|
Plagegeister aller Art und deren Bekämpfung: Bluescreen mit weisser SchriftWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
01.08.2013, 09:46 | #1 |
| Bluescreen mit weisser Schrift Hallo Helfer Vor einem Jahr hatte mein Notebook (damals fast neu) einen Bluescreen mit weisser Schrift. Nachdem ich irgendwas geklickt hatte (ich hatte keine Wahl, etwas anderes zu klicken), hat es wie verrückt x-mal runter und raufgefahren und sich (während meinem ausgiebigen Heul-Schreikrampf) komplett neu installiert. Das dauerte dann etwa eine bis zwei Stunden. Danach waren alle Daten weg, aber das Notebook auf Kaufzustand zurückgesetzt und voll fuktinosfähig. Ich habe immer noch keine Ahnung, was das damals sollte. Nun zum neuen Problem: Die letzten Tage war es wieder langsamer und es gab ein paar Aussetzer (schwarzer Bildschirm). Bis dann vorgestern sich wieder mal ein Bluescreen mit weisser Schrift zeigte. Was ich von euch wissen möchte: Ist dies Alarmstufe rot? Ich lerne momentan auf Prüfungen, 10-12 Stunden pro Tag, deshalb ist die Zeit sehr knapp. Daher erst mal die Frage, ob ich sofort reagieren muss oder noch ein paar Tage warten kann. Ich danke euch! |
01.08.2013, 11:13 | #2 |
/// the machine /// TB-Ausbilder | Bluescreen mit weisser Schrift hi,
__________________ich würde direkt reagieren. Was stand genau im Bluescreen? Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
01.08.2013, 13:32 | #3 |
| Bluescreen mit weisser Schrift Danke für die Rückmeldung! Was auf dem Screen stand, weiss ich leider nicht mehr. Ich hab mir nicht überlegt, dies zu dokumentieren.
__________________Anbei die Reports: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-07-2013 03 Ran by Benutzer (administrator) on 01-08-2013 14:19:17 Running from C:\Users\Benutzer\Downloads Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AVG Technologies CZ, s.r.o.) C:\PROGRA~2\AVG\AVG2013\avgrsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (Microsoft Corporation) C:\Windows\system32\WLANExt.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe (Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe () C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (Software 2000 Limited) C:\Windows\system32\spool\DRIVERS\x64\3\HP1006MC.EXE (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe () C:\Windows\SysWOW64\DptfParticipantProcessorService.exe () C:\Windows\SysWOW64\DptfPolicyConfigTDPService.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe (Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS) C:\Windows\AsScrPro.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe (ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) C:\Windows\splwow64.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12460136 2012-03-29] (Realtek Semiconductor) HKLM\...\Run: [BLEServicesCtrl] - C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [178960 2012-03-15] (Intel Corporation) HKLM\...\Run: [BTMTrayAgent] - rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp [x] HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2876304 2013-01-03] (ELAN Microelectronics Corp.) HKCU\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-06] (Acresso Corporation) MountPoints2: {2e3ce803-ef84-11e2-ad7a-c485082809d2} - E:\cdrun.exe HKLM-x32\...\Run: [ASUSPRP] - C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2984688 2011-08-29] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-26] (Intel Corporation) HKLM-x32\...\Run: [Wireless Console 3] - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2321072 2012-02-03] (ASUSTeK Computer Inc.) HKLM-x32\...\Run: [ACMON] - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [102568 2012-02-22] (ASUS) HKLM-x32\...\Run: [ASUS Screen Saver Protector] - C:\Windows\AsScrPro.exe [3058304 2013-03-07] (ASUS) HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-07-02] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.) HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411440 2013-07-01] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [] - [x] HKLM-x32\...\Run: [HPUsageTracking] - C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe [24576 2009-05-11] (Hewlett-Packard Company) HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208 2012-06-25] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174752 2012-06-19] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {91607fa7-3c2f-4f90-93e3-d5337a6b0ac2} URL = Playbryte-fa-amon/search/redirect/?type=default&user_id=2109361b-806c-4bb3-8b2a-5cee53d9148e&query={searchTerms} BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation) Toolbar: HKLM-x32 - No Name - {b278d9f8-0fa9-465e-9938-0c392605d8e3} - No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 62.2.24.162 62.2.17.61 62.2.24.158 62.2.17.60 FireFox: ======== FF ProfilePath: C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\grwdcmge.default FF user.js: detected! => C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\grwdcmge.default\user.js FF SelectedSearchEngine: eBay FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: ZEON/PDF,version=2.0 - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation) FF SearchPlugin: C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\grwdcmge.default\searchplugins\SweetIM Search.xml FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-07-02] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-02] (Avira Operations GmbH & Co. KG) R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-04-13] (ASUS) R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-07-23] (AVG Technologies CZ, s.r.o.) R2 DptfParticipantProcessorService; C:\Windows\SysWOW64\DptfParticipantProcessorService.exe [18944 2012-02-20] () R2 DptfPolicyConfigTDPService; C:\Windows\SysWOW64\DptfPolicyConfigTDPService.exe [19968 2012-02-20] () R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] () R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193536 2012-04-10] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-03-29] () R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2402080 2013-01-28] (TuneUp Software) R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-03-29] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== R3 AiCharger; C:\Windows\SysWow64\DRIVERS\AiCharger.sys [17152 2012-02-29] (ASUSTek Computer Inc.) R3 AsusVBus; C:\Windows\System32\DRIVERS\AsusVBus.sys [35968 2011-12-22] (Windows (R) Win 7 DDK provider) R3 AsusVTouch; C:\Windows\System32\DRIVERS\AsusVTouch.sys [16512 2011-11-08] (Windows (R) Win 7 DDK provider) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-31] (Avira Operations GmbH & Co. KG) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-07-10] (AVG Technologies CZ, s.r.o.) R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-21] (AVG Technologies CZ, s.r.o.) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-31] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-31] (Avira Operations GmbH & Co. KG) S3 AX88772B; C:\Windows\System32\DRIVERS\ax88772b.sys [110592 2012-04-05] (ASIX Electronics Corp.) R3 DptfDevDram; C:\Windows\System32\DRIVERS\DptfDevDram.sys [107288 2012-02-20] (Intel Corporation) R3 DptfDevFan; C:\Windows\System32\DRIVERS\DptfDevFan.sys [42776 2012-02-20] (Intel Corporation) R3 DptfDevGen; C:\Windows\System32\DRIVERS\DptfDevGen.sys [64792 2012-02-20] (Intel Corporation) R3 DptfDevPch; C:\Windows\System32\DRIVERS\DptfDevPch.sys [96024 2012-02-20] (Intel Corporation) R3 DptfDevProc; C:\Windows\System32\DRIVERS\DptfDevProc.sys [220952 2012-02-20] (Intel Corporation) R3 DptfManager; C:\Windows\System32\DRIVERS\DptfManager.sys [357656 2012-02-20] (Intel Corporation) R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2012-04-10] (Intel Corporation) R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( ) R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw00.sys [11471872 2012-03-13] (Intel Corporation) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-08-01 14:17 - 2013-08-01 14:17 - 01781589 _____ (Farbar) C:\Users\Benutzer\Downloads\FRST64.exe 2013-08-01 14:17 - 2013-08-01 14:17 - 00000000 ____D C:\FRST 2013-08-01 11:32 - 2013-08-01 11:32 - 00003694 _____ C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm 2013-08-01 10:02 - 2013-08-01 10:02 - 28181424 _____ (TuneUp Software) C:\Users\Benutzer\Downloads\TuneUpUtilities2013_de-DE(1).exe 2013-07-31 19:02 - 2013-07-31 19:02 - 00000000 ____D C:\Users\Benutzer\AppData\Local\{11C37A46-B5E6-4C80-B210-CB61C6BB5963} 2013-07-29 19:17 - 2013-07-29 19:17 - 629150173 _____ C:\Windows\MEMORY.DMP 2013-07-29 19:17 - 2013-07-29 19:17 - 00281376 _____ C:\Windows\Minidump\072913-12823-01.dmp 2013-07-29 19:17 - 2013-07-29 19:17 - 00000000 ____D C:\Windows\Minidump 2013-07-28 15:31 - 2013-07-28 15:31 - 00000000 ____D C:\Users\Benutzer\AppData\Local\{040FA9D1-08F4-415B-96FE-62EB6F3DB39E} 2013-07-27 21:25 - 2013-07-27 21:25 - 00000000 ____D C:\Users\Benutzer\AppData\Local\{EF7966FB-1089-49ED-84BA-8065ADFF12CA} 2013-07-20 01:51 - 2013-07-20 01:51 - 00311608 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys 2013-07-20 01:50 - 2013-07-20 01:50 - 00246072 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys 2013-07-20 01:50 - 2013-07-20 01:50 - 00206648 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys 2013-07-20 01:50 - 2013-07-20 01:50 - 00071480 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys 2013-07-17 17:39 - 2013-07-17 17:39 - 00000000 ____D C:\Users\Benutzer\AppData\Local\{5717DDF1-DA72-45C2-96CB-1D86F31672C5} 2013-07-17 12:57 - 2013-07-17 18:02 - 00000000 ____D C:\Users\Benutzer\Documents\PRIVAT 2013-07-16 21:39 - 2013-07-16 21:39 - 00002021 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk 2013-07-16 21:39 - 2013-07-16 21:39 - 00000000 ____D C:\Program Files (x86)\Adobe 2013-07-15 15:00 - 2013-07-16 21:40 - 00000000 ____D C:\Users\Benutzer\AppData\Local\Adobe 2013-07-12 16:03 - 2013-07-12 16:03 - 00000000 ____D C:\Users\Benutzer\AppData\Local\{92DED415-0EE7-42B1-8D0E-B1195FF58C86} 2013-07-10 01:32 - 2013-07-10 01:32 - 00045880 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys 2013-07-06 15:13 - 2013-07-06 15:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox ==================== One Month Modified Files and Folders ======= 2013-08-01 14:17 - 2013-08-01 14:17 - 01781589 _____ (Farbar) C:\Users\Benutzer\Downloads\FRST64.exe 2013-08-01 14:17 - 2013-08-01 14:17 - 00000000 ____D C:\FRST 2013-08-01 14:17 - 2013-04-26 18:45 - 00000000 ____D C:\Users\Benutzer\Desktop\Akademie 2013-08-01 13:54 - 2013-06-22 14:12 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-08-01 11:32 - 2013-08-01 11:32 - 00003694 _____ C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm 2013-08-01 11:31 - 2013-03-07 00:20 - 00000000 ____D C:\Users\Benutzer\AppData\Local\Microsoft Help 2013-08-01 11:22 - 2009-07-14 06:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-08-01 11:22 - 2009-07-14 06:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-08-01 11:19 - 2011-08-30 22:41 - 02236076 _____ C:\Windows\system32\perfh007.dat 2013-08-01 11:19 - 2011-08-30 22:41 - 00685206 _____ C:\Windows\system32\perfc007.dat 2013-08-01 11:19 - 2009-07-14 07:13 - 00006182 _____ C:\Windows\system32\PerfStringBackup.INI 2013-08-01 11:18 - 2013-03-07 07:19 - 01343703 _____ C:\Windows\WindowsUpdate.log 2013-08-01 11:15 - 2013-03-07 07:22 - 00000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job 2013-08-01 11:15 - 2013-03-06 22:38 - 00000380 _____ C:\Users\Benutzer\AppData\Roaming\sp_data.sys 2013-08-01 11:15 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-08-01 11:15 - 2009-07-14 06:51 - 00065583 _____ C:\Windows\setupact.log 2013-08-01 10:20 - 2013-03-07 07:22 - 00000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job 2013-08-01 10:03 - 2013-04-30 22:22 - 00000000 ____D C:\ProgramData\MFAData 2013-08-01 10:02 - 2013-08-01 10:02 - 28181424 _____ (TuneUp Software) C:\Users\Benutzer\Downloads\TuneUpUtilities2013_de-DE(1).exe 2013-07-31 19:02 - 2013-07-31 19:02 - 00000000 ____D C:\Users\Benutzer\AppData\Local\{11C37A46-B5E6-4C80-B210-CB61C6BB5963} 2013-07-31 12:44 - 2013-04-30 22:25 - 00000983 _____ C:\Users\Public\Desktop\AVG 2013.lnk 2013-07-29 19:17 - 2013-07-29 19:17 - 629150173 _____ C:\Windows\MEMORY.DMP 2013-07-29 19:17 - 2013-07-29 19:17 - 00281376 _____ C:\Windows\Minidump\072913-12823-01.dmp 2013-07-29 19:17 - 2013-07-29 19:17 - 00000000 ____D C:\Windows\Minidump 2013-07-29 11:50 - 2011-08-29 08:46 - 00038242 _____ C:\Windows\PFRO.log 2013-07-28 15:31 - 2013-07-28 15:31 - 00000000 ____D C:\Users\Benutzer\AppData\Local\{040FA9D1-08F4-415B-96FE-62EB6F3DB39E} 2013-07-27 21:25 - 2013-07-27 21:25 - 00000000 ____D C:\Users\Benutzer\AppData\Local\{EF7966FB-1089-49ED-84BA-8065ADFF12CA} 2013-07-20 01:51 - 2013-07-20 01:51 - 00311608 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys 2013-07-20 01:50 - 2013-07-20 01:50 - 00246072 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys 2013-07-20 01:50 - 2013-07-20 01:50 - 00206648 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys 2013-07-20 01:50 - 2013-07-20 01:50 - 00071480 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys 2013-07-17 18:02 - 2013-07-17 12:57 - 00000000 ____D C:\Users\Benutzer\Documents\PRIVAT 2013-07-17 17:39 - 2013-07-17 17:39 - 00000000 ____D C:\Users\Benutzer\AppData\Local\{5717DDF1-DA72-45C2-96CB-1D86F31672C5} 2013-07-16 21:40 - 2013-07-15 15:00 - 00000000 ____D C:\Users\Benutzer\AppData\Local\Adobe 2013-07-16 21:40 - 2013-04-15 21:24 - 00000000 ____D C:\ProgramData\Adobe 2013-07-16 21:40 - 2013-03-07 00:10 - 00000000 ____D C:\Users\Benutzer\AppData\Roaming\Adobe 2013-07-16 21:39 - 2013-07-16 21:39 - 00002021 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk 2013-07-16 21:39 - 2013-07-16 21:39 - 00000000 ____D C:\Program Files (x86)\Adobe 2013-07-12 16:03 - 2013-07-12 16:03 - 00000000 ____D C:\Users\Benutzer\AppData\Local\{92DED415-0EE7-42B1-8D0E-B1195FF58C86} 2013-07-10 01:32 - 2013-07-10 01:32 - 00045880 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys 2013-07-09 10:54 - 2013-03-10 14:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-07-06 15:13 - 2013-07-06 15:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-07-02 13:05 - 2013-05-07 22:32 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-07-24 14:26 ==================== End Of Log ============================ --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-07-2013 03 Ran by Benutzer at 2013-08-01 14:19:44 Running from C:\Users\Benutzer\Downloads Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= 2013 (Version: 2013.0.3392) Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224) Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03) Adobe Shockwave Player 12.0 (x32 Version: 12.0.2.122) Apple Application Support (x32 Version: 2.3.3) Apple Mobile Device Support (Version: 6.1.0.13) Apple Software Update (x32 Version: 2.1.3.127) ASUS AI Recovery (x32 Version: 1.0.24) ASUS FaceLogon (x32 Version: 1.0.0014) ASUS LifeFrame3 (x32 Version: 3.1.1) ASUS Live Update (x32 Version: 3.1.7) ASUS Power4Gear Hybrid (Version: 1.2.1) ASUS PWR Option (x32 Version: 1.1.0) ASUS Secure Delete (Version: 1.00.0009) ASUS Splendid Video Enhancement Technology (x32 Version: 1.02.0041) ASUS Tutor (x32 Version: 1.0.3) ASUS USB Charger Plus (x32 Version: 2.0.9) ASUS Virtual Touch (x32 Version: 1.0.9) ASUS_Scr_ZenbookPrime (x32 Version: 1.0.0001) ATK Package (x32 Version: 1.0.0020) AVG 2013 (Version: 13.0.3209) AVG 2013 (Version: 13.0.3392) Avira Free Antivirus (x32 Version: 13.0.0.3884) AX88772B Windows 7 Drivers (x32 Version: 1.0.2.0) Bonjour (Version: 3.0.0.10) Contrôle ActiveX Windows Live Mesh pour connexions à distance (x32 Version: 15.4.5722.2) D3DX10 (x32 Version: 15.4.2368.0902) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32) ETDWare PS/2-X64 11.5.6.6_WHQL (Version: 11.5.6.6) Galerie de photos Windows Live (x32 Version: 15.4.3502.0922) HP LaserJet P1500 series (x32) hppMSRedist (x32 Version: 1.00.0000) hppusgP1500 (x32 Version: 1.1.0.1) HPSSupply (x32 Version: 2.1.1.0000) InstantOn for NB (x32 Version: 2.3.2) Intel PROSet Wireless Intel(R) Dynamic Platform & Thermal Framework (x32 Version: 6.0.1.1067) Intel(R) Manageability Engine Firmware Recovery Agent (x32 Version: 1.0.0.35342) Intel(R) Management Engine Components (x32 Version: 8.0.3.1427) Intel(R) OpenCL CPU Runtime (x32) Intel(R) Processor Graphics (x32 Version: 8.15.10.2696) Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: 15.1.0.0096) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (Version: 2.1.1.0153) Intel(R) Rapid Start Technology (x32 Version: 1.0.0.1024) Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.4.225) Intel(R) WiDi (x32 Version: 3.0.13.0) Intel® AT Service signup (x32 Version: 2.0.0.3) Intel® PROSet/Wireless WiFi Software (Version: 15.01.1000.0927) Intel® Trusted Connect Service Client (Version: 1.23.605.1) iTunes (Version: 11.0.2.26) Junk Mail filter update (x32 Version: 15.4.3502.0922) Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300) MarketResearch (x32 Version: 130.0.374.000) Mesh Runtime (x32 Version: 15.4.5722.2) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Office 2010 (x32 Version: 14.0.4763.1000) Microsoft Office 2010 Service Pack 1 (SP1) (x32) Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Home and Student 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000) Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000) Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000) Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Silverlight (Version: 5.1.20125.0) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0) Mozilla Maintenance Service (x32 Version: 22.0) MSVCRT (x32 Version: 15.4.2862.0708) MSVCRT_amd64 (x32 Version: 15.4.2862.0708) Nuance PDF Reader (x32 Version: 6.00.0041) Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6608) Realtek USB 2.0 Reader Driver (x32 Version: 6.1.7600.10010) Skype™ 6.3 (x32 Version: 6.3.105) swMSM (x32 Version: 12.0.0.1) TuneUp Utilities 2013 (x32 Version: 13.0.3020.2) TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.3020.2) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft Office 2010 (KB2553065) (x32) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2566458) (x32) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32) Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32) Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (x32) Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32) Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32) Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (x32) Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32) Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1) Windows Live (x32 Version: 15.4.3502.0922) Windows Live Communications Platform (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3538.0513) Windows Live Family Safety (Version: 15.4.3538.0513) Windows Live Fotogalerie (x32 Version: 15.4.3502.0922) Windows Live ID Sign-in Assistant (Version: 7.250.4232.0) Windows Live Installer (x32 Version: 15.4.3502.0922) Windows Live Language Selector (Version: 15.4.3538.0513) Windows Live Mail (x32 Version: 15.4.3502.0922) Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (x32 Version: 15.4.5722.2) Windows Live Mesh (x32 Version: 15.4.3502.0922) Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2) Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2) Windows Live Messenger (x32 Version: 15.4.3538.0513) Windows Live MIME IFilter (Version: 15.4.3502.0922) Windows Live Movie Maker (x32 Version: 15.4.3502.0922) Windows Live Photo Common (x32 Version: 15.4.3502.0922) Windows Live Photo Gallery (x32 Version: 15.4.3502.0922) Windows Live PIMT Platform (x32 Version: 15.4.3508.1109) Windows Live Remote Client (Version: 15.4.5722.2) Windows Live Remote Client Resources (Version: 15.4.5722.2) Windows Live Remote Service (Version: 15.4.5722.2) Windows Live Remote Service Resources (Version: 15.4.5722.2) Windows Live SOXE (x32 Version: 15.4.3502.0922) Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922) Windows Live UX Platform (x32 Version: 15.4.3502.0922) Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109) Windows Live Writer (x32 Version: 15.4.3502.0922) Windows Live Writer Resources (x32 Version: 15.4.3502.0922) WinFlash (x32 Version: 2.41.1) Wireless Console 3 (x32 Version: 3.0.27) ==================== Restore Points ========================= 29-07-2013 17:54:28 Geplanter Prüfpunkt ==================== Hosts content: ========================== 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {08E84955-CC56-400B-8285-A9A4C1FA6CF5} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation) Task: {17A28189-AF78-4FD9-970F-12C7630BC7B0} - System32\Tasks\Secure Delete => C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe [2011-11-28] () Task: {48B09A8D-FAA8-4F51-88EB-630091400E41} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-02-29] (ASUSTek Computer Inc.) Task: {6D83D2A8-A852-46B5-943A-258FC0FAB8B3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-22] (Adobe Systems Incorporated) Task: {7593ACB9-A9C4-4F0F-9130-38064E4DDAB1} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2012-06-25] (ASUSTek Computer Inc.) Task: {7C1E6AB2-B426-4EF0-9CD6-88A0261355BA} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation) Task: {A6896D75-7D6D-4FC3-9313-380FC240380E} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe [2013-01-28] (TuneUp Software) Task: {A96A4881-F277-46AE-9A44-E6F8BE0E1B96} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task Task: {AEB62D12-47B0-427A-AA27-27572E58CC19} - System32\Tasks\ASUS Quick Gesture => C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe [2011-12-22] (ASUSTeK Computer Inc.) Task: {B8BAAE78-746A-415A-8FE2-E1550CFC0E79} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-02-16] (ASUS) Task: {CFFDA839-E398-40C4-8AD9-D85222BA4971} - System32\Tasks\ASUS Quick Gesture (x64) => C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe [2011-12-22] (ASUSTeK Computer Inc.) Task: {DF6249E6-5B10-4964-9E3D-48C30934DC61} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation) Task: {E02CB182-8502-4B1C-A0FD-C5A08F4DDC91} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation) Task: {F3A86AEB-C45F-4290-A3FB-B8788BE2B800} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-05-11] (Adobe Systems Incorporated) Task: {F56A274A-F78B-4508-A149-D04BE73618FB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {F7BBEEF6-2EAE-406F-B32F-01DDA4B4E1F9} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-20] (Microsoft Corporation) Task: {FB202CE9-B758-4F8C-A234-8F73DD8A0688} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe [2012-02-17] (ASUSTek Computer Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (08/01/2013 11:19:42 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT) Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich. Error: (08/01/2013 11:19:42 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT) Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich. Error: (08/01/2013 11:19:42 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT) Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich. Error: (08/01/2013 10:03:45 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT) Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich. Error: (08/01/2013 10:03:45 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT) Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich. Error: (08/01/2013 10:03:45 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT) Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich. Error: (07/31/2013 03:55:03 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1092 Error: (07/31/2013 03:55:03 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1092 Error: (07/31/2013 03:55:03 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (07/31/2013 03:14:51 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 2044159 System errors: ============= Error: (08/01/2013 11:15:33 AM) (Source: Service Control Manager) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: cdrom Error: (08/01/2013 10:59:24 AM) (Source: Service Control Manager) (User: ) Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: %%5 Error: (08/01/2013 09:58:11 AM) (Source: Service Control Manager) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: cdrom Error: (08/01/2013 09:57:22 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Bluetooth Device Monitor" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (08/01/2013 09:57:22 AM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Bluetooth Device Monitor erreicht. Error: (08/01/2013 00:45:02 AM) (Source: Service Control Manager) (User: ) Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: %%5 Error: (07/29/2013 07:19:27 PM) (Source: Service Control Manager) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: cdrom Error: (07/29/2013 07:18:28 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Bluetooth Device Monitor" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (07/29/2013 07:18:28 PM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Bluetooth Device Monitor erreicht. Error: (07/29/2013 07:17:58 PM) (Source: BugCheck) (User: ) Description: 0x0000007a (0xfffff8a00aaeca48, 0xffffffffc00000b5, 0x0000000069925860, 0xfffff960001f0690)C:\Windows\MEMORY.DMP072913-12823-01 Microsoft Office Sessions: ========================= Error: (08/01/2013 11:19:42 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT) Description: WmiApRplWmiApRpl8F20300004D070000 Error: (08/01/2013 11:19:42 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT) Description: Performance1637070000000000000000000009030000 Error: (08/01/2013 11:19:42 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT) Description: Performance1637070000000000000000000009030000 Error: (08/01/2013 10:03:45 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT) Description: WmiApRplWmiApRpl8F20300004D070000 Error: (08/01/2013 10:03:45 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT) Description: Performance1637070000000000000000000009030000 Error: (08/01/2013 10:03:45 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT) Description: Performance1637070000000000000000000009030000 Error: (07/31/2013 03:55:03 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1092 Error: (07/31/2013 03:55:03 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1092 Error: (07/31/2013 03:55:03 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (07/31/2013 03:14:51 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 2044159 ==================== Memory info =========================== Percentage of memory in use: 46% Total physical RAM: 3981.89 MB Available physical RAM: 2147.63 MB Total Pagefile: 7961.96 MB Available Pagefile: 5729.5 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:98.54 GB) (Free:48.88 GB) NTFS (Disk=0 Partition=3) ==>[System with boot components (obtained from reading drive)] Drive d: (DATA) (Fixed) (Total:125.61 GB) (Free:125.5 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 238 GB) (Disk ID: 75267921) Partition: GPT Partition Type ==================== End Of Log ============================ Geändert von Franny (01.08.2013 um 13:49 Uhr) |
01.08.2013, 21:09 | #4 |
/// the machine /// TB-Ausbilder | Bluescreen mit weisser Schrift Downloade dir bitte Windows Repair (All In One) von hier.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
02.08.2013, 11:28 | #5 |
| Bluescreen mit weisser Schrift So, das habe ich erledigt.. Lg Fran |
02.08.2013, 22:43 | #6 |
/// the machine /// TB-Ausbilder | Bluescreen mit weisser Schrift Frisches FRST log bitte. Wie läuft der Rechner?
__________________ --> Bluescreen mit weisser Schrift |
02.08.2013, 23:24 | #7 |
| Bluescreen mit weisser Schrift Der Rechner läuft momentan normal (ohne Auffälligkeiten) FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-07-2013 03 Ran by Benutzer (administrator) on 03-08-2013 00:18:32 Running from C:\Users\Benutzer\Downloads Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AVG Technologies CZ, s.r.o.) C:\PROGRA~2\AVG\AVG2013\avgrsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (Microsoft Corporation) C:\Windows\system32\WLANExt.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe () C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe (ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (Software 2000 Limited) C:\Windows\system32\spool\DRIVERS\x64\3\HP1006MC.EXE (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe () C:\Windows\SysWOW64\DptfParticipantProcessorService.exe () C:\Windows\SysWOW64\DptfPolicyConfigTDPService.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS) C:\Windows\AsScrPro.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe (ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE (Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) C:\Windows\splwow64.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12460136 2012-03-29] (Realtek Semiconductor) HKLM\...\Run: [BLEServicesCtrl] - C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [178960 2012-03-15] (Intel Corporation) HKLM\...\Run: [BTMTrayAgent] - rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp [x] HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2876304 2013-01-03] (ELAN Microelectronics Corp.) HKCU\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-06] (Acresso Corporation) MountPoints2: {2e3ce803-ef84-11e2-ad7a-c485082809d2} - E:\cdrun.exe HKLM-x32\...\Run: [ASUSPRP] - C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2984688 2011-08-29] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-26] (Intel Corporation) HKLM-x32\...\Run: [Wireless Console 3] - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2321072 2012-02-03] (ASUSTeK Computer Inc.) HKLM-x32\...\Run: [ACMON] - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [102568 2012-02-22] (ASUS) HKLM-x32\...\Run: [ASUS Screen Saver Protector] - C:\Windows\AsScrPro.exe [3058304 2013-03-07] (ASUS) HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-07-02] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.) HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411440 2013-07-01] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [] - [x] HKLM-x32\...\Run: [HPUsageTracking] - C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe [24576 2009-05-11] (Hewlett-Packard Company) HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208 2012-06-25] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174752 2012-06-19] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {91607fa7-3c2f-4f90-93e3-d5337a6b0ac2} URL = Playbryte-fa-amon/search/redirect/?type=default&user_id=2109361b-806c-4bb3-8b2a-5cee53d9148e&query={searchTerms} BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation) Toolbar: HKLM-x32 - No Name - {b278d9f8-0fa9-465e-9938-0c392605d8e3} - No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 62.2.24.162 62.2.17.61 62.2.24.158 62.2.17.60 FireFox: ======== FF ProfilePath: C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\grwdcmge.default FF user.js: detected! => C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\grwdcmge.default\user.js FF SelectedSearchEngine: eBay FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: ZEON/PDF,version=2.0 - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation) FF SearchPlugin: C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\grwdcmge.default\searchplugins\SweetIM Search.xml FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-07-02] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-02] (Avira Operations GmbH & Co. KG) R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-04-13] (ASUS) R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-07-23] (AVG Technologies CZ, s.r.o.) R2 DptfParticipantProcessorService; C:\Windows\SysWOW64\DptfParticipantProcessorService.exe [18944 2012-02-20] () R2 DptfPolicyConfigTDPService; C:\Windows\SysWOW64\DptfPolicyConfigTDPService.exe [19968 2012-02-20] () R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] () R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193536 2012-04-10] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-03-29] () R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2402080 2013-01-28] (TuneUp Software) R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-03-29] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== R3 AiCharger; C:\Windows\SysWow64\DRIVERS\AiCharger.sys [17152 2012-02-29] (ASUSTek Computer Inc.) R3 AsusVBus; C:\Windows\System32\DRIVERS\AsusVBus.sys [35968 2011-12-22] (Windows (R) Win 7 DDK provider) R3 AsusVTouch; C:\Windows\System32\DRIVERS\AsusVTouch.sys [16512 2011-11-08] (Windows (R) Win 7 DDK provider) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-31] (Avira Operations GmbH & Co. KG) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-07-10] (AVG Technologies CZ, s.r.o.) R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-21] (AVG Technologies CZ, s.r.o.) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-31] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-31] (Avira Operations GmbH & Co. KG) S3 AX88772B; C:\Windows\System32\DRIVERS\ax88772b.sys [110592 2012-04-05] (ASIX Electronics Corp.) R3 DptfDevDram; C:\Windows\System32\DRIVERS\DptfDevDram.sys [107288 2012-02-20] (Intel Corporation) R3 DptfDevFan; C:\Windows\System32\DRIVERS\DptfDevFan.sys [42776 2012-02-20] (Intel Corporation) R3 DptfDevGen; C:\Windows\System32\DRIVERS\DptfDevGen.sys [64792 2012-02-20] (Intel Corporation) R3 DptfDevPch; C:\Windows\System32\DRIVERS\DptfDevPch.sys [96024 2012-02-20] (Intel Corporation) R3 DptfDevProc; C:\Windows\System32\DRIVERS\DptfDevProc.sys [220952 2012-02-20] (Intel Corporation) R3 DptfManager; C:\Windows\System32\DRIVERS\DptfManager.sys [357656 2012-02-20] (Intel Corporation) R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2012-04-10] (Intel Corporation) R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( ) R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw00.sys [11471872 2012-03-13] (Intel Corporation) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-08-02 12:09 - 2013-08-02 12:09 - 00000207 _____ C:\Windows\tweaking.com-regbackup-ASUS-PC-Microsoft-Windows-7-Professional-(64-Bit).dat 2013-08-02 12:09 - 2013-08-02 12:09 - 00000000 ____D C:\RegBackup 2013-08-02 11:56 - 2013-08-02 12:21 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE 2013-08-02 11:55 - 2013-08-02 11:55 - 00000000 ____D C:\Users\Benutzer\Downloads\tweaking.com_windows_repair_aio 2013-08-02 11:54 - 2013-08-02 11:54 - 03517580 _____ C:\Users\Benutzer\Downloads\tweaking.com_windows_repair_aio.zip 2013-08-01 14:19 - 2013-08-01 14:19 - 00020933 _____ C:\Users\Benutzer\Downloads\Addition.txt 2013-08-01 14:17 - 2013-08-01 14:17 - 01781589 _____ (Farbar) C:\Users\Benutzer\Downloads\FRST64.exe 2013-08-01 14:17 - 2013-08-01 14:17 - 00000000 ____D C:\FRST 2013-08-01 11:32 - 2013-08-01 11:32 - 00003694 _____ C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm 2013-08-01 10:02 - 2013-08-01 10:02 - 28181424 _____ (TuneUp Software) C:\Users\Benutzer\Downloads\TuneUpUtilities2013_de-DE(1).exe 2013-07-31 19:02 - 2013-07-31 19:02 - 00000000 ____D C:\Users\Benutzer\AppData\Local\{11C37A46-B5E6-4C80-B210-CB61C6BB5963} 2013-07-29 19:17 - 2013-07-29 19:17 - 629150173 _____ C:\Windows\MEMORY.DMP 2013-07-29 19:17 - 2013-07-29 19:17 - 00281376 _____ C:\Windows\Minidump\072913-12823-01.dmp 2013-07-29 19:17 - 2013-07-29 19:17 - 00000000 ____D C:\Windows\Minidump 2013-07-28 15:31 - 2013-07-28 15:31 - 00000000 ____D C:\Users\Benutzer\AppData\Local\{040FA9D1-08F4-415B-96FE-62EB6F3DB39E} 2013-07-27 21:25 - 2013-07-27 21:25 - 00000000 ____D C:\Users\Benutzer\AppData\Local\{EF7966FB-1089-49ED-84BA-8065ADFF12CA} 2013-07-20 01:51 - 2013-07-20 01:51 - 00311608 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys 2013-07-20 01:50 - 2013-07-20 01:50 - 00246072 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys 2013-07-20 01:50 - 2013-07-20 01:50 - 00206648 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys 2013-07-20 01:50 - 2013-07-20 01:50 - 00071480 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys 2013-07-17 17:39 - 2013-07-17 17:39 - 00000000 ____D C:\Users\Benutzer\AppData\Local\{5717DDF1-DA72-45C2-96CB-1D86F31672C5} 2013-07-17 12:57 - 2013-07-17 18:02 - 00000000 ____D C:\Users\Benutzer\Documents\PRIVAT 2013-07-16 21:39 - 2013-07-16 21:39 - 00002021 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk 2013-07-16 21:39 - 2013-07-16 21:39 - 00000000 ____D C:\Program Files (x86)\Adobe 2013-07-15 15:00 - 2013-07-16 21:40 - 00000000 ____D C:\Users\Benutzer\AppData\Local\Adobe 2013-07-12 16:03 - 2013-07-12 16:03 - 00000000 ____D C:\Users\Benutzer\AppData\Local\{92DED415-0EE7-42B1-8D0E-B1195FF58C86} 2013-07-10 01:32 - 2013-07-10 01:32 - 00045880 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys 2013-07-06 15:13 - 2013-07-06 15:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox ==================== One Month Modified Files and Folders ======= 2013-08-02 23:54 - 2013-06-22 14:12 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-08-02 23:13 - 2013-04-26 18:45 - 00000000 ____D C:\Users\Benutzer\Desktop\Akademie 2013-08-02 18:19 - 2013-04-30 22:22 - 00000000 ____D C:\ProgramData\MFAData 2013-08-02 17:05 - 2013-03-07 07:19 - 01383043 _____ C:\Windows\WindowsUpdate.log 2013-08-02 16:22 - 2011-08-30 22:41 - 02393654 _____ C:\Windows\system32\perfh007.dat 2013-08-02 16:22 - 2011-08-30 22:41 - 00740562 _____ C:\Windows\system32\perfc007.dat 2013-08-02 16:22 - 2009-07-14 07:13 - 00006182 _____ C:\Windows\system32\PerfStringBackup.INI 2013-08-02 16:21 - 2013-03-06 22:38 - 00000380 _____ C:\Users\Benutzer\AppData\Roaming\sp_data.sys 2013-08-02 12:53 - 2013-03-06 22:37 - 00111320 _____ C:\Users\Benutzer\AppData\Local\GDIPFONTCACHEV1.DAT 2013-08-02 12:28 - 2009-07-14 06:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-08-02 12:28 - 2009-07-14 06:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-08-02 12:23 - 2009-07-14 09:45 - 00000000 ___RD C:\Users\Public\Recorded TV 2013-08-02 12:22 - 2013-03-07 07:22 - 00000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job 2013-08-02 12:22 - 2011-08-29 08:46 - 00038942 _____ C:\Windows\PFRO.log 2013-08-02 12:22 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-08-02 12:22 - 2009-07-14 06:51 - 00065751 _____ C:\Windows\setupact.log 2013-08-02 12:22 - 2009-07-14 06:45 - 00422936 _____ C:\Windows\system32\FNTCACHE.DAT 2013-08-02 12:21 - 2013-08-02 11:56 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE 2013-08-02 12:21 - 2009-07-14 04:34 - 00000514 _____ C:\Windows\win.ini 2013-08-02 12:09 - 2013-08-02 12:09 - 00000207 _____ C:\Windows\tweaking.com-regbackup-ASUS-PC-Microsoft-Windows-7-Professional-(64-Bit).dat 2013-08-02 12:09 - 2013-08-02 12:09 - 00000000 ____D C:\RegBackup 2013-08-02 11:55 - 2013-08-02 11:55 - 00000000 ____D C:\Users\Benutzer\Downloads\tweaking.com_windows_repair_aio 2013-08-02 11:54 - 2013-08-02 11:54 - 03517580 _____ C:\Users\Benutzer\Downloads\tweaking.com_windows_repair_aio.zip 2013-08-01 14:19 - 2013-08-01 14:19 - 00020933 _____ C:\Users\Benutzer\Downloads\Addition.txt 2013-08-01 14:17 - 2013-08-01 14:17 - 01781589 _____ (Farbar) C:\Users\Benutzer\Downloads\FRST64.exe 2013-08-01 14:17 - 2013-08-01 14:17 - 00000000 ____D C:\FRST 2013-08-01 11:32 - 2013-08-01 11:32 - 00003694 _____ C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm 2013-08-01 11:31 - 2013-03-07 00:20 - 00000000 ____D C:\Users\Benutzer\AppData\Local\Microsoft Help 2013-08-01 10:20 - 2013-03-07 07:22 - 00000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job 2013-08-01 10:02 - 2013-08-01 10:02 - 28181424 _____ (TuneUp Software) C:\Users\Benutzer\Downloads\TuneUpUtilities2013_de-DE(1).exe 2013-07-31 19:02 - 2013-07-31 19:02 - 00000000 ____D C:\Users\Benutzer\AppData\Local\{11C37A46-B5E6-4C80-B210-CB61C6BB5963} 2013-07-31 12:44 - 2013-04-30 22:25 - 00000983 _____ C:\Users\Public\Desktop\AVG 2013.lnk 2013-07-29 19:17 - 2013-07-29 19:17 - 629150173 _____ C:\Windows\MEMORY.DMP 2013-07-29 19:17 - 2013-07-29 19:17 - 00281376 _____ C:\Windows\Minidump\072913-12823-01.dmp 2013-07-29 19:17 - 2013-07-29 19:17 - 00000000 ____D C:\Windows\Minidump 2013-07-28 15:31 - 2013-07-28 15:31 - 00000000 ____D C:\Users\Benutzer\AppData\Local\{040FA9D1-08F4-415B-96FE-62EB6F3DB39E} 2013-07-27 21:25 - 2013-07-27 21:25 - 00000000 ____D C:\Users\Benutzer\AppData\Local\{EF7966FB-1089-49ED-84BA-8065ADFF12CA} 2013-07-20 01:51 - 2013-07-20 01:51 - 00311608 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys 2013-07-20 01:50 - 2013-07-20 01:50 - 00246072 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys 2013-07-20 01:50 - 2013-07-20 01:50 - 00206648 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys 2013-07-20 01:50 - 2013-07-20 01:50 - 00071480 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys 2013-07-17 18:02 - 2013-07-17 12:57 - 00000000 ____D C:\Users\Benutzer\Documents\PRIVAT 2013-07-17 17:39 - 2013-07-17 17:39 - 00000000 ____D C:\Users\Benutzer\AppData\Local\{5717DDF1-DA72-45C2-96CB-1D86F31672C5} 2013-07-16 21:40 - 2013-07-15 15:00 - 00000000 ____D C:\Users\Benutzer\AppData\Local\Adobe 2013-07-16 21:40 - 2013-04-15 21:24 - 00000000 ____D C:\ProgramData\Adobe 2013-07-16 21:40 - 2013-03-07 00:10 - 00000000 ____D C:\Users\Benutzer\AppData\Roaming\Adobe 2013-07-16 21:39 - 2013-07-16 21:39 - 00002021 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk 2013-07-16 21:39 - 2013-07-16 21:39 - 00000000 ____D C:\Program Files (x86)\Adobe 2013-07-12 16:03 - 2013-07-12 16:03 - 00000000 ____D C:\Users\Benutzer\AppData\Local\{92DED415-0EE7-42B1-8D0E-B1195FF58C86} 2013-07-10 01:32 - 2013-07-10 01:32 - 00045880 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys 2013-07-09 10:54 - 2013-03-10 14:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-07-06 15:13 - 2013-07-06 15:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-08-02 13:04 ==================== End Of Log ============================ --- --- --- |
03.08.2013, 07:38 | #8 |
/// the machine /// TB-Ausbilder | Bluescreen mit weisser Schrift keine weiteren Bluescreens?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
03.08.2013, 16:23 | #9 |
| Bluescreen mit weisser Schrift Nein, keine mehr. Auch arbeitet der Rechner momentan nicht mehr verzögert... |
04.08.2013, 09:57 | #10 |
/// the machine /// TB-Ausbilder | Bluescreen mit weisser Schrift Supi, beobachte das mal und melde dich wieder
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
04.08.2013, 11:53 | #11 |
| Bluescreen mit weisser Schrift Ok, dankeschön! Werde mich naütrlich gerne revanchieren. Schönen Sonntag noch! Fran |
05.08.2013, 07:11 | #12 |
/// the machine /// TB-Ausbilder | Bluescreen mit weisser Schrift Gleichfalls
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Themen zu Bluescreen mit weisser Schrift |
ahnung, anderes, bildschirm, bluescreen, daten, frage, klicke, klicken, komplett, langsamer, neu, neue, neuen, notebook, problem, runter, schrift, schwarzer, schwarzer bildschirm, sofort, verrückt, voll, weisser, wissen, zurückgesetzt |