| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: RegClean Pro, MyPC Backup und Sync Folder "eingefangen"Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
09.06.2014, 11:58
| #1 |
 |  RegClean Pro, MyPC Backup und Sync Folder "eingefangen" Hallo zusammen, ich bin einem Hilferuf meines Großvaters gefolgt und habe folgendes Problem vorliegen: Nach dem öffnen einer Website muss er ein falsches Pop-Up oder dgl. erwischt haben und auf dem Rechner finden sich nun die o.g. Programme, die auch schon beim Systemstart fleißig anlaufen. Ich würde mich sehr freuen, wenn mich jemand anleiten könnte diese Plagegeister zuverlässig loszuwerden. Ich hoffe über ein Neuauflegen des Systems kommen wir herum. Ich hoffe ich habe keine Standard-Logs die bei jedem derartigen Post zu erstellen sind übersehen. Falls doch, genügt ein Verweis auf entsprechende Anleitung und ich werde sie durchführen. Viele Grüße |
|
09.06.2014, 12:24
| #2 |
| /// the machine /// TB-Ausbilder    | RegClean Pro, MyPC Backup und Sync Folder "eingefangen" hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
09.06.2014, 12:37
| #3 |
| | RegClean Pro, MyPC Backup und Sync Folder "eingefangen" Hallo schrauber,
__________________danke schon einmal für deine Hilfe! Hier die Logs. FRST.txt FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-06-2014 01
Ran by X Y (administrator) on XY-PC on 09-06-2014 13:32:33
Running from C:\Users\X Y\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Time Information Services Ltd.) C:\Program Files (x86)\Nokia\Nokia PC Suite 6\PcSync2.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Nokia Corporation) C:\Program Files (x86)\Common Files\Nokia\MPAPI\MPAPI3s.exe
(Nokia.) C:\Program Files (x86)\Common Files\PCSuite\Services\ServiceLayer.exe
(Wistron) C:\Program Files (x86)\Launch Manager\HotkeyApp.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\OSD.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WButton.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
(Nokia Mobile Phones Ltd.) C:\Program Files (x86)\Common Files\PCSuite\DataLayer\DataLayer.exe
(Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
() C:\ProgramData\Vip mobilni internet\OnlineUpdate\ouc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Spigot Inc) C:\Config.Msi\55a07.rbf
(Spigot, Inc.) C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
(Spigot, Inc.) C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
(Spigot Inc) C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings64.exe
(Mozilla Corporation) D:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) D:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmprph.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7981088 2009-07-20] (Realtek Semiconductor)
HKLM\...\Run: [fspuip] => C:\Program Files\FSP\fspuip.exe [1096192 2009-06-19] (Sentelic Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2010-01-19] (Synaptics Incorporated)
HKLM-x32\...\Run: [HotkeyApp] => C:\Program Files (x86)\Launch Manager\HotkeyApp.exe [200704 2009-12-14] (Wistron)
HKLM-x32\...\Run: [LMgrVolOSD] => C:\Program Files (x86)\Launch Manager\OSD.exe [348960 2009-12-11] (Wistron Corp.)
HKLM-x32\...\Run: [LMgrOSD] => "C:\Program Files (x86)\Launch Manager\OSDCtrl.exe"
HKLM-x32\...\Run: [Wbutton] => C:\Program Files (x86)\Launch Manager\Wbutton.exe [413696 2010-01-13] (Wistron Corp.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [PCSuiteTrayApplication] => C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe [167936 2005-03-22] (Nokia)
HKLM-x32\...\Run: [DataLayer] => C:\Program Files (x86)\Common Files\PCSuite\DataLayer\DataLayer.exe [1106944 2005-03-31] (Nokia Mobile Phones Ltd.)
HKLM-x32\...\Run: [ApnUpdater] => C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1646216 2013-01-24] (Ask)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SearchSettings] => C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe [1404736 2014-05-26] (Spigot, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1729326599-1062957140-116425823-1000\...\Run: [PcSync] => C:\Program Files (x86)\Nokia\Nokia PC Suite 6\PcSync2.exe [847872 2005-04-20] (Time Information Services Ltd.)
HKU\S-1-5-21-1729326599-1062957140-116425823-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-1729326599-1062957140-116425823-1000\...\MountPoints2: {af05a4dd-ca28-11e0-b3b1-001f1639cf37} - F:\AutoRun.exe
HKU\S-1-5-21-1729326599-1062957140-116425823-1000\...\MountPoints2: {af05a4f3-ca28-11e0-b3b1-001f1639cf37} - F:\AutoRun.exe
HKU\S-1-5-21-1729326599-1062957140-116425823-1000\...\MountPoints2: {af05a510-ca28-11e0-b3b1-001f1639cf37} - F:\AutoRun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\X Y\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
==================== Internet (Whitelisted) ====================
URLSearchHook: HKCU - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\9.3\pdfforgeToolbarIE64.dll (Spigot, Inc.)
URLSearchHook: HKCU - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\9.3\pdfforgeToolbarIE.dll (Spigot, Inc.)
SearchScopes: HKCU - {1579E0F8-D955-4730-95FC-38B4816BDFD6} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=302398&p={searchTerms}
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL =
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\9.3\pdfforgeToolbarIE.dll (Spigot, Inc.)
BHO-x32: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\9.3\pdfforgeToolbarIE64.dll (Spigot, Inc.)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM-x32 - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\9.3\pdfforgeToolbarIE.dll (Spigot, Inc.)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{03A3924A-5214-4C59-B5B4-88E6F829FBB9}: [NameServer]212.91.97.3 212.91.97.4
FireFox:
========
FF ProfilePath: C:\Users\X Y\AppData\Roaming\Mozilla\Firefox\Profiles\bi8cp4fz.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.de/
FF Keyword.URL: hxxp://de.search.yahoo.com/search?ei=UTF-8&fr=ytff-mediaphor&p=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\X Y\AppData\Roaming\Mozilla\Firefox\Profiles\bi8cp4fz.default\user.js
FF Extension: Foxit Toolbar - C:\Users\X Y\AppData\Roaming\Mozilla\Firefox\Profiles\bi8cp4fz.default\Extensions\toolbar@ask.com [2012-03-01]
FF Extension: Yahoo! Toolbar - C:\Users\X Y\AppData\Roaming\Mozilla\Firefox\Profiles\bi8cp4fz.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2014-06-09]
FF Extension: Address Bar Search - C:\Users\X Y\AppData\Roaming\Mozilla\Firefox\Profiles\bi8cp4fz.default\Extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9}.xpi [2013-10-28]
FF Extension: pdfforge Toolbar - C:\Program Files (x86)\pdfforge Toolbar\FF [2014-06-09]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-10-19]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-10-19]
FF StartMenuInternet: FIREFOX.EXE - d:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-15] (Avira Operations GmbH & Co. KG)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-23] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [339456 2010-11-16] () [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Vip mobilni internet. RunOuc; C:\Program Files (x86)\Vip mobilni internet\UpdateDog\ouc.exe [218624 2011-08-20] () [File not signed]
R3 WisLMSvc; C:\Program Files (x86)\Launch Manager\WisLMSvc.exe [118560 2009-10-22] (Wistron Corp.)
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [X]
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
S2 DETEWECP; \SystemRoot\System32\drivers\detewecp.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-09 13:32 - 2014-06-09 13:33 - 00015066 _____ () C:\Users\X Y\Desktop\FRST.txt
2014-06-09 13:31 - 2014-06-09 13:32 - 00000000 ____D () C:\Users\X Y\Downloads\Infektion
2014-06-09 13:31 - 2014-06-09 13:32 - 00000000 ____D () C:\FRST
2014-06-09 13:31 - 2014-06-09 13:31 - 02080768 _____ (Farbar) C:\Users\X Y\Desktop\FRST64.exe
2014-06-09 12:50 - 2014-06-09 12:50 - 00000000 ____D () C:\Program Files (x86)\pdfforge Toolbar
2014-06-09 12:50 - 2014-06-09 12:50 - 00000000 ____D () C:\Program Files (x86)\Application Updater
2014-06-09 12:44 - 2014-06-09 12:46 - 00000000 ____D () C:\Users\X Y\AppData\Roaming\cloudbkp
2014-06-08 11:24 - 2014-06-09 12:46 - 00003118 _____ () C:\Windows\System32\Tasks\Advanced System Protector_startup
2014-06-08 11:24 - 2014-06-09 12:46 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-06-08 11:24 - 2014-06-09 12:45 - 00001047 _____ () C:\Users\X Y\Desktop\MyPC Backup.lnk
2014-06-08 11:24 - 2014-06-08 11:24 - 00001929 _____ () C:\Users\X Y\Desktop\Sync Folder.lnk
2014-06-08 11:24 - 2014-06-08 11:24 - 00000000 ____D () C:\Users\X Y\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-06-08 11:23 - 2014-06-09 12:47 - 00003108 _____ () C:\Windows\System32\Tasks\RegClean Pro
2014-06-08 11:23 - 2014-06-09 12:44 - 00000300 _____ () C:\Windows\Tasks\RegClean Pro_UPDATES.job
2014-06-08 11:23 - 2014-06-08 15:13 - 00000292 _____ () C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2014-06-08 11:23 - 2014-06-08 11:23 - 00003072 _____ () C:\Windows\System32\Tasks\RegClean Pro_UPDATES
2014-06-08 11:23 - 2014-06-08 11:23 - 00002916 _____ () C:\Windows\System32\Tasks\RegClean Pro_DEFAULT
2014-06-08 11:23 - 2014-06-08 11:23 - 00001161 _____ () C:\Users\Public\Desktop\Advanced System Protector.lnk
2014-06-08 11:23 - 2014-06-08 11:23 - 00001010 _____ () C:\Users\Public\Desktop\RegClean Pro.lnk
2014-06-08 11:23 - 2014-06-08 11:23 - 00000000 ____D () C:\Users\X Y\AppData\Roaming\systweak
2014-06-08 11:23 - 2014-06-08 11:23 - 00000000 ____D () C:\ProgramData\Systweak
2014-06-08 11:23 - 2014-06-08 11:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
2014-06-08 11:23 - 2014-06-08 11:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
2014-06-08 11:23 - 2014-06-08 11:23 - 00000000 ____D () C:\Program Files (x86)\RegClean Pro
2014-06-08 11:23 - 2014-06-08 11:23 - 00000000 ____D () C:\Program Files (x86)\Advanced System Protector
2014-06-08 11:23 - 2014-04-25 14:49 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe
2014-06-08 11:23 - 2012-07-25 12:03 - 00016896 _____ () C:\Windows\system32\sasnative64.exe
2014-05-23 10:48 - 2014-05-27 14:13 - 00110634 _____ () C:\Users\X Y\ESt2013_Y_X_und_Y_z.elfo
2014-05-23 09:57 - 2014-05-23 09:58 - 00000000 ____D () C:\Users\X Y\AppData\Local\.elfohilfe
2014-05-23 09:38 - 2014-05-23 09:38 - 00001189 _____ () C:\Users\Public\Desktop\ElsterFormular.lnk
2014-05-16 06:18 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-16 06:18 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-16 06:18 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-16 06:18 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-16 06:18 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-16 06:18 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-15 07:54 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-15 07:54 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-15 07:51 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-15 07:51 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-15 07:51 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-15 07:51 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-15 07:51 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-15 07:51 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-15 07:51 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-15 07:51 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-15 07:51 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-15 07:51 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-15 07:51 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-15 07:51 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-15 07:51 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-15 07:51 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-15 07:51 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-15 07:51 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-15 07:51 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-15 07:51 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-15 07:51 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-15 07:51 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-15 07:51 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-15 07:51 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-15 07:51 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-15 07:51 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-15 07:51 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-15 07:51 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-15 07:51 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-15 07:51 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-15 07:51 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-15 07:51 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-15 07:51 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-15 07:51 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-15 07:51 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-15 07:51 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-15 07:51 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-15 07:51 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-15 07:51 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-15 07:51 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-15 07:51 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-15 07:51 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-15 07:51 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
==================== One Month Modified Files and Folders =======
2014-06-09 13:33 - 2014-06-09 13:32 - 00015066 _____ () C:\Users\X Y\Desktop\FRST.txt
2014-06-09 13:33 - 2010-10-01 21:58 - 00000000 ____D () C:\Users\X Y\AppData\Local\Temp
2014-06-09 13:32 - 2014-06-09 13:31 - 00000000 ____D () C:\Users\X Y\Downloads\Infektion
2014-06-09 13:32 - 2014-06-09 13:31 - 00000000 ____D () C:\FRST
2014-06-09 13:31 - 2014-06-09 13:31 - 02080768 _____ (Farbar) C:\Users\X Y\Desktop\FRST64.exe
2014-06-09 13:24 - 2009-07-14 19:58 - 00643866 _____ () C:\Windows\system32\perfh007.dat
2014-06-09 13:24 - 2009-07-14 19:58 - 00126394 _____ () C:\Windows\system32\perfc007.dat
2014-06-09 13:24 - 2009-07-14 07:13 - 01472002 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-09 13:22 - 2012-02-04 13:57 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-09 13:15 - 2012-07-08 08:15 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-09 12:53 - 2009-07-14 06:45 - 00014816 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-09 12:53 - 2009-07-14 06:45 - 00014816 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-09 12:52 - 2010-10-01 21:34 - 01157033 _____ () C:\Windows\WindowsUpdate.log
2014-06-09 12:50 - 2014-06-09 12:50 - 00000000 ____D () C:\Program Files (x86)\pdfforge Toolbar
2014-06-09 12:50 - 2014-06-09 12:50 - 00000000 ____D () C:\Program Files (x86)\Application Updater
2014-06-09 12:47 - 2014-06-08 11:23 - 00003108 _____ () C:\Windows\System32\Tasks\RegClean Pro
2014-06-09 12:46 - 2014-06-09 12:44 - 00000000 ____D () C:\Users\X Y\AppData\Roaming\cloudbkp
2014-06-09 12:46 - 2014-06-08 11:24 - 00003118 _____ () C:\Windows\System32\Tasks\Advanced System Protector_startup
2014-06-09 12:46 - 2014-06-08 11:24 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-06-09 12:45 - 2014-06-08 11:24 - 00001047 _____ () C:\Users\X Y\Desktop\MyPC Backup.lnk
2014-06-09 12:44 - 2014-06-08 11:23 - 00000300 _____ () C:\Windows\Tasks\RegClean Pro_UPDATES.job
2014-06-09 12:44 - 2012-02-04 13:57 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-09 12:44 - 2010-10-01 22:29 - 00051572 _____ () C:\Windows\PFRO.log
2014-06-09 12:44 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-09 12:44 - 2009-07-14 06:51 - 00061464 _____ () C:\Windows\setupact.log
2014-06-08 15:13 - 2014-06-08 11:23 - 00000292 _____ () C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2014-06-08 11:24 - 2014-06-08 11:24 - 00001929 _____ () C:\Users\X Y\Desktop\Sync Folder.lnk
2014-06-08 11:24 - 2014-06-08 11:24 - 00000000 ____D () C:\Users\X Y\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-06-08 11:24 - 2010-10-01 21:58 - 00000000 ___RD () C:\Users\X Y\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-08 11:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-06-08 11:23 - 2014-06-08 11:23 - 00003072 _____ () C:\Windows\System32\Tasks\RegClean Pro_UPDATES
2014-06-08 11:23 - 2014-06-08 11:23 - 00002916 _____ () C:\Windows\System32\Tasks\RegClean Pro_DEFAULT
2014-06-08 11:23 - 2014-06-08 11:23 - 00001161 _____ () C:\Users\Public\Desktop\Advanced System Protector.lnk
2014-06-08 11:23 - 2014-06-08 11:23 - 00001010 _____ () C:\Users\Public\Desktop\RegClean Pro.lnk
2014-06-08 11:23 - 2014-06-08 11:23 - 00000000 ____D () C:\Users\X Y\AppData\Roaming\systweak
2014-06-08 11:23 - 2014-06-08 11:23 - 00000000 ____D () C:\ProgramData\Systweak
2014-06-08 11:23 - 2014-06-08 11:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
2014-06-08 11:23 - 2014-06-08 11:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
2014-06-08 11:23 - 2014-06-08 11:23 - 00000000 ____D () C:\Program Files (x86)\RegClean Pro
2014-06-08 11:23 - 2014-06-08 11:23 - 00000000 ____D () C:\Program Files (x86)\Advanced System Protector
2014-06-08 11:19 - 2011-01-01 10:17 - 00000000 ____D () C:\Users\X Y\Documents\Kontoauszüge ab 2011
2014-06-08 08:13 - 2010-10-20 11:16 - 00000000 ____D () C:\Users\X Y\Documents\Energie 2014
2014-06-04 08:31 - 2012-11-18 14:13 - 00000000 ____D () C:\Users\X Y\Documents\Garantie 2012-13
2014-06-04 08:28 - 2013-12-18 12:02 - 00000000 ____D () C:\Users\X Y\Documents\Eigene Scans
2014-05-27 15:40 - 2014-03-20 19:49 - 00000000 ____D () C:\Users\X Y\Documents\Finanzamt KT
2014-05-27 14:13 - 2014-05-23 10:48 - 00110634 _____ () C:\Users\X Y\ESt2013_Y_X_und_Y_z.elfo
2014-05-26 17:59 - 2011-10-04 09:12 - 00024576 _____ () C:\Users\X Y\Documents\Zugangsdaten 09 11.xls
2014-05-23 10:48 - 2010-10-01 21:58 - 00000000 ____D () C:\Users\X Y
2014-05-23 09:58 - 2014-05-23 09:57 - 00000000 ____D () C:\Users\X Y\AppData\Local\.elfohilfe
2014-05-23 09:50 - 2011-04-22 09:48 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2014-05-23 09:46 - 2011-04-22 10:08 - 00000000 ____D () C:\Users\X Y\AppData\Roaming\elsterformular
2014-05-23 09:38 - 2014-05-23 09:38 - 00001189 _____ () C:\Users\Public\Desktop\ElsterFormular.lnk
2014-05-23 09:38 - 2011-04-22 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2014-05-22 10:26 - 2010-10-20 11:16 - 00134144 _____ () C:\Users\X Y\Documents\Kopie von Kosten PKW KT CK 500.xls
2014-05-16 07:36 - 2010-10-01 21:58 - 00000000 ___RD () C:\Users\X Y\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-16 07:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-16 06:18 - 2013-08-07 07:35 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-16 06:16 - 2011-07-26 07:07 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-15 13:36 - 2013-03-29 08:56 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-05-15 13:36 - 2013-03-29 08:56 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-05-14 10:15 - 2012-07-08 08:15 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-14 10:15 - 2012-07-08 08:15 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-14 10:15 - 2012-07-08 08:15 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
Some content of TEMP:
====================
C:\Users\X Y\AppData\Local\Temp\avgnt.exe
C:\Users\X Y\AppData\Local\Temp\install_reader10_de_mssa_aih.exe
C:\Users\X Y\AppData\Local\Temp\OnlineBackup.exe
C:\Users\X Y\AppData\Local\Temp\vcredist_x64.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-05-29 11:29
==================== End Of Log ============================
Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-06-2014 01
Ran by X Y at 2014-06-09 13:33:26
Running from C:\Users\X Y\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
6500_E709_eDocs (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
6500_E709_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
6500_E709a (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
ABC FontViewer (HKLM-x32\...\{00C94176-9CC8-4184-B069-EC377D632658}) (Version: - )
ADAC Druckstudio (HKLM-x32\...\{4030A832-BB96-4E85-BAD4-2059C3420064}) (Version: - )
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Advanced System Protector (HKLM-x32\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1) (Version: 2.1.1000.13591 - Systweak Software) <==== ATTENTION
ArtStudioPro (HKLM-x32\...\ArtStudioPro_is1) (Version: - Twisting Pixels, LLC)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.23 - Atheros Communications Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.642 - Avira)
bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DocMgr (x32 Version: 130.0.000.000 - Ihr Firmenname) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.2.13992 - Landesfinanzdirektion Thüringen)
ElsterFormular-Upgrade (HKLM-x32\...\ElsterFormular für Privatanwender 12.1.0.6164p) (Version: 15.1.13904 - )
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Finger-sensing Pad Driver (HKLM\...\{E86906FF-C63D-4EAF-ACE7-5F8D55FBEA9A}) (Version: 8.4.2.8 - FSP)
FormsForWeb® Filler 3.2.3 (HKLM-x32\...\{18815D2C-C62D-4066-94F3-55966581D2A5}) (Version: 3.2.3 - Lucom GmbH)
FotoWorks XL 2013 (HKLM-x32\...\FotoWorks XL 2013_is1) (Version: Aktuelle Version - IN MEDIA KG)
Foxit Reader (HKLM-x32\...\Foxit Reader) (Version: 4.2.0.928 - Foxit Corporation)
Foxit Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.15.0 - Ask.com) <==== ATTENTION
Foxit Toolbar Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.4.35882 - Ask.com) <==== ATTENTION
Framing Studio 1.91 (HKLM-x32\...\Framing Studio_is1) (Version: - AMS Software)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 6500 E709 Series (HKLM\...\{2E1B4B42-069F-4F53-9966-9B9B938D7FE5}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2025 - Intel Corporation)
Java Auto Updater (x32 Version: 2.0.6.1 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 29 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216021FF}) (Version: 6.0.290 - Oracle)
JetPhoto Studio (HKLM-x32\...\{DAA677F5-A17A-4CF3-9465-4536D47ECC1B}) (Version: 3.15.2.2 - Atomix Technologies Limited)
Launch Manager V1.5.0.8 (HKLM-x32\...\{D0846526-66DD-4DC9-A02C-98F9A2806812}) (Version: 1.5.0.8 - Wistron Corp.)
LOGBOOK v.4.2.7 (HKLM-x32\...\ST6UNST #1) (Version: - )
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.6361.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MorphBuster (HKLM-x32\...\{2DA9BF76-BD81-4F83-AEFA-E1FDA411D368}) (Version: 7.6.0.202 - MediaPhor)
Mozilla Firefox (3.6.10) (HKLM-x32\...\Mozilla Firefox (3.6.10)) (Version: 3.6.10 (de) - Mozilla)
Mozilla Firefox 29.0.1 (x86 de) (HKCU\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPC Backup (HKLM\...\MyPC Backup) (Version: - JDi Backup Ltd) <==== ATTENTION
Network64 (Version: 130.0.579.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
Nokia Connectivity Cable Driver (HKLM-x32\...\InstallShield_{4AD35E01-9BA9-4F0C-B6B7-09C6C8F20D15}) (Version: 1.00.145.4 - Nokia)
Nokia Connectivity Cable Driver (x32 Version: 1.00.145.4 - Nokia) Hidden
Nokia PC Suite (HKLM-x32\...\InstallShield_{1267949C-73FC-4692-AA22-176F5E909647}) (Version: 6.50.12 - Nokia)
Nokia PC Suite (x32 Version: 6.50.12 - Nokia) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.56.34 - NVIDIA Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
PaintBuster (HKLM-x32\...\{EC3A8DB5-57FE-451A-A39E-9061176F0F26}) (Version: 11.8.0.262 - MediaPhor)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.0.2 - Frank Heindörfer, Philip Chinery)
pdfforge Toolbar v9.3 (HKLM-x32\...\{BF5A8895-5DF8-42F0-80DC-50DD1AA2DD23}) (Version: 9.3 - Spigot, Inc.) <==== ATTENTION
Photo Collage Maker 1.51 (HKLM-x32\...\Photo Collage Maker_is1) (Version: - AMS Software)
ProductContext (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5898 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30101 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173F09590E16}) (Version: 1.00.0145 - REALTEK Semiconductor Corp.)
RegClean-Pro (HKLM-x32\...\RegClean-Pro_is1) (Version: 6.21 - Systweak Inc) <==== ATTENTION
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.19.0 - Synaptics Incorporated)
TeamViewer 5 (HKLM-x32\...\TeamViewer 5) (Version: 5.1.9220 - TeamViewer GmbH)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
TwistingPixels (HKLM-x32\...\TwistingPixels_is1) (Version: - Twisting Pixels, LLC)
Vip mobilni internet (HKLM-x32\...\Vip mobilni internet) (Version: 21.005.11.03.295 - Huawei Technologies Co.,Ltd)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Wondershare Photo Story Platinum 3.4.2.6 (HKLM-x32\...\Wondershare Photo Story Platinum_is1) (Version: 3.4.2.6 - Wondershare Software Co.,Ltd.)
==================== Restore Points =========================
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0064C79F-7ECD-49F1-A0F2-41479D7595CB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {07140E76-639E-466C-B495-4504D51CFBFC} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe [2014-05-23] (Systweak) <==== ATTENTION
Task: {52E99CCE-93E8-4FAD-9513-6C6403825871} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-04] (Google Inc.)
Task: {5A3498C0-345F-4F62-A70D-805B9911424C} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {6E4C6E5A-3403-45DC-9A4C-B445A493052B} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2014-04-25] (Systweak Inc) <==== ATTENTION
Task: {8B043294-6643-4BEE-A035-A4864F6B06C3} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2014-04-25] (Systweak Inc) <==== ATTENTION
Task: {93C78712-28C7-4215-A992-8E61E061ECCF} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2014-04-25] (Systweak Inc) <==== ATTENTION
Task: {E82F2F92-75EA-47FF-A310-9D8145B45056} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2013-01-24] () <==== ATTENTION
Task: {EBE51A09-C347-455C-B18F-778235B51F91} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-04] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2010-10-05 19:53 - 2005-03-12 01:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2010-11-16 15:38 - 2010-11-16 15:38 - 00339456 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2011-08-20 13:10 - 2011-08-20 13:09 - 00218624 _____ () C:\ProgramData\Vip mobilni internet\OnlineUpdate\ouc.exe
2014-03-14 16:06 - 2014-03-14 16:06 - 00012288 _____ () C:\Program Files (x86)\MyPC Backup\GetText.dll
2014-03-14 16:00 - 2014-03-14 16:00 - 01102336 _____ () C:\Program Files (x86)\MyPC Backup\x64\System.Data.SQLite.dll
2005-03-08 22:10 - 2005-03-08 22:10 - 00016384 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 6\Lang\LaunchApplication_ger.NLR
2011-08-20 13:10 - 2011-08-20 13:09 - 00011362 _____ () C:\ProgramData\Vip mobilni internet\OnlineUpdate\mingwm10.dll
2011-08-20 13:10 - 2011-08-20 13:09 - 00043008 _____ () C:\ProgramData\Vip mobilni internet\OnlineUpdate\libgcc_s_dw2-1.dll
2011-08-20 13:10 - 2011-08-20 13:09 - 02415104 _____ () C:\ProgramData\Vip mobilni internet\OnlineUpdate\QtCore4.dll
2011-08-20 13:10 - 2011-08-20 13:09 - 01148416 _____ () C:\ProgramData\Vip mobilni internet\OnlineUpdate\QtNetwork4.dll
2014-05-11 08:16 - 2014-05-11 08:16 - 03839088 _____ () D:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-05-14 10:15 - 2014-05-14 10:15 - 16361136 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: Microsoft-Adapter für Miniports virtueller WiFis
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/09/2014 00:54:38 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "G:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
Error: (06/07/2014 08:32:37 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.
Error: (06/03/2014 08:15:37 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.
Error: (06/02/2014 07:41:08 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "G:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
Error: (05/30/2014 08:13:57 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.
Error: (05/25/2014 07:00:01 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "G:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
Error: (05/24/2014 08:58:21 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.
Error: (05/23/2014 07:07:20 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.
Error: (05/21/2014 08:45:25 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.
Error: (05/19/2014 07:43:41 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "G:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
System errors:
=============
Error: (06/09/2014 00:45:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Vip mobilni internet. OUC" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (06/09/2014 00:45:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Vip mobilni internet. OUC erreicht.
Error: (06/09/2014 00:45:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (06/09/2014 00:45:08 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Computer Backup (MyPC Backup) erreicht.
Error: (06/08/2014 11:06:01 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (06/05/2014 08:02:07 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (05/30/2014 07:42:44 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (05/27/2014 00:57:33 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (05/24/2014 10:40:49 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (05/23/2014 06:22:10 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Microsoft Office Sessions:
=========================
Error: (06/09/2014 00:54:38 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: G:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)
Error: (06/07/2014 08:32:37 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Program Files (x86)\Lucom\FormsForWeb\Filler3.2.3\xerces-c_2_8.dll.ManifestC:\Program Files (x86)\Lucom\FormsForWeb\Filler3.2.3\xerces-c_2_8.dll.Manifest6
Error: (06/03/2014 08:15:37 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Program Files (x86)\Lucom\FormsForWeb\Filler3.2.3\xerces-c_2_8.dll.ManifestC:\Program Files (x86)\Lucom\FormsForWeb\Filler3.2.3\xerces-c_2_8.dll.Manifest6
Error: (06/02/2014 07:41:08 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: G:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)
Error: (05/30/2014 08:13:57 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Program Files (x86)\Lucom\FormsForWeb\Filler3.2.3\xerces-c_2_8.dll.ManifestC:\Program Files (x86)\Lucom\FormsForWeb\Filler3.2.3\xerces-c_2_8.dll.Manifest6
Error: (05/25/2014 07:00:01 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: G:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)
Error: (05/24/2014 08:58:21 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Program Files (x86)\Lucom\FormsForWeb\Filler3.2.3\xerces-c_2_8.dll.ManifestC:\Program Files (x86)\Lucom\FormsForWeb\Filler3.2.3\xerces-c_2_8.dll.Manifest6
Error: (05/23/2014 07:07:20 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Program Files (x86)\Lucom\FormsForWeb\Filler3.2.3\xerces-c_2_8.dll.ManifestC:\Program Files (x86)\Lucom\FormsForWeb\Filler3.2.3\xerces-c_2_8.dll.Manifest6
Error: (05/21/2014 08:45:25 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Program Files (x86)\Lucom\FormsForWeb\Filler3.2.3\xerces-c_2_8.dll.ManifestC:\Program Files (x86)\Lucom\FormsForWeb\Filler3.2.3\xerces-c_2_8.dll.Manifest6
Error: (05/19/2014 07:43:41 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: G:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)
==================== Memory info ===========================
Percentage of memory in use: 41%
Total physical RAM: 3894.54 MB
Available physical RAM: 2284.16 MB
Total Pagefile: 7787.25 MB
Available Pagefile: 5817.06 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:38.96 GB) (Free:1.91 GB) NTFS
Drive d: () (Fixed) (Total:426.7 GB) (Free:425.12 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 75B66900)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=39 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=427 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Geändert von zellerli (09.06.2014 um 12:49 Uhr) |
|
09.06.2014, 16:47
| #4 |
| /// the machine /// TB-Ausbilder | RegClean Pro, MyPC Backup und Sync Folder "eingefangen" Adware & Co. deinstallieren
Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter: Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.06.2014, 21:18
| #5 |
| | RegClean Pro, MyPC Backup und Sync Folder "eingefangen" Danke nochmal. Bei Revo stand nicht alles von den o.g. Programmen drin. Die beiden nicht drinstehenden hatten eigene Uninstalls im Startmenü, die habe ich ausgeführt, nachdem Revo auch das gefundene Programm nicht mit Attention getaggt hatte. Die Uninstalls liefen auch relativ unverdächtig, sahen genauso aus wie das was Revo gefunden hatte, es kam nochmal eine Nachfrage und Werbung, dann wurde aber deinstalliert. Anschließend deine Liste abgearbeitet: Antimalwarebytes: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 09.06.2014 Suchlauf-Zeit: 19:01:37 Logdatei: mbam.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.06.09.05 Rootkit Datenbank: v2014.06.02.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: X Rüthlein Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 263266 Verstrichene Zeit: 10 Min, 49 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 1 PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\Search Settings, Löschen bei Neustart, [54157bfbdd9e92a4aff81d72956daf51], Dateien: 2 PUP.Optional.PCPerformer.A, C:\Windows\System32\roboot64.exe, In Quarantäne, [cb9e0f670e6d46f0a6119c18fa087987], PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\Search Settings\wth183.dll.old, Löschen bei Neustart, [54157bfbdd9e92a4aff81d72956daf51], Physische Sektoren: 0 (No malicious items detected) (end) [CODE]gtAdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v3.212 - Bericht erstellt am 09/06/2014 um 20:39:01
# Aktualisiert 05/06/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : X Y - XY-PC
# Gestartet von : C:\Users\X Y\Desktop\adwcleaner_3.212.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Users\X Y\AppData\Roaming\Search Settings
Ordner Gelöscht : C:\Users\X Y\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\X Y\AppData\Roaming\Mozilla\Firefox\Profiles\bi8cp4fz.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Datei Gelöscht : C:\Users\X Y\AppData\Roaming\Mozilla\Firefox\Profiles\bi8cp4fz.default\user.js
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Search Settings
Schlüssel Gelöscht : HKLM\Software\systweak
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17041
-\\ Mozilla Firefox v3.6.10 (de)
[ Datei : C:\Users\X Y\AppData\Roaming\Mozilla\Firefox\Profiles\bi8cp4fz.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [3062 octets] - [09/06/2014 20:37:37]
AdwCleaner[S0].txt - [2748 octets] - [09/06/2014 20:39:01]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2808 octets] ##########
Junkware Removal Tool Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by X Y on 09.06.2014 at 20:46:13,16
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09.06.2014 at 20:51:38,07
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-06-2014 01
Ran by X Y (administrator) on XY-PC on 09-06-2014 22:10:03
Running from C:\Users\X Y\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
() C:\ProgramData\Vip mobilni internet\OnlineUpdate\ouc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Time Information Services Ltd.) C:\Program Files (x86)\Nokia\Nokia PC Suite 6\PcSync2.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Wistron) C:\Program Files (x86)\Launch Manager\HotkeyApp.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\OSD.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WButton.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
(Nokia Mobile Phones Ltd.) C:\Program Files (x86)\Common Files\PCSuite\DataLayer\DataLayer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
(Nokia.) C:\Program Files (x86)\Common Files\PCSuite\Services\ServiceLayer.exe
(Nokia Corporation) C:\Program Files (x86)\Common Files\Nokia\MPAPI\MPAPI3s.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Mozilla Corporation) D:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7981088 2009-07-20] (Realtek Semiconductor)
HKLM\...\Run: [fspuip] => C:\Program Files\FSP\fspuip.exe [1096192 2009-06-19] (Sentelic Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2010-01-19] (Synaptics Incorporated)
HKLM-x32\...\Run: [HotkeyApp] => C:\Program Files (x86)\Launch Manager\HotkeyApp.exe [200704 2009-12-14] (Wistron)
HKLM-x32\...\Run: [LMgrVolOSD] => C:\Program Files (x86)\Launch Manager\OSD.exe [348960 2009-12-11] (Wistron Corp.)
HKLM-x32\...\Run: [LMgrOSD] => "C:\Program Files (x86)\Launch Manager\OSDCtrl.exe"
HKLM-x32\...\Run: [Wbutton] => C:\Program Files (x86)\Launch Manager\Wbutton.exe [413696 2010-01-13] (Wistron Corp.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [PCSuiteTrayApplication] => C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe [167936 2005-03-22] (Nokia)
HKLM-x32\...\Run: [DataLayer] => C:\Program Files (x86)\Common Files\PCSuite\DataLayer\DataLayer.exe [1106944 2005-03-31] (Nokia Mobile Phones Ltd.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1729326599-1062957140-116425823-1000\...\Run: [PcSync] => C:\Program Files (x86)\Nokia\Nokia PC Suite 6\PcSync2.exe [847872 2005-04-20] (Time Information Services Ltd.)
HKU\S-1-5-21-1729326599-1062957140-116425823-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-1729326599-1062957140-116425823-1000\...\MountPoints2: {af05a4dd-ca28-11e0-b3b1-001f1639cf37} - F:\AutoRun.exe
HKU\S-1-5-21-1729326599-1062957140-116425823-1000\...\MountPoints2: {af05a4f3-ca28-11e0-b3b1-001f1639cf37} - F:\AutoRun.exe
HKU\S-1-5-21-1729326599-1062957140-116425823-1000\...\MountPoints2: {af05a510-ca28-11e0-b3b1-001f1639cf37} - F:\AutoRun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
SearchScopes: HKCU - {1579E0F8-D955-4730-95FC-38B4816BDFD6} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=302398&p={searchTerms}
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{03A3924A-5214-4C59-B5B4-88E6F829FBB9}: [NameServer]212.91.97.3 212.91.97.4
FireFox:
========
FF ProfilePath: C:\Users\X Y\AppData\Roaming\Mozilla\Firefox\Profiles\bi8cp4fz.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.de/
FF Keyword.URL: hxxp://de.search.yahoo.com/search?ei=UTF-8&fr=ytff-mediaphor&p=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Address Bar Search - C:\Users\X Y\AppData\Roaming\Mozilla\Firefox\Profiles\bi8cp4fz.default\Extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9}.xpi [2013-10-28]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-10-19]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-10-19]
FF StartMenuInternet: FIREFOX.EXE - d:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-15] (Avira Operations GmbH & Co. KG)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-23] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [339456 2010-11-16] () [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Vip mobilni internet. RunOuc; C:\Program Files (x86)\Vip mobilni internet\UpdateDog\ouc.exe [218624 2011-08-20] () [File not signed]
R3 WisLMSvc; C:\Program Files (x86)\Launch Manager\WisLMSvc.exe [118560 2009-10-22] (Wistron Corp.)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
S2 DETEWECP; \SystemRoot\System32\drivers\detewecp.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-09 22:10 - 2014-06-09 22:10 - 00011835 _____ () C:\Users\X Y\Desktop\FRST.txt
2014-06-09 21:20 - 2014-06-09 22:05 - 00002810 _____ () C:\Users\X Y\Desktop\AdwCleaner[S0]_anon.txt
2014-06-09 21:18 - 2014-06-09 21:18 - 00000623 _____ () C:\Users\X Y\Desktop\JRT_anon.txt
2014-06-09 20:51 - 2014-06-09 20:51 - 00000633 _____ () C:\Users\X Y\Desktop\JRT.txt
2014-06-09 20:46 - 2014-06-09 20:46 - 00000000 ____D () C:\Windows\ERUNT
2014-06-09 20:45 - 2014-06-09 20:45 - 01016261 _____ (Thisisu) C:\Users\X Y\Desktop\JRT.exe
2014-06-09 20:40 - 2014-06-09 20:40 - 00002888 _____ () C:\Users\X Y\Desktop\AdwCleaner[S0].txt
2014-06-09 20:37 - 2014-06-09 20:39 - 00000000 ____D () C:\AdwCleaner
2014-06-09 20:37 - 2014-06-09 20:36 - 01333465 _____ () C:\Users\X Y\Desktop\adwcleaner_3.212.exe
2014-06-09 20:36 - 2014-06-09 22:05 - 00001519 _____ () C:\Users\X Y\Desktop\mbam.txt
2014-06-09 19:00 - 2014-06-09 19:54 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-09 18:59 - 2014-06-09 18:59 - 00001062 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-09 18:59 - 2014-06-09 18:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-06-09 18:59 - 2014-06-09 18:59 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-09 18:59 - 2014-06-09 18:59 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-06-09 18:59 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-09 18:59 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-09 18:59 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-09 18:11 - 2014-06-09 18:11 - 00001224 _____ () C:\Users\X Y\Desktop\Revo Uninstaller.lnk
2014-06-09 18:08 - 2014-06-09 18:11 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-06-09 13:31 - 2014-06-09 22:10 - 00000000 ____D () C:\FRST
2014-06-09 13:31 - 2014-06-09 20:36 - 00000000 ____D () C:\Users\X Y\Downloads\Infektion
2014-06-09 13:31 - 2014-06-09 13:31 - 02080768 _____ (Farbar) C:\Users\X Y\Desktop\FRST64.exe
2014-06-09 12:44 - 2014-06-09 12:46 - 00000000 ____D () C:\Users\X Y\AppData\Roaming\cloudbkp
2014-05-23 10:48 - 2014-05-27 14:13 - 00110634 _____ () C:\Users\X Y\ESt2013_Y_X_und_Y_Christine.elfo
2014-05-23 09:57 - 2014-05-23 09:58 - 00000000 ____D () C:\Users\X Y\AppData\Local\.elfohilfe
2014-05-23 09:38 - 2014-05-23 09:38 - 00001189 _____ () C:\Users\Public\Desktop\ElsterFormular.lnk
2014-05-16 06:18 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-16 06:18 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-16 06:18 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-16 06:18 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-16 06:18 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-16 06:18 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-15 07:54 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-15 07:54 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-15 07:51 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-15 07:51 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-15 07:51 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-15 07:51 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-15 07:51 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-15 07:51 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-15 07:51 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-15 07:51 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-15 07:51 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-15 07:51 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-15 07:51 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-15 07:51 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-15 07:51 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-15 07:51 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-15 07:51 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-15 07:51 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-15 07:51 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-15 07:51 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-15 07:51 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-15 07:51 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-15 07:51 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-15 07:51 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-15 07:51 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-15 07:51 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-15 07:51 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-15 07:51 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-15 07:51 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-15 07:51 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-15 07:51 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-15 07:51 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-15 07:51 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-15 07:51 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-15 07:51 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-15 07:51 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-15 07:51 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-15 07:51 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-15 07:51 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-15 07:51 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-15 07:51 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-15 07:51 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-15 07:51 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
==================== One Month Modified Files and Folders =======
2014-06-09 22:11 - 2014-06-09 22:10 - 00011835 _____ () C:\Users\X Y\Desktop\FRST.txt
2014-06-09 22:11 - 2010-10-01 21:58 - 00000000 ____D () C:\Users\X Y\AppData\Local\Temp
2014-06-09 22:10 - 2014-06-09 13:31 - 00000000 ____D () C:\FRST
2014-06-09 22:05 - 2014-06-09 21:20 - 00002810 _____ () C:\Users\X Y\Desktop\AdwCleaner[S0]_anon.txt
2014-06-09 22:05 - 2014-06-09 20:36 - 00001519 _____ () C:\Users\X Y\Desktop\mbam.txt
2014-06-09 21:22 - 2012-02-04 13:57 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-09 21:18 - 2014-06-09 21:18 - 00000623 _____ () C:\Users\X Y\Desktop\JRT_anon.txt
2014-06-09 21:15 - 2012-07-08 08:15 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-09 20:51 - 2014-06-09 20:51 - 00000633 _____ () C:\Users\X Y\Desktop\JRT.txt
2014-06-09 20:47 - 2009-07-14 06:45 - 00014816 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-09 20:47 - 2009-07-14 06:45 - 00014816 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-09 20:46 - 2014-06-09 20:46 - 00000000 ____D () C:\Windows\ERUNT
2014-06-09 20:45 - 2014-06-09 20:45 - 01016261 _____ (Thisisu) C:\Users\X Y\Desktop\JRT.exe
2014-06-09 20:40 - 2014-06-09 20:40 - 00002888 _____ () C:\Users\X Y\Desktop\AdwCleaner[S0].txt
2014-06-09 20:40 - 2012-02-04 13:57 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-09 20:40 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-09 20:39 - 2014-06-09 20:37 - 00000000 ____D () C:\AdwCleaner
2014-06-09 20:39 - 2010-10-01 22:29 - 00053998 _____ () C:\Windows\PFRO.log
2014-06-09 20:39 - 2010-10-01 21:34 - 01199318 _____ () C:\Windows\WindowsUpdate.log
2014-06-09 20:39 - 2009-07-14 06:51 - 00061632 _____ () C:\Windows\setupact.log
2014-06-09 20:36 - 2014-06-09 20:37 - 01333465 _____ () C:\Users\X Y\Desktop\adwcleaner_3.212.exe
2014-06-09 20:36 - 2014-06-09 13:31 - 00000000 ____D () C:\Users\X Y\Downloads\Infektion
2014-06-09 19:54 - 2014-06-09 19:00 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-09 19:48 - 2010-10-19 16:20 - 00000000 ____D () C:\Windows\hpoj6500e709
2014-06-09 18:59 - 2014-06-09 18:59 - 00001062 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-09 18:59 - 2014-06-09 18:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-06-09 18:59 - 2014-06-09 18:59 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-09 18:59 - 2014-06-09 18:59 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-06-09 18:57 - 2010-10-01 21:58 - 00000000 ___RD () C:\Users\X Y\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-09 18:11 - 2014-06-09 18:11 - 00001224 _____ () C:\Users\X Y\Desktop\Revo Uninstaller.lnk
2014-06-09 18:11 - 2014-06-09 18:08 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-06-09 18:06 - 2009-07-14 19:58 - 00643866 _____ () C:\Windows\system32\perfh007.dat
2014-06-09 18:06 - 2009-07-14 19:58 - 00126394 _____ () C:\Windows\system32\perfc007.dat
2014-06-09 18:06 - 2009-07-14 07:13 - 01472002 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-09 13:31 - 2014-06-09 13:31 - 02080768 _____ (Farbar) C:\Users\X Y\Desktop\FRST64.exe
2014-06-09 12:46 - 2014-06-09 12:44 - 00000000 ____D () C:\Users\X Y\AppData\Roaming\cloudbkp
2014-06-08 11:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-06-08 11:19 - 2011-01-01 10:17 - 00000000 ____D () C:\Users\X Y\Documents\Kontoauszüge ab 2011
2014-06-08 08:13 - 2010-10-20 11:16 - 00000000 ____D () C:\Users\X Y\Documents\Energie 2014
2014-06-04 08:31 - 2012-11-18 14:13 - 00000000 ____D () C:\Users\X Y\Documents\Garantie 2012-13
2014-06-04 08:28 - 2013-12-18 12:02 - 00000000 ____D () C:\Users\X Y\Documents\Eigene Scans
2014-05-27 15:40 - 2014-03-20 19:49 - 00000000 ____D () C:\Users\X Y\Documents\Finanzamt KT
2014-05-27 14:13 - 2014-05-23 10:48 - 00110634 _____ () C:\Users\X Y\ESt2013_Y_X_und_Y_Christine.elfo
2014-05-26 17:59 - 2011-10-04 09:12 - 00024576 _____ () C:\Users\X Y\Documents\Zugangsdaten 09 11.xls
2014-05-23 10:48 - 2010-10-01 21:58 - 00000000 ____D () C:\Users\X Y
2014-05-23 09:58 - 2014-05-23 09:57 - 00000000 ____D () C:\Users\X Y\AppData\Local\.elfohilfe
2014-05-23 09:50 - 2011-04-22 09:48 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2014-05-23 09:46 - 2011-04-22 10:08 - 00000000 ____D () C:\Users\X Y\AppData\Roaming\elsterformular
2014-05-23 09:38 - 2014-05-23 09:38 - 00001189 _____ () C:\Users\Public\Desktop\ElsterFormular.lnk
2014-05-23 09:38 - 2011-04-22 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2014-05-22 10:26 - 2010-10-20 11:16 - 00134144 _____ () C:\Users\X Y\Documents\Kopie von Kosten PKW KT CK 500.xls
2014-05-16 07:36 - 2010-10-01 21:58 - 00000000 ___RD () C:\Users\X Y\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-16 07:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-16 06:18 - 2013-08-07 07:35 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-16 06:16 - 2011-07-26 07:07 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-15 13:36 - 2013-03-29 08:56 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-05-15 13:36 - 2013-03-29 08:56 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-05-14 10:15 - 2012-07-08 08:15 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-14 10:15 - 2012-07-08 08:15 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-14 10:15 - 2012-07-08 08:15 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-12 07:26 - 2014-06-09 18:59 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-06-09 18:59 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-06-09 18:59 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
Some content of TEMP:
====================
C:\Users\X Y\AppData\Local\Temp\avgnt.exe
C:\Users\X Y\AppData\Local\Temp\install_reader10_de_mssa_aih.exe
C:\Users\X Y\AppData\Local\Temp\OnlineBackup.exe
C:\Users\X Y\AppData\Local\Temp\Quarantine.exe
C:\Users\X Y\AppData\Local\Temp\vcredist_x64.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-09 14:31
==================== End Of Log ============================
Wieder den Namen durch X und Y ersetzt. |
|
10.06.2014, 18:32
| #6 |
| /// the machine /// TB-Ausbilder | RegClean Pro, MyPC Backup und Sync Folder "eingefangen"ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ --> RegClean Pro, MyPC Backup und Sync Folder "eingefangen" |
|
11.06.2014, 01:20
| #7 |
| | RegClean Pro, MyPC Backup und Sync Folder "eingefangen" Nochmal vielen Dank für deine Hilfe, schrauber! Mein Großvater hat sein Notebook heute wieder gebraucht, weshalb ich diesen Schritt erst beim nächsten Besuch in einigen Tagen oder Wochen durchführen können werde. Bis dahin hat er die Anweisung nur vom anderen Rechner sensible Dinge wie Online-Banking zu machen (oder ist das übertriebene Vorsicht?). Wenn es für dich in Ordnung ist, poste ich die Logs dann, wenn ich wieder bei ihm bin und buddle dann diesen Thread entsprechend wieder aus. |
|
11.06.2014, 20:16
| #8 |
| /// the machine /// TB-Ausbilder | RegClean Pro, MyPC Backup und Sync Folder "eingefangen" Passwörter müssen eh geändert werden, dann kan er das auch auf diesem Rechner machen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu RegClean Pro, MyPC Backup und Sync Folder "eingefangen" |
| anleitung, backup, eingefangen, erstellen, erwischt, falsches, folge, folgendes, gefangen, gen, hallo zusammen, hilferuf, hoffe, leitung, plagegeister, problem, programme, rechner, systems, systemstart, website, würde, zusammen, zuverlässig, öffnen |
Revo Uninstaller herunter.
dann auf 
und dann auf 
.
Linear-Darstellung
