| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Infektion mit VLC (von VLC.de): Programme in Win8 "hängen" und Browser funktionieren nicht mehrWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
10.09.2013, 21:20
| #1 |
| |  Infektion mit VLC (von VLC.de): Programme in Win8 "hängen" und Browser funktionieren nicht mehr Hallo! Am Samstag habe ich meinen VLC-Player aktualisiert und bin leider auf der Seite "VLC.de" anstatt "VLC.org" gelandet. Deren VLC installiert zusätzlich "startseite.de" in jeden Browser, so bin ich auf einen Befall mit Malware gekommen (zuerst hatte ich die SSD in Verdacht->Test ist einwandfrei). Die folgenden Effekte auf meinem Win8-Pro (Ivy Bridge, Z68) sind mir nun aufgefallen: - keine Videodateien ließen sich mehr mit VLC abspielen - Alle Programme und insbesondere der Windows-Explorer "hängen" regelmäßig, d.h. ich bekomme die Sanduhr und/oder "No Response" angezeigt, nach einiger Zeit geht es dann aber weiter. - Kein Browser schafft es seine Startseite anzuzeigen (Google), d.h. ich habe trotz einwandfreier Internetverbindung (Geräte-Manager) keinen Zugang! Seltsamerweise holt Outlook aber die Mail ab (inklusive Einfrieren und wieder Auftauen). Bis jetzt habe ich folgendes unternommen: - VLC deinstalliert - Alle Browser deinstalliert - Mit CCleaner die Registry aufgeräumt - Per "regedit" und Suche alle Einträge mit "vlc" aus der registry entfernt. - Spybot installiert, allerdings konnte ich keine Aktualisierung laufen lassen. Spybot fand dann nur drei kleine Tracking Cookies (Level: grün). - Browser wieder installiert - VLC neu installiert (diesmal von vlc.org) Fazit: Es ist vielleicht minimal besser geworden, allerdings "hängt" das System regelmäßig bei spätestens jedem 5. Klick (Usereingabe). Vor allem der Windows Explorer hängt ständig wenn man in ein anderes Verzeichnis springt (No Response) und braucht dann verschieden lange bis es weitergeht. Insgesamt ist das System fast unbenutzbar geworden, vor allem die Trägheit im Vergleich zur alten Geschwindigkeit der M4-SSD ist offensichtlich. Wenn mir hier jemand helfen könnte die Neuinstallation zu vermeiden wäre ich sehr dankbar! |
|
11.09.2013, 05:04
| #2 |
| /// the machine /// TB-Ausbilder    | Infektion mit VLC (von VLC.de): Programme in Win8 "hängen" und Browser funktionieren nicht mehr hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
11.09.2013, 12:17
| #3 |
| | Infektion mit VLC (von VLC.de): Programme in Win8 "hängen" und Browser funktionieren nicht mehr Vielen Dank!
__________________Ich habe mir dieScan-Ergebnisse angeschaut und finde nichts was da außergewöhnliches passiert sein soll. Soll ich eine Systemwiederherstellung ausprobieren? Ich habe 2 Wiederherstellungspunkte (24.8. und 1.9), die definitiv vor den Problemen liegen. Hier ist die FRST.txt: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-09-2013
Ran by El_Cid_Win8 (administrator) on IGNATZWIN8 on 11-09-2013 12:48:23
Running from C:\Users\El_Cid_Win8\Desktop
Windows 8 Pro (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicShellService.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
() C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 6.0\Distillr\acrotray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Windows\twain_32\V-Gear TalkCam Tracer CCD\SnapTrap.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe
(CyberLink Corporation.) C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe
(Cyberlink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe
(BitLeader) C:\Program Files (x86)\lg_fwupdate\fwupdate.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHelper.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [140568 2007-08-31] (Acronis)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKCU\...\Run: [Power2GoExpress] - [x]
HKCU\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [143360 2006-12-23] (Nero AG)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKCU\...\Run: [ASRockXTU] - [x]
HKCU\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000
MountPoints2: {bcf0d770-5db5-11e2-be87-bc5ff40e22aa} - "G:\ASRSetup.exe"
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-10-17] (Intel Corporation)
HKLM-x32\...\Run: [STICAP] - C:\Windows\Twain_32\V-Gear TalkCam Tracer CCD\SnapTrap.exe [135168 2007-02-02] ()
HKLM-x32\...\Run: [Easy-PrintToolBox] - C:\Program Files (x86)\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [409600 2004-01-14] (CANON INC.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2622232 2007-08-31] (Acronis)
HKLM-x32\...\Run: [AcronisTimounterMonitor] - C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe [907040 2007-08-31] (Acronis)
HKLM-x32\...\Run: [InstantBurn] - C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe [599600 2007-06-04] (CyberLink Corporation.)
HKLM-x32\...\Run: [LGODDFU] - C:\Program Files (x86)\lg_fwupdate\lgfw.exe [27760 2012-12-09] (Bitleader)
HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe [75048 2009-09-04] (cyberlink)
HKLM-x32\...\Run: [RemoteControl] - C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe [87336 2009-04-16] (Cyberlink Corp.)
HKLM-x32\...\Run: [LanguageShortcut] - C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe [62760 2009-04-16] ()
HKLM-x32\...\Run: [AsioThk32Reg] - REGSVR32.EXE /S CTASIO.DLL [x]
HKLM-x32\...\Run: [CTHelper] - C:\Windows\\SysWOW64\CTHELPER.EXE [19456 2010-03-18] (Creative Technology Ltd)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [VirtualCloneDrive] - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKU\UpdatusUser\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKU\UpdatusUser\...\Run: [Power2GoExpress] - C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe [2499880 2007-07-23] (Cyberlink)
HKU\UpdatusUser\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [143360 2006-12-23] (Nero AG)
HKU\UpdatusUser\...\Run: [ASRockXTU] - [x]
HKU\UpdatusUser\...\RunOnce: [CTAutoUpdate] - C:\Program Files (x86)\Creative\Shared Files\Software Update\AutoUpdate.exe [430968 2009-01-15] (Creative Technology Ltd)
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL,C:\Windows\system32\nvinitx.dll [250504 2013-02-10] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll,C:\Windows\SysWOW64\nvinit.dll [205184 2013-02-10] (NVIDIA Corporation)
Lsa: [Authentication Packages] msv1_0 relog_ap
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acrobat Assistant.lnk
ShortcutTarget: Acrobat Assistant.lnk -> C:\Program Files (x86)\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.)
Startup: C:\Users\El_Cid_Win8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
ShortcutTarget: Samsung Magician.lnk -> C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe (Samsung Electronics.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x390757BB18CCCD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKLM - DefaultScope {C92ACF6F-37C9-4291-A127-B676E1DE25DF} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM - {C92ACF6F-37C9-4291-A127-B676E1DE25DF} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKCU - {C92ACF6F-37C9-4291-A127-B676E1DE25DF} URL = hxxp://www.sm.de/?q={searchTerms}
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll (IvoSoft)
BHO-x32: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: EWPBrowseObject Class - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files (x86)\Canon\Easy-WebPrint\EWPBrowseLoader.dll ()
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files (x86)\Canon\Easy-WebPrint\Toolband.dll ()
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\El_Cid_Win8\AppData\Roaming\Mozilla\Firefox\Profiles\adwz903f.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0-rc2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
==================== Services (Whitelisted) =================
R2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [68608 2013-06-29] (IvoSoft)
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [64224 2013-09-01] (Bitdefender)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [262144 2006-12-23] (Nero AG)
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 TryAndDecideService; C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [498872 2007-08-31] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-05-21] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-05-21] (BitDefender)
R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-05-21] (Bitdefender SRL)
R0 CLBStor; C:\Windows\System32\DRIVERS\CLBStor.sys [24824 2007-06-04] (Cyberlink Co.,Ltd.)
R2 CLBUDF; C:\Windows\System32\Drivers\CLBUDF.sys [369912 2007-06-04] (CyberLink Corporation.)
R3 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-05-21] (BitDefender LLC)
R3 RTL8023x64; C:\Windows\system32\DRIVERS\Rtnic64.sys [51712 2012-06-02] (Realtek Semiconductor Corporation )
R3 SQTECH930B; C:\Windows\System32\Drivers\Capt930b.sys [339008 2007-03-01] ()
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-06-25] (BitDefender S.R.L.)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)
R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B}; C:\Program Files (x86)\CyberLink\PowerDVD\000.fcl [146928 2009-09-01] (CyberLink Corp.)
R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B}; C:\Program Files (x86)\CyberLink\PowerDVD\000.fcl [146928 2009-09-01] (CyberLink Corp.)
U5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2013-05-21] (BitDefender)
S3 cpuz135; \??\C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-11 12:31 - 2013-09-11 12:31 - 00000000 ____D C:\FRST
2013-09-11 12:29 - 2013-09-11 12:29 - 00000000 ____D C:\Users\El_Cid_Win8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
2013-09-11 12:29 - 2013-09-11 03:21 - 01949408 _____ (Farbar) C:\Users\El_Cid_Win8\Desktop\FRST64.exe
2013-09-10 18:19 - 2013-09-10 18:19 - 00001162 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-09-10 18:19 - 2013-09-10 18:19 - 00000000 ____D C:\Users\El_Cid_Win8\AppData\Roaming\Mozilla
2013-09-10 18:19 - 2013-09-10 18:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-10 18:03 - 2013-09-10 18:03 - 00001144 _____ C:\Users\Public\Desktop\Opera.lnk
2013-09-10 18:03 - 2013-09-10 18:03 - 00000000 ____D C:\Users\EL_CID~1\AppData\Local\Opera Software
2013-09-10 18:03 - 2013-09-10 18:03 - 00000000 ____D C:\Users\El_Cid_Win8\AppData\Roaming\Opera Software
2013-09-10 18:00 - 2013-09-10 18:02 - 00000000 ____D C:\Users\El_Cid_Win8\AppData\Roaming\vlc
2013-09-10 18:00 - 2013-09-10 18:00 - 00000882 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-09-10 18:00 - 2013-09-10 18:00 - 00000000 ____D C:\Program Files\VideoLAN
2013-09-10 17:48 - 2013-09-10 17:48 - 00001265 _____ C:\Users\Public\Desktop\Virtual CloneDrive.lnk
2013-09-10 17:48 - 2013-09-10 17:48 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2013-09-10 17:42 - 2013-09-10 17:42 - 00001047 _____ C:\Users\El_Cid_Win8\Desktop\StaxRip.exe - Verknüpfung.lnk
2013-09-10 17:32 - 2012-07-26 07:26 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20130910-173245.backup
2013-09-10 16:39 - 2013-09-10 17:31 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-09-10 16:30 - 2013-09-10 16:30 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2013-09-10 16:28 - 2013-09-10 16:28 - 00001394 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-09-10 16:28 - 2013-09-10 16:28 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-09-10 16:28 - 2009-01-25 13:14 - 00017272 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2013-09-10 16:14 - 2013-09-10 16:16 - 00000000 ____D C:\AdwCleaner
2013-09-09 21:51 - 2013-09-10 00:31 - 00000000 ____D C:\Program Files (x86)\stinger
2013-09-09 19:36 - 2013-09-09 19:36 - 00000000 ____D C:\Users\EL_CID~1\AppData\Local\XBOX360_ISO_Extract
2013-09-07 20:01 - 2013-09-07 20:01 - 00000000 ____D C:\Program Files (x86)\Karmian
2013-09-07 02:58 - 2013-09-07 02:58 - 00000000 ____D C:\Program Files\Classic Shell
2013-09-03 09:50 - 2013-09-10 18:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-24 22:22 - 2013-08-24 22:24 - 00000000 ____D C:\Users\EL_CID~1\AppData\Local\Dataram_Corporation
2013-08-24 22:21 - 2013-09-05 21:36 - 00000000 ____D C:\Program Files (x86)\RAMDisk
2013-08-24 21:30 - 2013-08-24 21:30 - 00425304 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-24 21:29 - 2013-06-28 00:04 - 00693112 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-24 21:29 - 2013-06-28 00:04 - 00078200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-22 21:15 - 2013-08-22 21:15 - 00000000 ____D C:\Windows\system32\MRT
2013-08-22 20:48 - 2013-06-17 00:41 - 00997632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2013-08-22 20:48 - 2013-06-01 13:54 - 00194816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2013-08-22 20:48 - 2013-06-01 13:54 - 00125184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2013-08-22 20:48 - 2013-06-01 13:34 - 02391280 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2013-08-22 20:48 - 2013-06-01 13:29 - 00337152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2013-08-22 20:48 - 2013-06-01 13:29 - 00213248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2013-08-22 20:48 - 2013-06-01 13:26 - 06987008 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-22 20:48 - 2013-06-01 13:26 - 00327936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2013-08-22 20:48 - 2013-06-01 12:24 - 02106176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2013-08-22 20:48 - 2013-06-01 11:25 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-08-22 20:48 - 2013-06-01 11:25 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2013-08-22 20:48 - 2013-06-01 11:24 - 01453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2013-08-22 20:48 - 2013-06-01 11:24 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2013-08-22 20:48 - 2013-06-01 11:24 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2013-08-22 20:48 - 2013-06-01 11:23 - 01842176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2013-08-22 20:48 - 2013-06-01 11:23 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2013-08-22 20:48 - 2013-06-01 11:22 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-08-22 20:48 - 2013-06-01 11:22 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-08-22 20:48 - 2013-06-01 11:22 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2013-08-22 20:48 - 2013-06-01 11:22 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MbaeParserTask.exe
2013-08-22 20:48 - 2013-06-01 11:21 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2013-08-22 20:48 - 2013-06-01 11:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2013-08-22 20:48 - 2013-06-01 11:20 - 02219520 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2013-08-22 20:48 - 2013-06-01 11:20 - 01527808 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2013-08-22 20:48 - 2013-06-01 11:20 - 01048576 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2013-08-22 20:48 - 2013-06-01 11:20 - 00583168 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2013-08-22 20:48 - 2013-06-01 11:19 - 00785408 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2013-08-22 20:48 - 2013-06-01 11:19 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupManager.dll
2013-08-22 20:48 - 2013-06-01 05:08 - 00037632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthAvrcpTg.sys
2013-08-22 20:48 - 2013-05-31 01:24 - 01257472 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-08-22 20:48 - 2013-05-31 01:08 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-08-22 20:48 - 2013-05-25 00:09 - 01403296 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2013-08-22 20:48 - 2013-05-25 00:09 - 01271584 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2013-08-22 20:48 - 2013-05-25 00:09 - 01217352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2013-08-22 20:48 - 2013-05-25 00:09 - 01093904 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2013-08-22 20:48 - 2013-05-24 01:01 - 01300992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-08-22 20:48 - 2013-05-24 00:27 - 01022464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-08-22 20:48 - 2013-05-20 02:08 - 00386642 _____ C:\Windows\system32\ApnDatabase.xml
2013-08-22 20:48 - 2013-05-15 04:25 - 00888320 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2013-08-22 20:48 - 2013-05-15 04:25 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2013-08-22 20:48 - 2013-05-15 04:24 - 00793088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2013-08-22 20:48 - 2013-05-15 04:24 - 00482816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2013-08-22 20:48 - 2013-05-04 09:58 - 00120736 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2013-08-22 20:48 - 2013-05-04 09:34 - 00446720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2013-08-22 20:48 - 2013-05-04 09:34 - 00284416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2013-08-22 20:48 - 2013-05-04 09:30 - 00058312 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-08-22 20:48 - 2013-05-04 08:59 - 13644288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2013-08-22 20:48 - 2013-05-04 08:59 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-08-22 20:48 - 2013-05-04 08:59 - 01619968 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-08-22 20:48 - 2013-05-04 08:59 - 01483776 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2013-08-22 20:48 - 2013-05-04 08:59 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\Magnify.exe
2013-08-22 20:48 - 2013-05-04 08:59 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-08-22 20:48 - 2013-05-04 08:59 - 00251904 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2013-08-22 20:48 - 2013-05-04 08:59 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-08-22 20:48 - 2013-05-04 08:59 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-08-22 20:48 - 2013-05-04 08:59 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-08-22 20:48 - 2013-05-04 08:58 - 10116096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2013-08-22 20:48 - 2013-05-04 08:58 - 01332736 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2013-08-22 20:48 - 2013-05-04 08:58 - 00470528 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2013-08-22 20:48 - 2013-05-04 08:58 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2013-08-22 20:48 - 2013-05-04 08:58 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2013-08-22 20:48 - 2013-05-04 08:58 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2013-08-22 20:48 - 2013-05-04 08:58 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2013-08-22 20:48 - 2013-05-04 08:58 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\netprofm.dll
2013-08-22 20:48 - 2013-05-04 08:58 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2013-08-22 20:48 - 2013-05-04 08:57 - 02305024 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-08-22 20:48 - 2013-05-04 08:57 - 01131520 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2013-08-22 20:48 - 2013-05-04 08:57 - 00820736 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2013-08-22 20:48 - 2013-05-04 08:57 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2013-08-22 20:48 - 2013-05-04 08:57 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2013-08-22 20:48 - 2013-05-04 08:57 - 00501760 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2013-08-22 20:48 - 2013-05-04 08:57 - 00389120 _____ (Microsoft Corporation) C:\Windows\system32\BCP47Langs.dll
2013-08-22 20:48 - 2013-05-04 08:57 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2013-08-22 20:48 - 2013-05-04 08:57 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\biwinrt.dll
2013-08-22 20:48 - 2013-05-04 08:57 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\muifontsetup.dll
2013-08-22 20:48 - 2013-05-04 08:56 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
2013-08-22 20:48 - 2013-05-04 06:58 - 00758784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe
2013-08-22 20:48 - 2013-05-04 06:58 - 00621056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-08-22 20:48 - 2013-05-04 06:58 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-08-22 20:48 - 2013-05-04 06:58 - 00083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-08-22 20:48 - 2013-05-04 06:58 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-08-22 20:48 - 2013-05-04 06:57 - 10788864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2013-08-22 20:48 - 2013-05-04 06:57 - 08857088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-08-22 20:48 - 2013-05-04 06:57 - 00303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2013-08-22 20:48 - 2013-05-04 06:57 - 00247296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2013-08-22 20:48 - 2013-05-04 06:57 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2013-08-22 20:48 - 2013-05-04 06:57 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2013-08-22 20:48 - 2013-05-04 06:57 - 00018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2013-08-22 20:48 - 2013-05-04 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll
2013-08-22 20:48 - 2013-05-04 06:56 - 02035712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-08-22 20:48 - 2013-05-04 06:56 - 00582144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2013-08-22 20:48 - 2013-05-04 06:56 - 00449536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2013-08-22 20:48 - 2013-05-04 06:56 - 00411136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2013-08-22 20:48 - 2013-05-04 06:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll
2013-08-22 20:48 - 2013-05-04 06:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\biwinrt.dll
2013-08-22 20:48 - 2013-05-04 06:55 - 00389632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2013-08-22 20:48 - 2013-05-04 06:51 - 00014848 _____ (Microsoft) C:\Windows\system32\rars.rs
2013-08-22 20:48 - 2013-05-04 06:47 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2013-08-22 20:48 - 2013-05-04 06:10 - 00014848 _____ (Microsoft) C:\Windows\SysWOW64\rars.rs
2013-08-22 20:46 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-22 20:46 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-22 20:46 - 2013-07-26 07:13 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-08-22 20:46 - 2013-07-26 07:13 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2013-08-22 20:46 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-22 20:46 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-22 20:46 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-22 20:46 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-22 20:46 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-22 20:46 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-22 20:46 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-22 20:46 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-22 20:46 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-22 20:46 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-22 20:46 - 2013-07-26 05:13 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-08-22 20:46 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-22 20:46 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-22 20:46 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-22 20:46 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-22 20:46 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-22 20:46 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-22 20:46 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-22 20:46 - 2013-07-26 02:54 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-08-22 20:46 - 2013-07-09 08:07 - 02233168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-22 20:46 - 2013-07-02 02:44 - 00036288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2013-08-22 20:46 - 2013-07-02 00:08 - 00247216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2013-08-22 20:46 - 2013-06-01 11:25 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-08-22 20:46 - 2013-06-01 11:21 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-08-22 20:46 - 2013-05-31 01:14 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-08-22 20:46 - 2013-05-24 01:02 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-22 20:46 - 2013-05-24 00:25 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-22 20:46 - 2013-04-24 01:13 - 01013248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-08-22 20:46 - 2013-04-24 01:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-22 20:46 - 2013-04-24 00:56 - 01255936 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-08-22 20:46 - 2013-04-24 00:55 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-22 20:46 - 2013-04-12 00:30 - 01421312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-08-22 20:46 - 2013-04-12 00:22 - 01838080 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-08-22 20:45 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-22 20:45 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-22 20:45 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-22 20:45 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-22 20:45 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-22 20:45 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-22 20:45 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-22 20:45 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-22 20:45 - 2013-07-13 08:18 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-22 20:45 - 2013-07-13 08:16 - 01889280 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-22 20:45 - 2013-07-13 08:16 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-22 20:45 - 2013-07-13 08:15 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2013-08-22 20:45 - 2013-07-13 08:15 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2013-08-22 20:45 - 2013-07-13 06:24 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-22 20:45 - 2013-07-13 06:23 - 01568256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-22 20:45 - 2013-07-13 06:23 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2013-08-22 20:45 - 2013-07-13 06:23 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2013-08-22 20:45 - 2013-05-16 00:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2013-08-22 20:45 - 2013-05-04 08:59 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-22 20:45 - 2013-05-04 06:57 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-22 20:45 - 2013-04-27 07:20 - 00733184 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-08-22 20:45 - 2013-04-03 01:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-08-22 20:45 - 2013-04-03 01:12 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-08-22 20:38 - 2013-08-22 20:38 - 00000000 ____D C:\Program Files (x86)\Samsung Magician
==================== One Month Modified Files and Folders =======
2013-09-11 12:41 - 2012-11-26 22:46 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1658923555-2956035697-1988514772-1001
2013-09-11 12:33 - 2013-09-11 12:33 - 00036044 _____ C:\Users\El_Cid_Win8\Desktop\Addition.txt
2013-09-11 12:31 - 2013-09-11 12:31 - 00000000 ____D C:\FRST
2013-09-11 12:30 - 2012-07-26 12:27 - 00761898 _____ C:\Windows\system32\perfh007.dat
2013-09-11 12:30 - 2012-07-26 12:27 - 00160028 _____ C:\Windows\system32\perfc007.dat
2013-09-11 12:30 - 2012-07-26 09:28 - 01772590 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-11 12:29 - 2013-09-11 12:29 - 00000000 ____D C:\Users\El_Cid_Win8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
2013-09-11 12:29 - 2012-12-09 21:10 - 00000368 _____ C:\Windows\lgfwup.ini
2013-09-11 12:29 - 2012-12-09 21:10 - 00000000 ____D C:\Program Files (x86)\lg_fwupdate
2013-09-11 12:28 - 2012-11-26 23:11 - 00000000 ____D C:\Users\El_Cid_Win8\AppData\Roaming\Skype
2013-09-11 12:27 - 2012-12-01 02:30 - 00003038 _____ C:\Windows\System32\Tasks\EVGAPrecision
2013-09-11 03:21 - 2013-09-11 12:29 - 01949408 _____ (Farbar) C:\Users\El_Cid_Win8\Desktop\FRST64.exe
2013-09-10 18:19 - 2013-09-10 18:19 - 00001162 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-09-10 18:19 - 2013-09-10 18:19 - 00000000 ____D C:\Users\El_Cid_Win8\AppData\Roaming\Mozilla
2013-09-10 18:19 - 2013-09-10 18:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-10 18:19 - 2013-09-03 09:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-10 18:09 - 2012-11-27 00:03 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-10 18:03 - 2013-09-10 18:03 - 00001144 _____ C:\Users\Public\Desktop\Opera.lnk
2013-09-10 18:03 - 2013-09-10 18:03 - 00000000 ____D C:\Users\EL_CID~1\AppData\Local\Opera Software
2013-09-10 18:03 - 2013-09-10 18:03 - 00000000 ____D C:\Users\El_Cid_Win8\AppData\Roaming\Opera Software
2013-09-10 18:03 - 2012-11-27 00:31 - 00000000 ____D C:\Program Files (x86)\Opera
2013-09-10 18:02 - 2013-09-10 18:00 - 00000000 ____D C:\Users\El_Cid_Win8\AppData\Roaming\vlc
2013-09-10 18:00 - 2013-09-10 18:00 - 00000882 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-09-10 18:00 - 2013-09-10 18:00 - 00000000 ____D C:\Program Files\VideoLAN
2013-09-10 18:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-09-10 17:49 - 2012-12-01 01:37 - 00013736 _____ C:\Windows\PFRO.log
2013-09-10 17:49 - 2012-11-26 23:25 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-10 17:49 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-10 17:48 - 2013-09-10 17:48 - 00001265 _____ C:\Users\Public\Desktop\Virtual CloneDrive.lnk
2013-09-10 17:48 - 2013-09-10 17:48 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2013-09-10 17:42 - 2013-09-10 17:42 - 00001047 _____ C:\Users\El_Cid_Win8\Desktop\StaxRip.exe - Verknüpfung.lnk
2013-09-10 17:31 - 2013-09-10 16:39 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-09-10 16:46 - 2012-11-27 00:31 - 00000000 ____D C:\Users\EL_CID~1\AppData\Local\Opera
2013-09-10 16:46 - 2012-11-27 00:31 - 00000000 ____D C:\Users\El_Cid_Win8\AppData\Roaming\Opera
2013-09-10 16:30 - 2013-09-10 16:30 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2013-09-10 16:28 - 2013-09-10 16:28 - 00001394 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-09-10 16:28 - 2013-09-10 16:28 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-09-10 16:16 - 2013-09-10 16:14 - 00000000 ____D C:\AdwCleaner
2013-09-10 15:34 - 2012-12-02 17:44 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-09-10 00:31 - 2013-09-09 21:51 - 00000000 ____D C:\Program Files (x86)\stinger
2013-09-09 19:36 - 2013-09-09 19:36 - 00000000 ____D C:\Users\EL_CID~1\AppData\Local\XBOX360_ISO_Extract
2013-09-09 14:32 - 2012-12-01 01:16 - 02080125 _____ C:\Windows\WindowsUpdate.log
2013-09-07 20:43 - 2012-11-27 00:16 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-09-07 20:01 - 2013-09-07 20:01 - 00000000 ____D C:\Program Files (x86)\Karmian
2013-09-07 02:58 - 2013-09-07 02:58 - 00000000 ____D C:\Program Files\Classic Shell
2013-09-06 01:25 - 2012-11-26 23:58 - 00000000 ____D C:\Program Files (x86)\Intel
2013-09-05 23:05 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\NDF
2013-09-05 21:36 - 2013-08-24 22:21 - 00000000 ____D C:\Program Files (x86)\RAMDisk
2013-09-05 19:39 - 2012-12-03 02:40 - 00008072 _____ C:\Windows\setupact.log
2013-09-01 02:37 - 2012-12-13 21:05 - 00000000 ____D C:\Windows\Minidump
2013-09-01 02:37 - 2012-11-26 22:20 - 00170972 ____N C:\Windows\Minidump\090113-9703-01.dmp
2013-08-24 23:45 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-08-24 22:24 - 2013-08-24 22:22 - 00000000 ____D C:\Users\EL_CID~1\AppData\Local\Dataram_Corporation
2013-08-24 21:41 - 2012-11-26 23:11 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-08-24 21:41 - 2012-11-26 23:11 - 00000000 ____D C:\ProgramData\Skype
2013-08-24 21:30 - 2013-08-24 21:30 - 00425304 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-24 21:30 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-08-24 21:29 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\servicing
2013-08-24 18:26 - 2012-07-26 12:29 - 00000000 ____D C:\Program Files\Windows Journal
2013-08-24 18:26 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2013-08-24 18:26 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-08-24 18:26 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-08-24 18:26 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-08-24 18:26 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-08-24 18:26 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-08-24 18:26 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-08-24 18:26 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe
2013-08-24 18:26 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\Dism
2013-08-22 21:20 - 2012-07-26 07:26 - 00000230 _____ C:\Windows\win.ini
2013-08-22 21:15 - 2013-08-22 21:15 - 00000000 ____D C:\Windows\system32\MRT
2013-08-22 21:13 - 2012-12-01 01:17 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-08-22 21:13 - 2012-12-01 01:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-08-22 20:38 - 2013-08-22 20:38 - 00000000 ____D C:\Program Files (x86)\Samsung Magician
2013-08-22 20:38 - 2013-03-27 22:39 - 00001118 _____ C:\Users\Public\Desktop\Samsung Magician.lnk
2013-08-22 20:38 - 2012-11-26 22:37 - 00000000 ___RD C:\Users\El_Cid_Win8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-08-19 22:56 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-09-09 11:14
==================== End Of Log ============================
Und hier die Addition.txt: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-09-2013
Ran by El_Cid_Win8 at 2013-09-11 12:48:37
Running from C:\Users\El_Cid_Win8\Desktop
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
7-Zip 9.20 (x32)
Acronis*True*Image*Home (x32 Version: 11.0.8010)
Adobe Acrobat 6.0.1 Professional - English, Français, Deutsch (x32 Version: 006.000.001)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Shockwave Player 11.6 (x32 Version: 11.6.7.637)
Allgemeine Runtime Files (x86) (Version: 1.0.3.5)
Apple Software Update (x32 Version: 2.1.3.127)
Asmedia ASM104x USB 3.0 Host Controller Driver (x32 Version: 1.16.2.0)
ASRock eXtreme Tuner v0.1.218 (x32)
BD/HD Advisor 1.0 (x32)
Bitdefender Antivirus Free Edition (Version: 1.0.20.1083)
Canon iP4300
Canon iP4300 Benutzerregistrierung (x32)
Canon Setup Utility 2.3 (x32)
Canon Utilities Easy-PhotoPrint (x32)
Canon Utilities Easy-PrintToolBox (x32)
CCleaner (Version: 3.24)
CD-LabelPrint (x32)
Chivalry: Medieval Warfare (x32)
Classic Shell (Version: 3.6.8)
Compatibility Pack for the 2007 Office system (x32 Version: 12.0.6612.1000)
Core Temp 1.0 RC5 (Version: 1.0)
CPUID CPU-Z 1.62
Creative Software AutoUpdate (x32 Version: 1.40)
Creative-Audiokonsole (x32 Version: 1.33)
CrystalDiskInfo 3.10.0 (x32 Version: 3.10.0)
CyberLink InstantBurn (x32)
CyberLink PowerDVD (x32 Version: 7.3.5711.0)
DirectX 9.0c Extra Files (x86, x64) (Version: 1.10.06.0)
DVD Decrypter (Remove Only) (x32)
DVD Shrink 3.2 deutsch (x32)
Easy-WebPrint (x32)
EPSON Scan (x32)
EVGA Precision X 3.0.4 (x32 Version: 3.0.4)
Exact Audio Copy 1.0beta3 (x32 Version: 1.0beta3)
Fraps (x32)
Freemake Video Converter Version 3.2.1 (x32 Version: 3.2.1)
HD Tune 2.55 (x32)
Hi-Def Suite (x32 Version: 5.0.1729)
ImgBurn (x32 Version: 2.5.7.0)
Intel(R) Control Center (x32 Version: 1.2.1.1007)
Intel(R) Management Engine Components (x32 Version: 8.0.2.1410)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2932)
Intel(R) Rapid Storage Technology (x32 Version: 10.8.0.1003)
Java 7 Update 9 (64-bit) (Version: 7.0.90)
Java 7 Update 9 (x32 Version: 7.0.90)
LabelPrint (x32 Version: 2.0.1920a)
LG ODD Auto Firmware Update (x32 Version: 10.01.0712.01)
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322)
Microsoft .NET Framework 1.1 (x32)
Microsoft .NET Framework 1.1 Security Update (KB2656353) (x32)
Microsoft .NET Framework 1.1 Security Update (KB2656370) (x32)
Microsoft .NET Framework 1.1 Security Update (KB979906) (x32)
Microsoft .NET Framework 1.1 SP1
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1)
Microsoft Office Professional Edition 2003 (x32 Version: 11.0.8173.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (x32 Version: 11.0.50727.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (Version: 2.0.50728)
Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 23.0.1)
Nero 7 Essentials (x32 Version: 7.02.4509)
nLite 1.4.9.1 (x32 Version: 1.4.9.1)
NVIDIA 3D Vision Controller-Treiber 314.07 (Version: 314.07)
NVIDIA 3D Vision Treiber 314.07 (Version: 314.07)
NVIDIA Grafiktreiber 314.07 (Version: 314.07)
NVIDIA HD-Audiotreiber 1.3.23.1 (Version: 1.3.23.1)
NVIDIA Install Application (Version: 2.1002.109.718)
NVIDIA PhysX (x32 Version: 9.12.1031)
NVIDIA PhysX-Systemsoftware 9.12.1031 (Version: 9.12.1031)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1407)
NVIDIA Systemsteuerung 314.07 (Version: 314.07)
NVIDIA Update 1.12.12 (Version: 1.12.12)
NVIDIA Update Components (Version: 1.12.12)
OpenAL (x32)
Opera Stable 16.0.1196.73 (x32 Version: 16.0.1196.73)
Power2Go 5.0 (x32)
PowerBackup (x32 Version: 2.5.073120)
PowerProducer (x32)
PS3Merge version 1.0.1.0 (x32 Version: 1.0.1.0)
Safari (x32 Version: 5.34.57.2)
Samsung Magician (x32 Version: 4.2.1)
SeaTools for Windows (x32 Version: 1.2.0.7)
Skype Click to Call (x32 Version: 6.3.11079)
Skype™ 6.6 (x32 Version: 6.6.106)
Spybot - Search & Destroy (x32 Version: 2.1.21)
Tomb Raider (x32)
Trials Evolution Gold Edition (x32)
Uplay (x32 Version: 2.0)
V-Gear TalkCam Tracer CCD (x32 Version: 0.1.0114.05)
VirtualCloneDrive (x32)
VLC media player 2.1.0-rc2 (Version: 2.1.0-rc2)
WhereIsIt? 2010 (x32 Version: 2010)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
==================== Restore Points =========================
24-08-2013 16:02:16 Windows Update
01-09-2013 00:11:58 Geplanter Prüfpunkt
05-09-2013 18:38:08 Installed Classic Shell
07-09-2013 00:58:04 Installed Classic Shell
==================== Hosts content: ==========================
2012-07-26 07:26 - 2013-09-10 17:32 - 00447822 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-26] (Microsoft Corporation)
Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical
Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler
Task: {19E9FFE4-2C04-4FE2-AD7C-045DC17FE189} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\System32\sysmain.dll [2013-05-04] (Microsoft Corporation)
Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents
Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance
Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\WSClient.dll [2012-09-20] (Microsoft Corporation)
Task: {291B09C1-FD80-44EF-9C6C-87C0F38E0C55} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh
Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks
Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update
Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator
Task: {3A612EFE-133B-4DAB-ABB8-7294B8C9D608} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask
Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage
Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2013-06-01] (Microsoft Corporation)
Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon
Task: {55EBB688-5A7E-4D91-B256-5FA5E40CF3CB} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1658923555-2956035697-1988514772-1001
Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance
Task: {5B94E89D-949B-4095-9D9E-4B6214E854BC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-20] (Adobe Systems Incorporated)
Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required
Task: {5CFBDDDF-48F4-4DA5-84EB-0C9336FEDAB4} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup
Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-26] (Microsoft Corporation)
Task: {694BEA24-F89B-496C-BC73-9EF6437905A7} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => Sc.exe start wuauserv
Task: {6C7F27D0-61AE-4434-ADC4-CF2C8BCA3222} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-09-20] (Microsoft Corporation)
Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319
Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update
Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance
Task: {7E27B3C6-5D2D-4930-915B-24C9538833EE} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall
Task: {7FF66235-5118-4C85-B9DD-7AEC24850370} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall
Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance
Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode)
Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses
Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime
Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64
Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\WSClient.dll [2012-09-20] (Microsoft Corporation)
Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask
Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh
Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask
Task: {ADFC8FA0-D01D-40D5-80FC-F688C5EA26D6} - System32\Tasks\EVGAPrecision => C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe [2012-10-17] ()
Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask
Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan
Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific
Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan
Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\System32\Windows.Storage.ApplicationData.dll [2012-07-26] (Microsoft Corporation)
Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork
Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical
Task: {DD58975C-BB36-41D4-AE41-13D8E94BCB6F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery
Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask
Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-09-20] (Microsoft Corporation)
Task: {E934AAD8-1146-4131-A782-AA0CA3379D68} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-10-24] (Piriform Ltd)
Task: {EAD237E7-D276-4257-9F16-51DF41548733} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\System32\Startupscan.dll [2012-07-26] (Microsoft Corporation)
Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM
Task: {FFE3FD50-646E-4A64-913B-23C4187E6025} - System32\Tasks\Microsoft\Windows\File Classification Infrastructure\Property Definition Sync
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2013-02-26 01:32 - 2013-02-10 05:25 - 00250504 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2012-10-19 01:02 - 2012-10-19 01:02 - 00004096 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-06-29 10:50 - 2013-06-29 10:50 - 01750528 _____ (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2012-10-19 01:02 - 2013-02-10 05:25 - 15275744 _____ (NVIDIA Corporation) C:\Windows\SYSTEM32\nvwgf2umx.dll
2007-08-31 19:43 - 2007-08-31 19:43 - 00673704 _____ (Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2007-08-31 17:59 - 2007-08-31 17:59 - 00138008 _____ (Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\timounter64.dll
2012-11-27 00:41 - 2012-06-09 20:20 - 00196096 _____ (Alexander Roshal) C:\Program Files\WinRAR\rarext.dll
2013-09-10 17:48 - 2009-12-14 19:16 - 00107688 _____ (Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll
2013-06-29 10:50 - 2013-06-29 10:50 - 00724992 _____ (IvoSoft) C:\Program Files\Classic Shell\ClassicExplorer64.dll
2012-11-26 23:24 - 2013-02-10 03:04 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2012-12-14 03:42 - 2012-12-14 03:42 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrDEU.lrc
2012-12-09 21:10 - 2006-12-19 20:03 - 00046640 _____ () C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\resex64.dll
2013-09-01 01:21 - 2013-09-01 01:21 - 00696632 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\sqlite3.dll
2012-10-19 01:02 - 2013-02-10 05:25 - 01114144 _____ (NVIDIA Corporation) C:\Windows\SYSTEM32\nvumdshimx.dll
2013-03-07 00:44 - 2013-02-10 05:25 - 17987192 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2012-10-10 03:22 - 2012-10-10 03:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-10-19 01:02 - 2012-10-19 01:02 - 00004096 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2013-06-21 09:53 - 2013-06-21 09:53 - 00088680 ____R (Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.dll
2012-07-26 03:39 - 2012-07-26 05:04 - 00239104 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\ksproxy.ax
2012-07-26 03:46 - 2012-07-26 05:04 - 00131072 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\kswdmcap.ax
2013-09-01 00:29 - 2013-09-01 00:29 - 00491520 _____ (Intel Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\6e547890c30e7e76bee9a2ae8e504749\IAStorUtil.ni.dll
2013-09-01 00:29 - 2013-09-01 00:29 - 00014336 _____ (Intel Corp.) C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\237e5a93f00f54a7cc6d468cdab2de04\IAStorCommon.ni.dll
2007-02-10 00:20 - 2007-02-10 00:20 - 00247328 _____ (Acronis) C:\Program Files (x86)\Common Files\Acronis\Common\resource.dll
2007-07-26 20:12 - 2007-07-26 20:12 - 00054552 _____ (Acronis) C:\Program Files (x86)\Common Files\Acronis\Common\gc.dll
2006-09-18 12:06 - 2006-09-18 12:06 - 00008192 _____ (Acronis) C:\Program Files (x86)\Common Files\Acronis\Common\rpc_client.dll
2007-08-23 19:45 - 2007-08-23 19:45 - 02143736 _____ (Acronis) C:\Program Files (x86)\Common Files\Acronis\Fomatik\tdrpapi.dll
2007-08-31 18:13 - 2007-08-31 18:13 - 01336600 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\fox.dll
2012-12-09 21:10 - 2007-04-10 17:27 - 08365616 _____ () C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\res.dll
2013-08-22 20:38 - 2013-08-07 18:15 - 00020992 _____ (Samsung India Software Operations) C:\Program Files (x86)\Samsung Magician\Logger32.dll
2013-08-22 20:38 - 2013-05-16 14:42 - 00013824 _____ () C:\Program Files (x86)\Samsung Magician\SAMSUNG_SSD.dll
2013-09-10 16:28 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-09-10 16:28 - 2013-05-16 10:55 - 03643800 _____ (Project JEDI) C:\Program Files (x86)\Spybot - Search & Destroy 2\Jcl150.bpl
2013-09-10 16:28 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
==================== Alternate Data Streams (whitelisted) ==========
AlternateDataStreams: C:\Users\El_Cid_Win8\Downloads\pc-wizard_2012.2.11-setup.exe:BDU
AlternateDataStreams: C:\Users\El_Cid_Win8\Downloads\SeaToolsforWindowsSetup-1208.exe:BDU
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/10/2013 06:28:56 PM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 23.0.1.4974 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1360
Startzeit: 01ceae41912f46f9
Endzeit: 12
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID: 1393399c-1a36-11e3-beca-bc5ff40e22aa
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/10/2013 05:39:26 PM) (Source: Application Hang) (User: )
Description: Programm SDUpdate.exe, Version 2.1.18.91 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: d8c
Startzeit: 01ceae3b977e2581
Endzeit: 0
Anwendungspfad: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Berichts-ID: 2a827e72-1a2f-11e3-bec9-bc5ff40e22aa
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/10/2013 05:37:08 PM) (Source: Application Hang) (User: )
Description: Programm SDUpdate.exe, Version 2.1.18.91 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: ba0
Startzeit: 01ceae3b69c7b76a
Endzeit: 0
Anwendungspfad: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Berichts-ID: d88b072a-1a2e-11e3-bec9-bc5ff40e22aa
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/10/2013 05:35:28 PM) (Source: Application Hang) (User: )
Description: Programm SDScan.exe, Version 2.1.18.177 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1040
Startzeit: 01ceae3b1a1bcfb0
Endzeit: 0
Anwendungspfad: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Berichts-ID: 9b8f6cb4-1a2e-11e3-bec9-bc5ff40e22aa
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/10/2013 05:34:55 PM) (Source: Application Hang) (User: )
Description: Programm SDUpdate.exe, Version 2.1.18.91 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 430
Startzeit: 01ceae3981006e0e
Endzeit: 2
Anwendungspfad: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Berichts-ID: ff59c430-1a2d-11e3-bec9-bc5ff40e22aa
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/10/2013 05:30:55 PM) (Source: Application Hang) (User: )
Description: Programm SDUpdate.exe, Version 2.1.18.91 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: fa8
Startzeit: 01ceae39b4489e8a
Endzeit: 1
Anwendungspfad: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Berichts-ID: f68031f6-1a2d-11e3-bec9-bc5ff40e22aa
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/10/2013 05:07:53 PM) (Source: Application Hang) (User: )
Description: Programm SDUpdate.exe, Version 2.1.18.91 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: ab0
Startzeit: 01ceae359b8e9131
Endzeit: 0
Anwendungspfad: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Berichts-ID: c2dfac56-1a2a-11e3-bec9-bc5ff40e22aa
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/10/2013 05:07:47 PM) (Source: Application Hang) (User: )
Description: Programm SDUpdate.exe, Version 2.1.18.91 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 874
Startzeit: 01ceae3545dd093b
Endzeit: 0
Anwendungspfad: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Berichts-ID: beeb5a50-1a2a-11e3-bec9-bc5ff40e22aa
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/10/2013 04:51:43 PM) (Source: Application Hang) (User: )
Description: Programm SDUpdate.exe, Version 2.1.18.91 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 13d4
Startzeit: 01ceae339e7d1745
Endzeit: 0
Anwendungspfad: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Berichts-ID: 80495500-1a28-11e3-bec9-bc5ff40e22aa
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/09/2013 04:08:06 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ImgBurn.exe, Version: 2.5.7.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x74d8d8d9
ID des fehlerhaften Prozesses: 0x1290
Startzeit der fehlerhaften Anwendung: 0xImgBurn.exe0
Pfad der fehlerhaften Anwendung: ImgBurn.exe1
Pfad des fehlerhaften Moduls: ImgBurn.exe2
Berichtskennung: ImgBurn.exe3
Vollständiger Name des fehlerhaften Pakets: ImgBurn.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ImgBurn.exe5
System errors:
=============
Error: (09/10/2013 06:05:33 PM) (Source: Schannel) (User: IGNATZWIN8)
Description: Das vom Remoteserver erhaltene Zertifikat wurde falsch verifiziert. Fehlercode: 0x80092013. Fehler bei der SSL-Zertifikatanforderung. Die angefügten Daten enthalten das Serverzertifikat.
Error: (09/10/2013 06:05:33 PM) (Source: Schannel) (User: IGNATZWIN8)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 43. Der Windows-SChannel-Fehlerstatus lautet: 552.
Error: (09/10/2013 05:53:48 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (09/10/2013 05:53:48 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (09/10/2013 05:52:18 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (09/10/2013 05:52:18 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.
Error: (09/10/2013 05:51:48 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Updating Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (09/10/2013 05:51:48 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Updating Service erreicht.
Error: (09/10/2013 05:50:16 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (09/10/2013 05:50:16 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.
Microsoft Office Sessions:
=========================
Error: (09/10/2013 06:28:56 PM) (Source: Application Hang)(User: )
Description: firefox.exe23.0.1.4974136001ceae41912f46f912C:\Program Files (x86)\Mozilla Firefox\firefox.exe1393399c-1a36-11e3-beca-bc5ff40e22aa
Error: (09/10/2013 05:39:26 PM) (Source: Application Hang)(User: )
Description: SDUpdate.exe2.1.18.91d8c01ceae3b977e25810C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe2a827e72-1a2f-11e3-bec9-bc5ff40e22aa
Error: (09/10/2013 05:37:08 PM) (Source: Application Hang)(User: )
Description: SDUpdate.exe2.1.18.91ba001ceae3b69c7b76a0C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exed88b072a-1a2e-11e3-bec9-bc5ff40e22aa
Error: (09/10/2013 05:35:28 PM) (Source: Application Hang)(User: )
Description: SDScan.exe2.1.18.177104001ceae3b1a1bcfb00C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe9b8f6cb4-1a2e-11e3-bec9-bc5ff40e22aa
Error: (09/10/2013 05:34:55 PM) (Source: Application Hang)(User: )
Description: SDUpdate.exe2.1.18.9143001ceae3981006e0e2C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exeff59c430-1a2d-11e3-bec9-bc5ff40e22aa
Error: (09/10/2013 05:30:55 PM) (Source: Application Hang)(User: )
Description: SDUpdate.exe2.1.18.91fa801ceae39b4489e8a1C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exef68031f6-1a2d-11e3-bec9-bc5ff40e22aa
Error: (09/10/2013 05:07:53 PM) (Source: Application Hang)(User: )
Description: SDUpdate.exe2.1.18.91ab001ceae359b8e91310C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exec2dfac56-1a2a-11e3-bec9-bc5ff40e22aa
Error: (09/10/2013 05:07:47 PM) (Source: Application Hang)(User: )
Description: SDUpdate.exe2.1.18.9187401ceae3545dd093b0C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exebeeb5a50-1a2a-11e3-bec9-bc5ff40e22aa
Error: (09/10/2013 04:51:43 PM) (Source: Application Hang)(User: )
Description: SDUpdate.exe2.1.18.9113d401ceae339e7d17450C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe80495500-1a28-11e3-bec9-bc5ff40e22aa
Error: (09/09/2013 04:08:06 PM) (Source: Application Error)(User: )
Description: ImgBurn.exe2.5.7.000000000unknown0.0.0.000000000c000000574d8d8d9129001cead5cb4e16496C:\Program Files (x86)\ImgBurn\ImgBurn.exeunknown3f5dee77-1959-11e3-bec6-bc5ff40e22aa
CodeIntegrity Errors:
===================================
Date: 2013-05-22 20:29:22.528
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Antivirus Free Edition\avc3\avc3_sig_188\avcuf64.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-05-22 09:24:12.607
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Antivirus Free Edition\avc3\avc3_sig_188\avcuf64.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-05-21 21:11:57.227
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Antivirus Free Edition\avc3\avc3_sig_188\avcuf64.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-05-21 20:54:12.011
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Antivirus Free Edition\avc3\avc3_sig_188\avcuf64.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-05-21 20:52:32.968
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Antivirus Free Edition\avc3\avc3_sig_188\avcuf64.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-05-21 20:47:19.682
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Antivirus Free Edition\avc3\avc3_sig_188\avcuf64.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-05-04 03:36:06.255
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Antivirus Free Edition\avc3\avc3_sig_188\avcuf64.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-05-04 03:00:48.983
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Antivirus Free Edition\avc3\avc3_sig_188\avcuf64.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-05-04 02:55:05.700
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Antivirus Free Edition\avc3\avc3_sig_188\avcuf64.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-05-01 14:11:06.763
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Antivirus Free Edition\avc3\avc3_sig_188\avcuf64.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Percentage of memory in use: 11%
Total physical RAM: 16087.87 MB
Available physical RAM: 14255.14 MB
Total Pagefile: 16599.87 MB
Available Pagefile: 14459.28 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB
==================== Drives ================================
Drive c: (M4_SSD_Win8) (Fixed) (Total:98.99 GB) (Free:52.49 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Samsung_830_SSD) (Fixed) (Total:209.1 GB) (Free:47.08 GB) NTFS
Drive e: (Win7_Sam) (Fixed) (Total:51.88 GB) (Free:15.09 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (Samsung_2) (Fixed) (Total:1811.14 GB) (Free:482.99 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238 GB) (Disk ID: DE9D6C37)
Partition 1: (Active) - (Size=209 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: 10C152A8)
Partition 1: (Active) - (Size=99 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 1863 GB) (Disk ID: 2E37F07D)
Partition 1: (Active) - (Size=52 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=-254328963072) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
11.09.2013, 17:00
| #4 | |
| /// the machine /// TB-Ausbilder | Infektion mit VLC (von VLC.de): Programme in Win8 "hängen" und Browser funktionieren nicht mehrZitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Infektion mit VLC (von VLC.de): Programme in Win8 "hängen" und Browser funktionieren nicht mehr |
| befall, browser, ccleaner, einfrieren, folge, google, hängen, hängt, infektion, internetverbindung, mail, malware, neu, nicht mehr, programme, regedit, registry, sanduhr, seite, spybot, suche, system, tracking, verbindung, vlc-player, vlc.de, win8 hängt, windows explorer |
Linear-Darstellung
