Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Vista: Firefox Ansicht ändert sich, Symbole in der Taskleiste verschwinden, oder Bildschirm wird schwarz

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Alt 30.10.2014, 21:52   #1
corvin
 
Vista: Firefox Ansicht ändert sich, Symbole in der Taskleiste verschwinden, oder Bildschirm wird schwarz - Standard

Vista: Firefox Ansicht ändert sich, Symbole in der Taskleiste verschwinden, oder Bildschirm wird schwarz



Symbole in der Taskleiste verschwinden, sind nach Neustart wieder da.
Das Scrollen (beim Läpi) geht plötzlich nicht mehr, nach Neustart ist wieder alles ok.
Oder der Mauszeiger verschwindet und der Bildschirm wird schwarz und es geht nichts mehr.
Spinne ich oder der Läpi???

FIREFOX Problem wurde gelöst!!!!

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 30-10-2014 01
Ran by kleine at 2014-10-30 21:19:04
Running from C:\Users\kleine\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Ad-Aware Antivirus (Enabled - Up to date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AS: Ad-Aware Antivirus (Enabled - Up to date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Ad-Aware Antivirus (HKLM\...\{8EEFB640-A25D-448E-9F84-3CADF173CAE4}_AdAwareUpdater) (Version: 11.4.6792.0 - Lavasoft)
AdAwareInstaller (Version: 11.4.6792.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.4.6792.0 - Lavasoft) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Agere Systems HDA Modem (HKLM\...\Agere Systems Soft Modem) (Version:  - Agere Systems)
ANNO 1602 (HKLM\...\{84F7CAD9-2316-4701-B5CA-E90FD60029E9}) (Version:  - )
AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden
AntispamEngine (Version: 2.4.2158.0 - Lavasoft) Hidden
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft MediaImpression (HKLM\...\{CCF38218-BD4A-4A4D-8EBE-735569BF89F5}) (Version: 1.2.33.353 - ArcSoft)
Atheros WLAN Client (HKLM\...\{04983D37-2202-4295-94A2-8B547C66133F}) (Version: 1.00.000 - )
Audacity 1.2.6 (HKLM\...\Audacity_is1) (Version:  - )
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Cliqz (HKLM\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com)
Easy Battery Manager (HKLM\...\{6F730513-8688-4C3C-90A3-6B9792CE2EF3}) (Version: 3.2.1.7 - )
Easy Display Manager (HKLM\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 2.0.0.0 - Samsung)
Easy Network Manager 4.0 (HKLM\...\InstallShield_{308BD058-411C-4AF2-8BF6-A6C7CFD0270D}) (Version: 4.0.0.13 - Samsung)
Easy Network Manager 4.0 (Version: 4.0.0.13 - Samsung) Hidden
Easy SpeedUp Manager (HKLM\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 2.0.1.0 - )
FirewallEngine (Version: 1.6.0.0 - Lavasoft) Hidden
FormatFactory 3.0.1 (HKLM\...\FormatFactory) (Version: 3.0.1 - Free Time)
imagine digital freedom - Samsung (HKLM\...\{00AF10C1-44BD-4862-9D7F-24E6BA3E87FD}) (Version: 1.0.2.0 - Samsung Electronics Co., LTD)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{BA5F3E0E-8F3E-47BD-88E4-AD3EB5225F51}) (Version: 12.00.2000 - Intel(R) Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Java 7 Update 65 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217065FF}) (Version: 7.0.650 - Oracle)
LAME v3.98.2 for Audacity (HKLM\...\LAME for Audacity_is1) (Version:  - )
Marvell Miniport Driver (HKLM\...\Marvell Miniport Driver) (Version: 11.45.3.3 - Marvell)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM\...\{90A40407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8003.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Small Business Connectivity Components (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SOAP Toolkit 2.0 SP2 (HKLM\...\{36BEAD11-8577-49AD-9250-E06A50AE87B0}) (Version: 623.1 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{547DCEC7-DD2A-47E9-82C7-5CF1EAB526DA}) (Version: 9.00.2047.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{2DFB5485-A3EF-4298-9280-4AF80C9F4BE9}) (Version: 9.00.2047.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 32.0.3 (x86 de) (HKLM\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MyDriveConnect 3.3.0.1502 (HKLM\...\MyDriveConnect) (Version: 3.3.0.1502 - TomTom)
NVIDIA Grafiktreiber 310.64 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 310.64 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
OnlineThreatsEngine (Version: 2.2.3.0 - Lavasoft) Hidden
OpenOffice 4.0.0 (HKLM\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.3.2 - Frank Heindörfer, Philip Chinery)
PlayCamera (HKLM\...\{804F1285-8CBF-408D-8CDC-D4D40003B2E4}) (Version: 1.0.1.7 - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5605 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
Royal Envoy™ (HKLM\...\Royal Envoy™_is1) (Version:  - Playrix Entertainment)
Samsung Magic Doctor (HKLM\...\{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}) (Version: 5.00 - Samsung Electronics Co., LTD)
Samsung Recovery Solution III (HKLM\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 3.0.0.6 - Samsung)
Samsung Update Plus (HKLM\...\InstallShield_{685707A4-911C-468D-BFC4-64A50E5E3A0C}) (Version: 1.3.0.11 - Samsung Electronics Co., LTD)
Samsung Update Plus (HKLM\...\InstallShield_{A5F483F0-2D79-4FCA-AE09-D0D96E23EBF7}) (Version: 2.0 - Samsung Electronics Co., LTD)
Samsung Update Plus (Version: 1.3.0.11 - Samsung Electronics Co., LTD) Hidden
Samsung Update Plus (Version: 2.0 - Samsung Electronics Co., LTD) Hidden
Secunia PSI (3.0.0.9016) (HKLM\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Skat XXL (HKCU\...\Skat XXL) (Version:  - )
SPCA1528 PC Driver (HKLM\...\{570C2A84-A145-4DF0-AE9D-012584DF09DC}) (Version: 2.2.4.0 - )
Spotify (HKCU\...\Spotify) (Version: 0.8.8.454.gfb120cda - Spotify AB)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.15.1 - Synaptics Incorporated)
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.29327 - TeamViewer)
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (HKLM\...\{07629207-FAA0-4F1A-8092-BF5085BE511F}) (Version: 9.00.2047.00 - Microsoft Corporation)
User Guide (HKLM\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
Vimicro UVC Camera (HKLM\...\{71A51B09-E7D3-11DB-A386-005056C00008}) (Version: 1.00.0000 - Vimicro Corporation)
Visual Studio C++ 10.0 Runtime (HKLM\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WebFilteringEngine (Version: 2.2.1.0 - Lavasoft) Hidden
WIDCOMM Bluetooth Software 6.0.1.6300 (HKLM\...\{03D1988F-469F-4843-8E6E-E5FE9D17889D}) (Version: 6.0.1.6300 - WIDCOMM, Inc.)
Windows Live Anmelde-Assistent (HKLM\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - Intel System  (10/05/2012 9.1.9.1002) (HKLM\...\1AF5F143058CA8C5C954BD408C48232FAF21A69F) (Version: 10/05/2012 9.1.9.1002 - Intel)
Windows-Treiberpaket - Intel System  (10/05/2012 9.1.9.1002) (HKLM\...\2528966896853AC8DEC09D148A501604155972BD) (Version: 10/05/2012 9.1.9.1002 - Intel)
Windows-Treiberpaket - Intel System  (10/05/2012 9.1.9.1002) (HKLM\...\AC2EE0A9AD3E95C0C675C31C13CF653A6CB3A598) (Version: 10/05/2012 9.1.9.1002 - Intel)
Windows-Treiberpaket - Intel USB  (10/05/2012 9.1.9.1002) (HKLM\...\48EC18D43DCBA26BDC1D4FFB660F86792AB475D2) (Version: 10/05/2012 9.1.9.1002 - Intel)
Windows-Treiberpaket - NVIDIA Corporation (NVHDA) MEDIA  (07/03/2012 1.3.18.0) (HKLM\...\B46A8C1640335CA36A800E2C6D832964F6F58B54) (Version: 07/03/2012 1.3.18.0 - NVIDIA Corporation)
WinRAR 5.01 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XP Codec Pack (HKLM\...\XP Codec Pack) (Version:  - )
XviD MPEG-4 Video Codec (HKLM\...\XviD_is1) (Version: XviD-1.0.2-29082004 - XviD Team (Koepi))

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4273118025-30497289-324835352-1004_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-4273118025-30497289-324835352-1004_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-4273118025-30497289-324835352-1004_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-4273118025-30497289-324835352-1004_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-4273118025-30497289-324835352-1004_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-4273118025-30497289-324835352-1004_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File

==================== Restore Points  =========================

11-10-2014 20:12:30 Geplanter Prüfpunkt
15-10-2014 17:45:32 AA11
17-10-2014 06:43:31 Windows Update
18-10-2014 17:49:15 Windows Update
22-10-2014 08:02:45 Geplanter Prüfpunkt
24-10-2014 11:51:09 Windows Update
25-10-2014 18:48:11 Geplanter Prüfpunkt
27-10-2014 13:59:59 Geplanter Prüfpunkt
28-10-2014 12:35:00 Windows Update
30-10-2014 08:08:15 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 11:23 - 2014-03-23 21:22 - 00078607 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 08sr.combineads.info # hosts anti-adware / pups
127.0.0.1 08srvr.combineads.info # hosts anti-adware / pups
127.0.0.1 12srvr.combineads.info # hosts anti-adware / pups
127.0.0.1 2010-fr.com # hosts anti-adware / pups
127.0.0.1 2012-new.biz # hosts anti-adware / pups
127.0.0.1 212link.com # hosts anti-adware / pups
127.0.0.1 2319825.ourtoolbar.com # hosts anti-adware / pups
127.0.0.1 24h00business.com # hosts anti-adware / pups
127.0.0.1 a.adorika.net # hosts anti-adware / pups
127.0.0.1 a.ad-sys.com # hosts anti-adware / pups
127.0.0.1 a.daasafterdusk.com # hosts anti-adware / pups
127.0.0.1 ad.adn360.com # hosts anti-adware / pups
127.0.0.1 adeartss.eu # hosts anti-adware / pups
127.0.0.1 adesoeasy.eu # hosts anti-adware / pups
127.0.0.1 adf.girldatesforfree.net # hosts anti-adware / pups
127.0.0.1 adm.soft365.com # hosts anti-adware / pups
127.0.0.1 adomicileavail.googlepages.com # hosts anti-adware / pups
127.0.0.1 ads7.complexadveising.com # hosts anti-adware / pups
127.0.0.1 ads.adplxmd.com # hosts anti-adware / pups
127.0.0.1 ads.aff.co # hosts anti-adware / pups
127.0.0.1 ads.alpha00001.com # hosts anti-adware / pups
127.0.0.1 ads.cloud4ads.com # hosts anti-adware / pups
127.0.0.1 ads.egdating.net # hosts anti-adware / pups
127.0.0.1 ads.eorezo.com # hosts anti-adware / pups
127.0.0.1 ads.hooqy.com # hosts anti-adware / pups
127.0.0.1 ads.pornerbros.com # hosts anti-adware / pups
127.0.0.1 ads.realken.com # hosts anti-adware / pups
127.0.0.1 ads.regiedepub.com # hosts anti-adware / pups
127.0.0.1 ads.sucomspot.com # hosts anti-adware / pups

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0E935E62-1D7B-4E30-AB0D-2807DA10CB83} - System32\Tasks\SamsungMagicDoctor => C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe [2007-07-04] (Samsung Electronics Co., Ltd.)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {512087C4-C3C2-4F1C-B8D6-6D622A0A63FA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {6348F453-7648-43E7-A11B-3ED4D8D0B2A7} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {70123431-D3B0-44E9-8554-1A05B93730AD} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [2008-05-22] (SAMSUNG Electronics)
Task: {90255043-B028-41AF-B007-6EED10787515} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe [2008-04-17] (SAMSUNG Electronics co., LTD.)
Task: {C6D1C84C-0891-4E7E-B2D4-8B200E31F411} - System32\Tasks\EasySpeedUpManager => C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2008-04-25] (Samsung Electronics Co., Ltd.)
Task: {C88CD5CB-B30A-4A91-A310-84715F1796DD} - System32\Tasks\SupBackGroundTask => C:\Program Files\Samsung\Samsung Update Plus\SUPBackGround.exe [2010-04-20] ()
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {FAF58D27-CFD2-46AB-9931-EA3C4C25CCB6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\SupBackGroundTask.job => C:\Program Files\Samsung\Samsung Update Plus\SUPBackGround.exe

==================== Loaded Modules (whitelisted) =============

2011-02-09 11:33 - 2010-06-17 21:56 - 00116224 _____ () C:\Windows\System32\redmonnt.dll
2014-10-15 12:56 - 2014-10-15 12:56 - 00656376 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe
2014-10-15 13:06 - 2014-10-15 13:06 - 00087896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_thread-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00022360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_system-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00030040 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_chrono-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00048480 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_date_time-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00107872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_filesystem-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 10343760 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareServiceKernel.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 02423600 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\RCF.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00638296 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_regex-vc100-mt-1_55.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 00580424 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareActivation.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 01658200 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareApplicationUpdater.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00642376 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareGamingMode.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00087360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareReset.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00105280 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTime.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00754520 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareDefinitionsUpdater.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00693096 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00868680 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareIgnoreList.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00209224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareQuarantine.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 00780120 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiMalwareEngine.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 00174936 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiRootkitEngine.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00870736 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScannerHistory.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 01003328 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScanner.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00030552 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_timer-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00769368 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScannerScheduler.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00856408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareRealTimeProtection.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00190800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareIncompatibles.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 00705352 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiSpam.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 00669008 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiPhishing.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 02363216 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareParentalControl.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 02613584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareWebProtection.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00834896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareEmailProtection.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00999256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareNetworkProtection.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00796992 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwarePromo.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00286536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareFeedback.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 02124120 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareThreatWorkAlliance.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00998720 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwarePinCode.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00796992 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareNotice.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 00760136 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAvcEngine.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00926568 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareRealTimeProtectionHistory.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00123712 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\SecurityCenter.dll
2013-12-15 22:27 - 2013-07-17 17:09 - 00135288 _____ () C:\Windows\system32\bdfwcore.dll
2014-06-03 20:29 - 2014-07-07 20:36 - 00663552 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc2\ashttpbr.mdl
2014-06-03 20:29 - 2014-07-07 20:36 - 00478208 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc2\ashttpdsp.mdl
2014-06-03 20:29 - 2014-07-07 20:36 - 02113536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc2\ashttpph.mdl
2014-06-03 20:29 - 2014-07-07 20:36 - 01112064 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc2\ashttprbl.mdl
2008-09-12 05:03 - 2006-08-12 04:48 - 00049152 _____ () C:\Program Files\Samsung\Samsung Magic Doctor\HookDllPS2.dll
2008-09-12 05:03 - 2006-08-12 04:48 - 00049152 _____ () C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 02560336 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareShellExtension.dll
2014-03-17 11:59 - 2014-03-17 11:59 - 00026488 _____ () C:\Program Files\MyDrive Connect\DeviceDetection.dll
2014-03-17 11:58 - 2014-03-17 11:58 - 00082808 _____ () C:\Program Files\MyDrive Connect\TomTomSupporterBase.dll
2014-03-17 11:58 - 2014-03-17 11:58 - 00357752 _____ () C:\Program Files\MyDrive Connect\TomTomSupporterProxy.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 07670592 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe
2014-10-15 13:06 - 2014-10-15 13:06 - 00405848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_locale-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 01626432 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\HtmlFramework.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00056632 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\DllStorage.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00870224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTrayDefaultSkin.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00641344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\Localization.dll
2014-09-24 20:15 - 2014-09-24 20:15 - 03715184 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-09-10 13:15 - 2014-09-10 13:15 - 16825520 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:4CF61E54
AlternateDataStreams: C:\Users\kleine\Desktop\Klaus der kleine Pinguin [ukulele].mp4:TOC.WMV

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-4273118025-30497289-324835352-500 - Administrator - Disabled)
Gast (S-1-5-21-4273118025-30497289-324835352-501 - Limited - Disabled)
kleine (S-1-5-21-4273118025-30497289-324835352-1003 - Administrator - Enabled) => C:\Users\kleine
UpdatusUser (S-1-5-21-4273118025-30497289-324835352-1004 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/30/2014 09:00:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/30/2014 08:24:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/30/2014 00:31:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/30/2014 08:08:08 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/29/2014 09:21:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm ckskat.exe, Version 1.5.0.1 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 12a8
Anfangszeit: 01cff3b5e1708c02
Zeitpunkt der Beendigung: 31

Error: (10/29/2014 09:21:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm ckskat.exe, Version 1.5.0.1 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 1638
Anfangszeit: 01cff3b5949204e2
Zeitpunkt der Beendigung: 46

Error: (10/29/2014 09:19:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm ckskat.exe, Version 1.5.0.1 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: ca0
Anfangszeit: 01cff3b56f5240a2
Zeitpunkt der Beendigung: 16

Error: (10/29/2014 09:11:50 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\KLEINE\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\1QV2WD4L.DEFAULT\SAFEBROWSING-TO_DELETE> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (10/29/2014 07:39:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/29/2014 01:15:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (10/30/2014 09:04:28 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x80070032

Error: (10/30/2014 09:00:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: SPCA1528 Video Camera Service%%1058

Error: (10/30/2014 09:00:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (10/30/2014 08:58:44 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 412) (User: NT-AUTORITÄT)
Description: 2147942402

Error: (10/30/2014 08:58:38 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 30.10.2014 um 20:56:56 unerwartet heruntergefahren.

Error: (10/30/2014 08:26:16 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x80070032

Error: (10/30/2014 08:24:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: SPCA1528 Video Camera Service%%1058

Error: (10/30/2014 08:24:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (10/30/2014 08:23:00 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 412) (User: NT-AUTORITÄT)
Description: 2147942402

Error: (10/30/2014 00:33:48 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x80070032


Microsoft Office Sessions:
=========================
Error: (10/30/2014 09:00:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/30/2014 08:24:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/30/2014 00:31:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/30/2014 08:08:08 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/29/2014 09:21:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: ckskat.exe1.5.0.112a801cff3b5e1708c0231

Error: (10/29/2014 09:21:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: ckskat.exe1.5.0.1163801cff3b5949204e246

Error: (10/29/2014 09:19:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: ckskat.exe1.5.0.1ca001cff3b56f5240a216

Error: (10/29/2014 09:11:50 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\KLEINE\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\1QV2WD4L.DEFAULT\SAFEBROWSING-TO_DELETE

Error: (10/29/2014 07:39:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/29/2014 01:15:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2014-03-04 21:09:14.349
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Ad-Aware Browsing Protection\adawarebp.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-04 21:09:14.337
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Ad-Aware Browsing Protection\adawarebp.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-04 21:09:12.650
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Ad-Aware Browsing Protection\adawarebp.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-04 21:09:12.639
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Ad-Aware Browsing Protection\adawarebp.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-04 21:09:12.024
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Ad-Aware Browsing Protection\adawarebp.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-04 21:09:12.022
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Ad-Aware Browsing Protection\adawarebp.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-04 21:08:24.394
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Ad-Aware Browsing Protection\adawarebp.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-04 21:08:24.391
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Ad-Aware Browsing Protection\adawarebp.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-04 21:08:22.987
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Ad-Aware Browsing Protection\adawarebp.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-04 21:08:22.976
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Ad-Aware Browsing Protection\adawarebp.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz
Percentage of memory in use: 48%
Total physical RAM: 3065.87 MB
Available physical RAM: 1567.84 MB
Total Pagefile: 6356.14 MB
Available Pagefile: 4988.95 MB
Total Virtual: 2047.88 MB
Available Virtual: 1893.52 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:144.09 GB) (Free:19.4 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:144 GB) (Free:143.87 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 0201FF32)
Partition 1: (Not Active) - (Size=10 GB) - (Type=27)
Partition 2: (Active) - (Size=144.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=144 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 30-10-2014 01
Ran by kleine (administrator) on KLEINE-PC on 30-10-2014 21:17:28
Running from C:\Users\kleine\Desktop
Loaded Profiles: kleine & UpdatusUser (Available profiles: kleine & UpdatusUser)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Secunia) C:\Program Files\Secunia\PSI\psia.exe
(Secunia) C:\Program Files\Secunia\PSI\sua.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(TomTom) C:\Program Files\MyDrive Connect\MyDriveConnect.exe
(Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Ad-Aware Browsing Protection] => C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [559696 2013-09-27] (Lavasoft)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2416368 2013-02-25] (Synaptics Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6111232 2008-04-17] (Realtek Semiconductor)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe [7670592 2014-10-15] ()
HKU\S-1-5-21-4273118025-30497289-324835352-1003\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-4273118025-30497289-324835352-1003\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-4273118025-30497289-324835352-1003\...\Run: [MyDriveConnect.exe] => C:\Program Files\MyDrive Connect\MyDriveConnect.exe [473464 2014-03-17] (TomTom)
HKU\S-1-5-21-4273118025-30497289-324835352-1004\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
SearchScopes: HKCU - {2BA770C2-E3A0-438F-90BC-C507DF624B32} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=827316&p={searchTerms}
SearchScopes: HKCU - {44F87947-6CB0-4DC7-B01A-0C6A184CE044} URL = hxxp://suche.web.de/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin
SearchScopes: HKCU - {572D9AB0-4614-4D0A-83C3-BD5F7D01CEBC} URL = hxxp://suche.gmx.net/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin
SearchScopes: HKCU - {5A5C2038-9BC0-43F2-91BD-2C638D6BA9F6} URL = hxxp://go.web.de/suchbox/amazon/?keywords={searchTerms}
SearchScopes: HKCU - {5C895343-C9EC-4445-AA9F-E7D85DAAC8EA} URL = hxxp://go.web.de/suchbox/smartshopping/?searchText={searchTerms}&mc=searchplugin@suche@msie.suche@preisvergleich
SearchScopes: HKCU - {CD376ED7-26AA-4576-B779-6817F0068E63} URL = hxxp://search.1und1.de/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\kleine\AppData\Roaming\Mozilla\Firefox\Profiles\1qv2wd4l.default
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.0.313\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\kleine\AppData\Roaming\Mozilla\Firefox\Profiles\1qv2wd4l.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\kleine\AppData\Roaming\Mozilla\Firefox\Profiles\1qv2wd4l.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\kleine\AppData\Roaming\Mozilla\Firefox\Profiles\1qv2wd4l.default\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\kleine\AppData\Roaming\Mozilla\Firefox\Profiles\1qv2wd4l.default\searchplugins\google-maps.xml
FF SearchPlugin: C:\Users\kleine\AppData\Roaming\Mozilla\Firefox\Profiles\1qv2wd4l.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\kleine\AppData\Roaming\Mozilla\Firefox\Profiles\1qv2wd4l.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Cliqz Beta - C:\Users\kleine\AppData\Roaming\Mozilla\Firefox\Profiles\1qv2wd4l.default\Extensions\cliqz@cliqz.com.xpi [2014-10-30]
FF Extension: CookieCuller - C:\Users\kleine\AppData\Roaming\Mozilla\Firefox\Profiles\1qv2wd4l.default\Extensions\{99B98C2C-7274-45a3-A640-D9DF1A1C8460}.xpi [2014-03-04]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-09-24]
FF HKCU\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\kleine\AppData\Roaming\Mozilla\Firefox\Profiles\1qv2wd4l.default\extensions\cliqz@cliqz.com

Chrome: 
=======
CHR Profile: C:\Users\kleine\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx [2014-01-17]
CHR HKLM\...\Chrome\Extension: [phegaokedjdajgnfphbnpkcfdgjbidko] - C:\ProgramData\adawaretb\toolbar\chrome\toolbar.crx [2014-01-17]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [819200 2008-05-23] (Intel(R) Corporation) [File not signed]
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe [656376 2014-10-15] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.0.313\McCHSvc.exe [234776 2012-10-26] (McAfee, Inc.)
R2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [466944 2008-05-23] (Intel(R) Corporation) [File not signed]
S2 Samsung Update Plus; C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe [77480 2008-05-13] () [File not signed]
R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
S2 wtmprovhost; C:\Windows\system32\VAN32.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
R1 BdfNdisf; c:\program files\lavasoft\ad-aware antivirus\firewall engine\1.6.0.0\drivers\bdfndisf6.sys [77192 2013-07-17] (BitDefender LLC)
R1 bdftdif; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdftdif.sys [130640 2013-07-17] (BitDefender LLC)
S3 Bulk1528; C:\Windows\System32\Drivers\Bulk1528.sys [14080 2009-10-20] (SunPlus)
S2 Ca1528av; C:\Windows\System32\Drivers\Ca1528av.sys [516480 2008-12-16] (Digital Camera)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [13560 2013-07-01] (GFI Software)
R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys [165744 2014-04-22] (BitDefender LLC)
R2 KMDFMEMIO; C:\Windows\System32\DRIVERS\kmdfmemio.sys [13312 2008-09-12] (SAMSUNG ELECTRONICS CO., LTD.)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2013-12-06] (Secunia)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [360376 2014-04-22] (BitDefender S.R.L.)
R3 VMC302; C:\Windows\System32\Drivers\VMC302.sys [243840 2009-01-23] (Vimicro Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-30 21:17 - 2014-10-30 21:18 - 00013628 _____ () C:\Users\kleine\Desktop\FRST.txt
2014-10-30 21:17 - 2014-10-30 21:17 - 00000000 ____D () C:\FRST
2014-10-30 21:16 - 2014-10-30 21:16 - 01105408 _____ (Farbar) C:\Users\kleine\Desktop\FRST.exe
2014-10-30 21:12 - 2014-10-30 21:13 - 00000474 _____ () C:\Users\kleine\Desktop\defogger_disable.log
2014-10-30 21:12 - 2014-10-30 21:12 - 00000000 _____ () C:\Users\kleine\defogger_reenable
2014-10-30 21:11 - 2014-10-30 21:11 - 00050477 _____ () C:\Users\kleine\Desktop\Defogger.exe
2014-10-29 21:28 - 2014-10-29 21:28 - 00000924 _____ () C:\Users\kleine\Desktop\Skat XXL.lnk
2014-10-29 21:26 - 2014-10-29 21:26 - 00000000 ____D () C:\Users\kleine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaGlobe
2014-10-29 21:25 - 2014-10-29 21:25 - 00000000 ____D () C:\Program Files\Meglo
2014-10-29 21:25 - 2011-05-13 12:16 - 00493056 _____ ( datenhaus GmbH) C:\Windows\system32\dhRichClient3.dll
2014-10-29 21:25 - 2011-03-25 20:42 - 00338432 _____ () C:\Windows\system32\sqlite36_engine.dll
2014-10-29 21:23 - 2014-10-29 21:23 - 01125200 _____ () C:\Users\kleine\Desktop\Skat XXL - CHIP-Installer.exe
2014-10-24 07:52 - 2014-10-24 07:53 - 00204416 _____ () C:\Windows\Minidump\Mini102414-01.dmp
2014-10-18 19:10 - 2014-06-15 23:18 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-18 19:10 - 2014-06-13 19:22 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-18 19:10 - 2014-06-13 19:22 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-18 19:04 - 2014-09-28 00:29 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-18 18:55 - 2014-09-05 00:27 - 00143360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2014-10-18 18:50 - 2014-09-16 17:56 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-17 07:50 - 2014-09-19 23:36 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-17 07:50 - 2014-09-19 23:35 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-17 07:50 - 2014-09-19 23:35 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-10-17 07:50 - 2014-09-19 23:34 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-17 07:50 - 2014-09-19 23:34 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-10-17 07:49 - 2014-09-19 23:53 - 12364288 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-17 07:49 - 2014-09-19 23:44 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-17 07:49 - 2014-09-19 23:41 - 09739776 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-17 07:49 - 2014-09-19 23:39 - 01138688 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-17 07:49 - 2014-09-19 23:38 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-17 07:49 - 2014-09-19 23:37 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-17 07:49 - 2014-09-19 23:36 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-10-17 07:49 - 2014-09-19 23:36 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-17 07:49 - 2014-09-19 23:35 - 01802752 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-17 07:49 - 2014-09-19 23:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-10-17 07:49 - 2014-09-19 23:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-17 07:49 - 2014-09-19 23:34 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-17 07:49 - 2014-09-19 23:34 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-17 07:49 - 2014-09-19 23:34 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-17 07:49 - 2014-09-19 23:34 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-10-17 07:49 - 2014-09-19 23:33 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 18:47 - 2014-10-15 18:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2014-10-15 18:46 - 2014-10-15 18:46 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-10-15 18:44 - 2014-10-15 18:44 - 02806920 _____ () C:\Users\kleine\Downloads\Adaware_Installer(6).exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-30 21:15 - 2012-04-21 18:22 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-30 21:15 - 2006-11-02 13:47 - 00004784 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-30 21:15 - 2006-11-02 13:47 - 00004784 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-30 21:12 - 2008-12-17 00:53 - 00000000 ____D () C:\Users\kleine
2014-10-30 21:05 - 2006-11-02 11:33 - 00271572 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-30 21:04 - 2009-02-08 14:35 - 01768695 _____ () C:\Windows\WindowsUpdate.log
2014-10-30 21:00 - 2013-05-27 21:57 - 00000000 ____D () C:\ProgramData\Ad-Aware Browsing Protection
2014-10-30 20:59 - 2013-12-15 22:27 - 00002204 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-10-30 20:58 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-30 13:35 - 2008-09-12 20:41 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-10-30 13:35 - 2006-11-02 14:01 - 00032628 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-24 07:52 - 2013-06-24 19:57 - 234298996 _____ () C:\Windows\MEMORY.DMP
2014-10-24 07:52 - 2013-06-24 19:57 - 00000000 ____D () C:\Windows\Minidump
2014-10-21 20:26 - 2012-11-20 21:32 - 00000000 ____D () C:\Users\kleine\Desktop\ebay
2014-10-20 20:18 - 2009-02-18 18:57 - 00000000 ____D () C:\Users\kleine\Desktop\Corvin
2014-10-18 20:45 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-10-18 19:30 - 2013-05-27 07:59 - 00394616 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-18 19:02 - 2013-07-16 22:56 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-18 18:55 - 2006-11-02 11:24 - 100290944 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-10-13 19:17 - 2008-12-16 18:38 - 00045568 _____ () C:\Users\kleine\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-02 14:53 - 2009-10-03 23:07 - 00231568 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Some content of TEMP:
====================
C:\Users\kleine\AppData\Local\temp\Install_HOSTS_Anti-Adware.exe
C:\Users\kleine\AppData\Local\temp\sdanircmdc.exe
C:\Users\kleine\AppData\Local\temp\sdapskill.exe
C:\Users\kleine\AppData\Local\temp\sdaspwn.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-30 21:07

==================== End Of Log ============================
         
--- --- ---


Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 21:12 on 30/10/2014 (kleine)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-10-30 21:42:34
Windows 6.0.6002 Service Pack 2 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.FB4O 298,09GB
Running: Gmer-19357.exe; Driver: C:\Users\kleine\AppData\Local\Temp\awdiipod.sys


---- Devices - GMER 2.1 ----

AttachedDevice  \Driver\tdx \Device\Tcp                                                                          bdftdif.sys
AttachedDevice  \Driver\tdx \Device\Udp                                                                          bdftdif.sys

---- Registry - GMER 2.1 ----

Reg             HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001fe1fa0371                      
Reg             HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001fe1fc199b                      
Reg             HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001fe1fa0371 (not active ControlSet)  
Reg             HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001fe1fc199b (not active ControlSet)  

---- Disk sectors - GMER 2.1 ----

Disk            \Device\Harddisk0\DR0                                                                            unknown MBR code

---- EOF - GMER 2.1 ----
         

Geändert von corvin (30.10.2014 um 22:01 Uhr) Grund: Firefox-problem wurde gelöst

 

Themen zu Vista: Firefox Ansicht ändert sich, Symbole in der Taskleiste verschwinden, oder Bildschirm wird schwarz
bluescreen 0x80070032 error:, device driver, fehlercode 0x5, msil/downloadguide.d, pup.optional.certifiedtoolbar.a, pup.optional.mysearchdial.a, pup.optional.plushd.a, pup.optional.snapdo.t, win32/downloadsponsor.a, win32/toolbar.visicom.a, win32/toolbar.visicom.b, win32/toolbar.visicom.c, win32/winloadsda.d




Ähnliche Themen: Vista: Firefox Ansicht ändert sich, Symbole in der Taskleiste verschwinden, oder Bildschirm wird schwarz


  1. data://(null), Ihnen wird die Ansicht/Lagerung und/oder Vertrieb von verbotenen....
    Smartphone, Tablet & Handy Security - 01.03.2016 (10)
  2. Windows 8.1: Bildschirm wird schwarz, fehlerhafte Texteingabe
    Log-Analyse und Auswertung - 22.08.2015 (5)
  3. Bildschirm wird mitten in der Sitzung schwarz
    Plagegeister aller Art und deren Bekämpfung - 11.11.2014 (38)
  4. Windows 7 - nur Schwarzer Bildschirm, Anmeldung blind möglich aber keine Desktop Symbole oder Taskleiste
    Log-Analyse und Auswertung - 06.11.2014 (15)
  5. Bildschirm kurz schwarz taskleiste ca 2 minuten verfaerbt
    Plagegeister aller Art und deren Bekämpfung - 04.05.2014 (3)
  6. Win XP Taskleiste reagiert nach Start nicht, wird schwarz und wenn sie wieder funzt sind nur drei Symbole neben der Uhr
    Alles rund um Windows - 03.10.2013 (3)
  7. Vista mit gesperrtem Bildschirm - zunächst weiß, dann verlaufend zu schwarz
    Plagegeister aller Art und deren Bekämpfung - 15.08.2013 (9)
  8. Trojaner, Desktop-Symbole und Startleiste verschwinden
    Plagegeister aller Art und deren Bekämpfung - 03.11.2012 (9)
  9. Desktop wird nur noch einfarbig symbole verschwinden
    Plagegeister aller Art und deren Bekämpfung - 08.07.2011 (3)
  10. Windowsfehlermeldungen und Symbole verschwinden
    Alles rund um Windows - 10.11.2010 (6)
  11. Taskleiste/Symbole verschwinden, Fehler bei Initialisierung/dll
    Log-Analyse und Auswertung - 09.11.2010 (4)
  12. Vista: beim Hochfahren bleibt Bildschirm schwarz
    Plagegeister aller Art und deren Bekämpfung - 25.09.2009 (5)
  13. Desktop symbole verschwinden
    Log-Analyse und Auswertung - 31.07.2009 (13)
  14. Text, Schrift und Symbole verschwinden
    Alles rund um Windows - 19.04.2008 (2)
  15. bildschirm wird nach start schwarz
    Alles rund um Windows - 15.03.2008 (0)
  16. Bildschirm wird ständig schwarz - Virus?
    Plagegeister aller Art und deren Bekämpfung - 05.07.2007 (4)
  17. Bildschirm wird schwarz und Rechner fährt runter
    Plagegeister aller Art und deren Bekämpfung - 30.05.2005 (6)

Zum Thema Vista: Firefox Ansicht ändert sich, Symbole in der Taskleiste verschwinden, oder Bildschirm wird schwarz - Symbole in der Taskleiste verschwinden, sind nach Neustart wieder da. Das Scrollen (beim Läpi) geht plötzlich nicht mehr, nach Neustart ist wieder alles ok. Oder der Mauszeiger verschwindet und der - Vista: Firefox Ansicht ändert sich, Symbole in der Taskleiste verschwinden, oder Bildschirm wird schwarz...
Archiv
Du betrachtest: Vista: Firefox Ansicht ändert sich, Symbole in der Taskleiste verschwinden, oder Bildschirm wird schwarz auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.