:31 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll 2007-08-08 00:17 - 2006-08-12 04:48 - 00049152 _____ () C:\Program Files\Samsung\Samsung Magic Doctor\HookDllPS2.dll 2007-08-07 23:50 - 2006-08-12 04:48 - 00049152 _____ () C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll 2007-08-07 23:50 - 2006-09-19 01:52 - 00028672 _____ () C:\Program Files\Samsung\Easy Display Manager\WinMove.dll 2007-08-07 23:54 - 2007-02-23 10:32 - 00065536 _____ () C:\Program Files\Samsung\EBM\ChkSec.dll 2007-08-07 23:55 - 2006-08-12 04:48 - 00049152 _____ () C:\Program Files\SAMSUNG\EasySpeedUpManager\HookDllPS2.dll 2011-09-27 06:23 - 2011-09-27 06:23 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2011-09-27 06:22 - 2011-09-27 06:22 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2009-02-26 13:46 - 2009-02-26 13:46 - 00064344 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\ColleagueImport.dll 2011-06-22 11:46 - 2011-06-22 11:46 - 00434016 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll 2013-07-10 17:07 - 2013-07-10 17:07 - 00756888 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL 2014-01-28 10:24 - 2013-12-05 20:36 - 03559024 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (01/31/2014 04:00:15 PM) (Source: EventSystem) (User: ) Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000} Error: (01/31/2014 02:46:13 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 2176198 Error: (01/31/2014 02:46:13 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 2176198 Error: (01/31/2014 02:46:13 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (01/31/2014 00:37:54 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 2368314 Error: (01/31/2014 00:37:54 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 2368314 Error: (01/31/2014 00:37:53 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (01/31/2014 09:12:27 AM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 15554 Error: (01/31/2014 09:12:27 AM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 15554 Error: (01/31/2014 09:12:27 AM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second System errors: ============= Error: (02/01/2014 08:27:10 AM) (Source: Service Control Manager) (User: ) Description: Lbd SBRE UimBus Uim_IM Uim_Vim Error: (02/01/2014 08:25:34 AM) (Source: Service Control Manager) (User: ) Description: 30000Roxio Hard Drive Watcher 9 Error: (02/01/2014 08:25:34 AM) (Source: Service Control Manager) (User: ) Description: Parallel port driver%%1058 Error: (02/01/2014 08:23:53 AM) (Source: atikmdag) (User: ) Description: Unknown EDID version Error: (01/31/2014 05:32:01 PM) (Source: DCOM) (User: ) Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} Error: (01/31/2014 04:29:20 PM) (Source: Service Control Manager) (User: ) Description: Lbd SBRE UimBus Uim_IM Uim_Vim Error: (01/31/2014 04:27:52 PM) (Source: Service Control Manager) (User: ) Description: 30000Roxio Hard Drive Watcher 9 Error: (01/31/2014 04:27:52 PM) (Source: Service Control Manager) (User: ) Description: Parallel port driver%%1058 Error: (01/31/2014 04:26:13 PM) (Source: atikmdag) (User: ) Description: Unknown EDID version Error: (01/31/2014 04:00:12 PM) (Source: DCOM) (User: ) Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} Microsoft Office Sessions: ========================= Error: (01/07/2013 08:47:32 AM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 34 seconds with 0 seconds of active time. This session ended with a crash. Error: (09/29/2012 01:29:53 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 20 seconds with 0 seconds of active time. This session ended with a crash. Error: (09/11/2012 11:55:54 AM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6661.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 38 seconds with 0 seconds of active time. This session ended with a crash. Error: (07/10/2011 11:51:21 AM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 126 seconds with 60 seconds of active time. This session ended with a crash. Error: (02/02/2011 10:47:29 AM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 7341 seconds with 420 seconds of active time. This session ended with a crash. Error: (10/22/2010 09:42:52 AM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3035 seconds with 2340 seconds of active time. This session ended with a crash. Error: (07/22/2010 06:26:30 AM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 485 seconds with 300 seconds of active time. This session ended with a crash. Error: (02/07/2010 00:08:57 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 6492 seconds with 480 seconds of active time. This session ended with a crash. Error: (01/22/2010 06:42:50 AM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 690 seconds with 60 seconds of active time. This session ended with a crash. Error: (01/11/2010 03:04:36 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4642 seconds with 720 seconds of active time. This session ended with a crash. CodeIntegrity Errors: =================================== Date: 2014-02-01 10:26:47.876 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-02-01 10:26:47.470 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-02-01 10:26:47.049 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-02-01 10:26:46.581 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-31 08:45:06.406 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-31 08:45:06.001 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-31 08:45:05.595 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-31 08:45:05.143 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-29 08:42:07.815 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-29 08:42:07.440 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Memory info =========================== Percentage of memory in use: 58% Total physical RAM: 2045.45 MB Available physical RAM: 849.91 MB Total Pagefile: 4336.18 MB Available Pagefile: 2611.96 MB Total Virtual: 2047.88 MB Available Virtual: 1912.43 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:107.31 GB) (Free:30.03 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: () (Fixed) (Total:69 GB) (Free:24.6 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 186 GB) (Disk ID: E39F5DBD) Partition 1: (Not Active) - (Size=10 GB) - (Type=27) Partition 2: (Active) - (Size=107 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=69 GB) - (Type=07 NTFS) ==================== End Of Log ============================ ==================== End Of Log ============================[/CODE] --- --- --- Ich hoffe das ich alles richtig gemacht habe.... |
02.02.2014, 00:00 | #6 | |
Ruhe in Frieden † 2019 | BSI test positiv Hallo Brigitteg, Zitat:
>OK< So wie ich es sehe, haben wir damit alles Schadhafte entfernt. Deine Logs sind sauber. Abschließend räumen wir noch etwas auf, führen Updates durch und dann bekommst du noch etwas Lesestoff von mir. Schritt 1 Downloade dir bitte delfix auf deinen Desktop.
Updates / Programme aktualisieren
Stelle sicher, dass dein FlashPlayer nach Updates sucht. Den FlashPlayer kann man direkt bei der Installation so konfigurieren, dass er nach Updates automatisch sucht, nachträglich kann man das über folgenden Link machen: Adobe - Flash Player: Einstellungsmanager - Globale Benachrichtigungseinstellungen Nun zum Schluss noch ein paar Tipps zur Absicherung deines Systems. Aktualität des Systems Es ist extrem wichtig, dass sowohl dein System als auch die darauf installierte sicherheitsrelevante Software (Flash Player, PDF-Reader und besonders Java, sofern vorhanden) aktuell sind.
Antivirensoftware
Zusätzlicher Schutz
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der Internet Explorer, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Systemleistung Lösche regelmäßig deine temporären Dateien. Ich empfehle hierzu TFC Halte dich fern von jeglichen Registry Cleanern. Diese schaden deinem System mehr als dass sie es schneller machen. Verhaltensregeln zum sichereren Surfen
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann. Falls Du Lob oder Kritik abgeben möchtest, kannst Du das sehr gerne hier tun. Wenn Du etwas für das Forum und unsere Arbeit spenden möchtest, so kannst Du das hier tun.
__________________ --> BSI test positiv |
02.02.2014, 10:16 | #7 |
| BSI test positiv Hallo Sandra, Ich habe Adobe flash Player 11 Active X und Adobe Flash Player 12 Plugin, soll ich beide entfernen? Ich benutze sowieso nur Firefox, Habe schon Abdock plus und no script hatte ich aber komme nicht so gut damit klar ;-((( Sollte ich explorer entfernen? Grüße Brigitte Und ich habe CCleaner??? und noch.... ich habe jetzt die Adobe reader 10.1.4.38 und firefox möchte aktualisierung , warum ??? |
02.02.2014, 11:22 | #8 | |||
Ruhe in Frieden † 2019 | BSI test positiv Hallo Brigitteg, Zitat:
Zitat:
Zitat:
|
02.02.2014, 14:07 | #9 |
| BSI test positiv Hallo Sandra, ich schon wieder ;-(( Ich habe TFC gestartet,,ist eng geblieben,Danach war mein Desktop jedoch verschwunden und kam und kam auch nicht wieder, sodass ich einen Neustart gemacht habe. Danach hatte ich zwei Icons auf meinem Desktop (desktop.ini). Kann ich sie löschen... Grüße |
02.02.2014, 22:12 | #10 | |
Ruhe in Frieden † 2019 | BSI test positiv Hallo Brigitte, Zitat:
Diese Dateien sind normalerweise nicht sichtbar. Um das wieder zu ändern mache bitte folgendes: Schritt 1 Drücke gleichzeitig die Windows und die E Taste --> gehe dann oben auf den Reiter Extras --> wähle Ordneroptionen --> wähle Ansicht --> Erweiterte Einstellungen
|
04.02.2014, 13:25 | #11 |
| BSI test positiv Danke ;-))) Grüße Brigitte |
Themen zu BSI test positiv |
getestet, ordnung, passwörter, schadsoftware, test, was tun |