| querulant_in | 30.07.2013 17:09 |
danke für die fixe antwort! hoffentlich hab ich alles richtig verstanden.
hier also die dateien
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 30-07-2013 03
Ran by *** (administrator) on 30-07-2013 17:58:13
Running from C:\Users\***\Desktop
Microsoft® Windows Vista™ Home Premium (X86) OS Language: German Standard
Internet Explorer Version 7
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
() C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
(Ask) C:\Program Files\Ask.com\Updater\Updater.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(BitTorrent Inc.) C:\Users\***\AppData\Roaming\uTorrent\uTorrent.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
(Dropbox, Inc.) C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Users\***\Desktop\Post\GnuPT\WPT\WinPT.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apntex.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files\GNUzwei\GnuPG\dirmngr.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Sony Corporation) C:\Program Files\sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\sony\VAIO Event Service\VESMgrSub.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
(Conexant Systems, Inc.) C:\Windows\system32\DRIVERS\xaudio.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Sony Corporation) C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
() C:\Program Files\GNUzwei\GnuPG\gpg-agent.exe
() C:\Windows\system32\lxcfcoms.exe
(Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4317184 2007-02-06] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [118784 2007-01-12] (Alps Electric Co., Ltd.)
HKLM\...\Run: [LogitechCommunicationsManager] - C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [563984 2007-10-25] ()
HKLM\...\Run: [LXCFCATS] - rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCFtime.dll,_RunDLLEntry@16 [x]
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [417792 2009-11-11] (Apple Inc.)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [ApnUpdater] - C:\Program Files\Ask.com\Updater\Updater.exe [1573584 2012-10-29] (Ask)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [345144 2013-07-01] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\VESWinlogon: VESWinlogon.dll (Sony Corporation)
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] fastprox.dll ATTENTION! ====> ZeroAccess?
HKLM\...\InprocServer32: [Default-cscui] <==== ATTENTION!
HKCU\...\Run: [ccleaner] - C:\Program Files\CCleaner\CCleaner.exe [2647872 2011-09-29] (Piriform Ltd)
HKCU\...\Run: [uTorrent] - C:\Users\***\AppData\Roaming\uTorrent\uTorrent.exe [802136 2013-05-17] (BitTorrent Inc.)
HKCU\...\Run: [Optimizer Pro] - C:\Program Files\Optimizer Pro\OptProLauncher.exe [135672 2013-06-21] (PC Utilities Pro)
HKCU\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\system32\Macromed\Flash\FlashUtil32_11_7_700_202_Plugin.exe -update plugin [813448 2013-05-31] (Adobe Systems Incorporated)
HKCR\...409d6c4515e9\InprocServer32: [Default-shell32] shell32.dll ATTENTION! ====> ZeroAccess?
MountPoints2: {03b06498-f377-11e0-82df-0013a9ca1d09} - vatra\\pecka.exe
MountPoints2: {cc37f8eb-4c55-11e1-87cc-0013a9ca1d09} - H:\Startme.exe
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2006-11-02] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acrobat Assistant.lnk
ShortcutTarget: Acrobat Assistant.lnk -> C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.)
Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Windows Privacy Tray.lnk
ShortcutTarget: Windows Privacy Tray.lnk -> C:\Users\***\Desktop\Post\GnuPT\WPT\WinPT.exe ()
==================== Internet (Whitelisted) ====================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://partnerpage.google.com/eu.sony.com/de
hxxp://www.club-vaio.com/vbc
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://partnerpage.google.com/eu.sony.com/de
hxxp://www.club-vaio.com/vbc
URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
SearchScopes: HKLM - DefaultScope {47A69BFA-63EF-41C2-B09F-7F84F19B5FDF} URL = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=
SearchScopes: HKLM - {47A69BFA-63EF-41C2-B09F-7F84F19B5FDF} URL = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&babsrc=SP_ss_sps&mntrId=26D400197E6BF6D8&affID=120692&tt=160713_91114&tsp=4946
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&babsrc=SP_ss_sps&mntrId=26D400197E6BF6D8&affID=120692&tt=160713_91114&tsp=4946
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=crm&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=86f68a40-1cd0-4ecd-a9ee-2d3b7e0db83c&apn_sauid=B4A21FB3-6BDC-4104-8C1A-CAEEC57C9EF0
BHO: No Name - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - No File
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: TubeSaver - {57F2FC14-BE99-4DFB-B9F1-2458A4F496AB} - C:\Program Files\TubeSaver\125.dll (istqt Soft)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.21.5\bh\delta.dll (Delta-search.com)
BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll (Your Company Name)
BHO: Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
BHO: TubeSaver - {E7673D9C-270D-4805-B619-5556A9977909} - C:\Program Files\TubeSaver\116.dll No File
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
Toolbar: HKLM - Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.21.5\deltaTlbr.dll (Delta-search.com)
Toolbar: HKCU -Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value -
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 27 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\jpzzj47c.default
FF user.js: detected! => C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\jpzzj47c.default\user.js
FF SelectedSearchEngine: Google
FF Homepage: inforiot.de
FF Keyword.URL: hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-4&o=APN10261&locale=de_DE&apn_uid=86f68a40-1cd0-4ecd-a9ee-2d3b7e0db83c&apn_ptnrs=%5EAGS&apn_sauid=B4A21FB3-6BDC-4104-8C1A-CAEEC57C9EF0&apn_dtid=%5EYYYYYY%5EYY%5EDE&&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/JavaPlugin,version=10.5.1 - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\jpzzj47c.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\jpzzj47c.default\searchplugins\delta.xml
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
FF Extension: DoNotTrackMe - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\jpzzj47c.default\Extensions\donottrackplus@abine.com
FF Extension: Delta Toolbar - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\jpzzj47c.default\Extensions\ffxtlbr@delta.com
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\jpzzj47c.default\Extensions\ich@maltegoetz.de
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\jpzzj47c.default\Extensions\toolbar@ask.com
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\jpzzj47c.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\jpzzj47c.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\jpzzj47c.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\jpzzj47c.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKCU\...\Firefox\Extensions: [Tubesaver@istqt.co] C:\Program Files\TubeSaver\125.xpi
FF Extension: No Name - C:\Program Files\TubeSaver\125.xpi
========================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-07-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [589368 2013-07-01] (Avira Operations GmbH & Co. KG)
R2 ccEvtMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [107624 2006-11-17] (Symantec Corporation)
R2 ccSetMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [107624 2006-11-17] (Symantec Corporation)
S2 CLTNetCnService; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [107624 2006-11-17] (Symantec Corporation)
S3 comHost; C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe [49296 2006-11-17] (Symantec Corporation)
R2 DirMngr; C:\Program Files\GNUzwei\GnuPG\dirmngr.exe [224256 2011-03-02] ()
S3 ISPwdSvc; C:\Program Files\Norton Internet Security\isPwdSvc.exe [80552 2006-11-17] (Symantec Corporation)
R2 LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [186904 2007-10-19] (Logitech Inc.)
S2 LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [141848 2007-10-19] (Logitech Inc.)
R3 lxcf_device; C:\Windows\system32\lxcfcoms.exe [491520 2005-04-15] ()
R2 MSSQL$VAIO_VEDB; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [28933976 2007-02-05] (Microsoft Corporation)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [45272 2007-02-05] (Microsoft Corporation)
S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AvLib\PACSPTISVR.exe [57344 2006-12-14] ()
S3 Sony Ericsson PCComp***on; C:\Program Files\Sony Ericsson\Sony Ericsson PC Comp***on\PCCService.exe [155344 2011-06-29] (Avanquest Software)
S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AvLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation)
R2 SymAppCore; C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe [46736 2006-11-17] (Symantec Corporation)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2007-01-10] (Sony Corporation)
R2 VAIO Event Service; C:\Program Files\sony\VAIO Event Service\VESMgr.exe [182392 2007-02-13] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-AppServer; C:\Program Files\sony\VAIO Media Integrated Server\VMISrv.exe [2523136 2007-01-16] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-UPnP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-01-16] (Sony Corporation)
S3 VAIOMediaPlatform-UCLS-AppServer; C:\Program Files\sony\VAIO Media Integrated Server\UCLS.exe [745472 2007-01-10] (Sony Corporation)
S3 VAIOMediaPlatform-UCLS-UPnP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-01-16] (Sony Corporation)
R3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [274432 2006-11-28] (Sony Corporation)
R2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [172032 2006-11-28] (Sony Corporation)
R2 VzFw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe [135168 2006-11-28] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-HTTP; "C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP" [x]
S3 VAIOMediaPlatform-Mobile-Gateway; "C:\Program Files\sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server" [x]
S3 VAIOMediaPlatform-UCLS-HTTP; "C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-UCLS-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\UCLS\HTTP" [x]
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [84744 2013-03-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135136 2013-03-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-28] (Avira Operations GmbH & Co. KG)
S3 IDSvix86; C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20061025.029\IDSvix86.sys [202872 2006-11-17] (Symantec Corporation)
S3 LVcKap; C:\Windows\System32\DRIVERS\LVcKap.sys [2109976 2007-10-19] (Logitech Inc.)
S3 LVMVDrv; C:\Windows\System32\DRIVERS\LVMVDrv.sys [2142488 2007-10-11] (Logitech Inc.)
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25624 2007-10-11] ()
S3 MBAMSwissArmy; C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2012-10-12] (Malwarebytes Corporation)
S3 QCDonner; C:\Windows\System32\DRIVERS\LVCD.sys [474304 2004-04-26] (Logitech Inc.)
R3 SNC; C:\Windows\System32\Drivers\SonyNC.sys [27520 2007-02-06] (Sony Corporation)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [109744 2007-02-26] (Symantec Corporation)
R3 ti21sony; C:\Windows\System32\drivers\ti21sony.sys [807424 2007-02-08] (Texas Instruments)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-07-30 17:58 - 2013-07-30 17:58 - 00000000 ____D C:\FRST
2013-07-30 17:57 - 2013-07-30 17:57 - 01222114 _____ (Farbar) C:\Users\***\Desktop\FRST.exe
2013-07-26 16:25 - 2013-07-26 16:25 - 00000000 ____D C:\Users\***\Desktop\sampler
2013-07-23 13:26 - 2013-07-23 13:26 - 00000000 ____D C:\Program Files\TubeSaver
2013-07-19 12:24 - 2013-07-19 12:24 - 00000075 _____ C:\Users\***\Desktop\Neues Textdokument.txt
2013-07-17 17:24 - 2013-07-17 17:25 - 00637534 _____ C:\Users\***\Documents\SMS Konversationen.html
2013-07-17 13:45 - 2013-07-17 13:45 - 00480657 _____ C:\Users\***\Documents\Backup ***phone 2013-07-17.mpb
2013-07-17 13:38 - 2013-07-17 13:38 - 00000000 ____D C:\Users\***\.android
2013-07-17 13:37 - 2013-07-17 13:37 - 00000000 ____D C:\Users\***\AppData\Roaming\Optimizer Pro
2013-07-17 13:37 - 2013-07-17 13:37 - 00000000 ____D C:\Program Files\Optimizer Pro
2013-07-17 13:36 - 2013-07-26 13:26 - 00000344 _____ C:\Windows\Tasks\TubeSaver Update.job
2013-07-17 13:36 - 2013-07-23 20:55 - 00000000 ____D C:\Users\***\AppData\Roaming\MyPhoneExplorer
2013-07-17 13:36 - 2013-07-17 13:36 - 00001854 _____ C:\Users\Public\Desktop\MyPhoneExplorer.lnk
2013-07-17 13:36 - 2013-07-17 13:36 - 00000000 ____D C:\Users\***\AppData\Roaming\BabSolution
2013-07-17 13:36 - 2013-07-17 13:36 - 00000000 ____D C:\Program Files\Delta
2013-07-17 13:35 - 2013-07-17 13:36 - 00000000 ____D C:\Program Files\MyPhoneExplorer
2013-07-17 13:35 - 2013-07-17 13:35 - 00000000 ____D C:\Users\***\AppData\Roaming\Babylon
2013-07-17 13:35 - 2013-07-17 13:35 - 00000000 ____D C:\ProgramData\Babylon
2013-07-17 13:31 - 2013-07-17 13:31 - 07134488 _____ C:\Users\***\Downloads\MyPhoneExplorer_Setup_1.8.4.exe
2013-07-17 13:17 - 2013-07-17 13:18 - 00008767 _____ C:\Windows\WindowsUpdate.log
2013-07-13 14:26 - 2013-07-13 14:26 - 00000022 _____ C:\Windows\S.dirmngr
2013-07-01 21:42 - 2013-07-13 21:48 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
==================== One Month Modified Files and Folders =======
2013-07-30 17:57 - 2013-07-30 17:57 - 01222114 _____ (Farbar) C:\Users\***\Desktop\FRST.exe
2013-07-30 17:55 - 2013-02-22 17:15 - 00000000 ____D C:\Users\***\AppData\Roaming\uTorrent
2013-07-30 17:52 - 2006-11-02 14:47 - 00003456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-30 17:52 - 2006-11-02 14:47 - 00003456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-30 08:34 - 2011-10-22 21:42 - 00001092 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-28 16:29 - 2013-03-20 21:57 - 00000000 ____D C:\Users\***\AppData\Roaming\Dropbox
2013-07-28 14:34 - 2011-10-22 21:42 - 00001088 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-26 16:25 - 2013-07-26 16:25 - 00000000 ____D C:\Users\***\Desktop\sampler
2013-07-26 13:26 - 2013-07-17 13:36 - 00000344 _____ C:\Windows\Tasks\TubeSaver Update.job
2013-07-24 18:13 - 2011-10-11 13:36 - 00000000 ___RD C:\Users\***\Desktop\#1
2013-07-24 18:02 - 2013-01-24 16:14 - 00000000 ____D C:\Users\***\Desktop\gesammelt
2013-07-23 20:55 - 2013-07-17 13:36 - 00000000 ____D C:\Users\***\AppData\Roaming\MyPhoneExplorer
2013-07-23 13:26 - 2013-07-23 13:26 - 00000000 ____D C:\Program Files\TubeSaver
2013-07-21 22:31 - 2013-03-20 22:01 - 00000000 ___RD C:\Users\***\Dropbox
2013-07-21 21:49 - 2011-10-10 21:38 - 00000000 ____D C:\Users\***\AppData\Roaming\Winamp
2013-07-19 12:24 - 2013-07-19 12:24 - 00000075 _____ C:\Users\***\Desktop\Neues Textdokument.txt
2013-07-19 12:01 - 2006-11-02 12:33 - 01617722 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-17 17:25 - 2013-07-17 17:24 - 00637534 _____ C:\Users\***\Documents\SMS Konversationen.html
2013-07-17 13:45 - 2013-07-17 13:45 - 00480657 _____ C:\Users\***\Documents\Backup ***phone 2013-07-17.mpb
2013-07-17 13:38 - 2013-07-17 13:38 - 00000000 ____D C:\Users\***\.android
2013-07-17 13:38 - 2011-10-10 21:11 - 00000000 ____D C:\Users\***
2013-07-17 13:37 - 2013-07-17 13:37 - 00000000 ____D C:\Users\***\AppData\Roaming\Optimizer Pro
2013-07-17 13:37 - 2013-07-17 13:37 - 00000000 ____D C:\Program Files\Optimizer Pro
2013-07-17 13:36 - 2013-07-17 13:36 - 00001854 _____ C:\Users\Public\Desktop\MyPhoneExplorer.lnk
2013-07-17 13:36 - 2013-07-17 13:36 - 00000000 ____D C:\Users\***\AppData\Roaming\BabSolution
2013-07-17 13:36 - 2013-07-17 13:36 - 00000000 ____D C:\Program Files\Delta
2013-07-17 13:36 - 2013-07-17 13:35 - 00000000 ____D C:\Program Files\MyPhoneExplorer
2013-07-17 13:35 - 2013-07-17 13:35 - 00000000 ____D C:\Users\***\AppData\Roaming\Babylon
2013-07-17 13:35 - 2013-07-17 13:35 - 00000000 ____D C:\ProgramData\Babylon
2013-07-17 13:31 - 2013-07-17 13:31 - 07134488 _____ C:\Users\***\Downloads\MyPhoneExplorer_Setup_1.8.4.exe
2013-07-17 13:18 - 2013-07-17 13:17 - 00008767 _____ C:\Windows\WindowsUpdate.log
2013-07-13 22:00 - 2013-01-24 14:01 - 00000000 ____D C:\Users\***\AppData\Roaming\gnupg
2013-07-13 21:48 - 2013-07-01 21:42 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2013-07-13 21:48 - 2012-04-27 18:03 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-07-13 14:26 - 2013-07-13 14:26 - 00000022 _____ C:\Windows\S.dirmngr
2013-07-13 14:26 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-13 14:25 - 2006-11-02 15:01 - 00032572 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-05 12:34 - 2012-07-29 15:06 - 00000000 ____D C:\Users\***\Desktop\haus4_WiLMa
2013-07-04 20:13 - 2013-05-26 16:24 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-01 19:27 - 2012-02-24 12:14 - 00002161 _____ C:\lxcf.log
ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-4061229319-778602753-3459304342-1003\$35e98341865a7168209c0b91755073f5
ZeroAccess:
C:\$Recycle.Bin\S-1-5-18\$35e98341865a7168209c0b91755073f5
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe
[2006-11-02 10:47] - [2006-11-02 11:45] - 2923520 ____A (Microsoft Corporation) FD8C53FB002217F6F888BCF6F5D7084D
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll
[2006-11-02 10:38] - [2006-11-02 11:46] - 0633856 ____A (Microsoft Corporation) E698A5437B89A285ACA3FF022356810A
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2006-11-02 10:52] - [2006-11-02 11:51] - 0208488 ____A (Microsoft Corporation) 11EF6C1CAEF76B685233450A126125D6
LastRegBack: 2013-07-13 14:34
==================== End Of Log ============================
--- --- ---
--- --- ---
und hier der rest: Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 30-07-2013 03
Ran by *** at 2013-07-30 17:58:39
Running from C:\Users\***\Desktop
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
µTorrent (Version: 3.3.0.29625)
7-Zip 9.20
Adobe Acrobat 6.0 Professional - English, Français, Deutsch (Version: 006.000.000)
Adobe Flash Player 11 Plugin (Version: 11.7.700.202)
Adobe Flash Player 9 ActiveX (Version: 9)
Alps Pointing-device for VAIO
AppCore (Version: 1)
Apple Application Support (Version: 1.1.0)
Apple Software Update (Version: 2.1.1.116)
Ask Toolbar (Version: 1.15.11.0)
Avira Free Antivirus (Version: 13.0.0.3884)
Avira SearchFree Toolbar plus Web Protection Updater (HKCU Version: 1.2.3.30498)
BitTorrent (Version: 7.6.0)
Browser Address Error Redirector
ccCommon (Version: 106.1.1.4)
CCleaner (Version: 3.11)
Click to DVD 2.0.05 Menu Data (Version: 2.0.05)
Click to DVD 2.6.00 (Version: 2.6.00)
Delta Chrome Toolbar
Delta toolbar (Version: 1.8.21.5)
DivX-Setup (Version: 2.6.1.5)
Dropbox (HKCU Version: 2.0.22)
FUJIFILM MyFinePix Studio 3.1
GenoPro 2.5.4.1
GnuPT Version 4.5.0 (Version: 4.5.0)
Google Update Helper (Version: 1.3.21.153)
Gpg4win (2.1.0) (Version: 2.1.0)
HDAUDIO SoftV92 Data Fax Modem with SmartCP
Intel(R) Graphics Media Accelerator Driver
IrfanView (remove only) (Version: 4.27)
Java Auto Updater (Version: 2.1.6.0)
Java(TM) 7 Update 5 (Version: 7.0.50)
Java(TM) SE Runtime Environment 6 (Version: 1.6.0.0)
JavaFX 2.1.1 (Version: 2.1.1)
LAN-Express AS IEEE 802.11 Wireless LAN (Version: 7.1.0.116)
Lexmark 730 Series
Logitech QuickCam (Version: 11.50.1169)
Logitech QuickCam-Treiberpaket
Microsoft Office Professional Edition 2003 (Version: 11.0.5614.0)
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (VAIO_VEDB) (Version: 9.1.2047.00)
Microsoft SQL Server Native Client (Version: 9.00.2047.00)
Microsoft SQL Server VSS Writer (Version: 9.00.2047.00)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (Version: 9.0.30411)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 08.05.0822)
Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1)
Mozilla Firefox 22.0 (x86 de) (Version: 22.0)
Mozilla Maintenance Service (Version: 17.0.7)
Mozilla Thunderbird 17.0.7 (x86 de) (Version: 17.0.7)
MSRedist (Version: 1.0.0.0)
MSVC80_x86_v2 (Version: 1.0.3.0)
MSVC90_x86 (Version: 1.0.1.2)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MyPhoneExplorer (Version: 1.8.4)
Nokia Connectivity Cable Driver (Version: 7.1.69.0)
Nokia PC Suite (Version: 7.1.180.46)
Norton Internet Security (Symantec Corporation) (Version: 10.1.0.26)
Norton Internet Security (Version: 10.1.0.26)
OpenMG Limited Patch 4.7-07-13-24-01
OpenMG Secure Module 4.7.00 (Version: 4.7.00.12140)
OpenOffice.org 3.4 (Version: 3.4.9590)
Optimizer Pro v3.0 (Version: 3.0)
PC Connectivity Solution (Version: 11.5.22.0)
QuickTime (Version: 7.65.17.80)
RAF (Version: 1.00.0001)
RAW FILE CONVERTER EX powered by SILKYPIX (Version: 3)
Realtek High Definition Audio Driver (Version: 6.0.1.5350)
Setting Utility Series (Version: 2.1.00.13300)
Skype™ 5.5 (Version: 5.5.124)
Sony Ericsson PC Comp***on 2.02.015 (Version: 2.02.015)
Sony Ericsson Update Engine (Version: 2.12.2.14)
Sony Utilities DLL (Version: 7.1.00.13300)
Sony Video Shared Library (Version: 3.1.03)
SymNet (Version: 7.1.0.27)
System Progressive Protection
TubeSaver
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (Version: 9.00.2047.00)
VAIO Aqua Breeze Wallpaper (Version: 1.0.11.13240)
VAIO Control Center (Version: 2.0.00.11060)
VAIO Cozy Orange Wallpaper (Version: 1.0.11.13240)
VAIO Data Restore Tool (Version: 1.0.01.02070)
VAIO Entertainment Platform (Version: 2.0.02.13290)
VAIO Event Service (Version: 3.1.00.14130)
VAIO Hardware Diagnostics
VAIO Media (Version: 6.0.10)
VAIO Media 6.0 (Version: 6.0.10)
VAIO Media AC3 Decoder 1.0
VAIO Media Content Collection 6.0
VAIO Media Integrated Server 6.0
VAIO Media Redistribution 6.0 (Version: 6.0.10)
VAIO Media Registration Tool (Version: 6.0.10)
VAIO Media Registration Tool 6.0 (Version: 6.0.10)
VAIO Original Screen Saver
VAIO Photo 2007 (Version: 1.0.01.01250)
VAIO Power Management (Version: 2.1.00.14090)
VAIO Tender Green Wallpaper (Version: 1.0.11.10180)
VAIO Update 3 (Version: 3.0.01.02050)
VAIO Video & Photo Suite (Version: 1.1.00.13301)
VAIO Video & Photo Suite (Version: 1.1.00.13301)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VLC media player 1.1.11 (Version: 1.1.11)
Winamp (Version: 5.581 )
Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1)
Windows-Treiberpaket - Nokia Modem (02/25/2011 4.7) (Version: 02/25/2011 4.7)
Windows-Treiberpaket - Nokia Modem (02/25/2011 7.01.0.9) (Version: 02/25/2011 7.01.0.9)
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0)
WinDVD for VAIO (Version: 8.0-B6.113)
Wireless Switch Setting Utility (Version: 3.6.00.13120)
Yontoo Layers Runtime 1.10.01 (Version: 1.10.01)
==================== Restore Points =========================
13-07-2013 13:28:57 Geplanter Prüfpunkt
14-07-2013 17:42:07 Geplanter Prüfpunkt
15-07-2013 22:00:02 Geplanter Prüfpunkt
16-07-2013 22:00:03 Geplanter Prüfpunkt
19-07-2013 08:30:37 Geplanter Prüfpunkt
20-07-2013 22:00:03 Geplanter Prüfpunkt
22-07-2013 09:26:50 Geplanter Prüfpunkt
22-07-2013 22:00:03 Geplanter Prüfpunkt
23-07-2013 22:00:03 Geplanter Prüfpunkt
24-07-2013 22:00:04 Geplanter Prüfpunkt
25-07-2013 22:00:03 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {1790BB7F-6CAC-419E-8708-1010A37C4899} - System32\Tasks\MCVRegistrationReminder1 => C:\Windows\System32\DeleteReminders.vbs No File
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {20063BB2-142A-4A27-8DB6-2A7CECF16876} - System32\Tasks\MCVSurveyReminder2 => C:\Windows\System32\DeleteReminders.vbs No File
Task: {2D69436B-2541-437B-BB11-11D958EF676E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-10-22] (Google Inc.)
Task: {2E4F4B73-42D7-4E23-9129-3BB1661779DD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30] (Apple Inc.)
Task: {3095EE8B-AEBA-424A-B760-6FE0896C1DBC} - System32\Tasks\TubeSaver Update => C:\Program Files\TubeSaver\tbsUd.exe [2013-07-22] (istqt Soft)
Task: {34B81208-03DF-4BB1-BE9F-9266FC7BBB5D} - System32\Tasks\MCVSurveyReminder4 => C:\Windows\System32\DeleteReminders.vbs No File
Task: {38FCB278-DF31-4B26-96A3-A50AA27C5D26} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2006-11-02] (Microsoft Corporation)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {42285F7C-E8A0-442A-A956-F633B71CF827} - System32\Tasks\MCVRegistrationReminder3 => C:\Windows\System32\DeleteReminders.vbs No File
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2006-11-02] (Microsoft Corporation)
Task: {621FB1B7-0A9E-4150-9C13-9B5890F43C9E} - System32\Tasks\MCVSurveyReminder3 => C:\Windows\System32\DeleteReminders.vbs No File
Task: {6D4FFB42-42B5-4AE2-A53D-BE89BB30B41F} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files\Ask.com\UpdateTask.exe [2012-10-29] ()
Task: {6F1FE12A-67CD-43B3-B0E7-BC084D32CEC0} - System32\Tasks\SONY\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe [2007-02-05] (Sony Corporation)
Task: {74A56C0B-3DC2-4FDF-9B23-B104E0729A9D} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2006-11-02] (Microsoft Corp.)
Task: {8ADDCA81-5434-48D3-AD74-6F928888FDFE} - System32\Tasks\MCVSurveyReminder1 => C:\Windows\System32\DeleteReminders.vbs No File
Task: {910A2C64-2C5F-4F0E-8DE5-1BDA6BE72619} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-10-22] (Google Inc.)
Task: {9EB44560-63F6-4CA3-8294-048D3F7D340B} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {A61555D3-7840-45C1-A5A9-0D49851DE37A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2006-11-02] (Microsoft Corporation)
Task: {AEE7196D-A740-4A19-B9D7-8CFAD1CFD86A} - System32\Tasks\LaunchMCV => C:\Windows\System32\DeleteLauncher.vbs No File
Task: {AF79E16A-9937-460E-82B8-929679BA725A} - System32\Tasks\SONY\WSSU\WSSU => C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe [2007-01-11] (Sony Corporation)
Task: {BAC5A039-AC3B-410D-8279-5F3996DFB957} - System32\Tasks\MCVRegistrationReminder2 => C:\Windows\System32\DeleteReminders.vbs No File
Task: {CA1C91DE-389D-4921-B7F9-D1EB6A9438BC} - System32\Tasks\MCVRegistrationReminder4 => C:\Windows\System32\DeleteReminders.vbs No File
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2006-11-02] ()
Task: {F116675D-DA8A-463E-8DD2-2403FC639BF0} - System32\Tasks\EPUpdater => C:\Users\***\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [2013-06-06] ()
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\TubeSaver Update.job => C:\Program Files\TubeSaver\tbsUd.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/21/2013 09:49:26 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung winamp.exe, Version 5.5.8.2985, Zeitstempel 0x4c3b43ea, fehlerhaftes Modul winamp.exe, Version 5.5.8.2985, Zeitstempel 0x4c3b43ea, Ausnahmecode 0xc0000005, Fehleroffset 0x0003fa19,
Prozess-ID 0x431c, Anwendungsstartzeit winamp.exe0.
Error: (05/20/2013 06:37:06 PM) (Source: System Restore) (User: )
Description: Der geplante Wiederherstellungspunkt konnte nicht erstellt werden. Zusätzliche Informationen: (0x81000101).
Error: (05/20/2013 06:37:06 PM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts auf dem Volume (Prozess = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Beschreibung = Geplanter Prüfpunkt; Hr = 0x81000101).
Error: (03/21/2013 00:55:41 AM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung lxcfcoms.exe, Version 1.154.7.0, Zeitstempel 0x42602ef0, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x002300c9,
Prozess-ID 0x14d8, Anwendungsstartzeit lxcfcoms.exe0.
Error: (02/25/2013 10:07:19 PM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 18.0.2.4780 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 13b0
Anfangszeit: 01ce0e1b3a0cd360
Zeitpunkt der Beendigung: 314
Error: (02/16/2013 00:53:57 PM) (Source: MsiInstaller) (User: ***-pc)
Description: Produkt: Adobe Acrobat 6.0 Professional - English, Français, Deutsch -- Fehler 1706. Für das Produkt Adobe Acrobat 6.0 Professional - English, Français, Deutsch wurde kein Installationspaket gefunden. Wiederholen Sie die Installation und verwenden Sie dabei eine gültige Kopie des Installationspakets "AcroPro.msi".
Error: (02/06/2013 05:35:14 PM) (Source: System Restore) (User: )
Description: Der geplante Wiederherstellungspunkt konnte nicht erstellt werden. Zusätzliche Informationen: (0x81000101).
Error: (02/06/2013 05:35:14 PM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts auf dem Volume (Prozess = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Beschreibung = Geplanter Prüfpunkt; Hr = 0x81000101).
Error: (02/06/2013 05:29:40 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Die E/A-Schreibvorgänge können während des Schattenkopie-Erstellungszeitraums auf Volume "\\?\Volume{cdd21cca-f371-11e0-ab69-806e6f6e6963}\" nicht gespeichert werden.
Der Volumeindex im Schattenkopiesatz ist 0. Fehlerdetails: Offen[0x00000000], Leerung[0x00000000], Freigabe[0x80042314], Ausführung[0x00000000].
Vorgang:
Asynchroner Vorgang wird ausgeführt
Kontext:
Aktueller Status: DoSnapshotSet
Error: (01/24/2013 04:44:57 PM) (Source: Perflib) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4
System errors:
=============
Error: (07/13/2013 02:26:46 PM) (Source: Print) (User: NT-AUTORITÄT)
Description: Der Druckspooler konnte den Drucker hp psc 1300 series nicht unter dem Namen hp psc 1300 series freigeben. Fehler: 2114. Der Drucker kann nicht von anderen Benutzern im Netzwerk verwendet werden.
Error: (07/10/2013 04:16:21 PM) (Source: Dhcp) (User: )
Description: Die IP-Adresslease 192.168.178.21 für die Netzwerkkarte mit der Netzwerkadresse 0013A9CA1D09 wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet).
Error: (07/01/2013 09:30:44 PM) (Source: Service Control Manager) (User: )
Description: 30000Netman
Error: (07/01/2013 07:30:41 PM) (Source: Service Control Manager) (User: )
Description: IPsec-Richtlinien-AgentBFE
Error: (07/01/2013 07:30:41 PM) (Source: Service Control Manager) (User: )
Description: IKE- und AuthIP IPsec-SchlüsselerstellungsmoduleBFE
Error: (07/01/2013 07:30:41 PM) (Source: Service Control Manager) (User: )
Description: Computerbrowser%%1060
Error: (07/01/2013 07:30:41 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058
Error: (07/01/2013 07:29:09 PM) (Source: Print) (User: NT-AUTORITÄT)
Description: Der Druckspooler konnte den Drucker hp psc 1300 series nicht unter dem Namen hp psc 1300 series freigeben. Fehler: 2114. Der Drucker kann nicht von anderen Benutzern im Netzwerk verwendet werden.
Error: (07/01/2013 07:27:57 PM) (Source: Service Control Manager) (User: )
Description: lxcf_device%%1053
Error: (07/01/2013 07:27:57 PM) (Source: Service Control Manager) (User: )
Description: 30000lxcf_device
Microsoft Office Sessions:
=========================
Error: (07/21/2013 09:49:26 PM) (Source: Application Error)(User: )
Description: winamp.exe5.5.8.29854c3b43eawinamp.exe5.5.8.29854c3b43eac00000050003fa19431c01ce86110b271600
Error: (05/20/2013 06:37:06 PM) (Source: System Restore)(User: )
Description: 0x81000101
Error: (05/20/2013 06:37:06 PM) (Source: System Restore)(User: )
Description: C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreationGeplanter Prüfpunkt0x81000101
Error: (03/21/2013 00:55:41 AM) (Source: Application Error)(User: )
Description: lxcfcoms.exe1.154.7.042602ef0unknown0.0.0.000000000c0000005002300c914d801ce25be06391687
Error: (02/25/2013 10:07:19 PM) (Source: Application Hang)(User: )
Description: firefox.exe18.0.2.478013b001ce0e1b3a0cd360314
Error: (02/16/2013 00:53:57 PM) (Source: MsiInstaller)(User: ***-pc)
Description: Produkt: Adobe Acrobat 6.0 Professional - English, Français, Deutsch -- Fehler 1706. Für das Produkt Adobe Acrobat 6.0 Professional - English, Français, Deutsch wurde kein Installationspaket gefunden. Wiederholen Sie die Installation und verwenden Sie dabei eine gültige Kopie des Installationspakets "AcroPro.msi".(NULL)(NULL)(NULL)(NULL)
Error: (02/06/2013 05:35:14 PM) (Source: System Restore)(User: )
Description: 0x81000101
Error: (02/06/2013 05:35:14 PM) (Source: System Restore)(User: )
Description: C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreationGeplanter Prüfpunkt0x81000101
Error: (02/06/2013 05:29:40 PM) (Source: VSS)(User: )
Description: \\?\Volume{cdd21cca-f371-11e0-ab69-806e6f6e6963}\00x000000000x000000000x800423140x00000000
Vorgang:
Asynchroner Vorgang wird ausgeführt
Kontext:
Aktueller Status: DoSnapshotSet
Error: (01/24/2013 04:44:57 PM) (Source: Perflib)(User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4
==================== Memory info ===========================
Percentage of memory in use: 57%
Total physical RAM: 2037.56 MB
Available physical RAM: 859.87 MB
Total Pagefile: 4292.69 MB
Available Pagefile: 2709.19 MB
Total Virtual: 2047.88 MB
Available Virtual: 1909.23 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:102.48 GB) (Free:40.63 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 112 GB) (Disk ID: 64D81BAE)
Partition 1: (Not Active) - (Size=9 GB) - (Type=27)
Partition 2: (Active) - (Size=102 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
FRST 32-Bit | FRST 64-Bit
TDSSKiller.exe und speichere diese Datei auf dem Desktop
AdwCleaner auf deinen Desktop.
WARNUNG an die MITLESER: 