| |
| |||||||
Log-Analyse und Auswertung: Windows Vista funktioniert nicht mehrWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
07.05.2014, 13:40
| #1 |
 |  Windows Vista funktioniert nicht mehr Hallo, meine Eltern besitzen einen Windows Vista PC. Vor einigen Tagen schaltete sich Firewall und McAfee aus und der PC war total langsam. Nun geht aber gar nichts mehr, der PC benötigt 5 Minuten zum hochfahren und es lassen sich keine Programme mehr öffnen selbst der Task Manager braucht 10 Min. um sich zu öffen. Die CPU-Auslastung liegt durchgehend bei 100%. Ich versuchte über einen USB Stick Malwarebytes zu installieren aber auch erfolglos. Ich hoffe ihr könnt mir helfen und danke im vorraus! Lg Philipp Schmid |
|
07.05.2014, 13:42
| #2 |
| /// TB-Ausbilder /// Anleitungs-Guru  | Windows Vista funktioniert nicht mehr Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das... 
 Hinweise: Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Dir jemand vom Team sagt, dass Du clean  bist.Bitte beachte, dass alle meine Antworten zuerst von einem Ausbilder freigegeben werden müssen, bevor ich diese hier posten darf. Das dauert dann zwar ein paar Stunden länger, garantiert aber, dass Du kompetente Hilfe und geprüfte Antworten bekommst. Siehe hier... Ich bedanke mich für Deine Geduld! 
__________________ |
|
07.05.2014, 13:51
| #3 |
| | Windows Vista funktioniert nicht mehr Hallo,
__________________danke schonmal das du mir helfen willst! Ich bin mit meinem Latein am Ende.. Erste Schritte? lg philipp schmid |
|
07.05.2014, 13:52
| #4 |
| /// TB-Ausbilder /// Anleitungs-Guru | Windows Vista funktioniert nicht mehr Werden gepostet sobald vom Ausbilder freigegeben... 
__________________ Gruß deeprybka  Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
07.05.2014, 17:25
| #5 |
| /// TB-Ausbilder /// Anleitungs-Guru | Windows Vista funktioniert nicht mehr Hallo, um das System genauer untersuchen zu können benötigen wir Logs. Scan mit Farbar's Recovery Scan Tool (Recovery Mode - Windows Vista, 7, 8) Hinweise für Windows 8-Nutzer: Anleitung 1 (FRST-Variante) und Anleitung 2 (zweiter Teil)
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
07.05.2014, 17:53
| #6 |
| | Windows Vista funktioniert nicht mehr Nun hab ich ein kleines Problem. Der Laptop ist schon etwas älter und wir haben keine CD mehr. und über den Boot Manager benötige ich ein Passwort das weder ich noch meine Eltern noch wissen. Bin total ratlos. lg |
|
07.05.2014, 18:01
| #7 | |
| /// TB-Ausbilder /// Anleitungs-Guru | Windows Vista funktioniert nicht mehrZitat:
In dieses Menü kommst Du wie in der Anleitung beschrieben mit F8. Dann Computer reparieren auswählen. Funktioniert das nicht?
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
07.05.2014, 18:04
| #8 |
| | Windows Vista funktioniert nicht mehr Doch. Wie in der bebilderten Anleitung.. das Administratorenpasswort. lg |
|
07.05.2014, 18:08
| #9 |
| /// TB-Ausbilder /// Anleitungs-Guru | Windows Vista funktioniert nicht mehr Wurde eines vergeben? Sonst einfach mal Enter drücken.... Wenn Du normal bootest, in welchem Konto hattest denn dann die Symptomatik festgestellt? Ist das nicht das Admin-Konto gewesen?
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
07.05.2014, 18:18
| #10 |
| | Windows Vista funktioniert nicht mehr Es wurde kein Passwort vergeben mit Enter hats funktioniert. hier der Logfile der 32 bit Versionen: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:07-05-2014 Ran by SYSTEM on MINWINPC on 07-05-2014 19:13:30 Running from G:\ Windows Vista (TM) Home Premium Service Pack 1 (X86) OS Language: English(US) Internet Explorer Version 8 Boot Mode: Recovery The current controlset is ControlSet001 ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log. ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-20] (Microsoft Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4911104 2008-01-29] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416 2007-12-06] (Synaptics, Inc.) HKLM\...\Run: [NDSTray.exe] => NDSTray.exe HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [431456 2008-01-17] (TOSHIBA Corporation) HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [54608 2007-10-31] (TOSHIBA Corporation) HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [509816 2008-01-25] (TOSHIBA Corporation) HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [712704 2008-01-22] (TOSHIBA Corporation) HKLM\...\Run: [EPSON Stylus DX4200 Series] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE [98304 2005-03-07] (SEIKO EPSON CORPORATION) HKLM\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [517392 2014-01-27] (McAfee, Inc.) HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2007-11-20] (Realtek Semiconductor Corp.) HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-03-12] (Hewlett-Packard) HKLM\...\Run: [] => [X] HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [40368 2011-08-30] (Adobe Systems Incorporated) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-03-29] (Adobe Systems Incorporated) HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.) HKLM\...\Run: [ConnectionCenter] => C:\Program Files\Citrix\ICA Client\concentr.exe [309184 2012-03-27] (Citrix Systems, Inc.) HKLM\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [517392 2014-01-27] (McAfee, Inc.) HKU\Default\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\Default\...\Run: [TOSCDSPD] => C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [430080 2008-01-29] () HKU\Default User\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\Default User\...\Run: [TOSCDSPD] => C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [430080 2008-01-29] () HKU\Schmid\...\Run: [TOSCDSPD] => TOSCDSPD.EXE HKU\Schmid\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-12-28] (Google Inc.) HKU\Schmid\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-20] (Microsoft Corporation) HKU\Schmid\...\Run: [ICQ] => "C:\Program Files\ICQ7.4\ICQ.exe" silent loginmode=4 HKU\Schmid\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\Schmid\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] () HKU\Schmid\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-20] (Microsoft Corporation) Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) Startup: C:\Users\Schmid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe () ========================== Services (Whitelisted) ================= S2 ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960 2007-12-25] (TOSHIBA CORPORATION) S2 DCService.exe; C:\ProgramData\DatacardService\DCService.exe [229376 2010-05-08] () S3 FirebirdServerMAGIXInstance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®) S2 HomeNetSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.) S2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) S2 McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [118264 2014-03-24] (McAfee, Inc.) S2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [145568 2014-01-27] (McAfee, Inc.) S2 McMPFSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.) S2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.) S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [471592 2013-08-02] (McAfee, Inc.) S2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.) S2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.) S2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [644088 2014-01-20] (McAfee, Inc.) S2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [169800 2014-03-17] (McAfee, Inc.) S2 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [175480 2014-03-17] (McAfee, Inc.) S2 MSK80Service; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.) S2 TOSHIBA SMART Log Service; c:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [126976 2007-12-03] (TOSHIBA Corporation) S2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.) ==================== Drivers (Whitelisted) ==================== S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [61400 2014-03-17] (McAfee, Inc.) S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [147912 2013-09-23] (McAfee, Inc.) S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation) S3 MBAMSwissArmy; C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2014-05-07] (Malwarebytes Corporation) S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [134600 2014-03-17] (McAfee, Inc.) S3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [236480 2014-03-17] (McAfee, Inc.) S3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [66408 2014-03-17] (McAfee, Inc.) S3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [367776 2014-03-17] (McAfee, Inc.) S0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [573968 2014-03-17] (McAfee, Inc.) S3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [330248 2014-01-20] (McAfee, Inc.) S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [81264 2014-01-20] (McAfee, Inc.) S0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [214856 2014-03-17] (McAfee, Inc.) S3 IpInIp; system32\DRIVERS\ipinip.sys [X] S3 LVRS; system32\DRIVERS\lvrs.sys [X] S3 LVUSBSta; system32\drivers\LVUSBSta.sys [X] S3 netr73; system32\DRIVERS\WUSB54GCx86.sys [X] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] S3 pepifilter; system32\DRIVERS\lv302af.sys [X] S3 PID_PEPI; system32\DRIVERS\LV302V32.SYS [X] S3 tunnel; system32\DRIVERS\tunnel.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-07 19:13 - 2014-05-07 19:13 - 00000000 ____D () C:\FRST 2014-05-03 08:41 - 2014-05-07 04:16 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamswissarmy.sys 2014-05-03 08:40 - 2014-05-03 08:40 - 00000000 ____D () C:\Users\Schmid\AppData\Roaming\Malwarebytes 2014-05-03 08:35 - 2014-05-03 08:35 - 00000911 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-05-03 08:35 - 2014-05-03 08:35 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-03 08:35 - 2014-05-03 08:35 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware 2014-05-03 08:35 - 2013-04-04 04:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys 2014-05-03 08:08 - 2012-04-08 13:00 - 00145184 _____ (Sun Microsystems, Inc.) C:\Windows\System32\javaw.exe 2014-05-03 08:08 - 2012-04-08 13:00 - 00145184 _____ (Sun Microsystems, Inc.) C:\Windows\System32\java.exe 2014-05-01 20:33 - 2014-05-01 20:33 - 00000000 ____D () C:\Users\Schmid\AppData\Roaming\McAfee 2014-05-01 06:29 - 2014-05-01 06:29 - 00000000 ____D () C:\ProgramData\APN 2014-05-01 06:28 - 2014-05-01 06:28 - 00000000 ____D () C:\ProgramData\Oracle 2014-05-01 06:26 - 2012-04-08 13:00 - 00153376 _____ (Sun Microsystems, Inc.) C:\Windows\System32\javaws.exe 2014-04-23 00:18 - 2013-09-23 03:48 - 00147912 _____ (McAfee, Inc.) C:\Windows\System32\Drivers\HipShieldK.sys 2014-04-22 15:09 - 2014-04-22 15:09 - 00143064 _____ () C:\Windows\Minidump\Mini042314-01.dmp 2014-04-18 02:39 - 2014-04-18 03:05 - 00000000 ____D () C:\Users\Schmid\Desktop\Frederik 2014-04-18 02:23 - 2014-04-27 01:56 - 00000000 ____D () C:\Users\Schmid\Desktop\Urlaub Ostern2014 2014-04-18 00:43 - 2014-04-18 00:43 - 00001027 _____ () C:\Users\Public\Desktop\ElsterFormular.lnk 2014-04-15 07:57 - 2014-04-15 07:57 - 00143064 _____ () C:\Windows\Minidump\Mini041514-01.dmp 2014-04-08 08:36 - 2014-04-22 15:09 - 00000000 ____D () C:\Windows\Minidump 2014-04-08 08:36 - 2014-04-22 15:08 - 341584728 _____ () C:\Windows\MEMORY.DMP 2014-04-08 08:36 - 2014-04-08 08:36 - 00143064 _____ () C:\Windows\Minidump\Mini040814-01.dmp ==================== One Month Modified Files and Folders ======= 2014-05-07 19:13 - 2014-05-07 19:13 - 00000000 ____D () C:\FRST 2014-05-07 05:20 - 2008-01-20 23:16 - 01567488 _____ () C:\Windows\System32\PerfStringBackup.INI 2014-05-07 04:16 - 2014-05-03 08:41 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamswissarmy.sys 2014-05-07 03:55 - 2006-11-02 04:47 - 00003616 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2014-05-07 03:55 - 2006-11-02 04:47 - 00003616 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2014-05-07 03:48 - 2008-02-18 07:50 - 00000000 ____D () C:\ProgramData\McAfee 2014-05-06 03:08 - 2006-11-02 03:18 - 00000000 ____D () C:\Windows\System32\spool 2014-05-05 20:26 - 2009-12-28 19:19 - 01685015 _____ () C:\Windows\WindowsUpdate.log 2014-05-03 08:40 - 2014-05-03 08:40 - 00000000 ____D () C:\Users\Schmid\AppData\Roaming\Malwarebytes 2014-05-03 08:35 - 2014-05-03 08:35 - 00000911 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-05-03 08:35 - 2014-05-03 08:35 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-03 08:35 - 2014-05-03 08:35 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware 2014-05-03 08:21 - 2012-02-23 08:23 - 00127978 _____ () C:\Windows\PFRO.log 2014-05-03 08:21 - 2009-12-30 05:34 - 00000000 ____D () C:\Program Files\McAfee 2014-05-03 08:08 - 2008-02-18 07:10 - 00000000 ____D () C:\Program Files\Java 2014-05-03 02:22 - 2009-12-30 05:34 - 00000000 ____D () C:\Program Files\Common Files\McAfee 2014-05-02 05:59 - 2009-12-28 19:25 - 00000000 ____D () C:\users\Schmid 2014-05-02 05:59 - 2006-11-02 03:18 - 00000000 ____D () C:\Windows\registration 2014-05-02 05:59 - 2006-11-02 02:22 - 50855936 _____ () C:\Windows\System32\config\software_previous 2014-05-02 05:59 - 2006-11-02 02:22 - 39845888 _____ () C:\Windows\System32\config\system_previous 2014-05-02 05:59 - 2006-11-02 02:22 - 39059456 _____ () C:\Windows\System32\config\components_previous 2014-05-02 05:59 - 2006-11-02 02:22 - 00786432 _____ () C:\Windows\System32\config\default_previous 2014-05-02 05:59 - 2006-11-02 02:22 - 00262144 _____ () C:\Windows\System32\config\security_previous 2014-05-02 05:59 - 2006-11-02 02:22 - 00262144 _____ () C:\Windows\System32\config\sam_previous 2014-05-01 20:33 - 2014-05-01 20:33 - 00000000 ____D () C:\Users\Schmid\AppData\Roaming\McAfee 2014-05-01 06:29 - 2014-05-01 06:29 - 00000000 ____D () C:\ProgramData\APN 2014-05-01 06:28 - 2014-05-01 06:28 - 00000000 ____D () C:\ProgramData\Oracle 2014-05-01 06:27 - 2008-02-18 07:10 - 00000000 ____D () C:\Program Files\Common Files\Java 2014-04-29 15:25 - 2012-10-03 01:51 - 00001968 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-04-29 00:51 - 2012-04-08 10:57 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe 2014-04-29 00:51 - 2011-09-08 02:29 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl 2014-04-27 01:56 - 2014-04-18 02:23 - 00000000 ____D () C:\Users\Schmid\Desktop\Urlaub Ostern2014 2014-04-22 15:09 - 2014-04-22 15:09 - 00143064 _____ () C:\Windows\Minidump\Mini042314-01.dmp 2014-04-22 15:09 - 2014-04-08 08:36 - 00000000 ____D () C:\Windows\Minidump 2014-04-22 15:08 - 2014-04-08 08:36 - 341584728 _____ () C:\Windows\MEMORY.DMP 2014-04-21 07:49 - 2012-12-06 09:17 - 00000000 ____D () C:\Users\Schmid\Desktop\Mama Bilder altes Handy 2014-04-18 03:05 - 2014-04-18 02:39 - 00000000 ____D () C:\Users\Schmid\Desktop\Frederik 2014-04-18 02:12 - 2012-04-22 02:51 - 00019750 _____ () C:\Windows\setupact.log 2014-04-18 01:34 - 2010-01-10 08:36 - 00000000 ____D () C:\Steuer 2014-04-18 00:44 - 2011-05-25 08:50 - 00000000 ____D () C:\Users\Schmid\AppData\Roaming\elsterformular 2014-04-18 00:43 - 2014-04-18 00:43 - 00001027 _____ () C:\Users\Public\Desktop\ElsterFormular.lnk 2014-04-18 00:39 - 2010-01-10 08:46 - 00000000 ____D () C:\Program Files\ElsterFormular 2014-04-15 07:57 - 2014-04-15 07:57 - 00143064 _____ () C:\Windows\Minidump\Mini041514-01.dmp 2014-04-10 06:47 - 2013-07-24 17:00 - 00000000 ____D () C:\Windows\System32\MRT 2014-04-10 06:44 - 2006-11-02 02:24 - 88028728 _____ (Microsoft Corporation) C:\Windows\System32\mrt.exe 2014-04-08 08:36 - 2014-04-08 08:36 - 00143064 _____ () C:\Windows\Minidump\Mini040814-01.dmp Some content of TEMP: ==================== C:\Users\Schmid\AppData\Local\Temp\APNSetup.exe C:\Users\Schmid\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe ==================== Known DLLs (Whitelisted) ============ ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== Restore Points ========================= ==================== Memory info =========================== Percentage of memory in use: 16% Total physical RAM: 3061.22 MB Available physical RAM: 2554.47 MB Total Pagefile: 2768.18 MB Available Pagefile: 2622.12 MB Total Virtual: 2047.88 MB Available Virtual: 1972.01 MB ==================== Drives ================================ Drive c: (Vista) (Fixed) (Total:116.21 GB) (Free:49.44 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (Data) (Fixed) (Total:115.21 GB) (Free:109.93 GB) NTFS Drive f: (WinRE) (Fixed) (Total:1.46 GB) (Free:1.24 GB) NTFS Drive g: () (Removable) (Total:3.74 GB) (Free:3.74 GB) FAT32 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 233 GB) (Disk ID: 089F965A) Partition 1: (Not Active) - (Size=1 GB) - (Type=27) Partition 2: (Active) - (Size=116 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=115 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 4 GB) (Disk ID: C3072E18) Partition 1: (Active) - (Size=4 GB) - (Type=0B) LastRegBack: 2014-05-05 02:51 ==================== End Of Log ============================ |
|
08.05.2014, 09:19
| #11 |
| /// TB-Ausbilder /// Anleitungs-Guru | Windows Vista funktioniert nicht mehr Hi, bitte versuch mal folgende Anleitung durchzuarbeiten. Ist mir klar, dass alles nur sehr langsam geht usw. versuche es dennoch... Schritt 1 Clean-Boot 
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
08.05.2014, 09:46
| #12 |
| | Windows Vista funktioniert nicht mehr Guten Morgen, hat auf jeden Fall schonmal funktioniert: Beim Hochfahren kommt etwas von einer Systemüberprüfung bei der ein Countdown runterzählt und unterbrechen kann .. hab ich einfach mal. Der PC ist jetzt hochgefahren und man könnte mit ihm wieder arbeiten. Ist zwar noch langsamer als gewohnt aber er würde funktionieren. Lg |
|
08.05.2014, 10:12
| #13 |
| /// TB-Ausbilder /// Anleitungs-Guru | Windows Vista funktioniert nicht mehr OK, melde mich mit weiteren Anweisungen.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer Geändert von deeprybka (08.05.2014 um 10:23 Uhr) |
|
08.05.2014, 11:19
| #14 |
| /// TB-Ausbilder /// Anleitungs-Guru | Windows Vista funktioniert nicht mehr OK, bitte im Cleanboot-Status einen FRST-Scan machen. Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
08.05.2014, 13:44
| #15 |
| | Windows Vista funktioniert nicht mehr hallo, da erscheint nur die frst Textdatei: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:07-05-2014
Ran by Schmid (administrator) on SCHMID-LAPTOP on 08-05-2014 14:41:16
Running from C:\Users\Schmid\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Farbar) C:\Users\Schmid\Desktop\FRST (1).exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [] => [X]
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-179326881-4221156063-1880265402-1000\...\MountPoints2: {2259bf82-ce69-11e1-b261-87819ba72b2f} - D:\AutoRun.exe
HKU\S-1-5-21-179326881-4221156063-1880265402-1000\...\MountPoints2: {2259bfbe-ce69-11e1-b261-d906ae6baeca} - G:\AutoRun.exe
HKU\S-1-5-21-179326881-4221156063-1880265402-1000\...\MountPoints2: {69795549-3fac-11e2-94f3-8590509a03ed} - G:\Startme.exe
HKU\S-1-5-21-179326881-4221156063-1880265402-1000\...\MountPoints2: {88bfde9a-a7a6-11e0-980d-e93c509914ef} - D:\iStudio.exe
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://web.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.de/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
URLSearchHook: HKCU - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKCU - (No Name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - No File
URLSearchHook: HKCU - ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
SearchScopes: HKLM - DefaultScope {9E02A28F-67EE-4DC8-8FF8-E5B940650D48} URL = hxxp://www.google.de/search?q={searchTerms}&rls=com.microsoft:*:IE-SearchBox&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7;
SearchScopes: HKLM - {9E02A28F-67EE-4DC8-8FF8-E5B940650D48} URL = hxxp://www.google.de/search?q={searchTerms}&rls=com.microsoft:*:IE-SearchBox&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7;
SearchScopes: HKCU - {3630F80F-47B1-46F1-A42D-4F6A943FB8B3} URL = hxxp://www.search.ask.com/web?tpid=ORJ-V7C&o=APN11406&pf=V7&p2=%5EBBE%5EOSJ000%5EYY%5EDE&gct=sb&itbv=12.10.6.48&apn_uid=0CCF1475-2423-40DA-9700-FDA5A6B8911C&apn_ptnrs=BBE&apn_dtid=%5EOSJ000%5EYY%5EDE&apn_dbr=ie_8.0.6001.19507&doi=2014-05-01&trgb=IE&q={searchTerms}&psv=
SearchScopes: HKCU - {5028B9C6-5E66-4619-9107-2815568B924B} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_22\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.6.0_22\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {4F524A2D-5637-4300-76A7-7A786E7484D7} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Schmid\AppData\Roaming\Mozilla\Firefox\Profiles\9e739ybx.default
FF DefaultSearchEngine: ICQ Search
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin - C:\Program Files\Java\jre1.6.0_22\bin\npDeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre1.6.0_22\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.450 - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Users\Schmid\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\CCMSDK.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\cgpcfg.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\CgpCore.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\confmgr.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ctxlogging.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ctxmui.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\icafile.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\icalogon.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npicaN.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npnul32.dll (mozilla.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\sslsdk_b.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\TcpPServ.dll (Citrix Systems, Inc.)
FF SearchPlugin: C:\Users\Schmid\AppData\Roaming\Mozilla\Firefox\Profiles\9e739ybx.default\searchplugins\icqplugin-1.xml
FF SearchPlugin: C:\Users\Schmid\AppData\Roaming\Mozilla\Firefox\Profiles\9e739ybx.default\searchplugins\icqplugin.gif
FF SearchPlugin: C:\Users\Schmid\AppData\Roaming\Mozilla\Firefox\Profiles\9e739ybx.default\searchplugins\icqplugin.src
FF SearchPlugin: C:\Users\Schmid\AppData\Roaming\Mozilla\Firefox\Profiles\9e739ybx.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Users\Schmid\AppData\Roaming\Mozilla\Firefox\Profiles\9e739ybx.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\Schmid\AppData\Roaming\Mozilla\Firefox\Profiles\9e739ybx.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: Cooliris - C:\Users\Schmid\AppData\Roaming\Mozilla\Firefox\Profiles\9e739ybx.default\Extensions\piclens@cooliris.com [2011-10-10]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Schmid\AppData\Roaming\Mozilla\Firefox\Profiles\9e739ybx.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-01-10]
FF Extension: ICQ Toolbar - C:\Users\Schmid\AppData\Roaming\Mozilla\Firefox\Profiles\9e739ybx.default\Extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2011-10-10]
FF Extension: WEB.DE Toolbar - C:\Users\Schmid\AppData\Roaming\Mozilla\Firefox\Profiles\9e739ybx.default\Extensions\toolbar@web.de.xpi [2011-08-08]
FF Extension: ICQ Toolbar - C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2009-12-30]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2012-04-08]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files\McAfee\SiteAdvisor [2009-12-30]
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2009-12-30]
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\34.0.1847.131\pdf.dll ()
CHR Plugin: (McAfee SiteAdvisor) - C:\Users\Schmid\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\McChPlg.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll No File
CHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
CHR Extension: (SiteAdvisor) - C:\Users\Schmid\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-05-05]
CHR Extension: (Google Wallet) - C:\Users\Schmid\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
========================== Services (Whitelisted) =================
S4 ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960 2007-12-25] (TOSHIBA CORPORATION)
S4 DCService.exe; C:\ProgramData\DatacardService\DCService.exe [229376 2010-05-08] ()
S4 FirebirdServerMAGIXInstance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®)
S4 HomeNetSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
S4 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S4 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S4 McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [118264 2014-03-24] (McAfee, Inc.)
S4 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [145568 2014-01-28] (McAfee, Inc.)
S4 McMPFSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
S4 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
S4 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [471592 2013-08-02] (McAfee, Inc.)
S4 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
S4 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [644088 2014-01-21] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [169800 2014-03-17] (McAfee, Inc.)
R2 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [175480 2014-03-17] (McAfee, Inc.)
S4 MSK80Service; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
S4 TOSHIBA SMART Log Service; c:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [126976 2007-12-03] (TOSHIBA Corporation)
S4 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.)
==================== Drivers (Whitelisted) ====================
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [61400 2014-03-17] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [147912 2013-09-23] (McAfee, Inc.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [134600 2014-03-17] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [236480 2014-03-17] (McAfee, Inc.)
S3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [66408 2014-03-17] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [367776 2014-03-17] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [573968 2014-03-17] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [330248 2014-01-21] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [81264 2014-01-21] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [214856 2014-03-17] (McAfee, Inc.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 LVRS; system32\DRIVERS\lvrs.sys [X]
S3 LVUSBSta; system32\drivers\LVUSBSta.sys [X]
S3 netr73; system32\DRIVERS\WUSB54GCx86.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 pepifilter; system32\DRIVERS\lv302af.sys [X]
S3 PID_PEPI; system32\DRIVERS\LV302V32.SYS [X]
S3 tunnel; system32\DRIVERS\tunnel.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-08 14:41 - 2014-05-08 14:41 - 00022812 _____ () C:\Users\Schmid\Desktop\FRST.txt
2014-05-08 14:09 - 2014-05-08 14:11 - 00019333 _____ () C:\Users\Schmid\Downloads\FRST.txt
2014-05-08 14:09 - 2014-05-08 14:09 - 01053184 _____ (Farbar) C:\Users\Schmid\Desktop\FRST (1).exe
2014-05-08 14:08 - 2014-05-08 14:09 - 01053184 _____ (Farbar) C:\Users\Schmid\Downloads\FRST.exe
2014-05-08 10:43 - 2014-05-08 10:43 - 00000000 ____D () C:\Windows\pss
2014-05-08 10:40 - 2014-05-08 10:40 - 00000000 ____D () C:\McAfee
2014-05-08 05:13 - 2014-05-08 14:41 - 00000000 ____D () C:\FRST
2014-05-05 12:58 - 2014-05-05 12:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-05-03 18:40 - 2014-05-03 18:40 - 00000000 ____D () C:\Users\Schmid\AppData\Roaming\Malwarebytes
2014-05-03 18:35 - 2014-05-03 18:35 - 00000911 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-03 18:35 - 2014-05-03 18:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
2014-05-03 18:35 - 2014-05-03 18:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-03 18:35 - 2014-05-03 18:35 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-05-03 18:35 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-03 18:08 - 2012-04-08 23:00 - 00145184 _____ (Sun Microsystems, Inc.) C:\Windows\system32\javaw.exe
2014-05-03 18:08 - 2012-04-08 23:00 - 00145184 _____ (Sun Microsystems, Inc.) C:\Windows\system32\java.exe
2014-05-02 06:33 - 2014-05-02 06:33 - 00000000 ____D () C:\Users\Schmid\AppData\Roaming\McAfee
2014-05-01 16:29 - 2014-05-01 16:29 - 00000000 ____D () C:\ProgramData\APN
2014-05-01 16:28 - 2014-05-01 16:28 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-01 16:26 - 2014-05-01 16:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-01 16:26 - 2012-04-08 23:00 - 00153376 _____ (Sun Microsystems, Inc.) C:\Windows\system32\javaws.exe
2014-04-23 10:18 - 2013-09-23 13:48 - 00147912 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2014-04-23 01:09 - 2014-04-23 01:09 - 00143064 _____ () C:\Windows\Minidump\Mini042314-01.dmp
2014-04-18 12:39 - 2014-04-18 13:05 - 00000000 ____D () C:\Users\Schmid\Desktop\Frederik
2014-04-18 12:23 - 2014-04-27 11:56 - 00000000 ____D () C:\Users\Schmid\Desktop\Urlaub Ostern2014
2014-04-18 10:43 - 2014-04-18 10:43 - 00001027 _____ () C:\Users\Public\Desktop\ElsterFormular.lnk
2014-04-18 10:43 - 2014-04-18 10:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2014-04-15 17:57 - 2014-04-15 17:57 - 00143064 _____ () C:\Windows\Minidump\Mini041514-01.dmp
2014-04-08 18:36 - 2014-05-08 10:33 - 276641944 _____ () C:\Windows\MEMORY.DMP
2014-04-08 18:36 - 2014-04-23 01:09 - 00000000 ____D () C:\Windows\Minidump
2014-04-08 18:36 - 2014-04-08 18:36 - 00143064 _____ () C:\Windows\Minidump\Mini040814-01.dmp
==================== One Month Modified Files and Folders =======
2014-05-08 14:41 - 2014-05-08 14:41 - 00022812 _____ () C:\Users\Schmid\Desktop\FRST.txt
2014-05-08 14:41 - 2014-05-08 05:13 - 00000000 ____D () C:\FRST
2014-05-08 14:41 - 2011-11-03 18:20 - 00000428 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{04F04AFB-559A-4F0E-9350-C8870077823A}.job
2014-05-08 14:40 - 2012-04-08 22:59 - 00000000 ____D () C:\Users\Schmid\Desktop\OpenOffice.org 3.3 (de) Installation Files
2014-05-08 14:24 - 2014-03-31 07:12 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf4c9fc66d69a0.job
2014-05-08 14:24 - 2014-02-18 13:07 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf2c99ad425e20.job
2014-05-08 14:19 - 2009-12-29 05:19 - 01715486 _____ () C:\Windows\WindowsUpdate.log
2014-05-08 14:11 - 2014-05-08 14:09 - 00019333 _____ () C:\Users\Schmid\Downloads\FRST.txt
2014-05-08 14:09 - 2014-05-08 14:09 - 01053184 _____ (Farbar) C:\Users\Schmid\Desktop\FRST (1).exe
2014-05-08 14:09 - 2014-05-08 14:08 - 01053184 _____ (Farbar) C:\Users\Schmid\Downloads\FRST.exe
2014-05-08 13:45 - 2012-04-08 20:57 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-08 12:44 - 2006-11-02 14:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-08 12:44 - 2006-11-02 14:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-08 10:50 - 2008-01-21 09:16 - 01567488 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-08 10:44 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-08 10:43 - 2014-05-08 10:43 - 00000000 ____D () C:\Windows\pss
2014-05-08 10:43 - 2006-11-02 15:01 - 00032536 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-08 10:43 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\spool
2014-05-08 10:41 - 2013-10-01 17:36 - 00000000 ____D () C:\Users\Schmid\AppData\Roaming\ICAClient
2014-05-08 10:40 - 2014-05-08 10:40 - 00000000 ____D () C:\McAfee
2014-05-08 10:33 - 2014-04-08 18:36 - 276641944 _____ () C:\Windows\MEMORY.DMP
2014-05-08 10:33 - 2012-02-23 18:23 - 00130080 _____ () C:\Windows\PFRO.log
2014-05-07 13:48 - 2008-02-18 17:50 - 00000000 ____D () C:\ProgramData\McAfee
2014-05-05 12:58 - 2014-05-05 12:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-05-03 18:40 - 2014-05-03 18:40 - 00000000 ____D () C:\Users\Schmid\AppData\Roaming\Malwarebytes
2014-05-03 18:35 - 2014-05-03 18:35 - 00000911 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-03 18:35 - 2014-05-03 18:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
2014-05-03 18:35 - 2014-05-03 18:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-03 18:35 - 2014-05-03 18:35 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-05-03 18:21 - 2009-12-30 15:34 - 00000000 ____D () C:\Program Files\McAfee
2014-05-03 18:08 - 2008-02-18 17:10 - 00000000 ____D () C:\Program Files\Java
2014-05-03 12:22 - 2009-12-30 15:34 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2014-05-02 15:59 - 2009-12-29 05:25 - 00000000 ____D () C:\Users\Schmid
2014-05-02 15:59 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\registration
2014-05-02 15:59 - 2006-11-02 12:22 - 50855936 _____ () C:\Windows\system32\config\software_previous
2014-05-02 15:59 - 2006-11-02 12:22 - 39845888 _____ () C:\Windows\system32\config\system_previous
2014-05-02 15:59 - 2006-11-02 12:22 - 39059456 _____ () C:\Windows\system32\config\components_previous
2014-05-02 15:59 - 2006-11-02 12:22 - 00786432 _____ () C:\Windows\system32\config\default_previous
2014-05-02 15:59 - 2006-11-02 12:22 - 00262144 _____ () C:\Windows\system32\config\security_previous
2014-05-02 15:59 - 2006-11-02 12:22 - 00262144 _____ () C:\Windows\system32\config\sam_previous
2014-05-02 06:33 - 2014-05-02 06:33 - 00000000 ____D () C:\Users\Schmid\AppData\Roaming\McAfee
2014-05-01 16:29 - 2014-05-01 16:29 - 00000000 ____D () C:\ProgramData\APN
2014-05-01 16:28 - 2014-05-01 16:28 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-01 16:27 - 2008-02-18 17:10 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-05-01 16:26 - 2014-05-01 16:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-30 01:25 - 2012-10-03 11:51 - 00001968 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-29 10:51 - 2012-04-08 20:57 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-04-29 10:51 - 2011-09-08 12:29 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-04-27 11:56 - 2014-04-18 12:23 - 00000000 ____D () C:\Users\Schmid\Desktop\Urlaub Ostern2014
2014-04-23 01:09 - 2014-04-23 01:09 - 00143064 _____ () C:\Windows\Minidump\Mini042314-01.dmp
2014-04-23 01:09 - 2014-04-08 18:36 - 00000000 ____D () C:\Windows\Minidump
2014-04-21 17:49 - 2012-12-06 19:17 - 00000000 ____D () C:\Users\Schmid\Desktop\Mama Bilder altes Handy
2014-04-18 13:05 - 2014-04-18 12:39 - 00000000 ____D () C:\Users\Schmid\Desktop\Frederik
2014-04-18 12:12 - 2012-04-22 12:51 - 00019750 _____ () C:\Windows\setupact.log
2014-04-18 11:34 - 2010-01-10 18:36 - 00000000 ____D () C:\Steuer
2014-04-18 10:44 - 2011-05-25 18:50 - 00000000 ____D () C:\Users\Schmid\AppData\Roaming\elsterformular
2014-04-18 10:43 - 2014-04-18 10:43 - 00001027 _____ () C:\Users\Public\Desktop\ElsterFormular.lnk
2014-04-18 10:43 - 2014-04-18 10:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2014-04-18 10:39 - 2010-01-10 18:46 - 00000000 ____D () C:\Program Files\ElsterFormular
2014-04-15 17:57 - 2014-04-15 17:57 - 00143064 _____ () C:\Windows\Minidump\Mini041514-01.dmp
2014-04-10 16:47 - 2013-07-25 03:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-10 16:44 - 2006-11-02 12:24 - 88028728 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-04-08 18:36 - 2014-04-08 18:36 - 00143064 _____ () C:\Windows\Minidump\Mini040814-01.dmp
Some content of TEMP:
====================
C:\Users\Schmid\AppData\Local\Temp\APNSetup.exe
C:\Users\Schmid\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-08 10:50
==================== End Of Log ============================
|
|
| Themen zu Windows Vista funktioniert nicht mehr |
| benötigt, brauch, cpu-auslastung, firewall, funktioniert, funktioniert nicht, funktioniert nicht mehr, hochfahren, installieren, malwarebytes, manager, mcafee, minute, minuten, nicht mehr, nichts, programme, stick, task manager, total, usb, usb stick, vista, windows, windows vista, öffnen |
Linear-Darstellung
