|
Plagegeister aller Art und deren Bekämpfung: DHLBenachrichtigung.zipWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
04.03.2015, 21:31 | #1 |
| DHLBenachrichtigung.zip Hallo Leute! Meine mir Zugemutete hat mir heute mitgeteilt, dass die von DHL zugeschickte Benachrichtigung nicht funktioniert Das heißt wohl, dass ich vermutlich auch stolzer Besitzer eines Trojaners bin, was sich zwischenzeitlich schon etwas negativ auf den Haussegen ausgewirkt hat. Hoffe, dass ihr mir bei meinem Dilemma helfen könnt und danke euch jetzt schon mal für eure Bemühungen! FRST: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-03-2015 Ran by Harald (administrator) on HOME on 04-03-2015 20:38:20 Running from C:\Dokumente und Einstellungen\Harald\Desktop Loaded Profiles: Harald (Available profiles: Harald & Gaby) Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Deutsch (Deutschland) Internet Explorer Version 8 (Default browser path: "C:\Programme\Opera\Opera.exe") Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe (AVG Technologies CZ, s.r.o.) F:\Programme\AVG\avgchsvx.exe (AVG Technologies CZ, s.r.o.) F:\Programme\AVG\avgrsx.exe (AVG Technologies CZ, s.r.o.) F:\Programme\AVG\avgcsrvx.exe (AVG Technologies CZ, s.r.o.) F:\Programme\AVG\avgwdsvc.exe (Apple Inc.) C:\Programme\Bonjour\mDNSResponder.exe (Hewlett-Packard Company) C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Microsoft Corporation) C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe () C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe () C:\WINDOWS\system32\PnkBstrA.exe (DEVGURU Co., LTD.) C:\Programme\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe (AVG Technologies CZ, s.r.o.) F:\Programme\AVG\avgemc.exe (AVG Technologies CZ, s.r.o.) F:\Programme\AVG\avgnsx.exe (AVG Technologies CZ, s.r.o.) F:\Programme\AVG\avgcsrvx.exe (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe (Analog Devices, Inc.) C:\Programme\Analog Devices\Core\smax4pnp.exe () C:\Programme\ASUS\AI Suite\AiNap\AiNap.exe (Hagel Technologies Ltd) F:\Tools\DU Meter\DUMeter.exe (Advanced Micro Devices Inc.) C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe () C:\Programme\ASUS\AASP\1.00.59\aaCenter.exe (Microsoft Corporation) F:\Programme\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation) F:\PROGRA~1\MICROS~2\rapimgr.exe (Logitech, Inc.) C:\Programme\Logitech\SetPoint\SetPoint.exe (Opera Software) C:\Programme\Opera\opera.exe (Renier Crause) F:\Programme\PopTray\PopTray.exe (ATI Technologies Inc.) C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Logitech, Inc.) C:\Programme\Gemeinsame Dateien\Logishrd\KHAL2\KHALMNPR.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SoundMAXPnP] => C:\Programme\Analog Devices\Core\smax4pnp.exe [868352 2006-12-18] (Analog Devices, Inc.) HKLM\...\Run: [SoundMAX] => C:\Programme\Analog Devices\SoundMAX\Smax4.exe [729088 2006-07-13] (Analog Devices, Inc.) HKLM\...\Run: [Ai Nap] => C:\Programme\ASUS\AI Suite\AiNap\AiNap.exe [1413120 2008-01-28] () HKLM\...\Run: [CPU Power Monitor] => C:\Programme\ASUS\AI Suite\AiGear3\CpuPowerMonitor.exe [627200 2008-01-09] () HKLM\...\Run: [Cpu Level Up help] => C:\Programme\ASUS\AI Suite\CpuLevelUpHelp.exe [881152 2007-11-30] () HKLM\...\Run: [ASUS Energy Saving] => C:\Programme\ASUS\AI Suite\EnergySaving\PwSave.exe [1352704 2008-01-28] () HKLM\...\Run: [DU Meter] => F:\Tools\DU Meter\DUMeter.exe [1587224 2006-11-27] (Hagel Technologies Ltd) HKLM\...\Run: [InstalledTime] => 1-27-2014 HKLM\...\Run: [ASUSPRP] => C:\Programme\ASUS\APRP\APRP.EXE [3220640 2013-08-27] (ASUSTek Computer Inc.) HKLM\...\Run: [StartCCC] => C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2013-12-23] (Advanced Micro Devices, Inc.) HKLM\...\Run: [QuickTime Task] => C:\Programme\QuickTime\qttask.exe [421888 2011-10-24] (Apple Inc.) HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\WINDOWS\KHALMNPR.EXE [55824 2009-06-17] (Logitech, Inc.) HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k HKLM\...\Run: [SunJavaUpdateSched] => "C:\Programme\Java\jre1.8.0_31\bin\jusched.exe" Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.) Winlogon\Notify\avgrsstarter: C:\WINDOWS\system32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) Winlogon\Notify\LBTWlgn: c:\programme\gemeinsame dateien\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKU\S-1-5-21-854245398-790525478-839522115-1003\...\Run: [H/PC Connection Agent] => F:\Programme\Microsoft ActiveSync\wcescomm.exe [1289000 2006-11-13] (Microsoft Corporation) HKU\S-1-5-21-854245398-790525478-839522115-1003\...\Run: [] => [X] HKU\S-1-5-21-854245398-790525478-839522115-1003\...\MountPoints2: {4da9df78-0d2e-11e0-8bae-001e8c9c44a0} - R:\NokiaPCIA_Autorun.exe Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech SetPoint.lnk ShortcutTarget: Logitech SetPoint.lnk -> C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.) Startup: C:\Dokumente und Einstellungen\Harald\Startmenü\Programme\Autostart\PopTray.lnk ShortcutTarget: PopTray.lnk -> F:\Programme\PopTray\PopTray.exe (Renier Crause) BootExecute: autocheck autochk * ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-854245398-790525478-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKU\S-1-5-21-854245398-790525478-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> F:\Programme\AVG\avgssie.dll (AVG Technologies CZ, s.r.o.) BHO: SSVHelper Class -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Programme\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Programme\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation) DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab DPF: {CAFEEFAC-0018-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\System32\msvidctl.dll (Microsoft Corporation) Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - F:\Programme\AVG\avgpp.dll (AVG Technologies CZ, s.r.o.) Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll (Microsoft Corporation) Winsock: Catalog5 04 C:\Programme\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 92.243.32.40 194.112.145.60 FireFox: ======== FF ProfilePath: C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Mozilla\Firefox\Profiles\iej40zxr.default-1358705011781 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll () FF Plugin: @Apple.com/iTunes,version=1.0 -> F:\Programme\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin: @eleco.com/o2cplayer -> F:\Programme\o2c Player\npO2CPlayer.DLL (Eleco plc) FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Programme\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Programme\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @nokia.com/EnablerPlugin -> C:\Programme\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( ) FF Extension: Greasemonkey - C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Mozilla\Firefox\Profiles\iej40zxr.default-1358705011781\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-01-20] FF Extension: Java Console - C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2015-01-27] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-11-13] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55144 2011-10-09] (Apple Inc.) R2 Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [643072 2013-12-23] (ATI Technologies Inc.) [File not signed] R2 avg9emc; F:\Programme\AVG\avgemc.exe [921952 2010-07-21] (AVG Technologies CZ, s.r.o.) R2 avg9wd; F:\Programme\AVG\avgwdsvc.exe [308136 2010-07-15] (AVG Technologies CZ, s.r.o.) R2 Bonjour Service; C:\Programme\Bonjour\mDNSResponder.exe [390504 2011-08-30] (Apple Inc.) S3 iPod Service; C:\Programme\iPod\bin\iPodService.exe [821608 2011-10-09] (Apple Inc.) S3 LBTServ; C:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTServ.exe [121360 2009-07-20] (Logitech, Inc.) R2 LightScribeService; C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe [75304 2007-04-19] (Hewlett-Packard Company) R2 MDM; C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe [322120 2003-06-19] (Microsoft Corporation) S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [114800 2015-01-27] (Mozilla Foundation) S3 NBService; F:\Programme\Nero 7\Nero BackItUp\NBService.exe [792112 2007-04-13] (Nero AG) S3 NMIndexingService; C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe [271920 2007-05-08] (Nero AG) R2 PassThru Service; C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe [87040 2011-08-12] () [File not signed] R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [66872 2008-05-03] () S3 ServiceLayer; C:\Programme\PC Connectivity Solution\ServiceLayer.exe [737616 2013-04-18] (Nokia) R2 ss_conn_service; C:\Programme\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.) S3 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2006-11-03] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 AsIO; C:\WINDOWS\System32\drivers\AsIO.sys [12400 2007-12-18] () R2 Aspi32; C:\WINDOWS\system32\Drivers\Aspi32.sys [25244 1999-09-10] (Adaptec) R3 ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [6852096 2013-12-23] (ATI Technologies Inc.) [File not signed] R3 AtiHDAudioService; C:\WINDOWS\System32\drivers\AtihdXP3.sys [103040 2012-05-14] (Advanced Micro Devices) R1 AvgLdx86; C:\WINDOWS\System32\Drivers\avgldx86.sys [226016 2013-01-15] (AVG Technologies CZ, s.r.o.) R1 AvgMfx86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [29712 2011-09-13] (AVG Technologies CZ, s.r.o.) R1 AvgTdiX; C:\WINDOWS\System32\Drivers\avgtdix.sys [243152 2011-05-05] (AVG Technologies CZ, s.r.o.) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation) R0 JGOGO; C:\WINDOWS\System32\DRIVERS\JGOGO.sys [6912 2006-02-07] (JMicron ) R0 JRAID; C:\WINDOWS\System32\DRIVERS\jraid.sys [46208 2007-03-24] (JMicron Technology Corp.) R3 LEqdUsb; C:\WINDOWS\System32\Drivers\LEqdUsb.Sys [40720 2009-06-17] (Logitech, Inc.) R3 LHidEqd; C:\WINDOWS\System32\Drivers\LHidEqd.Sys [10384 2009-06-17] (Logitech, Inc.) R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] () S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation) S3 OVT511Plus; C:\WINDOWS\System32\Drivers\omcamvid.sys [167816 2001-10-18] (OmniVision Technologies, Inc.) [File not signed] S3 RTLWUSB; C:\WINDOWS\System32\DRIVERS\RTL8187.sys [332928 2008-06-27] (Realtek Semiconductor Corporation ) R3 SenFiltService; C:\WINDOWS\System32\drivers\Senfilt.sys [392960 2006-03-17] (Sensaura) S3 wceusbsh; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [28672 2006-11-06] (Microsoft Corporation) S3 yukonwxp; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [265856 2007-08-15] (Marvell) S3 eaps2kbd; system32\DRIVERS\eaps2kbd.sys [X] S4 hpt3xx; No ImagePath S4 IntelIde; No ImagePath S3 SANDRA; \??\F:\Tools\SiSoftware Sandra Lite XII.SP2c\WNt500x86\Sandra.sys [X] U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-04 20:38 - 2015-03-04 20:38 - 00014388 _____ () C:\Dokumente und Einstellungen\Harald\Desktop\FRST.txt 2015-03-04 20:38 - 2015-03-04 20:38 - 00000000 ____D () C:\FRST 2015-03-04 20:36 - 2015-03-04 20:36 - 01132544 _____ (Farbar) C:\Dokumente und Einstellungen\Harald\Desktop\FRST.exe 2015-02-03 16:07 - 2015-02-03 16:07 - 00000000 ____D () C:\Programme\SAMSUNG 2015-02-03 16:07 - 2014-10-13 06:57 - 00184192 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys 2015-02-03 16:07 - 2014-10-13 06:57 - 00089856 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-04 20:38 - 2008-04-28 21:42 - 00000000 ____D () C:\Dokumente und Einstellungen\Harald\Lokale Einstellungen\Temp 2015-03-04 20:25 - 2008-05-01 14:40 - 00000300 ___SH () C:\Dokumente und Einstellungen\Gaby\ntuser.ini 2015-03-04 20:25 - 2008-05-01 14:40 - 00000000 ____D () C:\Dokumente und Einstellungen\Gaby\Lokale Einstellungen\Temp 2015-03-04 20:25 - 2001-08-23 13:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl 2015-03-04 18:23 - 2008-04-29 15:33 - 00000000 ____D () C:\WINDOWS\system32\Drivers\Avg 2015-03-04 18:20 - 2010-10-17 18:49 - 02017440 _____ () C:\WINDOWS\WindowsUpdate.log 2015-03-04 18:20 - 2008-04-29 04:39 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2015-03-04 18:19 - 2008-04-29 04:39 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2015-03-04 05:32 - 2008-04-29 07:54 - 00524288 _____ () C:\WINDOWS\system32\config\ACEEvent.evt 2015-03-04 05:32 - 2008-04-28 21:42 - 00000300 ___SH () C:\Dokumente und Einstellungen\Harald\ntuser.ini 2015-02-25 18:49 - 2008-05-01 14:40 - 00000000 ____D () C:\Dokumente und Einstellungen\Gaby 2015-02-21 21:55 - 2010-06-07 18:41 - 00002644 _____ () C:\WINDOWS\system32\d3d9caps.dat 2015-02-18 18:19 - 2013-07-27 15:00 - 00379820 _____ () C:\WINDOWS\setupapi.log 2015-02-07 09:35 - 2012-03-31 07:28 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2015-02-07 09:35 - 2011-05-17 04:11 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2015-02-03 18:01 - 2008-04-29 04:38 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Dokumente 2015-02-03 16:08 - 2013-08-24 11:51 - 00010568 _____ () C:\WINDOWS\setupact.log 2015-02-03 16:07 - 2008-04-29 04:38 - 00000000 ___RD () C:\Programme 2015-02-03 16:06 - 2014-12-17 18:29 - 00000579 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\Samsung Kies 3.lnk ==================== Files in the root of some directories ======= 2008-05-01 16:15 - 2008-05-01 16:26 - 0002798 _____ () C:\Programme\SICHERUNG.bat 2008-06-24 18:02 - 2008-06-24 18:02 - 0002528 _____ () C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\$_hpcst$.hpc 2012-08-16 16:38 - 2012-08-16 16:38 - 0000288 _____ () C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\.backup.dm 2008-06-14 15:58 - 2014-08-01 23:33 - 0022528 _____ () C:\Dokumente und Einstellungen\Harald\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini Some content of TEMP: ==================== C:\Dokumente und Einstellungen\Gaby\Lokale Einstellungen\Temp\jre-6u23-windows-i586-iftw-rv.exe C:\Dokumente und Einstellungen\Gaby\Lokale Einstellungen\Temp\NEventMessages.dll C:\Dokumente und Einstellungen\Harald\Lokale Einstellungen\Temp\Execute2App.exe C:\Dokumente und Einstellungen\Harald\Lokale Einstellungen\Temp\jre-7u67-windows-i586-iftw.exe C:\Dokumente und Einstellungen\Harald\Lokale Einstellungen\Temp\jre-7u71-windows-i586-iftw.exe C:\Dokumente und Einstellungen\Harald\Lokale Einstellungen\Temp\jre-8u31-windows-au.exe C:\Dokumente und Einstellungen\Harald\Lokale Einstellungen\Temp\NEventMessages.dll C:\Dokumente und Einstellungen\Harald\Lokale Einstellungen\Temp\NOSEventMessages.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================ Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 04-03-2015 Ran by Harald at 2015-03-04 20:38:46 Running from C:\Dokumente und Einstellungen\Harald\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 9.20 (HKLM\...\7-Zip) (Version: - ) Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated) Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.6.602.168 - Adobe Systems Incorporated) Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated) AGEIA PhysX v7.07.09 (HKLM\...\{65F1CF63-31E0-450B-96F3-4A88BE7361A6}) (Version: 7.07.09 - AGEIA Technologies, Inc.) AI Suite (HKLM\...\{310BC5E2-31AF-49BB-904D-E71EB93645DC}) (Version: 1.03.29 - ) AMD Catalyst Install Manager (HKLM\...\{B577572E-88D0-E34C-C93E-124BC43874E2}) (Version: 8.0.891.0 - Advanced Micro Devices, Inc.) Apple Application Support (HKLM\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{A00B9A50-3090-4CFF-9CDA-82DA0BEDAA21}) (Version: 4.0.0.96 - Apple Inc.) Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ASUS GPU Tweak (HKLM\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.4.8.2 - ASUSTek COMPUTER INC.) ASUS GPU Tweak (Version: 2.4.8.2 - ASUSTek COMPUTER INC.) Hidden ASUS Product Register Program (HKLM\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.025 - ASUSTek Computer Inc.) ASUSUpdate (HKLM\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: - ) ATI AVIVO Codecs (Version: 10.0.0.40103 - ATI Technologies Inc.) Hidden Auslogics Disk Defrag (HKLM\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: version 3.1 - Auslogics Software Pty Ltd) AVG Free 9.0 (HKLM\...\AVG9Uninstall) (Version: - AVG Technologies) Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.) Bouquet Wizard (HKLM\...\BouquetWizard) (Version: - ) Canon IJ Scan Utility (HKLM\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.) Canon MG7100 series Benutzerregistrierung (HKLM\...\Canon MG7100 series Benutzerregistrierung) (Version: - *Canon Inc.) Canon MG7100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG7100_series) (Version: 1.00 - Canon Inc.) Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.) CCleaner (HKLM\...\CCleaner) (Version: 3.26 - Piriform) CDDRV_Installer (Version: 4.60 - Logitech) Hidden CDex extraction audio (HKLM\...\CDex) (Version: - ) Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation) DH Driver Cleaner Professional Edition (HKLM\...\Driver Cleaner Pro) (Version: Version 1.5 - Ruud Ketelaars) DU Meter (HKLM\...\dumeter3_is1) (Version: 3.50 Build R2822 - Hagel Technologies Ltd) erLT (Version: 1.20.0137 - Logitech, Inc.) Hidden Exifer (HKLM\...\Exifer_is1) (Version: - Friedemann Schmidt) Foxit PDF IFilter (HKLM\...\{4448ABF6-786D-4C3D-A49D-7BB237E6DD17}) (Version: 1.0.1729 - Foxit Software) Foxit Reader (HKLM\...\Foxit Reader) (Version: - ) Free FLV Converter V 6.8.0 (HKLM\...\Free FLV Converter_is1) (Version: 6.8.0.0 - Koyote Soft) Free Video Dub version 1.8.10 (HKLM\...\Free Video Dub_is1) (Version: - DVDVideoSoft Limited.) Freemake Video Converter Version 2.0.1 (HKLM\...\Freemake Video Converter_is1) (Version: 2.0.1 - Ellora Assets Corporation) HD Tach version 3 (HKLM\...\HD Tach_is1) (Version: - Simpli Software, Inc.) HTC BMP USB Driver (HKLM\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC) HTC Driver Installer (HKLM\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.017 - HTC Corporation) HydraVision (Version: 4.2.242.0 - Advanced Micro Devices, Inc.) Hidden InterVideo WinDVD (HKLM\...\InterVideo WinDVD) (Version: - ) IrfanView (remove only) (HKLM\...\IrfanView) (Version: - ) IsoBuster 1.7 (HKLM\...\IsoBuster_is1) (Version: 1.7 - Smart Projects) iTunes (HKLM\...\{29ED20C9-5E15-4969-9279-25BF3727A3DA}) (Version: 10.5.0.142 - Apple Inc.) Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) JMB36X Raid Configurer (HKLM\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0000 - JMICRON Technology Corp.) KhalInstallWrapper (Version: 2.00.0000 - Logitech) Hidden Kochbuch 1.7.1 (HKLM\...\Kochbuch_is1) (Version: 1.7.1.0 - Flo & Seb Engineering) LeechFTP (HKLM\...\LeechFTP) (Version: - ) LightScribe 1.6.43.1 (Version: 1.6.43.1 - hxxp://www.lightscribe.com) Hidden Logitech SetPoint (HKLM\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.80 - Logitech) Marvell Miniport Driver (HKLM\...\Marvell Miniport Driver) (Version: 10.22.4.3 - Marvell) Medal of Honor Airborne (HKLM\...\{25F28E39-FDBB-11DB-8314-0800200C9A66}) (Version: 1.0.1.0 - Electronic Arts) Medal of Honor Allied Assault (HKLM\...\{0DEA94ED-915A-4834-A87E-388D012C8E02}) (Version: - ) Medal of Honor Allied Assault(tm) Breakthrough (HKLM\...\{823A68CC-3049-4A6B-8F63-7DC85E4BB1C9}) (Version: - ) Medal of Honor Allied Assault(tm) Breakthrough v2.40 Patch (HKLM\...\{DF9046D6-5F1F-40B6-9782-3DC2D902D391}) (Version: - ) Medal of Honor Allied Assault(tm) Spearhead (HKLM\...\{7914BE1E-F186-4790-B8F4-9F63C52A41C1}) (Version: - ) Medal of Honor Allied Assault(tm) Spearhead (HKLM\...\{BE699EDC-9E58-4671-A23E-9CDF7F6F42F2}) (Version: - ) Medal of Honor Allied Assault(tm) Spearhead Patch 2.15 (HKLM\...\{18EF2DEE-DCB0-466A-ABA5-4C73E508530A}) (Version: - ) Medal of Honor Pacific Assault(tm) (HKLM\...\{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}) (Version: 1.0 - Electronic Arts) Medal of Honor Pacific Assault(tm) Patch2 (HKLM\...\{824539D7-D27E-4CC3-B36F-6404B5EB726B}) (Version: 1.0 - Electronic Arts) Medion GoPal Assistant 4.00.0003 (HKLM\...\Medion GoPal Assistant) (Version: 4.0.3.0 - Medion) Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation) Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU (HKLM\...\{C314CE45-3392-3B73-B4E1-139CD41CA933}) (Version: 2.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU (HKLM\...\{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}) (Version: 3.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Microsoft ActiveSync (HKLM\...\{99052DB7-9592-4522-A558-5417BBAD48EE}) (Version: 4.5.5096.0 - Microsoft Corporation) Microsoft Office XP Professional mit FrontPage (HKLM\...\{90280407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation) Microsoft User-Mode Driver Framework Feature Pack 1.9 (HKLM\...\Wudf01009) (Version: - Microsoft Corporation) Microsoft Visio Professional 2002 [DEU] (HKLM\...\{90510407-6D54-11D4-BEE3-00C04F990354}) (Version: 10.2.5111 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Mozilla Firefox 35.0.1 (x86 de) (HKLM\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) Mp3tag v2.48 (HKLM\...\Mp3tag) (Version: v2.48 - Florian Heidenreich) MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MyFreeCodec (HKU\S-1-5-21-854245398-790525478-839522115-1003\...\MyFreeCodec) (Version: - ) Nero 7 Essentials (HKLM\...\{A2104078-AAA5-449E-95DD-55C9443A1031}) (Version: 7.02.8506 - Nero AG) Nokia Connectivity Cable Driver (HKLM\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia) Nokia Suite (HKLM\...\Nokia Suite) (Version: 3.8.48.0 - Nokia) Nokia Suite (Version: 3.8.48.0 - Nokia) Hidden o2c Player (HKLM\...\o2c Player) (Version: - ) Opera 12.17 (HKLM\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA) ORF-Ski Challenge 2010 (HKU\S-1-5-21-854245398-790525478-839522115-1003\...\sc10-ORF_MAIN) (Version: - ) Paint.NET v3.5.4 (HKLM\...\{053B3DA8-91B5-4682-A130-715412A1A252}) (Version: 3.54.0 - dotPDN LLC) PC Connectivity Solution (HKLM\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia) PC Probe II (HKLM\...\{F7338FA3-DAB5-49B2-900D-0AFB5760C166}) (Version: 1.04.29 - ) PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 0.9.7 - Frank Heindörfer, Philip Chinery) PopTray 3.20 (HKLM\...\PopTray) (Version: 3.20 - Renier Crause) PopTray Plug-ins (beta 6) (HKLM\...\PopTray Plug-ins) (Version: (beta 6) - Renier Crause) QuickTime (HKLM\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.) REALTEK GbE & FE Ethernet PCI NIC Driver (HKLM\...\{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}) (Version: 1.05.0000 - Realtek) Samsung Kies3 (HKLM\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15013.17 - Samsung Electronics Co., Ltd.) Samsung Kies3 (Version: 3.2.15013.17 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.) Sicherheitsupdate für Windows Internet Explorer 8 (KB2360131) (HKLM\...\KB2360131-IE8) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows Internet Explorer 8 (KB2416400) (HKLM\...\KB2416400-IE8) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows Internet Explorer 8 (KB2482017) (HKLM\...\KB2482017-IE8) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows Internet Explorer 8 (KB971961) (HKLM\...\KB971961-IE8) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows Internet Explorer 8 (KB981332) (HKLM\...\KB981332-IE8) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows Internet Explorer 8 (KB982381) (HKLM\...\KB982381-IE8) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows Media Player (KB911564) (Version: - Microsoft Corporation) Hidden Sicherheitsupdate für Windows Media Player 6.4 (KB925398) (HKLM\...\KB925398_WMP64) (Version: - Microsoft Corporation) Sicherheitsupdate für Windows Media Player 9 (KB936782) (Version: - Microsoft Corporation) Hidden Sicherheitsupdate für Windows XP (KB923789) (HKLM\...\KB923789) (Version: - Microsoft Corporation) Ski Challenge 11 (AT) (HKU\S-1-5-21-854245398-790525478-839522115-1003\...\sc11-AT_ORF_MAIN) (Version: - ) Ski Challenge 12 (AT) (HKU\S-1-5-21-854245398-790525478-839522115-1003\...\sc12-AT_MAIN) (Version: - ) Ski Challenge 13 (AT) (HKU\S-1-5-21-854245398-790525478-839522115-1003\...\sc13-AT_MAIN) (Version: - ) Skins (Version: 2013.1223.216.3934 - Advanced Micro Devices, Inc.) Hidden Skype™ 5.1 (HKLM\...\{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}) (Version: 5.1.112 - Skype Technologies S.A.) SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 5.10.01.6110 - Analog Devices) Stock Monitor (2) (HKU\S-1-5-21-854245398-790525478-839522115-1003\...\Stock Monitor (2)) (Version: - Daniel Sitnik) TeamSpeak 3 Client (HKU\S-1-5-21-854245398-790525478-839522115-1003\...\TeamSpeak 3 Client) (Version: 3.0.13.1 - TeamSpeak Systems GmbH) Turbo Lister 2 (HKLM\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.) Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version: - ) Update für Windows Internet Explorer 8 (KB2447568) (HKLM\...\KB2447568-IE8) (Version: 1 - Microsoft Corporation) Update für Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation) VLC media player 1.1.9 (HKLM\...\VLC media player) (Version: 1.1.9 - VideoLAN) WD Spindown or Stop Utility for External Drive, v1.00 (HKLM\...\{BE6F412F-C276-4FD8-B3E1-F996CC172776}) (Version: 1.0.0 - Western Digital Technologies) WebFldrs XP (Version: 9.50.5318 - Microsoft Corporation) Hidden Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation) Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation) Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation) Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation) Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - ) Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - ) Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia) WinRAR Archivierer (HKLM\...\WinRAR archiver) (Version: - ) World of Tanks (HKLM\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net) XMedia Recode 2.2.3.9 (HKLM\...\XMedia Recode) (Version: 2.2.3.9 - Sebastian Dörfler) XML Paper Specification Shared Components Language Pack 1.0 (Version: - Microsoft Corporation) Hidden Youtube Video Mp3 Downloader (HKLM\...\{DB573D57-DECF-49D6-B95D-8AF9CDE27554}) (Version: 2.2.0.0 - iWesoft) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-854245398-790525478-839522115-1003_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-854245398-790525478-839522115-1003_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-854245398-790525478-839522115-1003_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-854245398-790525478-839522115-1003_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-854245398-790525478-839522115-1003_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-854245398-790525478-839522115-1003_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-854245398-790525478-839522115-1003_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-854245398-790525478-839522115-1003_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-854245398-790525478-839522115-1003_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-854245398-790525478-839522115-1003_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-854245398-790525478-839522115-1003_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-854245398-790525478-839522115-1003_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-854245398-790525478-839522115-1003_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-854245398-790525478-839522115-1003_Classes\CLSID\{DB450001-9764-11D6-819E-005056C00008}\localserver32 -> F:\Tools\DU Meter\DUMeter.exe (Hagel Technologies Ltd) ==================== Restore Points ========================= 29-12-2014 18:14:37 Avg Update 06-01-2015 16:44:31 Avg Update 03-02-2015 16:06:04 Installed Samsung Kies3 ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2001-08-23 13:00 - 2001-08-23 13:00 - 00000820 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Programme\Apple Software Update\SoftwareUpdate.exe ==================== Loaded Modules (whitelisted) ============== 2009-03-23 17:16 - 2001-10-28 16:42 - 00116224 _____ () C:\WINDOWS\system32\pdfcmnnt.dll 2011-08-12 17:13 - 2011-08-12 17:13 - 00087040 _____ () C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe 2008-05-03 22:47 - 2008-05-03 22:56 - 00066872 _____ () C:\WINDOWS\system32\PnkBstrA.exe 2008-05-03 22:00 - 2002-05-28 17:11 - 00122880 _____ () F:\Programme\WinRAR\rarext.dll 2008-04-29 16:12 - 2008-01-28 11:55 - 01413120 _____ () C:\Programme\ASUS\AI Suite\AiNap\AiNap.exe 2008-04-29 16:12 - 2008-01-16 19:08 - 00208896 _____ () C:\Programme\ASUS\AI Suite\AiNap\AiNap.dll 2008-04-29 16:12 - 2008-01-24 17:53 - 00613376 _____ () C:\Programme\ASUS\AASP\1.00.59\aaCenter.exe 2008-04-29 07:34 - 2006-01-10 23:50 - 00024576 _____ () C:\WINDOWS\system32\AsIO.dll 2008-04-29 16:12 - 2005-06-23 00:39 - 00204851 _____ () C:\Programme\ASUS\AASP\1.00.59\PowerDll.dll 2008-04-29 16:12 - 2008-01-17 23:46 - 00053248 _____ () C:\Programme\ASUS\AASP\1.00.59\cpuutil.dll 2011-12-14 17:55 - 2009-07-20 12:27 - 00017936 _____ () C:\Programme\Logitech\SetPoint\khalwrapper.dll 2001-08-23 13:00 - 2008-04-14 06:52 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll 2011-01-28 15:03 - 2014-04-26 00:13 - 00835584 _____ () C:\Programme\Opera\gstreamer\gstreamer.dll 2011-01-28 15:03 - 2014-04-26 00:13 - 00093696 _____ () C:\Programme\Opera\gstreamer\plugins\gstaudioconvert.dll 2011-01-28 15:03 - 2014-04-26 00:13 - 00094208 _____ () C:\Programme\Opera\gstreamer\plugins\gstaudioresample.dll 2011-01-28 15:03 - 2014-04-26 00:13 - 00057344 _____ () C:\Programme\Opera\gstreamer\plugins\gstautodetect.dll 2011-12-08 19:49 - 2014-04-26 00:13 - 00096256 _____ () C:\Programme\Opera\gstreamer\plugins\gstcoreplugins.dll 2011-01-28 15:03 - 2014-04-26 00:13 - 00062976 _____ () C:\Programme\Opera\gstreamer\plugins\gstdecodebin2.dll 2011-01-28 15:03 - 2014-04-26 00:13 - 00067072 _____ () C:\Programme\Opera\gstreamer\plugins\gstdirectsound.dll 2011-01-28 15:03 - 2014-04-26 00:13 - 00158208 _____ () C:\Programme\Opera\gstreamer\plugins\gstffmpegcolorspace.dll 2011-01-28 15:03 - 2014-04-26 00:13 - 00312832 _____ () C:\Programme\Opera\gstreamer\plugins\gstoggdec.dll 2011-01-28 15:03 - 2014-04-26 00:13 - 00038912 _____ () C:\Programme\Opera\gstreamer\plugins\gstwaveform.dll 2011-01-28 15:03 - 2014-04-26 00:13 - 00073728 _____ () C:\Programme\Opera\gstreamer\plugins\gstwavparse.dll 2011-01-28 15:03 - 2014-04-26 00:13 - 00101888 _____ () C:\Programme\Opera\gstreamer\plugins\gstwebmdec.dll 2003-10-09 19:17 - 2003-10-09 19:17 - 00287232 _____ () F:\Programme\PopTray\plugins\ProtocolIMAP4.dll 2003-09-27 17:29 - 2003-09-27 17:29 - 00257536 _____ () F:\Programme\PopTray\plugins\ProtocolPOP3SSL.dll 2002-08-13 05:09 - 2002-08-13 05:09 - 00684032 _____ () F:\Programme\PopTray\libeay32.dll 2002-08-13 05:10 - 2002-08-13 05:10 - 00155648 _____ () F:\Programme\PopTray\ssleay32.dll 2010-03-16 11:22 - 2010-03-16 11:22 - 00014848 _____ () C:\Programme\ATI Technologies\ATI.ACE\Core-Static\AxInterop.WBOCXLib.dll 2013-06-18 14:49 - 2013-06-18 14:49 - 00016384 _____ () C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll 2013-12-23 02:15 - 2013-12-23 02:15 - 00270336 _____ () C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UploadMgr => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WdfLoadGroup => ""="" ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-854245398-790525478-839522115-1003\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Grüne Idylle.bmp DNS Servers: 92.243.32.40 - 194.112.145.60 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: 36X Raid Configurer => C:\WINDOWS\system32\xRaidSetup.exe boot MSCONFIG\startupreg: APSDaemon => "C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: AVG9_TRAY => F:\PROGRA~1\AVG\avgtray.exe MSCONFIG\startupreg: H/PC Connection Agent => "F:\Programme\Microsoft ActiveSync\wcescomm.exe" MSCONFIG\startupreg: iTunesHelper => "F:\Programme\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: JMB36X IDE Setup => C:\WINDOWS\RaidTool\xInsIDE.exe MSCONFIG\startupreg: NeroFilterCheck => C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe MSCONFIG\startupreg: NokiaMServer => C:\Programme\Gemeinsame Dateien\Nokia\MPlatform\NokiaMServer /watchfiles startup MSCONFIG\startupreg: QuickTime Task => "C:\Programme\QuickTime\QTTask.exe" -atboottime ==================== Accounts: ============================= Administrator (S-1-5-21-854245398-790525478-839522115-500 - Administrator - Enabled) Gaby (S-1-5-21-854245398-790525478-839522115-1004 - Administrator - Enabled) => %SystemDrive%\Dokumente und Einstellungen\Gaby Gast (S-1-5-21-854245398-790525478-839522115-501 - Limited - Enabled) Harald (S-1-5-21-854245398-790525478-839522115-1003 - Administrator - Enabled) => %SystemDrive%\Dokumente und Einstellungen\Harald Hilfeassistent (S-1-5-21-854245398-790525478-839522115-1000 - Limited - Enabled) SUPPORT_388945a0 (S-1-5-21-854245398-790525478-839522115-1002 - Limited - Disabled) ==================== Faulty Device Manager Devices ============= Name: Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter Description: Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318} Manufacturer: Realtek Semiconductor Corp. Service: RTLWUSB Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller Description: Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318} Manufacturer: Marvell Service: yukonwxp Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: PS/2 Keyboard Description: PS/2 Keyboard Class Guid: {4D36E96B-E325-11CE-BFC1-08002BE10318} Manufacturer: Logitech Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== Error: (02/27/2015 10:06:20 PM) (Source: crypt32) (EventID: 11) (User: ) Description: Die Extrahierung der Drittanbieterstammlisten aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei. . Error: (02/27/2015 10:06:20 PM) (Source: crypt32) (EventID: 11) (User: ) Description: Die Extrahierung der Drittanbieterstammlisten aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei. . Error: (01/03/2015 06:11:28 PM) (Source: WmiAdapter) (EventID: 4099) (User: VORDEFINIERT) Description: Dienst konnte nicht geöffnet werden. Error: (12/18/2014 05:05:09 AM) (Source: WmiAdapter) (EventID: 4099) (User: VORDEFINIERT) Description: Dienst konnte nicht geöffnet werden. Error: (11/20/2014 05:04:29 AM) (Source: WmiAdapter) (EventID: 4099) (User: VORDEFINIERT) Description: Dienst konnte nicht geöffnet werden. Error: (10/27/2014 09:50:51 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Fehlgeschlagene Anwendung plugin-container.exe, Version 32.0.3.5379, fehlgeschlagenes Modul mozalloc.dll, Version 32.0.3.5379, Fehleradresse 0x0000141b. Das medienspezifische Ereignis für [plugin-container.exe!ws!] wird verarbeitet. Error: (10/26/2014 08:31:07 PM) (Source: WmiAdapter) (EventID: 4099) (User: VORDEFINIERT) Description: Dienst konnte nicht geöffnet werden. Error: (09/09/2014 09:29:40 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Fehlgeschlagene Anwendung worldoftanks.exe, Version 0.9.2.0, fehlgeschlagenes Modul msvcr110.dll, Version 11.0.51106.1, Fehleradresse 0x000a327c. Das medienspezifische Ereignis für [worldoftanks.exe!ws!] wird verarbeitet. Error: (06/14/2014 11:43:38 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Fehlgeschlagene Anwendung worldoftanks.exe, Version 0.9.1.0, fehlgeschlagenes Modul msvcr110.dll, Version 11.0.51106.1, Fehleradresse 0x000a327c. Das medienspezifische Ereignis für [worldoftanks.exe!ws!] wird verarbeitet. Error: (06/10/2014 10:58:52 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Fehlgeschlagene Anwendung worldoftanks.exe, Version 0.9.0.0, fehlgeschlagenes Modul worldoftanks.exe, Version 0.9.0.0, Fehleradresse 0x007cd9cf. Das medienspezifische Ereignis für [worldoftanks.exe!ws!] wird verarbeitet. System errors: ============= Error: (03/04/2015 06:20:37 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: iaStor Error: (03/04/2015 05:18:01 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: iaStor Error: (03/03/2015 06:38:28 PM) (Source: WPDMTPDriver) (EventID: 15300) (User: ) Description: MTP WPD Driver has failed to start. Error 0x8007001f. Error: (03/03/2015 06:34:33 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: iaStor Error: (03/03/2015 05:14:27 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: iaStor Error: (03/02/2015 06:16:39 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: iaStor Error: (03/02/2015 05:18:38 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: iaStor Error: (03/01/2015 05:58:11 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: iaStor Error: (03/01/2015 11:14:44 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: iaStor Error: (02/28/2015 07:37:27 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: iaStor Microsoft Office Sessions: ========================= Error: (02/27/2015 10:06:20 PM) (Source: crypt32) (EventID: 11) (User: ) Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei. Error: (02/27/2015 10:06:20 PM) (Source: crypt32) (EventID: 11) (User: ) Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei. Error: (01/03/2015 06:11:28 PM) (Source: WmiAdapter) (EventID: 4099) (User: VORDEFINIERT) Description: Error: (12/18/2014 05:05:09 AM) (Source: WmiAdapter) (EventID: 4099) (User: VORDEFINIERT) Description: Error: (11/20/2014 05:04:29 AM) (Source: WmiAdapter) (EventID: 4099) (User: VORDEFINIERT) Description: Error: (10/27/2014 09:50:51 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: plugin-container.exe32.0.3.5379mozalloc.dll32.0.3.53790000141b Error: (10/26/2014 08:31:07 PM) (Source: WmiAdapter) (EventID: 4099) (User: VORDEFINIERT) Description: Error: (09/09/2014 09:29:40 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: worldoftanks.exe0.9.2.0msvcr110.dll11.0.51106.1000a327c Error: (06/14/2014 11:43:38 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: worldoftanks.exe0.9.1.0msvcr110.dll11.0.51106.1000a327c Error: (06/10/2014 10:58:52 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: worldoftanks.exe0.9.0.0worldoftanks.exe0.9.0.0007cd9cf ==================== Memory info =========================== Processor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz Percentage of memory in use: 26% Total physical RAM: 3327.04 MB Available physical RAM: 2457.28 MB Total Pagefile: 11324.19 MB Available Pagefile: 10273.77 MB Total Virtual: 2047.88 MB Available Virtual: 1932.41 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:39.06 GB) (Free:5.1 GB) NTFS ==>[Drive with boot components (Windows XP)] Drive e: (MOHAAB) (CDROM) (Total:0.64 GB) (Free:0 GB) CDFS Drive f: (Anwendungen) (Fixed) (Total:150 GB) (Free:107.46 GB) NTFS Drive g: (Harald) (Fixed) (Total:100 GB) (Free:90.99 GB) NTFS Drive h: (Gaby) (Fixed) (Total:26.7 GB) (Free:24.91 GB) NTFS Drive i: (P_1_leer) (Fixed) (Total:150.01 GB) (Free:149.93 GB) NTFS Drive j: (P_2_primaer) (Fixed) (Total:48.83 GB) (Free:48.75 GB) NTFS Drive k: (P_2_leer) (Fixed) (Total:150 GB) (Free:145.93 GB) NTFS Drive l: (P_2_leer) (Fixed) (Total:150 GB) (Free:149.92 GB) NTFS Drive m: (Spiele) (Fixed) (Total:116.94 GB) (Free:79.11 GB) NTFS Drive s: (extBACKUP) (Fixed) (Total:24.41 GB) (Free:24.12 GB) NTFS Drive t: (extern2Partition) (Fixed) (Total:146.48 GB) (Free:128.37 GB) NTFS Drive u: (Musik & Fotos & Filme) (Fixed) (Total:127.19 GB) (Free:101.28 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 3E8B3E8B) Partition 1: (Active) - (Size=39.1 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=426.7 GB) - (Type=OF Extended) ======================================================== Disk: 1 (Size: 465.8 GB) (Disk ID: 3ECA3ECA) Partition 1: (Not Active) - (Size=48.8 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=416.9 GB) - (Type=OF Extended) ======================================================== Disk: 2 (Size: 298.1 GB) (Disk ID: 44FDFE06) Partition 1: (Not Active) - (Size=24.4 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=146.5 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=127.2 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
04.03.2015, 21:48 | #2 | ||
/// Winkelfunktion /// TB-Süch-Tiger™ | DHLBenachrichtigung.zip Hi und
__________________Zitat:
Zitat:
__________________ |
04.03.2015, 21:57 | #3 | |
| DHLBenachrichtigung.zipZitat:
2. zu faul um mich mit dem 'modernen' Zeug herumzuschlagen |
04.03.2015, 22:09 | #4 |
/// Winkelfunktion /// TB-Süch-Tiger™ | DHLBenachrichtigung.zip Dafür hast du seit einem Jahr schwere Lücken. Windows XP ist nämlich seit April 2014 aus dem Support raus und erhält keine Updates mehr. Entspannt zurücklehnen ist also nicht. Du solltest ASAP auf ein aktuelles Windows umsteigen. Oder als Alternative Linux für diesen Rechner verwenden. Aber XP gehört entsorgt.
__________________ Logfiles bitte immer in CODE-Tags posten |
04.03.2015, 22:30 | #5 |
| DHLBenachrichtigung.zip Naja, nach dem ich jetzt mit meine Dachbodenausbau fertig bin, werde ich mal ernsthaft darüber nachdenken. Im Moment löst das aber natürlich mein kleines Problem nicht. |
04.03.2015, 22:36 | #6 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | DHLBenachrichtigung.zip Du hast schon seit letztes Jahr ein dickes Problem mit Windows XP, nimmst es nur nicht so richtig wahr... Zitat:
__________________ --> DHLBenachrichtigung.zip |
05.03.2015, 05:27 | #7 |
| DHLBenachrichtigung.zip Das zu klären ist etwas schwierig, da die liebe Göttergattin in technischen Belangen nicht gerade sehr versiert ist. Hab jetzt nochmal nachgefragt, was sie denn eigentlich genau gemacht hat. Mit Sicherheit kann ich sagen, dass sie das Zip-File mittels Push-Button 'öffnen' entpackt hat. Laut ihren Angaben war da aber nichts - Zitat: 'es war leer und grau'. Die Frage ob sie ein allfällig im Zip-Archiv gepacktes pdf-File oder sonstiges File geöffnet hat bleibt ungeklärt - 'das weiß ich doch nicht'. Im Prinzip weiß ich also leider nicht wirklich, was die gute Frau tatsächlich gemacht hat, aber da eine ausführbare Datei gepackt war, gehe ich schon mal davon aus, dass sie die auch ausgeführt hat. Geändert von D_Harry (05.03.2015 um 05:35 Uhr) |
05.03.2015, 08:42 | #8 |
/// Winkelfunktion /// TB-Süch-Tiger™ | DHLBenachrichtigung.zip Dann wurde vermutlich nichts ausgeführt. Hat der Virenscanner noch rechtzeitig angeschlagen? Bitte im Log von AVG nachsehen. Und auch mal sicherstellen ob das überhaupt ne Spam-Mail oder ne legitime E-Mail vllt sogar war.
__________________ Logfiles bitte immer in CODE-Tags posten |
06.03.2015, 08:55 | #9 |
| DHLBenachrichtigung.zip Also es war definitiv ein Spam-Mail und im downgeloadeden Zip-File war eine exe-Datei gepackt (hab mir das Zip-Archiv selbst angesehen). Da mir das aber letztlich zu viel Wenn u. Aber war und mich die Ungewissheit ob denn da jetzt Schadsoftware drauf ist oder nicht etwas unruhig gemacht hat, habe ich den PC einfach mal neu aufgesetzt. Und weil ich schon mal dabei war, habe ich XP entsorgt u. 8.1 drauf gemacht. |
06.03.2015, 10:37 | #10 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | DHLBenachrichtigung.zipZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
Themen zu DHLBenachrichtigung.zip |
adware, besitzer, bonjour, branding, browser, computer, converter, cpu, downloader, ebay, error, failed, fehler, flash player, help, home, mozilla, realtek, registry, scan, security, software, svchost.exe, system, usb, windows, windows xp |