Hokku zip datei geöffnet
 

Hallo

Icg habe diese zip datei geöffnet weil ich dachte, dass es eine mail von einem Buchkunden war.
jetzt habe ich ein problem.. mein pc ist extrem langsam udn die meine words docs haben die endung igmkfe udn und sind somit auch nicht mehr zu öffnen..

Wer kann mir da helfen?

Hallo und :hallo:

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!



Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

• Starte jetzt FRST.
• Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
• Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
• Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

[
FRST Logfile:

FRST Logfile:
--- --- ---

--- --- ---
]

[/Additional scan result of Farbar Recovery Scan Tool (x86) Version: 19-01-2015
Ran by Detlef at 2015-01-21 14:30:02
Running from C:\Users\Detlef\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The

adware programs should be uninstalled manually.)

Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.8.0.1430 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe

Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe

Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version:

11.0.10 - Adobe Systems Incorporated)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - )
Audiograbber 1.83 SE (HKLM\...\Audiograbber) (Version: 1.83 SE - Audiograbber)
Audiograbber MP3-Plugin (HKLM\...\Audiograbber-Lame) (Version: 1.0 - AG)
Biet-O-Matic v2.14.8 (HKLM\...\Biet-O-Matic v2.14.8) (Version: Biet-O-Matic v2.14.8 - BOM

Development Team)
BRAdmin Professional 3 (HKLM\...\{75C885D4-C758-4896-A3B4-90DA34B44C31}) (Version: 3.40.0006 -

Brother)
Broadcom 802.11 Wireless Driver (HKLM\...\{8991E763-21F5-4DEA-A938-5D9D77DCB488}) (Version:

1.0.0.0 - )
Brother HL-5140 (HKLM\...\Brother HL-5140) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 3.11 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.119.0.60 - Conexant)
ConvertHelper 2.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version: -

DownloadHelper)
Corel WinDVD 2010 (HKLM\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.4.251 - Corel

Inc.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-2331039535-1181406896-2111325039-1000\...\Dropbox) (Version: 1.4.12 -

Dropbox, Inc.)
ElsterFormular (HKLM\...\ElsterFormular) (Version: 15.1.13904 - Landesfinanzdirektion Thüringen)
Energy Management (HKLM\...\{AE1E24C2-E720-42D5-B8E1-48F71A97B4DB}) (Version: 4.3.1.5 - Lenovo)
FileParade Bundle (HKLM\...\FileParade Bundle) (Version: 1.0.0.0 - FileParade Bundle) <====

ATTENTION!
FormatFactory 3.0.1 (HKLM\...\FormatFactory) (Version: 3.0.1 - Free Time)
Free WMA to MP3 Converter 1.16 (HKLM\...\Free WMA to MP3 Converter_is1) (Version: - Jodix

Technologies Ltd.)
Free YouTube Download version 3.1.22.319 (HKLM\...\Free YouTube Download_is1) (Version:

3.1.22.319 - DVDVideoSoft Ltd.)
GMX SMS-Manager (HKLM\...\com.unitedinternet.ums.sms-mms-manager) (Version: 3.3 - 1 und 1

Internet AG)
GMX SMS-Manager (Version: 3.3 - 1 und 1 Internet AG) Hidden
High-Definition Video Playback 10 (Version: 7.0.11000.25.1 - Nero AG) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: -

Intel Corporation)
Internet Updater (HKLM\...\InternetUpdater) (Version: 2.6.52 - Parallel Lines Development, LLC)

<==== ATTENTION
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.28 - Irfan Skiljan)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.510 - Oracle)
Java(TM) 6 Update 17 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216017F0}) (Version: 6.0.170 - Sun

Microsystems, Inc.)
Java(TM) 6 Update 23 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216023FF}) (Version: 6.0.230 -

Oracle)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle

Corporation)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KMSpico v9.2.3 (HKLM\...\KMSpico_is1) (Version: 9.2.3 - )
Lenovo EasyCamera (HKLM\...\{FE7AD27A-62B1-44F6-B69C-25D1ECA94F5D}) (Version: 5.8.0.12 - Silicon

Motion)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Mediencenter 3.9.1055.64 (HKU\S-1-5-21-2331039535-1181406896-2111325039-1000\...\Mediencenter)

(Version: 3.9.1055.64 - Deutsche Telekom AG)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile)

(Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4

Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version:

4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4

Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Access Runtime (German) 2007 (HKLM\...\{90120000-001C-0407-0000-0000000FF1CE})

(Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 -

Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM\...\{D24DB8B9-BB6C-4334-9619-

BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.4.304.0 -

Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 -

Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8})

(Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07

-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2})

(Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-

DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-

21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-

BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-

88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version:

2.3.145.0 - Microsoft Corporation)
Mobile Partner (HKLM\...\Mobile Partner) (Version: 11.302.06.03.545 - Huawei Technologies

Co.,Ltd)
Mozilla Firefox 26.0 (x86 de) (HKLM\...\Mozilla Firefox 26.0 (x86 de)) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 26.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0

- Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0

- Microsoft Corporation)
MyPhoneExplorer (HKLM\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
Nero Burning ROM 10 (HKLM\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.0.10700.7.100

- Nero AG)
Nero Multimedia Suite 10 (HKLM\...\{277C1559-4CF7-44FF-8D07-98AA9C13AABD}) (Version: 10.0.11600 -

Nero AG)
Personal ID (HKLM\...\{F722209B-739E-40E4-ADB1-062BD032A0DB}) (Version: 1.8.5 - coolspot AG)
QuickSoftware - 1 (HKU\S-1-5-21-2331039535-1181406896-2111325039-1000\...\f1b2d6b2417860b8)

(Version: 1.1.14.4 - QuickBooker)
QuickSoftware (HKU\S-1-5-21-2331039535-1181406896-2111325039-1000\...\f1b1726c417a164f) (Version:

1.1.0.5 - QuickBooker)
Realtek Ethernet Controller Driver For Windows 7 (HKLM\...\{8833FFB6-5B0C-4764-81AA-

06DFEED9A476}) (Version: 7.18.322.2010 - Realtek)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version:

6.1.7600.30101 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-

0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: -

Microsoft)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 -

Microsoft Corporation)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype

Technologies S.A.)
Snagit 12 (HKLM\...\{affb3620-aa43-4653-a34d-19705d4e9f07}) (Version: 12.1.1.1747 - TechSmith

Corporation)
Snagit 12 (Version: 12.1.1 - TechSmith Corporation) Hidden
SpeedCommander 13 (HKLM\...\SpeedCommander 13) (Version: 13.30.6200 - SWE Sven Ritter)
TeamViewer 7 (HKLM\...\TeamViewer 7) (Version: 7.0.14484 - TeamViewer)
Trillian (HKLM\...\Trillian) (Version: - Cerulean Studios, LLC)
Updater (HKLM\...\{D54E3D9F-FEB8-4D2D-A138-B69A5C80080B}) (Version: 2.6.53 - Creative Island

Media, LLC) <==== ATTENTION
VLC media player 1.1.5 (HKLM\...\VLC media player) (Version: 1.1.5 - VideoLAN)
Winamp (HKLM\...\Winamp) (Version: 5.58 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-2331039535-1181406896-2111325039-1000\...\Winamp Detect)

(Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-

5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM\...\{C5398A89-516C-4DAF-BA07-

EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version: - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will

not be moved.)

CustomCLSID: HKU\S-1-5-21-2331039535-1181406896-2111325039-1000_Classes\CLSID\{005A3A96-BAC4-

4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Detlef\AppData\Roaming\Dropbox\bin\Dropbox.exe

(Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2331039535-1181406896-2111325039-1000_Classes\CLSID\{039B2CA5-3B41-

4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No

File
CustomCLSID: HKU\S-1-5-21-2331039535-1181406896-2111325039-1000_Classes\CLSID\{11CD84A3-A5E0-

43CB-B3DF-92C623C0E0E0}\InprocServer32 -> C:\windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2331039535-1181406896-2111325039-1000_Classes\CLSID\{22756E83-8EBC-

4B16-A4A4-0AA73BE497B1}\InprocServer32 -> C:\windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2331039535-1181406896-2111325039-1000_Classes\CLSID\{268502F4-815D-

4358-A8D6-B783FDB58EF0}\InprocServer32 -> C:\Users\Detlef\AppData\Roaming\Telekom

\MediencenterSync\DTAG.Mediencenter.ContextMenuHandler.dll (Deutsche Telekom AG)
CustomCLSID: HKU\S-1-5-21-2331039535-1181406896-2111325039-1000_Classes\CLSID\{2A235D7E-0358-

40E2-B51A-DE22F8F5C50D}\InprocServer32 -> C:\windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2331039535-1181406896-2111325039-1000_Classes\CLSID\{42481700-CF3C-

4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No

File
CustomCLSID: HKU\S-1-5-21-2331039535-1181406896-2111325039-1000_Classes\CLSID\{528EE335-5034-

4EFC-834E-63E5F02D2BC2}\InprocServer32 -> C:\Users\Detlef\AppData\Roaming\Telekom

\MediencenterSync\DTAG.Mediencenter.IconOverlayHandler.dll (Deutsche Telekom AG)
CustomCLSID: HKU\S-1-5-21-2331039535-1181406896-2111325039-1000_Classes\CLSID\{56C94D6A-7370-

4885-A04E-7097FE4E0BAF}\InprocServer32 -> C:\windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2331039535-1181406896-2111325039-1000_Classes\CLSID\{6066ADF0-9EB0-

43E5-ADB6-990F5A3B979C}\InprocServer32 -> C:\Users\Detlef\AppData\Roaming\Telekom

\MediencenterSync\DTAG.Mediencenter.IconOverlayHandler.dll (Deutsche Telekom AG)
CustomCLSID: HKU\S-1-5-21-2331039535-1181406896-2111325039-1000_Classes\CLSID\{672CDBDB-0270-

4EB9-83EC-216377522D21}\InprocServer32 -> C:\windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2331039535-1181406896-2111325039-1000_Classes\CLSID\{77BC4082-DB5F-

439A-8DC8-F9E24A63B0DE}\InprocServer32 -> C:\Users\Detlef\AppData\Roaming\Telekom

\MediencenterSync\DTAG.Mediencenter.IconOverlayHandler.dll (Deutsche Telekom AG)
CustomCLSID: HKU\S-1-5-21-2331039535-1181406896-2111325039-1000_Classes\CLSID\{841BFDCA-6A9A-

4EBC-BC7E-194AA5DCE428}\InprocServer32 -> C:\windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2331039535-1181406896-2111325039-1000_Classes\CLSID\{94330D48-EB33-

49BB-87F1-AD8C0352C010}\InprocServer32 -> C:\windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2331039535-1181406896-2111325039-1000_Classes\CLSID\{D0D38C6E-BF64-

4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No

File
CustomCLSID: HKU\S-1-5-21-2331039535-1181406896-2111325039-1000_Classes\CLSID\{F7CA46A9-ACA5-

45A6-967E-03FF5A282D01}\InprocServer32 -> C:\windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2331039535-1181406896-2111325039-1000_Classes\CLSID\{FB314ED9-A251-

47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Detlef\AppData\Roaming\Dropbox\bin

\DropboxExt.14.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2331039535-1181406896-2111325039-1000_Classes\CLSID\{FB314EDA-A251-

47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Detlef\AppData\Roaming\Dropbox\bin

\DropboxExt.14.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2331039535-1181406896-2111325039-1000_Classes\CLSID\{FB314EDB-A251-

47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Detlef\AppData\Roaming\Dropbox\bin

\DropboxExt.14.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2331039535-1181406896-2111325039-1000_Classes\CLSID\{FB314EDC-A251-

47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Detlef\AppData\Roaming\Dropbox\bin

\DropboxExt.14.dll (Dropbox, Inc.)

==================== Restore Points =========================

ATTENTION: System Restore is disabled.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 02:04 - 2009-06-10 21:39 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file

could be listed separately to be moved.)

Task: {0647F01A-4C83-4EC4-88F8-D7429C48415A} - System32\Tasks

\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center

\ipoint.exe [2013-09-04] (Microsoft Corporation)
Task: {0AD9F653-C766-483A-A9C3-E73115086DCD} - System32\Tasks\AutoKMS => C:\windows\AutoKMS.exe
Task: {0B8E33BA-7174-4D80-85A5-4F66CB6B3D2B} - System32\Tasks\cewvuae => C:\Users\Detlef\AppData

\Local\Temp\jptfujf.exe [2015-01-21] () <==== ATTENTION
Task: {126F1A39-D466-4B99-8218-AD1EA1292593} - System32\Tasks\{48BAE31D-34D3-4EFA-9386-

8DCA5297DF7A} => Firefox.exe hxxp://www.skype.com/go/downloading?

source=lightinstaller&amp;ver=5.1.0.104.259&amp;LastError=12002
Task: {24D1EAE2-E0F1-4683-9C1C-4F98288E6028} - System32\Tasks\{81633AD6-2EEF-49DB-9B77-

5B073711CF0A} => pcalua.exe -a "C:\Users\Detlef\AppData\Local\Microsoft\Windows\Temporary

Internet Files\Content.IE5\9IJRD2N5\SpyHunter-Installer.exe" -d C:\Users\Detlef\Desktop
Task: {2770E9C3-2D2C-42E6-9DFC-8B5E43853CFE} - System32\Tasks\{02AEEFF2-2CF3-4F94-B473-

AADB735D3FAB} => Firefox.exe hxxp://ui.skype.com/ui/0/5.8.0.158/en/abandoninstall?

page=tsProgressBar
Task: {3F7E3D86-5752-4978-BE34-3C4663BD7BAD} - System32\Tasks

\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and

Keyboard Center\mousekeyboardcenter.exe [2013-09-04] (Microsoft)
Task: {5021DFB7-6C07-44C0-927F-8A0A3E9248AF} - System32\Tasks\{6B54D27E-3BF0-46DB-A242-

DC36F611144B} => Firefox.exe hxxp://ui.skype.com/ui/0/5.8.0.158/en/abandoninstall?

page=tsProgressBar
Task: {662AFEC8-4B9F-4EC8-9220-6836C63BC3FE} - System32\Tasks\OfficeSoftwareProtectionPlatform

\SvcRestartTask => Sc.exe start osppsvc
Task: {69B57400-D34E-423C-B3DD-C3085EEF8BF1} - System32\Tasks\AutoPico Daily Restart => C:

\Program Files\KMSpico\AutoPico.exe [2014-03-02] ()
Task: {759E1509-912E-4A42-8AEB-1CD8471BF64F} - System32\Tasks\Adobe Flash Player Updater => C:

\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-18] (Adobe Systems

Incorporated)
Task: {933B3E73-2CEE-4C5F-BABD-D35AA51C72C3} - System32\Tasks\TechSmith Updater => C:\Program

Files\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe [2014-05-30] (TechSmith Corporation)
Task: {C1A94141-1EF2-4D74-9FE4-2906FB82A20E} - System32\Tasks\{CD21D1D2-1473-4BB2-B346-

3D2D5D9DFA26} => Firefox.exe hxxp://ui.skype.com/ui/0/5.5.0.124/en/abandoninstall?

page=tsPlugin&amp;installinfo=google-toolbar:notoffered;notincluded,google-

chrome:notoffered;disabled
Task: {CC2113E6-B439-42CC-972A-03EC20D32F8B} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe

=> c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-09-04] (Microsoft

Corporation)
Task: {D1FB4358-F26E-4936-B579-422C0783C2D3} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe

=> c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-09-04] (Microsoft

Corporation)
Task: {DEB9D4AF-E448-4171-BC6A-8D36144E67CA} - System32\Tasks\{B4532431-5C67-4575-8E5A-

DCAC9B5FC9E6} => Firefox.exe hxxp://ui.skype.com/ui/0/6.6.0.106/de/abandoninstall?page=tsMain
Task: {E1E2153A-7355-4960-9E45-C3AFA85F9580} - System32\Tasks\{CBFB3CFD-7ECE-4673-8570-

5A000A556DA3} => C:\Program Files\Skype\\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {FCFEC977-6078-453B-8017-FCC8CA15C592} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe

=> c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-09-04] (Microsoft

Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is

running by the task will not be moved.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash

\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files

\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files

\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files\Spybot

- Search & Destroy 2\SDScan.exe
Task: C:\windows\Tasks\SidebarExecute.job => C:\Program Files\Windows Sidebar\sidebar.exe

==================== Loaded Modules (whitelisted) =============

2011-02-01 11:25 - 2010-08-04 16:38 - 00065536 _____ () C:\Program Files\Brother\BRAdmin

Professional 3\bratimer.exe
2013-09-04 23:14 - 2013-09-04 23:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft

shared\OFFICE14\Cultures\OFFICE.ODF
2011-03-23 13:00 - 2010-03-15 10:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2005-10-11 18:54 - 2005-10-11 18:54 - 00339968 _____ () C:\Windows\vsnpstd.exe
2010-11-27 02:46 - 2008-12-20 03:20 - 00063304 _____ () C:\Program Files\Lenovo\Energy

Management\kbdhook.dll
2010-11-27 02:46 - 2008-12-20 03:20 - 00051016 _____ () C:\Program Files\Lenovo\Energy

Management\HookLib.dll
2010-11-27 02:44 - 2009-06-05 16:36 - 00217088 _____ () C:\windows\system32\370prop.ax
2013-09-04 23:14 - 2013-09-04 23:14 - 04300456 _____ () C:\Program Files\Common Files\Microsoft

Shared\office14\Cultures\office.odf
2013-02-14 13:46 - 2013-02-14 13:46 - 01044048 _____ () C:\Program Files\Microsoft Office

\Office14\ADDINS\UmOutlookAddin.dll
2013-12-20 21:44 - 2013-12-20 21:44 - 03559024 _____ () C:\Program Files\Mozilla Firefox

\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:373E1720

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The

"AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will

be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Launcher.lnk

=> C:\windows\pss\Launcher.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Detlef^AppData^Roaming^Microsoft^Windows^Start

Menu^Programs^Startup^GMX-SMS-Manager.lnk => C:\windows\pss\GMX-SMS-Manager.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader

\Reader_sl.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe"

/DelayServices
MSCONFIG\startupreg: Facebook Update => "C:\Users\Detlef\AppData\Local\Facebook\Update

\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Personal ID => C:\COOLSP~1\PERSON~1\PID.EXE
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
MSCONFIG\startupreg: VeriFaceManager => C:\Program Files\Lenovo\VeriFace\PManage.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-2331039535-1181406896-2111325039-500 - Administrator - Disabled)
Detlef (S-1-5-21-2331039535-1181406896-2111325039-1000 - Administrator - Enabled) => C:\Users

\Detlef
Gast (S-1-5-21-2331039535-1181406896-2111325039-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2331039535-1181406896-2111325039-1004 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: MpKsl278c1984
Description: MpKsl278c1984
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: MpKsl278c1984
Problem: : This device is not present, is not working properly, or does not have all its drivers

installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a

new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be

resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/21/2015 01:07:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GROOVE.EXE, Version: 14.0.7011.1000, Zeitstempel:

0x513a7cc7
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb10c6
Ausnahmecode: 0xe0000002
Fehleroffset: 0x0000812f
ID des fehlerhaften Prozesses: 0x1638
Startzeit der fehlerhaften Anwendung: 0xGROOVE.EXE0
Pfad der fehlerhaften Anwendung: GROOVE.EXE1
Pfad des fehlerhaften Moduls: GROOVE.EXE2
Berichtskennung: GROOVE.EXE3

Error: (01/21/2015 01:07:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GROOVE.EXE, Version: 14.0.7011.1000, Zeitstempel:

0x513a7cc7
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb10c6
Ausnahmecode: 0xe0000002
Fehleroffset: 0x0000812f
ID des fehlerhaften Prozesses: 0xb08
Startzeit der fehlerhaften Anwendung: 0xGROOVE.EXE0
Pfad der fehlerhaften Anwendung: GROOVE.EXE1
Pfad des fehlerhaften Moduls: GROOVE.EXE2
Berichtskennung: GROOVE.EXE3

Error: (01/21/2015 11:10:03 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location

%APPDATA%\.

Error: (01/21/2015 11:10:03 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location

%APPDATA%\.

Error: (01/18/2015 08:30:55 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: "Auf diesem Laufwerk ist nicht genügend

Speicherplatz zum Speichern der Sicherung verfügbar. Löschen Sie ältere Sicherungen und nicht

benötigte Daten, um Speicherplatz freizugeben, oder ändern Sie die Sicherungseinstellungen.

(0x81000005)"

Error: (01/16/2015 04:44:05 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-

Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="

win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-

Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="

win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (01/16/2015 04:42:11 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für

"Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",

version="9.0.21022.8"1".
Die abhängige Assemblierung

"Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",

version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (01/16/2015 04:19:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Mediencenter.exe, Version: 3.9.1055.64,

Zeitstempel: 0x5399a4be
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x040de2f3
ID des fehlerhaften Prozesses: 0xe20
Startzeit der fehlerhaften Anwendung: 0xMediencenter.exe0
Pfad der fehlerhaften Anwendung: Mediencenter.exe1
Pfad des fehlerhaften Moduls: Mediencenter.exe2
Berichtskennung: Mediencenter.exe3

Error: (01/16/2015 04:19:29 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Mediencenter.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess

wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen:

System.NullReferenceException
Stapel:
bei

DTAG.Mediencenter.Client.Services.NamedPipes.NpServiceHost.Close()
bei

DTAG.Mediencenter.Client.Controller.ApplicationController.CloseInterProcessCommunication()
bei

DTAG.Mediencenter.Client.Controller.ApplicationController.GoOffline(Boolean)
bei

DTAG.Mediencenter.Client.Controller.ApplicationController

+<>c__DisplayClassb.<HandleConnectionError>b__a()
bei

System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)


bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate,

System.Object, Int32, System.Delegate)
bei

System.Windows.Threading.DispatcherOperation.InvokeImpl()
bei

System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
bei

System.Threading.ExecutionContext.runTryCode(System.Object)
bei

System.Runtime.CompilerServices.RuntimeHelpers.ExecuteCodeWithGuaranteedCleanup(TryCode,

CleanupCode, System.Object)
bei System.Threading.ExecutionContext.RunInternal

(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei

System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext,

System.Threading.ContextCallback, System.Object, Boolean)
bei

System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext,

System.Threading.ContextCallback, System.Object)
bei

System.Windows.Threading.DispatcherOperation.Invoke()
bei

System.Windows.Threading.Dispatcher.ProcessQueue()
bei

System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)


bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei

MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
bei

System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)


bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate,

System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.InvokeImpl

(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object,

Int32)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei

MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
bei

System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
bei

System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
bei

System.Windows.Application.RunDispatcher(System.Object)
bei

System.Windows.Application.RunInternal(System.Windows.Window)
bei

System.Windows.Application.Run(System.Windows.Window)
bei DTAG.Mediencenter.Client.App.Main()

Error: (01/16/2015 01:12:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm OUTLOOK.EXE, Version 14.0.7109.5000 kann nicht mehr unter Windows

ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-

Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 15a8

Startzeit: 01d0317cc2ddbb24

Endzeit: 120

Anwendungspfad: C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE

Berichts-ID: 5c832353-9d81-11e4-aa40-1c7508558a7c


System errors:
=============
Error: (01/21/2015 02:25:02 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

Neue Signaturversion:

Vorherige Signaturversion: 1.191.2526.0

Aktualisierungsquelle: %NT-AUTORITÄT59

Aktualisierungsphase: 4.4.0304.00

Quellpfad: 4.4.0304.01

Signaturtyp: %NT-AUTORITÄT602

Aktualisierungstyp: %NT-AUTORITÄT604

Benutzer: NT-AUTORITÄT\SYSTEM

Aktuelle Modulversion: %NT-AUTORITÄT605

Vorherige Modulversion: %NT-AUTORITÄT606

Fehlercode: %NT-AUTORITÄT607

Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (01/21/2015 02:01:49 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053VSS{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}

Error: (01/21/2015 02:01:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Volumeschattenkopie" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (01/21/2015 02:01:48 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst

Volumeschattenkopie erreicht.

Error: (01/21/2015 01:04:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Wajam Internet Enhancer Service" wurde aufgrund folgenden Fehlers nicht

gestartet:
%%2

Error: (01/21/2015 01:04:00 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem Fehler

beendet: %%-2147023143.

Error: (01/21/2015 01:03:53 PM) (Source: Service Control Manager) (EventID: 7002) (User: )
Description: Der Dienst "BrPar" ist von der Gruppe "Parallel arbitrator" abhängig. Kein Mitglied

dieser Gruppe wurde jedoch gestartet.

Error: (01/21/2015 11:18:03 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

Neue Signaturversion:

Vorherige Signaturversion: 1.191.2526.0

Aktualisierungsquelle: %NT-AUTORITÄT59

Aktualisierungsphase: 4.4.0304.00

Quellpfad: 4.4.0304.01

Signaturtyp: %NT-AUTORITÄT602

Aktualisierungstyp: %NT-AUTORITÄT604

Benutzer: NT-AUTORITÄT\SYSTEM

Aktuelle Modulversion: %NT-AUTORITÄT605

Vorherige Modulversion: %NT-AUTORITÄT606

Fehlercode: %NT-AUTORITÄT607

Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (01/21/2015 11:08:34 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (01/21/2015 11:07:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Wajam Internet Enhancer Service" wurde aufgrund folgenden Fehlers nicht

gestartet:
%%2


Microsoft Office Sessions:
=========================
Error: (01/21/2015 01:07:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description:

GROOVE.EXE14.0.7011.1000513a7cc7KERNELBASE.dll6.1.7601.1822951fb10c6e00000020000812f163801d0357b3

36051f7C:\Program Files\Microsoft Office\Office14\GROOVE.EXEC:\windows

\system32\KERNELBASE.dll74ff0eb9-a16e-11e4-aacb-1c7508558a7c

Error: (01/21/2015 01:07:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description:

GROOVE.EXE14.0.7011.1000513a7cc7KERNELBASE.dll6.1.7601.1822951fb10c6e00000020000812fb0801d0357add

630658C:\Program Files\Microsoft Office\Office14\GROOVE.EXEC:\windows

\system32\KERNELBASE.dll62bcf920-a16e-11e4-aacb-1c7508558a7c

Error: (01/21/2015 11:10:03 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location

%APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (01/21/2015 11:10:03 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location

%APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (01/18/2015 08:30:55 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Auf diesem Laufwerk ist nicht genügend Speicherplatz zum Speichern der Sicherung

verfügbar. Löschen Sie ältere Sicherungen und nicht benötigte Daten, um Speicherplatz

freizugeben, oder ändern Sie die Sicherungseinstellungen. (0x81000005)

Error: (01/16/2015 04:44:05 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-

Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="

win32",version="6.0.0.0"c:\program files\silicon motion\lenovo easycamera\driverpackage

\DPInst64.exe

Error: (01/16/2015 04:42:11 PM) (Source: SideBySide) (EventID: 33) (User: )
Description:

Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",v

ersion="9.0.21022.8"c:\program files\Trillian\plugins\ingame\ingame_64.exe

Error: (01/16/2015 04:19:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description:

Mediencenter.exe3.9.1055.645399a4beunknown0.0.0.000000000c0000005040de2f3e2001d0317c97843010C:

\Users\Detlef\AppData\Roaming\Telekom\MediencenterSync\Mediencenter.exeunknown7402e87d-9d9b-11e4

-aa40-1c7508558a7c

Error: (01/16/2015 04:19:29 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Mediencenter.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess

wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen:

System.NullReferenceException
Stapel:
bei

DTAG.Mediencenter.Client.Services.NamedPipes.NpServiceHost.Close()
bei

DTAG.Mediencenter.Client.Controller.ApplicationController.CloseInterProcessCommunication()
bei

DTAG.Mediencenter.Client.Controller.ApplicationController.GoOffline(Boolean)
bei

DTAG.Mediencenter.Client.Controller.ApplicationController

+<>c__DisplayClassb.<HandleConnectionError>b__a()
bei

System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)


bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate,

System.Object, Int32, System.Delegate)
bei

System.Windows.Threading.DispatcherOperation.InvokeImpl()
bei

System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
bei

System.Threading.ExecutionContext.runTryCode(System.Object)
bei

System.Runtime.CompilerServices.RuntimeHelpers.ExecuteCodeWithGuaranteedCleanup(TryCode,

CleanupCode, System.Object)
bei System.Threading.ExecutionContext.RunInternal

(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei

System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext,

System.Threading.ContextCallback, System.Object, Boolean)
bei

System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext,

System.Threading.ContextCallback, System.Object)
bei

System.Windows.Threading.DispatcherOperation.Invoke()
bei

System.Windows.Threading.Dispatcher.ProcessQueue()
bei

System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)


bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei

MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
bei

System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)


bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate,

System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.InvokeImpl

(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object,

Int32)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei

MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
bei

System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
bei

System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
bei

System.Windows.Application.RunDispatcher(System.Object)
bei

System.Windows.Application.RunInternal(System.Windows.Window)
bei

System.Windows.Application.Run(System.Windows.Window)
bei DTAG.Mediencenter.Client.App.Main()

Error: (01/16/2015 01:12:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: OUTLOOK.EXE14.0.7109.500015a801d0317cc2ddbb24120C:\Program Files\Microsoft Office

\Office14\OUTLOOK.EXE5c832353-9d81-11e4-aa40-1c7508558a7c


==================== Memory info ===========================

Processor: Celeron(R) Dual-Core CPU T3500 @ 2.10GHz
Percentage of memory in use: 86%
Total physical RAM: 2008.6 MB
Available physical RAM: 263.41 MB
Total Pagefile: 4017.2 MB
Available Pagefile: 2129.88 MB
Total Virtual: 2047.88 MB
Available Virtual: 1893.56 MB

==================== Drives ================================

Drive c: (Festplatte) (Fixed) (Total:187.69 GB) (Free:92.83 GB) NTFS
Drive d: (Treiber) (Fixed) (Total:30.25 GB) (Free:0 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: EFB06E8E)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=187.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=30.2 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12)

==================== End Of Log ============================]

Vielen Dank für deine Antwort..

ich hoffe, das war richtig so?

Mit den Logs so kann ich nicht viel anfangen. Du musst sie richtig posten, in CODE-Tags und ohne Zeilenumbrüche. Aber ich sehe schon zwei Punkte:

1. Illegale Software - MS Office




2. Rootkitbefall