| |
| |||||||
Log-Analyse und Auswertung: Windows 7 HP: Firewall Fehler Code : 0x6D9 und Rundll Fehler beim StartWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
17.09.2013, 15:09
| #1 |
 |  Windows 7 HP: Firewall Fehler Code : 0x6D9 und Rundll Fehler beim Start Es taucht bei mir ein Fehler auf, wenn ich Windows-Firewall mit Erweiterter Einstellung starten möchte, es erscheint dann folgende Nachricht : ' Das Snap-In ''Windows Firewall mit erweiterter Sicherheit konnte nicht geladen werden. Starten sie den Windows Firewall Dienst auf den von ihnen verwalteten Computer neu. Fehlercode :0x6D9. ' Desweiteren erscheint bei jedem Start des Computers die Meldung, dass ein Modul nicht gefunden werden konnte ' Problem beim Starten von C:\Users\Samsung\AppData\Local\Temp\Adobe\AdobeMngPlug.dll ' defogger_disable Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 13:44 on 17/09/2013 (Samsung)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-09-2013 03
Ran by Samsung (administrator) on SAMSUNG-PC on 17-09-2013 13:48:04
Running from C:\Users\Samsung\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Could not list processes ===============
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11369576 2010-08-11] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2586504 2010-08-05] (ELAN Microelectronics Corp.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\InprocServer32: [Default-wbemess] \\.\globalroot\systemroot\Installer\{e5c35188-5e83-fdaa-7b9a-12f3189b327b}\n. ATTENTION! ====> ZeroAccess?
HKCU\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKCU\...\Run: [Btmchk] - C:\Windows\system32\rundll32.exe C:\Users\Samsung\AppData\Local\Temp\Adobe\AdobeMngPlug.dll,Init <===== ATTENTION
HKCU\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKCU\...\Runonce: [Uninstall C:\Users\Samsung\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64] - C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Samsung\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64"
HKCU\...0c966feabec1\InprocServer32: [Default-shell32] C:\Users\Samsung\AppData\Local\{e5c35188-5e83-fdaa-7b9a-12f3189b327b}\n. ATTENTION! ====> ZeroAccess?
HKCU\...\Policies\system: [DisableLockWorkstation] 1
HKCU\...\Policies\system: [DisableChangePassword] 1
HKCU\...\Policies\Explorer: [NoChangeStartMenu] 1
HKCU\...\Policies\Explorer: [NoClose] 1
HKCU\...\Policies\Explorer: [NoLogOff] 1
MountPoints2: F - F:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {14b7bcee-f048-11e0-861f-001e101f8924} - F:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {28159884-8dc0-11e0-a1be-4ceddeeafadb} - F:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {28159912-8dc0-11e0-a1be-4ceddeeafadb} - F:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {2b3f778b-ed13-11e0-a1fb-4ceddeeafadb} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [273528 2011-10-04] (RealNetworks, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [421736 2011-10-09] (Apple Inc.)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
Startup: C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.co.uk/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.chatzum.com/?orig=HP&affid=62&cztbid=1657062287
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=1657062287&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=1657062287&q={searchTerms}
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&affID=119556&babsrc=SP_ss&mntrId=4A644AEDDEEAFADB
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=1657062287&q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&affID=119556&babsrc=SP_ss&mntrId=4A644AEDDEEAFADB
BHO: avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (Symantec Corporation)
BHO-x32: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
FireFox:
========
FF ProfilePath: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\epgkek8r.default
FF user.js: detected! => C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\epgkek8r.default\user.js
FF SearchEngineOrder.1: Ask Search
FF Homepage: https://www.google.co.uk/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @real.com/nppl3260;version=12.0.1.669 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=12.0.1.669 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=12.0.1.669 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=12.0.1.669 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=12.0.1.669 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\epgkek8r.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\epgkek8r.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\epgkek8r.default\searchplugins\imdb.xml
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\epgkek8r.default\searchplugins\linguee-de-en.xml
FF SearchPlugin: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\epgkek8r.default\searchplugins\youtube-videosuche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DivXWebPlayer - C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\epgkek8r.default\Extensions\DivXWebPlayer@divx.com.xpi
FF Extension: trtv3 - C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\epgkek8r.default\Extensions\trtv3@trtv.com.xpi
FF Extension: No Name - C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\epgkek8r.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\
FF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\IPSFFPlgn\
FF Extension: Symantec IPS - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\IPSFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\coFFPlgn_2011_7_13_2
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\coFFPlgn_2011_7_13_2
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [130008 2011-04-17] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2013-03-13] ()
S3 GameConsoleService; "C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe" [x]
==================== Drivers (Whitelisted) ====================
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-06-27] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-06-27] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-06-27] ()
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\BASHDefs\20110701.001\BHDrvx64.sys [1143416 2011-05-19] (Symantec Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\BASHDefs\20110701.001\BHDrvx64.sys [1143416 2011-05-19] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [481912 2011-05-12] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [481912 2011-05-12] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [136824 2011-05-12] (Symantec Corporation)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [132608 2009-06-29] (Huawei Technologies Co., Ltd.)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\IPSDefs\20110704.050\IDSvia64.sys [488056 2011-06-03] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\IPSDefs\20110704.050\IDSvia64.sys [488056 2011-06-03] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20110705.002\ENG64.SYS [117880 2011-05-18] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20110705.002\ENG64.SYS [117880 2011-05-18] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20110705.002\EX64.SYS [2011768 2011-05-18] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20110705.002\EX64.SYS [2011768 2011-05-18] (Symantec Corporation)
S3 rtport; C:\Windows\SysWOW64\drivers\rtport.sys [15144 2011-01-17] (Windows (R) 2003 DDK 3790 provider)
S3 rtport; C:\Windows\SysWOW64\drivers\rtport.sys [15144 2011-01-17] (Windows (R) 2003 DDK 3790 provider)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS [744568 2011-03-31] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS [40568 2011-03-31] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1207020.003\SYMDS64.SYS [450680 2011-01-27] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1207020.003\SYMEFA64.SYS [912504 2011-03-15] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2011-05-12] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [171128 2011-01-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS [386168 2011-04-21] (Symantec Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-17 13:48 - 2013-09-17 13:48 - 00000000 ____D C:\FRST
2013-09-17 13:46 - 2013-09-17 13:46 - 01950524 _____ (Farbar) C:\Users\Samsung\Desktop\FRST64.exe
2013-09-17 13:44 - 2013-09-17 13:44 - 00000476 _____ C:\Users\Samsung\Desktop\defogger_disable.log
2013-09-17 13:44 - 2013-09-17 13:44 - 00000000 _____ C:\Users\Samsung\defogger_reenable
2013-09-17 13:40 - 2013-09-17 13:40 - 00050477 _____ C:\Users\Samsung\Desktop\Defogger.exe
2013-09-16 19:56 - 2013-09-16 19:56 - 00000055 _____ C:\Users\Samsung\Desktop\setting.txt
2013-09-16 18:35 - 2013-09-16 18:35 - 00000000 ____D C:\Users\Samsung\AppData\Roaming\Opera
2013-09-16 18:25 - 2013-09-16 18:25 - 00000000 ____D C:\Users\Public\Documents\Adobe PDF
2013-09-16 18:20 - 2013-09-16 18:20 - 00003250 _____ C:\Windows\System32\Tasks\{BA555178-ADB2-4B2F-B8E5-83CCDB03B4E7}
2013-09-02 18:58 - 2013-09-02 18:58 - 00000000 ____D C:\ProgramData\APN
2013-09-02 18:57 - 2013-09-03 18:34 - 00000000 ____D C:\Program Files (x86)\TornTV.com
2013-09-02 18:57 - 2013-09-02 18:57 - 00000000 ____D C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
2013-08-20 12:46 - 2013-08-20 12:47 - 00000000 ____D C:\Users\Samsung\AppData\Roaming\7 Sticky Notes
2013-08-20 12:46 - 2012-10-13 22:20 - 00805376 _____ C:\Windows\SysWOW64\EditCtlsU.ocx
2013-08-20 12:46 - 2011-08-13 21:06 - 01031168 _____ C:\Windows\SysWOW64\ExLVwU.ocx
2013-08-20 12:46 - 2011-05-21 00:02 - 00604672 _____ C:\Windows\SysWOW64\ExTVwU.ocx
2013-08-20 12:46 - 2009-06-07 09:27 - 01071088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL.OCX
2013-08-20 12:46 - 2008-01-19 11:34 - 00554008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dao360.dll
2013-08-20 12:46 - 2005-04-15 15:58 - 01351392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.ocx
2013-08-20 12:46 - 2004-03-09 14:45 - 00212240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\richtx32.ocx
2013-08-20 12:46 - 2004-03-09 00:00 - 00662288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCT2.OCX
2013-08-20 12:46 - 2000-05-22 12:58 - 00140488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.ocx
2013-08-20 12:46 - 1998-06-24 01:00 - 00198456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCI32.OCX
2013-08-20 12:45 - 2013-08-20 12:45 - 06154467 _____ (Fabio Martin ) C:\Users\Samsung\Downloads\Setup7StickyNotesv19.exe
2013-08-20 12:42 - 2013-08-20 12:42 - 00392032 _____ (Softonic ) C:\Users\Samsung\Downloads\SoftonicDownloader_fuer_sticky-notes.exe
==================== One Month Modified Files and Folders =======
2013-09-17 13:48 - 2013-09-17 13:48 - 00000000 ____D C:\FRST
2013-09-17 13:46 - 2013-09-17 13:46 - 01950524 _____ (Farbar) C:\Users\Samsung\Desktop\FRST64.exe
2013-09-17 13:45 - 2011-05-07 23:51 - 00068784 _____ C:\Users\Samsung\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-17 13:44 - 2013-09-17 13:44 - 00000476 _____ C:\Users\Samsung\Desktop\defogger_disable.log
2013-09-17 13:44 - 2013-09-17 13:44 - 00000000 _____ C:\Users\Samsung\defogger_reenable
2013-09-17 13:44 - 2011-05-05 17:10 - 00000000 ____D C:\Users\Samsung
2013-09-17 13:40 - 2013-09-17 13:40 - 00050477 _____ C:\Users\Samsung\Desktop\Defogger.exe
2013-09-17 13:38 - 2011-05-08 00:25 - 00000000 ____D C:\Users\Samsung\AppData\Roaming\Skype
2013-09-17 13:37 - 2011-08-18 10:16 - 00000000 ____D C:\Users\Samsung\AppData\Local\CrashDumps
2013-09-17 13:32 - 2011-09-20 13:43 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-09-17 13:30 - 2011-05-06 15:17 - 00000000 ____D C:\Users\Samsung\AppData\Roaming\Adobe
2013-09-17 13:30 - 2011-05-05 23:58 - 00000000 ___RD C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-17 13:28 - 2009-07-14 05:45 - 00013936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-17 13:28 - 2009-07-14 05:45 - 00013936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-17 13:20 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-17 13:12 - 2012-07-20 09:50 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-17 13:11 - 2013-04-28 18:45 - 00000000 ____D C:\Users\Samsung\Desktop\pictures from the phone
2013-09-17 13:02 - 2011-08-11 11:29 - 00000000 ____D C:\Users\Samsung\AppData\Roaming\DVDVideoSoft
2013-09-17 12:52 - 2012-07-12 14:02 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-09-17 12:51 - 2009-07-14 05:45 - 04926048 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-16 22:56 - 2011-06-06 12:44 - 00000000 ____D C:\Users\Samsung\AppData\Roaming\SoftGrid Client
2013-09-16 19:56 - 2013-09-16 19:56 - 00000055 _____ C:\Users\Samsung\Desktop\setting.txt
2013-09-16 18:35 - 2013-09-16 18:35 - 00000000 ____D C:\Users\Samsung\AppData\Roaming\Opera
2013-09-16 18:35 - 2011-05-05 17:11 - 00000000 ____D C:\Users\Samsung\AppData\Local\Adobe
2013-09-16 18:35 - 2009-07-14 03:34 - 00000403 _____ C:\Windows\win.ini
2013-09-16 18:25 - 2013-09-16 18:25 - 00000000 ____D C:\Users\Public\Documents\Adobe PDF
2013-09-16 18:24 - 2011-05-05 17:11 - 00000000 ____D C:\ProgramData\Adobe
2013-09-16 18:20 - 2013-09-16 18:20 - 00003250 _____ C:\Windows\System32\Tasks\{BA555178-ADB2-4B2F-B8E5-83CCDB03B4E7}
2013-09-13 23:12 - 2012-07-20 09:50 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-13 23:12 - 2012-07-20 09:50 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-13 23:12 - 2011-05-13 11:14 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-03 18:34 - 2013-09-02 18:57 - 00000000 ____D C:\Program Files (x86)\TornTV.com
2013-09-02 18:58 - 2013-09-02 18:58 - 00000000 ____D C:\ProgramData\APN
2013-09-02 18:57 - 2013-09-02 18:57 - 00000000 ____D C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
2013-08-20 12:47 - 2013-08-20 12:46 - 00000000 ____D C:\Users\Samsung\AppData\Roaming\7 Sticky Notes
2013-08-20 12:45 - 2013-08-20 12:45 - 06154467 _____ (Fabio Martin ) C:\Users\Samsung\Downloads\Setup7StickyNotesv19.exe
2013-08-20 12:42 - 2013-08-20 12:42 - 00392032 _____ (Softonic ) C:\Users\Samsung\Downloads\SoftonicDownloader_fuer_sticky-notes.exe
2013-08-19 09:15 - 2012-07-12 13:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
ZeroAccess:
C:\Windows\Installer\{e5c35188-5e83-fdaa-7b9a-12f3189b327b}
C:\Windows\Installer\{e5c35188-5e83-fdaa-7b9a-12f3189b327b}\@
C:\Windows\Installer\{e5c35188-5e83-fdaa-7b9a-12f3189b327b}\U\00000001.@
C:\Windows\Installer\{e5c35188-5e83-fdaa-7b9a-12f3189b327b}\U\80000000.@
ZeroAccess:
C:\Users\Samsung\AppData\Local\{e5c35188-5e83-fdaa-7b9a-12f3189b327b}
C:\Users\Samsung\AppData\Local\{e5c35188-5e83-fdaa-7b9a-12f3189b327b}\@
C:\Users\Samsung\AppData\Local\{e5c35188-5e83-fdaa-7b9a-12f3189b327b}\U\00000001.@
Files to move or delete:
====================
C:\ProgramData\go_0molg.pad
C:\ProgramData\s144ETd.dat
C:\Windows\Tasks\At1.job
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
ATTENTION: ZeroAccess. Use DeleteJunctionsIndirectory: C:\Windows\system64
LastRegBack: 2013-09-13 22:25
==================== End Of Log ============================
Additions Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-09-2013 03
Ran by Samsung at 2013-09-17 13:48:54
Running from C:\Users\Samsung\Desktop
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
„Windows Live Essentials“ (x32 Version: 16.4.3505.0912)
„Windows Live Mail“ (x32 Version: 16.4.3505.0912)
Adobe AIR (x32 Version: 3.7.0.1530)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.174)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Reader X (10.1.7) - Deutsch (x32 Version: 10.1.7)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.82)
Apple Application Support (x32 Version: 2.3.2)
Apple Mobile Device Support (Version: 4.0.0.96)
Apple Software Update (x32 Version: 2.1.3.127)
Atheros Client Installation Program (x32 Version: 9.0)
avast! Free Antivirus (x32 Version: 8.0.1489.0)
BatteryLifeExtender (x32 Version: 1.0.6)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95)
Bing Rewards Client Installer (x32 Version: 16.0.345.0)
bl (x32 Version: 1.0.0)
Bonjour (Version: 3.0.0.10)
Broadcom 802.11 Network Adapter (Version: 5.60.48.44)
Build-a-lot (x32 Version: 2.2.0.82)
CCleaner (Version: 3.13)
Chuzzle Deluxe (x32 Version: 2.2.0.82)
CyberLink PowerDirector 11 (Version: 11.0.0.2812)
CyberLink PowerDirector 11 (x32 Version: 11.0.0.2812)
CyberLink PowerDirector 11 Content Pack Essential (x32 Version: 11)
CyberLink PowerDirector 11 Content Pack Premium (x32 Version: 11)
CyberLink WaveEditor 2 (x32 Version: 2.0.3206)
D3DX10 (x32 Version: 15.4.2368.0902)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82)
Easy Display Manager (x32 Version: 3.2)
Easy Network Manager (x32 Version: 4.4.1)
Easy SpeedUp Manager (x32 Version: 2.1.0.15)
EasyBatteryManager (x32 Version: 4.0.0.4)
ETDWare PS/2-X64 8.0.7.0_WHQL (Version: 8.0.7.0)
Farm Frenzy (x32 Version: 2.2.0.82)
FSX Flight Weather Report (x32 Version: 1.0)
Insaniquarium Deluxe (x32 Version: 2.2.0.82)
Intel(R) Graphics Media Accelerator Driver (Version: 8.15.10.1892)
Intel® Matrix Storage Manager
iTunes (Version: 10.5.0.142)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Java(TM) 6 Update 31 (x32 Version: 6.0.310)
John Deere Drive Green (x32 Version: 2.2.0.82)
Junk Mail filter update (x32 Version: 16.4.3505.0912)
Marvell Miniport Driver (x32 Version: 11.24.27.3)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Default Manager (x32 Version: 2.2.114.0)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - Deutsch (x32 Version: 14.0.4763.1000)
Microsoft Silverlight (x32 Version: 4.1.10329.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 23.0.1)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
Newblue Art Effects for PowerDirector (Version: 2.0)
Norton Internet Security (x32 Version: 18.7.2.3)
Norton Online Backup (x32 Version: 2.1.17869)
OpenAL (x32)
OpenOffice.org 3.3 (x32 Version: 3.3.9567)
PDF24 Creator 5.2.0 (x32)
Peggle (x32 Version: 2.2.0.82)
Penguins! (x32 Version: 2.2.0.82)
ph (x32 Version: 1.0.0)
Photo Common (x32 Version: 16.4.3505.0912)
Plants vs. Zombies (x32 Version: 2.2.0.82)
Poczta usługi Windows Live (x32 Version: 16.4.3505.0912)
Podstawowe programy Windows Live (x32 Version: 16.4.3505.0912)
Polar Golfer (x32 Version: 2.2.0.82)
Pošta Windows Live (x32 Version: 16.4.3505.0912)
PowerDirector (Version: 11.0)
QuickTime (x32 Version: 7.72.80.56)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0)
RealPlayer (x32)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6176)
RealUpgrade 1.1 (x32 Version: 1.1.0)
Samsung AnyWeb Print (x32 Version: 1.0)
Samsung Recovery Solution 5 (x32 Version: 5.0.0.6)
Samsung Support Center (x32 Version: 1.1.18)
Samsung Update Plus (x32 Version: 3.0.0.17)
Screensaver for POS (x32 Version: 1.0.0)
Skype™ 5.6 (x32 Version: 5.6.110)
SmartSound Common Data (x32 Version: 1.1.0)
SmartSound Quicktracks 5 (x32 Version: 5.1.8)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
User Guide (x32 Version: 1.0)
VLC media player 1.1.11 (x32 Version: 1.1.11)
WildTangent ORB Game Console (x32)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 16.4.3505.0912)
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (x32 Version: 16.4.3505.0912)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mail (x32 Version: 16.4.3505.0912)
Windows Live Messenger (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 16.4.3505.0912)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 16.4.3505.0912)
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912)
Windows Live Pošta (x32 Version: 16.4.3505.0912)
Windows Live SOXE (x32 Version: 16.4.3505.0912)
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912)
Windows Live Temel Parçalar (x32 Version: 16.4.3505.0912)
Windows Live UX Platform (x32 Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer (x32 Version: 16.4.3505.0912)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 16.4.3505.0912)
Windows Live 메일 (x32 Version: 16.4.3505.0912)
Windows Live 필수 패키지 (x32 Version: 16.4.3505.0912)
Windows Live 程式集 (x32 Version: 16.4.3505.0912)
Windows Live 软件包 (x32 Version: 16.4.3505.0912)
Windows Liven peruspaketti (x32 Version: 16.4.3505.0912)
Windows Liven sähköposti (x32 Version: 16.4.3505.0912)
WinRAR 4.20 (32-Bit) (x32 Version: 4.20.0)
Zuma Deluxe (x32 Version: 2.2.0.95)
Основные компоненты Windows Live (x32 Version: 16.4.3505.0912)
Почта Windows Live (x32 Version: 16.4.3505.0912)
Фотографии (общедоступная версия) (x32 Version: 16.4.3505.0912)
بريد Windows Live (x32 Version: 16.4.3505.0912)
==================== Restore Points =========================
Could not list Restore Points.
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {03D415B3-99B7-4A7F-A7DD-D05EB34F6483} - System32\Tasks\Symantec\Norton Error Processor 18.7.2.3 => C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\SymErr.exe [2012-06-08] (Symantec Corporation)
Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started
Task: {0A64F01F-F98D-44CD-B825-20A0A77C65A4} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2010-02-10] (Samsung Electronics Co., Ltd.)
Task: {25ED618C-EE95-4805-89C1-F3A370021757} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-13] (Adobe Systems Incorporated)
Task: {39CB2F8D-7BE5-4267-9A81-F212BEA72B89} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2010-07-30] (SAMSUNG Electronics)
Task: {3DE935EF-B18A-4BC7-A93E-8D5738751E84} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {4BEB217C-4B31-45DB-8A78-B590DA57BACA} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation)
Task: {5ADE2454-1416-4628-94AB-F878EA120291} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {73FBA767-B86F-4CB5-82C6-5BB840709C6F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software)
Task: {96BE2859-7847-463C-90C4-459C61FF356E} - System32\Tasks\RealCreateProcessScheduledTask1354463S-1-5-21-2052373595-2782729040-2076756327-1000 => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2011-10-04] (RealNetworks, Inc.)
Task: {AABAF32C-B185-4ECF-BEC8-D38CFE733C85} - System32\Tasks\Symantec\Norton Error Analyzer 18.7.2.3 => C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\SymErr.exe [2012-06-08] (Symantec Corporation)
Task: {AE99A560-2675-4680-BB04-0DA3D961FF9F} - System32\Tasks\{1DFBBE26-64B1-4961-92A2-E0CDFA7B8E59} => Firefox.exe
Task: {B086FAD1-FC18-4439-8919-8C4C4F7BED55} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2052373595-2782729040-2076756327-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-09-27] (RealNetworks, Inc.)
Task: {B5E2AA61-B7F0-4C1A-9E1A-0F8716FC6248} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2010-07-27] (SEC)
Task: {CFE6987B-A424-4F30-9669-FA8695FF5F43} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2010-08-27] (Samsung Electronics)
Task: {D7ABC134-846D-4DF5-9EFF-3FC92A3CF2B0} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2052373595-2782729040-2076756327-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-09-27] (RealNetworks, Inc.)
Task: {E6000662-EB05-43E7-A949-A7190C9778E6} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2010-08-09] (Samsung Electronics Co., Ltd.)
Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove No Task File
Task: {ED063042-5CB2-4849-A734-1E7905FAA0AF} - System32\Tasks\RunAsStdUser Task => C:\Program Files (x86)\ClickPotatoLite\bin\10.0.701.0\ClickPotatoLiteSA.exe
Task: {F5F4CEEF-FE06-439F-9981-AFE47515AC71} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-08-12] (Samsung Electronics. Co. Ltd.)
Task: {F97AB2E9-80DA-49D3-9AD8-63CC116B3522} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2010-07-20] (SAMSUNG Electronics co., LTD.)
Task: {FAAC8EEB-A3D2-4477-9C23-E3AF5984C89B} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-20] (Microsoft Corporation)
Task: {FE07C2C5-9A0D-435A-B557-DBBF55CEA300} - System32\Tasks\{118F5B69-229B-4208-AB21-95742DDAF63A} => Firefox.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\At1.job => ?
==================== Loaded Modules (whitelisted) =============
==================== Alternate Data Streams (whitelisted) ==========
AlternateDataStreams: C:\Users\Samsung\Lokale Einstellungen:GZ7hXoIlIqfIEKNUboK4
AlternateDataStreams: C:\Users\Samsung\AppData\Local:GZ7hXoIlIqfIEKNUboK4
AlternateDataStreams: C:\Users\Samsung\AppData\Local\Anwendungsdaten:GZ7hXoIlIqfIEKNUboK4
AlternateDataStreams: C:\Users\Samsung\AppData\Local\Temp:OfTtWjXi1rTWlTJ6x8k
==================== Faulty Device Manager Devices =============
Could not list Devices.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/17/2013 01:42:35 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (09/17/2013 01:42:35 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (09/17/2013 01:30:54 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.
Error: (09/17/2013 01:25:46 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: SUPBackground.exe, Version: 3.0.0.17, Zeitstempel: 0x4c770af1
Name des fehlerhaften Moduls: SUPBackground.exe, Version: 3.0.0.17, Zeitstempel: 0x4c770af1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000f8b8
ID des fehlerhaften Prozesses: 0x5b4
Startzeit der fehlerhaften Anwendung: 0xSUPBackground.exe0
Pfad der fehlerhaften Anwendung: SUPBackground.exe1
Pfad des fehlerhaften Moduls: SUPBackground.exe2
Berichtskennung: SUPBackground.exe3
Error: (09/17/2013 01:20:55 PM) (Source: WinMgmt) (User: )
Description: 0x8007007e
Error: (09/17/2013 01:02:22 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.
Error: (09/17/2013 00:56:59 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: SUPBackground.exe, Version: 3.0.0.17, Zeitstempel: 0x4c770af1
Name des fehlerhaften Moduls: SUPBackground.exe, Version: 3.0.0.17, Zeitstempel: 0x4c770af1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000f8b8
ID des fehlerhaften Prozesses: 0x13ac
Startzeit der fehlerhaften Anwendung: 0xSUPBackground.exe0
Pfad der fehlerhaften Anwendung: SUPBackground.exe1
Pfad des fehlerhaften Moduls: SUPBackground.exe2
Berichtskennung: SUPBackground.exe3
Error: (09/17/2013 00:52:15 PM) (Source: WinMgmt) (User: )
Description: 0x8007007e
Error: (09/16/2013 06:19:48 PM) (Source: MsiInstaller) (User: Samsung-PC)
Description: Product: Adobe Setup -- Please install Adobe Setup using Setup.exe
Error: (09/16/2013 06:16:56 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.
System errors:
=============
Error: (08/31/2013 00:44:21 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Norton Internet Security" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (08/31/2013 00:44:21 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Norton Internet Security erreicht.
Error: (08/25/2013 00:42:44 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst NIS erreicht.
Error: (08/16/2013 05:40:48 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)
Description: 0x8000002a36\SystemRoot\System32\Config\SOFTWARE
Error: (08/13/2013 08:10:15 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Client Virtualization Handler" ist vom Dienst "Application Virtualization Client" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1053
Error: (08/13/2013 08:10:15 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Application Virtualization Client" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (08/13/2013 08:10:15 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Application Virtualization Client erreicht.
Error: (08/03/2013 01:42:50 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst NIS erreicht.
Error: (07/04/2013 08:43:52 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (07/04/2013 08:43:52 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Live ID Sign-in Assistant erreicht.
Microsoft Office Sessions:
=========================
Error: (09/17/2013 01:42:35 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Users\Samsung\Downloads\SoftonicDownloader_fuer_whitesmoke-writer.exe
Error: (09/17/2013 01:42:35 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Samsung\Downloads\SoftonicDownloader_fuer_sticky-notes.exe
Error: (09/17/2013 01:30:54 PM) (Source: CVHSVC)(User: )
Description: Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.
Error: (09/17/2013 01:25:46 PM) (Source: Application Error)(User: )
Description: SUPBackground.exe3.0.0.174c770af1SUPBackground.exe3.0.0.174c770af1c00000050000f8b85b401ceb3a102ea1460C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exeC:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe46e4843a-1f94-11e3-bf7c-e8113213e620
Error: (09/17/2013 01:20:55 PM) (Source: WinMgmt)(User: )
Description: 0x8007007e
Error: (09/17/2013 01:02:22 PM) (Source: CVHSVC)(User: )
Description: Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.
Error: (09/17/2013 00:56:59 PM) (Source: Application Error)(User: )
Description: SUPBackground.exe3.0.0.174c770af1SUPBackground.exe3.0.0.174c770af1c00000050000f8b813ac01ceb39d01775152C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exeC:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe41455092-1f90-11e3-a0c9-e8113213e620
Error: (09/17/2013 00:52:15 PM) (Source: WinMgmt)(User: )
Description: 0x8007007e
Error: (09/16/2013 06:19:48 PM) (Source: MsiInstaller)(User: Samsung-PC)
Description: Product: Adobe Setup -- Please install Adobe Setup using Setup.exe(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/16/2013 06:16:56 PM) (Source: CVHSVC)(User: )
Description: Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.
==================== Memory info ===========================
Percentage of memory in use: 55%
Total physical RAM: 3032.61 MB
Available physical RAM: 1364.04 MB
Total Pagefile: 6063.42 MB
Available Pagefile: 4424.41 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:112 GB) (Free:46.46 GB) NTFS
Drive d: () (Fixed) (Total:166.88 GB) (Free:166.6 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298 GB) (Disk ID: BCF3B704)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=112 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=167 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=19 GB) - (Type=27)
==================== End Of Log ============================
|
| Themen zu Windows 7 HP: Firewall Fehler Code : 0x6D9 und Rundll Fehler beim Start |
| 0x8007042, antivirus, computer, einstellung, error, failed, farbar, farbar recovery scan tool, fehler, flash player, home, homepage, iexplore.exe, installation, mozilla, msiinstaller, plug-in, problem, realtek, registry, richtlinie, rundll, scan, security, sicherheit, software, starten, svchost.exe, symantec, system, windows, windows-firewall |
Baum-Darstellung