| |
| |||||||
Log-Analyse und Auswertung: dauernd 100% CPU-Auslastung durch svchost.exeWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
23.09.2013, 19:08
| #1 |
 |  dauernd 100% CPU-Auslastung durch svchost.exe Hallo, ich hab ein Problem mit einem svchost.exe. Eine von diesen lastet mir permanent die CPU zu 100% aus. Wenn ich den betreffenden Prozess im Taskmanager schließe passiert erstmal nichts, außer daß die CPU-Auslastung drastisch zurückgeht. Sobald ich allerdings irgendwas tu, läuft dieser Prozeß wieder. Ich habe diverse Scans über mein System laufen lassen. Hier die logfiles: gmer: Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-09-23 19:47:54
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD3200AAJS-08L7A0 rev.03.03E03 298,09GB
Running: gmer.exe; Driver: C:\Users\Kini\AppData\Local\Temp\pfxcauoc.sys
---- System - GMER 2.1 ----
SSDT 97A53D66 ZwCreateSection
SSDT 97A53D3E ZwCreateSymbolicLinkObject
SSDT 97A53D43 ZwLoadDriver
SSDT 97A53D39 ZwOpenSection
SSDT 97A53D70 ZwRequestWaitReplyPort
SSDT 97A53D6B ZwSetContextThread
SSDT 97A53D75 ZwSetSecurityObject
SSDT 97A53D48 ZwSetSystemInformation
SSDT 97A53D7A ZwSystemDebugControl
SSDT 97A53D07 ZwTerminateProcess
SSDT 97A53D02 ZwWriteVirtualMemory
SSDT \SystemRoot\system32\ntkrnlpa.exe ZwCreateKey [0x82C13FEC]
SSDT \SystemRoot\system32\ntkrnlpa.exe[unknown section] [82C13FEC] ZwCreateKey [0x82C13FEC]
SSDT \SystemRoot\system32\ntkrnlpa.exe ZwOpenKey [0x82C13FF1]
SSDT \SystemRoot\system32\ntkrnlpa.exe[unknown section] [82C13FF1] ZwOpenKey [0x82C13FF1]
INT 0x03 \SystemRoot\system32\ntkrnlpa.exe[unknown section] 82C13FF6
---- Kernel code sections - GMER 2.1 ----
.text ntkrnlpa.exe!ZwRollbackEnlistment + 142D 82C50A15 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82C8A212 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!KeRemoveQueueEx + 11BF 82C91554 3 Bytes [EC, 3F, C1]
.text ntkrnlpa.exe!KeRemoveQueueEx + 11F7 82C9158C 4 Bytes [66, 3D, A5, 97] {CMP AX, 0x97a5}
.text ntkrnlpa.exe!KeRemoveQueueEx + 11FF 82C91594 4 Bytes [3E, 3D, A5, 97]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1313 82C916A8 4 Bytes [43, 3D, A5, 97]
.text ntkrnlpa.exe!KeRemoveQueueEx + 137F 82C91714 3 Bytes [F1, 3F, C1]
.text ...
.text C:\Windows\system32\drivers\aksfridge.sys section is writeable [0x93579000, 0x4ADDD, 0xE0000020]
.init C:\Windows\system32\drivers\aksfridge.sys entry point in ".init" section [0x935D1224]
.init C:\Windows\system32\drivers\aksfridge.sys unknown last code section [0x935D1000, 0x4000, 0xE20000E0]
.text C:\Windows\system32\drivers\hardlock.sys section is writeable [0xAD43C400, 0x6F928, 0xE8000020]
.init C:\Windows\system32\drivers\hardlock.sys entry point in ".init" section [0xAD4BFA24]
.init C:\Windows\system32\drivers\hardlock.sys unknown last code section [0xAD4BF800, 0xEA00, 0xE20000E0]
---- User code sections - GMER 2.1 ----
.text c:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe[1568] msvcrt.dll!free 75939894 5 Bytes JMP 0A90D2D0 c:\Program Files\Adobe\Adobe Version Cue CS2\bin\SHSMP.DLL
.text c:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe[1568] msvcrt.dll!malloc 75939CEE 5 Bytes JMP 0A90D230 c:\Program Files\Adobe\Adobe Version Cue CS2\bin\SHSMP.DLL
.text c:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe[1568] msvcrt.dll!??3@YAXPAX@Z 7593B0B9 5 Bytes JMP 0A90D2D0 c:\Program Files\Adobe\Adobe Version Cue CS2\bin\SHSMP.DLL
.text c:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe[1568] msvcrt.dll!??2@YAPAXI@Z 7593B0C9 5 Bytes JMP 0A90D480 c:\Program Files\Adobe\Adobe Version Cue CS2\bin\SHSMP.DLL
.text c:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe[1568] msvcrt.dll!realloc 7593B10D 5 Bytes JMP 0A90D2B0 c:\Program Files\Adobe\Adobe Version Cue CS2\bin\SHSMP.DLL
.text c:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe[1568] msvcrt.dll!calloc 7593C456 5 Bytes JMP 0A90D270 c:\Program Files\Adobe\Adobe Version Cue CS2\bin\SHSMP.DLL
.text c:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe[1568] msvcrt.dll!_msize 7593F43B 5 Bytes JMP 0A90D2E0 c:\Program Files\Adobe\Adobe Version Cue CS2\bin\SHSMP.DLL
.text c:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe[1568] msvcrt.dll!_aligned_free 75955942 5 Bytes JMP 0A90D2D0 c:\Program Files\Adobe\Adobe Version Cue CS2\bin\SHSMP.DLL
.text c:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe[1568] msvcrt.dll!_aligned_malloc 7596028D 5 Bytes JMP 0A90D3C0 c:\Program Files\Adobe\Adobe Version Cue CS2\bin\SHSMP.DLL
.text c:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe[1568] msvcrt.dll!_aligned_offset_malloc 759602A9 5 Bytes JMP 0A90D3E0 c:\Program Files\Adobe\Adobe Version Cue CS2\bin\SHSMP.DLL
.text c:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe[1568] msvcrt.dll!?set_new_handler@@YAP6AXXZP6AXXZ@Z 7598BFD1 5 Bytes JMP 0A90D500 c:\Program Files\Adobe\Adobe Version Cue CS2\bin\SHSMP.DLL
.text c:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe[1568] msvcrt.dll!_aligned_offset_realloc 7598BFE1 5 Bytes JMP 0A90D420 c:\Program Files\Adobe\Adobe Version Cue CS2\bin\SHSMP.DLL
.text c:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe[1568] msvcrt.dll!_aligned_realloc 7598C16B 5 Bytes JMP 0A90D400 c:\Program Files\Adobe\Adobe Version Cue CS2\bin\SHSMP.DLL
.text c:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe[1568] msvcrt.dll!_expand 7598C18A 5 Bytes JMP 0A90D3A0 c:\Program Files\Adobe\Adobe Version Cue CS2\bin\SHSMP.DLL
.text c:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe[1568] msvcrt.dll!_heapadd 7598DD03 5 Bytes JMP 0A90D550 c:\Program Files\Adobe\Adobe Version Cue CS2\bin\SHSMP.DLL
.text c:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe[1568] msvcrt.dll!_heapchk 7598DD17 5 Bytes JMP 0A90D560 c:\Program Files\Adobe\Adobe Version Cue CS2\bin\SHSMP.DLL
.text c:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe[1568] msvcrt.dll!_heapset + 1 7598DE16 4 Bytes JMP 0A90D581 c:\Program Files\Adobe\Adobe Version Cue CS2\bin\SHSMP.DLL
.text c:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe[1568] msvcrt.dll!_heapmin 7598DE1F 5 Bytes JMP 0A90D650 c:\Program Files\Adobe\Adobe Version Cue CS2\bin\SHSMP.DLL
.text c:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe[1568] msvcrt.dll!_heapused 7598DF05 5 Bytes JMP 0A90D620 c:\Program Files\Adobe\Adobe Version Cue CS2\bin\SHSMP.DLL
.text c:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe[1568] msvcrt.dll!_heapwalk 7598DF18 5 Bytes JMP 0A90D590 c:\Program Files\Adobe\Adobe Version Cue CS2\bin\SHSMP.DLL
---- Devices - GMER 2.1 ----
Device \Driver\partmgr \Device\PartmgrControl aksfridge.sys
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys
---- Registry - GMER 2.1 ----
Reg HKLM\SOFTWARE\Microsoft\Windows Search\UsnNotifier\Windows\Catalogs\SystemIndex@{66AFC441-AD89-11E2-961D-806E6F6E6963} 1327168608
Reg HKLM\SOFTWARE\Microsoft\Windows Search\UsnNotifier\Windows\Catalogs\SystemIndex@{E1C5D70C-AD89-11E2-9B9E-4487FCD157D6} 30618248
---- EOF - GMER 2.1 ----
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-09-2013 01
Ran by Kini (administrator) on KINISEINGROSSER on 23-09-2013 18:29:56
Running from E:\Dokumente\Computer
Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Adobe Systems Incorporated) c:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Ellora Assets Corp.) C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
(SafeNet Inc.) C:\Windows\system32\hasplms.exe
() c:\Program Files\Adobe\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\ConversionService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Musicmatch, Inc.) C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(CANON INC.) C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe
(Adobe Sytems Incorporated) C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(APN) C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(SlySoft, Inc.) C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(RapidSolution Software AG) C:\Program Files\RapidSolution\Tunebite\Tunebite.exe
(Simplygen) C:\Program Files\HomeTab\ProtectedSearch.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\swriter.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-03] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [MMTray] - C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe [131072 2004-08-29] (Musicmatch, Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2508104 2009-11-01] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-03] (CANON INC.)
HKLM\...\Run: [IJNetworkScanUtility] - C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [140640 2009-09-28] (CANON INC.)
HKLM\...\Run: [LexwareInfoService] - C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe [189808 2011-07-31] (Haufe-Lexware GmbH & Co. KG)
HKLM\...\Run: [Adobe Version Cue CS2] - c:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe [856064 2005-04-06] (Adobe Sytems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [ApnTBMon] - C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1603024 2013-08-29] (APN)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKCU\...\Run: [AnyDVD] - C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe [7032920 2013-04-10] (SlySoft, Inc.)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [19876456 2013-06-21] (Skype Technologies S.A.)
HKCU\...\Run: [Tunebite] - C:\Program Files\RapidSolution\Tunebite\Tunebite.exe [4678960 2009-09-10] (RapidSolution Software AG)
MountPoints2: {66afc444-ad89-11e2-961d-806e6f6e6963} - M:\setup.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x3DF75E140442CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&affID=119816&tt=gc_&babsrc=SP_ss&mntrId=2CBF4487FCD157D6
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&affID=119816&tt=gc_&babsrc=SP_ss&mntrId=2CBF4487FCD157D6
BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: HomeTab - {a25e7121-3dd8-41b3-855b-756c5bc45449} - C:\Users\Kini\AppData\Roaming\HomeTab\HomeTab.dll (Simply Tech Ltd.)
BHO: Tunebite_WebRipPlugin Class - {AA102584-3B97-47e7-B9BC-75D54C110A7D} - C:\Program Files\RapidSolution\Tunebite\plugins\IE\TB_WebRipIePlugin.dll (RapidSolution Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
Toolbar: HKLM - HomeTab - {a25e7121-3dd8-41b3-855b-756c5bc45449} - C:\Users\Kini\AppData\Roaming\HomeTab\HomeTab.dll (Simply Tech Ltd.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 27 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Kini\AppData\Roaming\Mozilla\Firefox\Profiles\nbs63um4.default-1378379978201
FF Homepage: hxxp://www.counterstatistik.de/login.php
FF NetworkProxy: "autoconfig_url", "file:///C:/Users/Kini/Music/Temp/Tunebite/.downloading/profile/rrproxy_ffox_52406b4e.pac"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Kini\AppData\Roaming\Mozilla\Firefox\Profiles\nbs63um4.default-1378379978201\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\Kini\AppData\Roaming\Mozilla\Firefox\Profiles\nbs63um4.default-1378379978201\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com
FF HKLM\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF Extension: Freemake Video Converter Plugin - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt
FF HKLM\...\Firefox\Extensions: [tunebite-firefox-surf-and-catch-extension@audials.com] - C:\Program Files\RapidSolution\Tunebite\plugins\GeckoBased\tunebite-firefox-surf-and-catch-extension@audials.com\
FF Extension: Tunebite Firefox Surf and Catch Plugin - C:\Program Files\RapidSolution\Tunebite\plugins\GeckoBased\tunebite-firefox-surf-and-catch-extension@audials.com\
Chrome:
=======
CHR HomePage: about:newtab?source=home
CHR RestoreOnStartup: "about:newtab?source=home"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\29.0.1547.76\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll No File
CHR Extension: (Ask Toolbar) - C:\Users\Kini\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaailpifkkekipiachodfkfmgmiapmp\21.51087_0
CHR Extension: (Google Docs) - C:\Users\Kini\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Kini\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (HomeTab) - C:\Users\Kini\AppData\Local\Google\Chrome\User Data\Default\Extensions\bddpogknpjlgfpbboediomaiiaecfajn\4.4_0
CHR Extension: (YouTube) - C:\Users\Kini\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Kini\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Freemake Video Converter) - C:\Users\Kini\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Kini\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\Kini\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [aaaailpifkkekipiachodfkfmgmiapmp] - C:\ProgramData\AskPartnerNetwork\Toolbar\SGT-V7\CRX\ToolbarCR.crx
CHR HKLM\...\Chrome\Extension: [bddpogknpjlgfpbboediomaiiaecfajn] - C:\Program Files\HomeTab\chrome\HomeTab.crx
CHR HKLM\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx
========================== Services (Whitelisted) =================
R2 Adobe Version Cue CS2; c:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe [163840 2005-04-06] (Adobe Systems Incorporated)
R2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [622648 2013-09-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-09-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-09-03] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [164816 2013-08-29] (APN LLC.)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-07-31] (Freemake)
R2 FreemakeVideoCapture; C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-07-31] (Ellora Assets Corp.)
R2 hasplms; C:\Windows\system32\hasplms.exe [4412872 2012-08-23] (SafeNet Inc.)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
==================== Drivers (Whitelisted) ====================
R3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.)
R2 aksfridge; C:\Windows\system32\drivers\aksfridge.sys [365056 2012-08-07] (SafeNet Inc.)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [124504 2013-03-18] (SlySoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [88840 2013-09-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136672 2013-09-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-04-26] (Avira Operations GmbH & Co. KG)
R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [30616 2013-03-04] (Elaborate Bytes AG)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [605128 2012-09-27] (SafeNet Inc.)
R3 MxlW2k; C:\Windows\System32\Drivers\MxlW2k.sys [28352 2013-04-28] (MusicMatch, Inc.)
R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [428088 2013-04-26] ()
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-04-26] (Avira GmbH)
R3 tbhsd; C:\Windows\System32\drivers\tbhsd.sys [38816 2009-01-23] (RapidSolution Software AG)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-21 17:44 - 2013-09-21 17:44 - 00000000 ____D C:\Users\Kini\AppData\Local\stellarium
2013-09-21 11:41 - 2013-09-21 11:41 - 00000000 ____D C:\FRST
2013-09-21 08:39 - 2013-09-21 08:39 - 00000823 _____ C:\Users\Kini\Desktop\Asterix and Obelix XXL2.lnk
2013-09-21 08:39 - 2013-09-21 08:39 - 00000000 ____D C:\Users\Kini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Atari
2013-09-21 00:14 - 2013-09-21 00:14 - 00000000 ____D C:\Program Files\VIA
2013-09-20 23:26 - 2013-09-20 23:26 - 00000000 ____D C:\Program Files\Intel
2013-09-20 23:26 - 2013-09-20 23:26 - 00000000 ____D C:\Intel
2013-09-20 20:40 - 2013-09-20 20:40 - 98487876 _____ C:\Windows\system32\⠋᭄a
2013-09-19 18:18 - 2013-09-19 20:18 - 98395704 _____ C:\Windows\system32\槡늝᭄w
2013-09-19 05:01 - 2013-09-19 05:01 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-17 16:03 - 2013-09-17 20:02 - 98008335 _____ C:\Windows\system32\쉎筋᭄]
2013-09-14 07:32 - 2013-09-14 07:32 - 97519942 _____ C:\Windows\system32\탮믗᭄b
2013-09-12 21:22 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-12 21:22 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-12 21:22 - 2013-08-10 05:59 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-12 21:22 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-12 21:22 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-12 21:22 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-12 21:22 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-12 21:22 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-12 21:22 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-12 21:22 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-12 21:22 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-12 21:22 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-12 21:22 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-12 21:22 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-12 21:22 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-12 21:22 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-12 18:35 - 2013-08-08 03:03 - 02348544 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-12 18:35 - 2013-08-05 03:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-12 18:35 - 2013-08-02 03:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-12 18:35 - 2013-08-02 03:49 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-12 18:35 - 2013-08-02 03:49 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-12 18:35 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-12 18:35 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-12 18:35 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-12 18:35 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-12 18:35 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-12 18:35 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-12 18:35 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-12 18:35 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-12 18:35 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-12 18:35 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-12 18:35 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-12 18:35 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-12 18:35 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-12 18:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-12 18:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-12 18:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-12 18:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-12 18:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-12 18:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-12 18:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-12 18:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-12 18:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-12 18:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-12 18:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-12 18:35 - 2013-08-02 02:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-12 18:35 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-12 18:35 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-12 18:35 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-12 18:35 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-12 18:35 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-12 18:35 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-11 20:36 - 2013-09-23 18:00 - 00007606 _____ C:\Users\Kini\AppData\Local\Resmon.ResmonCfg
2013-09-10 16:20 - 2013-09-10 20:20 - 96985259 _____ C:\Windows\system32\捜쳶᭄`
2013-09-09 19:58 - 2013-09-09 19:58 - 00000000 ____D C:\Users\Kini\AppData\Roaming\Games
2013-09-09 19:56 - 2013-09-09 19:57 - 00000000 ____D C:\ProgramData\Solidshield
2013-09-09 19:56 - 2013-09-09 19:56 - 00000000 ____D C:\ProgramData\InstallShield
2013-09-09 19:51 - 2013-09-09 19:51 - 00001306 _____ C:\Windows\DIFx.log
2013-09-09 19:51 - 2013-09-09 19:51 - 00000000 ____D C:\Windows\system32\AGEIA
2013-09-09 19:51 - 2013-09-09 19:51 - 00000000 ____D C:\Program Files\AGEIA Technologies
2013-09-09 19:50 - 2013-09-09 19:50 - 00000619 _____ C:\Users\Public\Desktop\Sherlock Holmes - Die Spur der Erwachten Remastered spielen.lnk
2013-09-09 19:48 - 2004-08-09 05:04 - 00073728 _____ (InstallShield Software Corporation) C:\Windows\system32\ISUSPM.cpl
2013-09-08 10:07 - 2013-09-08 10:07 - 96533415 _____ C:\Windows\system32\Ᏼ啌᭄q
2013-09-06 08:22 - 2013-09-06 22:23 - 96470395 _____ C:\Windows\system32\ᨛ抜᭄_
2013-09-05 12:40 - 2013-09-05 20:41 - 96185213 _____ C:\Windows\system32\殖脂᭄Z
2013-09-05 12:32 - 2013-09-05 12:47 - 00000000 ____D C:\Users\Kini\AppData\Local\Anvil Studio
2013-09-05 12:26 - 2013-09-05 12:26 - 00002585 _____ C:\Users\Public\Desktop\Anvil Studio.lnk
2013-09-05 12:26 - 2013-09-05 12:26 - 00000000 ____D C:\Program Files\Anvil Studio 2013
2013-09-05 12:25 - 2013-09-05 12:25 - 00000000 ____D C:\Users\Kini\AppData\Roaming\SimplyTech
2013-09-05 12:25 - 2013-09-05 12:25 - 00000000 ____D C:\Users\Kini\AppData\Roaming\HomeTab
2013-09-05 12:25 - 2013-09-05 12:25 - 00000000 ____D C:\Program Files\HomeTab
2013-09-05 12:25 - 2013-08-13 08:38 - 00032328 _____ C:\Windows\Launcher.exe
2013-09-05 12:23 - 2013-09-05 12:24 - 00000000 ____D C:\Users\Kini\AppData\Local\DownloadGuide
2013-09-05 10:40 - 2013-09-05 10:40 - 96029535 _____ C:\Windows\system32\챈蛕᭄h
2013-09-04 17:30 - 2013-09-04 21:30 - 95956132 _____ C:\Windows\system32\팞膱᭄v
2013-09-01 16:47 - 2013-09-01 16:47 - 00987960 _____ C:\Windows\Minidump\090113-18002-01.dmp
2013-08-28 22:19 - 2013-08-28 22:19 - 00000000 ____D C:\Windows\system32\RTCOM
2013-08-28 22:19 - 2013-08-28 22:19 - 00000000 ____D C:\Program Files\Realtek
2013-08-28 22:19 - 2013-03-29 21:42 - 02646088 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2013-08-28 22:19 - 2013-03-29 18:04 - 21170176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes.dat
2013-08-28 22:19 - 2013-03-29 17:51 - 00860208 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2013-08-28 22:19 - 2013-03-29 17:10 - 00449481 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2013-08-28 22:19 - 2013-03-27 16:57 - 00112200 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInstII.dll
2013-08-28 22:19 - 2013-03-26 17:06 - 02536008 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2013-08-28 22:19 - 2013-03-26 17:04 - 02386464 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO.dll
2013-08-28 22:19 - 2013-03-26 15:40 - 03237448 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO.dll
2013-08-28 22:19 - 2013-03-26 14:38 - 01596488 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl
2013-08-28 22:19 - 2013-03-25 17:32 - 03180264 _____ C:\Windows\system32\Drivers\rtvienna.dat
2013-08-28 22:19 - 2013-03-23 03:43 - 00181960 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll
2013-08-28 22:19 - 2013-03-21 00:26 - 13769496 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll
2013-08-28 22:19 - 2013-03-21 00:26 - 01931032 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2013-08-28 22:19 - 2013-03-20 13:17 - 08872216 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA.dll
2013-08-28 22:19 - 2013-03-20 13:17 - 01822488 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
2013-08-28 22:19 - 2013-03-20 13:17 - 01656600 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek2.dll
2013-08-28 22:19 - 2013-03-20 13:17 - 00776984 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell.dll
2013-08-28 22:19 - 2013-03-15 19:33 - 04335384 _____ (A-volute) C:\Windows\system32\RTKSMlfx.dll
2013-08-28 22:19 - 2013-03-15 19:32 - 00852824 _____ (A-Volute) C:\Windows\system32\RTKSMSettingsIPC.dll
2013-08-28 22:19 - 2013-03-08 12:51 - 00849968 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2013-08-28 22:19 - 2013-02-27 05:37 - 00699680 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt32.dll
2013-08-28 22:19 - 2013-02-27 05:37 - 00547104 _____ (SRS Labs, Inc.) C:\Windows\system32\sltech32.dll
2013-08-28 22:19 - 2013-02-27 05:37 - 00336672 _____ (SRS Labs, Inc.) C:\Windows\system32\sl3apo32.dll
2013-08-28 22:19 - 2013-02-27 05:37 - 00184608 _____ (TODO: <Company name>) C:\Windows\system32\slprp32.dll
2013-08-28 22:19 - 2013-02-19 18:52 - 00765000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll
2013-08-28 22:19 - 2013-01-17 19:32 - 00639256 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO50.dll
2013-08-28 22:19 - 2013-01-16 16:02 - 02079816 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2013-08-28 22:19 - 2012-12-12 11:17 - 00350664 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2013-08-28 22:19 - 2012-10-02 14:39 - 00426952 _____ (DTS) C:\Windows\system32\DTSU2PLFX32.dll
2013-08-28 22:19 - 2012-10-02 14:39 - 00402888 _____ (DTS) C:\Windows\system32\DTSU2PGFX32.dll
2013-08-28 22:19 - 2012-10-02 14:39 - 00346056 _____ (DTS) C:\Windows\system32\DTSU2PREC32.dll
2013-08-28 22:19 - 2012-09-10 20:06 - 00549240 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO40.dll
2013-08-28 22:19 - 2012-08-31 19:17 - 07162128 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP32A.dll
2013-08-28 22:19 - 2012-08-31 19:17 - 00352016 _____ (Dolby Laboratories) C:\Windows\system32\R4EED32A.dll
2013-08-28 22:19 - 2012-08-31 19:17 - 00106768 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL32A.dll
2013-08-28 22:19 - 2012-08-31 19:17 - 00091920 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA32A.dll
2013-08-28 22:19 - 2012-08-31 19:17 - 00062224 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG32A.dll
2013-08-28 22:19 - 2012-07-15 21:13 - 00349048 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2013-08-28 22:19 - 2012-06-20 17:26 - 00090624 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2013-08-28 22:19 - 2012-03-08 11:47 - 00095840 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTARen.dll
2013-08-28 22:19 - 2012-01-30 11:42 - 00819648 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo2.dll
2013-08-28 22:19 - 2012-01-10 10:20 - 00058264 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\TepeqAPO.dll
2013-08-28 22:19 - 2011-11-22 16:28 - 00013416 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR.dll
2013-08-28 22:19 - 2011-09-02 14:21 - 00214368 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK.dll
2013-08-28 22:19 - 2011-09-02 14:21 - 00074080 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM.dll
2013-08-28 22:19 - 2011-09-02 14:21 - 00068960 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO.dll
2013-08-28 22:19 - 2011-08-23 17:00 - 00357712 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT.dll
2013-08-28 22:19 - 2011-05-31 09:42 - 01509480 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL.dll
2013-08-28 22:19 - 2011-05-31 09:42 - 01292904 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL.dll
2013-08-28 22:19 - 2011-05-31 09:42 - 01220200 _____ (DTS) C:\Windows\system32\DTSBoostDLL.dll
2013-08-28 22:19 - 2011-05-31 09:42 - 00654952 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL.dll
2013-08-28 22:19 - 2011-05-31 09:42 - 00631400 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL.dll
2013-08-28 22:19 - 2011-05-31 09:42 - 00601704 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL.dll
2013-08-28 22:19 - 2011-05-31 09:42 - 00458344 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL.dll
2013-08-28 22:19 - 2011-05-31 09:42 - 00389736 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL.dll
2013-08-28 22:19 - 2011-05-31 09:42 - 00375400 _____ (DTS) C:\Windows\system32\DTSLimiterDLL.dll
2013-08-28 22:19 - 2011-05-31 09:42 - 00218728 _____ (DTS) C:\Windows\system32\DTSGFXAPONS.dll
2013-08-28 22:19 - 2011-05-31 09:42 - 00218728 _____ (DTS) C:\Windows\system32\DTSGFXAPO.dll
2013-08-28 22:19 - 2011-05-31 09:42 - 00218216 _____ (DTS) C:\Windows\system32\DTSLFXAPO.dll
2013-08-28 22:19 - 2011-03-17 12:16 - 01379760 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2013-08-28 22:19 - 2011-03-07 17:03 - 00134584 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2013-08-28 22:19 - 2010-11-08 07:31 - 00359768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP32A.dll
2013-08-28 22:19 - 2010-11-08 07:31 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT32.dll
2013-08-28 22:19 - 2010-11-08 07:31 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA32.dll
2013-08-28 22:19 - 2010-11-08 07:31 - 00170840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED32A.dll
2013-08-28 22:19 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL32A.dll
2013-08-28 22:19 - 2010-11-08 07:31 - 00064856 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG32A.dll
2013-08-28 22:19 - 2010-09-27 09:34 - 00232792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2013-08-28 22:19 - 2009-12-04 15:43 - 00132368 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO.dll
2013-08-28 22:19 - 2009-11-24 09:55 - 00345328 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSXT.dll
2013-08-28 22:19 - 2009-11-24 09:55 - 00185584 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSHD.dll
2013-08-28 22:19 - 2009-11-24 09:55 - 00173296 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP360.dll
2013-08-28 22:19 - 2009-11-24 09:55 - 00140528 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW.dll
2013-08-28 22:19 - 2009-11-18 18:42 - 01783056 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesLib.dll
==================== One Month Modified Files and Folders =======
2013-09-23 18:30 - 2009-07-14 06:39 - 05236462 _____ C:\Windows\setupact.log
2013-09-23 18:27 - 2013-04-25 11:23 - 01260354 _____ C:\Windows\WindowsUpdate.log
2013-09-23 18:24 - 2013-05-09 13:14 - 00001090 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-23 18:23 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-23 18:00 - 2013-09-11 20:36 - 00007606 _____ C:\Users\Kini\AppData\Local\Resmon.ResmonCfg
2013-09-23 18:00 - 2013-05-09 13:14 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-23 18:00 - 2013-04-27 11:31 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-23 17:24 - 2009-07-14 06:34 - 00022544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-23 17:24 - 2009-07-14 06:34 - 00022544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-23 17:17 - 2013-04-28 14:53 - 00000000 ____D C:\Users\Kini\AppData\Roaming\Skype
2013-09-22 08:04 - 2010-11-20 23:48 - 00072592 _____ C:\Windows\PFRO.log
2013-09-21 17:44 - 2013-09-21 17:44 - 00000000 ____D C:\Users\Kini\AppData\Local\stellarium
2013-09-21 17:00 - 2013-04-27 11:31 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-09-21 17:00 - 2013-04-27 11:31 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-09-21 11:41 - 2013-09-21 11:41 - 00000000 ____D C:\FRST
2013-09-21 09:13 - 2013-05-09 13:15 - 00002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-21 08:39 - 2013-09-21 08:39 - 00000823 _____ C:\Users\Kini\Desktop\Asterix and Obelix XXL2.lnk
2013-09-21 08:39 - 2013-09-21 08:39 - 00000000 ____D C:\Users\Kini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Atari
2013-09-21 08:39 - 2013-04-26 01:30 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-09-21 00:14 - 2013-09-21 00:14 - 00000000 ____D C:\Program Files\VIA
2013-09-20 23:26 - 2013-09-20 23:26 - 00000000 ____D C:\Program Files\Intel
2013-09-20 23:26 - 2013-09-20 23:26 - 00000000 ____D C:\Intel
2013-09-20 20:40 - 2013-09-20 20:40 - 98487876 _____ C:\Windows\system32\⠋᭄a
2013-09-20 19:08 - 2010-11-20 23:01 - 01498506 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-19 20:18 - 2013-09-19 18:18 - 98395704 _____ C:\Windows\system32\槡늝᭄w
2013-09-19 18:16 - 2013-04-26 00:32 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-09-19 05:17 - 2013-04-26 00:32 - 00000000 ____D C:\Users\Kini\AppData\Local\Mozilla
2013-09-19 05:01 - 2013-09-19 05:01 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-17 20:02 - 2013-09-17 16:03 - 98008335 _____ C:\Windows\system32\쉎筋᭄]
2013-09-17 19:59 - 2013-04-26 01:33 - 00000000 ____D C:\Users\Kini\MEDION NAS TOOL
2013-09-14 09:25 - 2013-06-22 12:22 - 00000000 ____D C:\Windows\rescache
2013-09-14 07:32 - 2013-09-14 07:32 - 97519942 _____ C:\Windows\system32\탮믗᭄b
2013-09-13 16:39 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-09-13 16:32 - 2009-07-14 06:33 - 00610632 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-13 16:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-09-12 21:21 - 2013-08-14 22:38 - 00000000 ____D C:\Windows\system32\MRT
2013-09-12 21:20 - 2013-05-21 08:19 - 76725432 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-10 20:20 - 2013-09-10 16:20 - 96985259 _____ C:\Windows\system32\捜쳶᭄`
2013-09-09 19:58 - 2013-09-09 19:58 - 00000000 ____D C:\Users\Kini\AppData\Roaming\Games
2013-09-09 19:57 - 2013-09-09 19:56 - 00000000 ____D C:\ProgramData\Solidshield
2013-09-09 19:56 - 2013-09-09 19:56 - 00000000 ____D C:\ProgramData\InstallShield
2013-09-09 19:51 - 2013-09-09 19:51 - 00001306 _____ C:\Windows\DIFx.log
2013-09-09 19:51 - 2013-09-09 19:51 - 00000000 ____D C:\Windows\system32\AGEIA
2013-09-09 19:51 - 2013-09-09 19:51 - 00000000 ____D C:\Program Files\AGEIA Technologies
2013-09-09 19:50 - 2013-09-09 19:50 - 00000619 _____ C:\Users\Public\Desktop\Sherlock Holmes - Die Spur der Erwachten Remastered spielen.lnk
2013-09-09 19:48 - 2013-04-26 01:30 - 00000000 ____D C:\Program Files\Common Files\InstallShield
2013-09-08 21:47 - 2013-04-28 10:46 - 00000000 ____D C:\Users\Kini\AppData\Roaming\FileZilla
2013-09-08 21:42 - 2013-04-27 10:08 - 00000000 ____D C:\Users\Kini\AppData\Roaming\Audacity
2013-09-08 10:07 - 2013-09-08 10:07 - 96533415 _____ C:\Windows\system32\Ᏼ啌᭄q
2013-09-06 22:23 - 2013-09-06 08:22 - 96470395 _____ C:\Windows\system32\ᨛ抜᭄_
2013-09-05 20:41 - 2013-09-05 12:40 - 96185213 _____ C:\Windows\system32\殖脂᭄Z
2013-09-05 12:47 - 2013-09-05 12:32 - 00000000 ____D C:\Users\Kini\AppData\Local\Anvil Studio
2013-09-05 12:26 - 2013-09-05 12:26 - 00002585 _____ C:\Users\Public\Desktop\Anvil Studio.lnk
2013-09-05 12:26 - 2013-09-05 12:26 - 00000000 ____D C:\Program Files\Anvil Studio 2013
2013-09-05 12:25 - 2013-09-05 12:25 - 00000000 ____D C:\Users\Kini\AppData\Roaming\SimplyTech
2013-09-05 12:25 - 2013-09-05 12:25 - 00000000 ____D C:\Users\Kini\AppData\Roaming\HomeTab
2013-09-05 12:25 - 2013-09-05 12:25 - 00000000 ____D C:\Program Files\HomeTab
2013-09-05 12:24 - 2013-09-05 12:23 - 00000000 ____D C:\Users\Kini\AppData\Local\DownloadGuide
2013-09-05 10:40 - 2013-09-05 10:40 - 96029535 _____ C:\Windows\system32\챈蛕᭄h
2013-09-04 21:30 - 2013-09-04 17:30 - 95956132 _____ C:\Windows\system32\팞膱᭄v
2013-09-03 16:28 - 2013-05-06 10:48 - 00066144 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-09-03 16:28 - 2013-04-26 01:24 - 00136672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-03 16:28 - 2013-04-26 01:24 - 00088840 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-01 16:47 - 2013-09-01 16:47 - 00987960 _____ C:\Windows\Minidump\090113-18002-01.dmp
2013-09-01 16:47 - 2013-07-21 08:45 - 341388226 _____ C:\Windows\MEMORY.DMP
2013-09-01 16:47 - 2013-07-21 08:45 - 00000000 ____D C:\Windows\Minidump
2013-08-28 22:19 - 2013-08-28 22:19 - 00000000 ____D C:\Windows\system32\RTCOM
2013-08-28 22:19 - 2013-08-28 22:19 - 00000000 ____D C:\Program Files\Realtek
2013-08-24 21:03 - 2013-04-26 10:32 - 00000000 ____D C:\Users\Kini\AppData\Local\Adobe
Some content of TEMP:
====================
C:\Users\Kini\AppData\Local\Temp\FreemakeVideoDownloader_3.5.3.3.exe
C:\Users\Kini\AppData\Local\Temp\_isD9BB.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-09-12 19:56
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 19-09-2013 01
Ran by Kini at 2013-09-23 18:30:37
Running from E:\Dokumente\Computer
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
Adobe AIR (Version: 3.7.0.1530)
Adobe Bridge 1.0 (Version: 001.000.001)
Adobe Common File Installer (Version: 1.00.001)
Adobe Creative Suite 2
Adobe Download Assistant (Version: 1.2.5)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.175)
Adobe Flash Player 11 Plugin (Version: 11.8.800.168)
Adobe Help Center 1.0 (Version: 1.0.1)
Adobe Illustrator CS2 (Version: 12.000.000)
Adobe InDesign CS2 (Version: 004.000.000)
Adobe Photoshop CS2 (Version: 9.0)
Adobe Photoshop Elements 2.0 (Version: 2.0)
Adobe Reader XI (11.0.04) - Deutsch (Version: 11.0.04)
Adobe Stock Photos 1.0 (Version: 1.0.1)
Adobe SVG Viewer 3.0 (Version: 3.0)
Adobe Version Cue CS2 (Version: 2.0)
Anvil Studio (Version: 13.08.01)
AnyDVD (Version: 7.1.8.0)
AquaSoft DiaShow 7 Ultimate (Version: 7.7.11)
AquaSoftware Eyedestructor 1.501 (Version: 1.501)
Ask Shopping Toolbar (Version: 12.4.0.1029)
Ask Toolbar (Version: 12.2.2.676)
Asterix and Obelix XXL2 (Version: 1.00.0000)
aTube Catcher (Version: 2.9.1501)
Audacity 2.0.3 (Version: 2.0.3)
Avidemux 2.6 (32-bit) (Version: 2.6.3.8518)
Avira Antivirus Premium (Version: 13.0.0.4052)
BlockCAD 3.19 (Version: 3.19)
Bundled software uninstaller
Canon Easy-WebPrint EX
Canon IJ Network Scan Utility
Canon IJ Network Tool
Canon MP Navigator EX 3.1
Canon MX340 series Benutzerregistrierung
Canon MX340 series MP Drivers
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
Canon Utilities Solution Menu
DVDStyler v2.4.3
easyHDR BASIC 2 (Version: 2.13.3)
FileZilla Client 3.7.3 (Version: 3.7.3)
Free Screen Video Recorder version 2.5.30.725 (Version: 2.5.30.725)
Freemake Video Converter Version 4.0.1 (Version: 4.0.1)
Freemake Video Downloader (Version: 3.5.3)
GIMP 2.8.4 (Version: 2.8.4)
Google Chrome (Version: 29.0.1547.76)
Google Earth (Version: 7.1.1.1888)
Google Update Helper (Version: 1.3.21.153)
HomeTab 4.4 (Version: 4.4)
jAlbum (Version: 11.2.1)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
LAME v3.99.3 (for Windows)
LEGO Digital Designer
Lexware Info Service (Version: 2.90.00.0009)
Luminance HDR 2.3.1
MEDION NAS TOOL
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 24.0 (x86 de) (Version: 24.0)
Mozilla Maintenance Service (Version: 24.0)
Mozilla Thunderbird 17.0.8 (x86 de) (Version: 17.0.8)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Musicmatch® Jukebox (Version: 9.00.0156)
NVIDIA GAME System Software 2.8.1 (Version: 2.8.1)
OpenOffice.org 3.4 (Version: 3.4.9590)
Paragon Partition Manager™ 12 Free (Version: 90.00.0003)
PDF Architect (Version: 1.1.83.9982)
PDF Split And Merge Basic (Version: 2.2.2)
PDFCreator (Version: 1.7.0)
Picturenaut 3.2 (Version: 3.2.0.1690)
PixiePack Codec Pack (Version: 1.0.100.0)
Realtek High Definition Audio Driver (Version: 6.0.1.6873)
Sherlock Holmes - Die Spur der Erwachten Remastered (Version: 1.00.0777)
SILKYPIX Developer Studio 2.1 SE (Version: 2.1.0.2)
Skype™ 6.6 (Version: 6.6.106)
Spotify (HKCU Version: 0.9.0.129.g6978da9c)
Suite Specific (Version: 2.0.0)
TAXMAN 2013 (Version: 19.06.00.0003)
Tunebite (Version: 6.0.31728.2500)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Video Downloader (Version: 1.14)
Video Downloader version 2.0 (Version: 2.0)
WinPcap 4.1.2 (Version: 4.1.0.2001)
XAMPP 1.8.1-0 (Version: 1.8.1-0)
YTD Video Downloader 4.4 (Version: 4.4)
==================== Restore Points =========================
==================== Hosts content: ==========================
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0D9B5D92-3A22-486D-A887-3AA21597CF27} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started
Task: {1E7FF0A5-0465-4189-9BDA-E86162E81C40} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-20] (Microsoft Corporation)
Task: {33C872BC-E8E1-4BEC-8D4D-0DEFAE203599} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\System32\sdengin2.dll [2010-11-20] (Microsoft Corporation)
Task: {4648E1F1-F0B1-4C04-A33A-AE270D2D829B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-05-09] (Google Inc.)
Task: {508CE812-F0C9-4A25-9BB4-538FB7D18297} - System32\Tasks\ProtectedSearch\Protected Search => C:\Program Files\HomeTab\ProtectedSearch.exe [2013-08-13] (Simplygen)
Task: {86291118-796D-4674-BCAB-D72F084F3F2F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-21] (Adobe Systems Incorporated)
Task: {AFAF1CBD-0716-4405-B61E-D2C48D6A6CF7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-05-09] (Google Inc.)
Task: {F774CFC2-F716-4239-89CA-B991A8723045} - System32\Tasks\Browser Updater\Browser Updater => C:\Program Files\HomeTab\TBUpdater.dll [2013-07-08] (Simply Tech Ltd.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-04-27 11:00 - 2013-03-15 18:38 - 00131160 _____ (SlySoft, Inc.) C:\Program Files\SlySoft\AnyDVD\ADvdDiscHlp.dll
2013-08-07 21:25 - 2013-08-07 21:25 - 00093696 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2013-04-28 10:50 - 2004-08-29 12:52 - 00434176 _____ () C:\Program Files\Musicmatch\Musicmatch Jukebox\CoreDll.dll
2013-04-28 10:50 - 2004-08-29 12:53 - 00495616 _____ (Sample Corporation) C:\Program Files\Musicmatch\Musicmatch Jukebox\MMVCP70.dll
2013-04-28 10:50 - 2004-08-29 12:53 - 00339968 _____ (Sample Corporation) C:\Program Files\Musicmatch\Musicmatch Jukebox\MMVCR70.dll
2013-04-28 10:50 - 2004-08-29 12:52 - 00122880 _____ () C:\Program Files\Musicmatch\Musicmatch Jukebox\TrackUtils.dll
2013-04-28 10:50 - 2004-08-29 12:52 - 00475264 _____ (Musicmatch, Inc.) C:\Program Files\Musicmatch\Musicmatch Jukebox\Enforce.dll
2013-04-28 10:50 - 2004-08-29 12:52 - 00385024 _____ (Musicmatch, Inc.) C:\Program Files\Musicmatch\Musicmatch Jukebox\SkinnedCtrls.dll
2013-04-28 10:50 - 2004-08-29 12:52 - 00106496 _____ (Musicmatch, Inc.) C:\Program Files\Musicmatch\Musicmatch Jukebox\MMReg.dll
2013-04-28 10:50 - 2004-08-29 12:52 - 00069632 _____ (Musicmatch, Inc.) C:\Program Files\Musicmatch\Musicmatch Jukebox\FileAssoc.dll
2013-04-29 16:53 - 2009-11-01 19:30 - 00077824 _____ (CANON INC.) C:\Program Files\Canon\MyPrinter\BJMyRes.dll
2013-04-29 16:56 - 2009-09-28 17:52 - 00019968 _____ (CANON INC.) C:\Program Files\Canon\Canon IJ Network Scan Utility\CNSU_DEU.DLL
2013-04-26 09:54 - 2009-10-09 15:01 - 00354816 _____ (CANON INC.) C:\Windows\system32\CNMNPPM.DLL
2011-07-28 16:30 - 2011-07-28 16:30 - 00184688 _____ (Haufe-Lexware GmbH & Co. KG) C:\Program Files\Common Files\Lexware\Update Manager\lxiuum20.dll
2011-02-11 18:44 - 2011-02-11 18:44 - 00086016 _____ (Intel Corporation) C:\Windows\system32\igfxrDEU.lrc
2013-03-09 14:48 - 2013-03-09 14:48 - 00097176 _____ (Elaborate Bytes AG) C:\Windows\system32\ElbyCDIO.dll
2013-03-16 13:02 - 2013-03-16 13:02 - 01162840 _____ (SlySoft, Inc.) C:\Program Files\SlySoft\AnyDVD\AnyDialog.dll
2013-06-21 10:57 - 2013-06-21 10:57 - 00088680 ____R (Skype Technologies) C:\Program Files\Skype\Updater\Updater.dll
2009-09-10 18:57 - 2009-09-10 18:57 - 00427312 _____ (hxxp://www.id3lib.org/) C:\Program Files\RapidSolution\Tunebite\id3libU.dll
2009-09-10 18:57 - 2009-09-10 18:57 - 03151152 _____ () C:\Program Files\RapidSolution\Tunebite\dllMiniplayU.dll
2009-09-10 18:53 - 2009-09-10 18:53 - 00540672 _____ () C:\Program Files\RapidSolution\Tunebite\SQLite3.dll
2009-09-10 18:53 - 2009-09-10 18:53 - 01413120 _____ (RapidSolution Software AG) C:\Program Files\RapidSolution\Tunebite\RSTagLib.dll
2009-09-10 18:53 - 2009-09-10 18:53 - 00372736 _____ () C:\Program Files\RapidSolution\Tunebite\libfaad2.dll
2009-09-10 18:53 - 2009-09-10 18:53 - 00266240 _____ () C:\Program Files\RapidSolution\Tunebite\libFLAC_dynamic.dll
2009-09-10 18:53 - 2009-09-10 18:53 - 00122880 _____ () C:\Program Files\RapidSolution\Tunebite\libFLAC++_dynamic.dll
2009-09-10 18:58 - 2009-09-10 18:58 - 01455408 _____ () C:\Program Files\RapidSolution\Tunebite\StreamingClient.dll
2009-07-28 18:16 - 2009-07-28 18:16 - 00061440 _____ () C:\Program Files\RapidSolution\Tunebite\boost_thread-vc80-mt-1_39.dll
2009-07-28 18:16 - 2009-07-28 18:16 - 00057344 _____ () C:\Program Files\RapidSolution\Tunebite\boost_date_time-vc80-mt-1_39.dll
2009-07-28 18:16 - 2009-07-28 18:16 - 00012288 _____ () C:\Program Files\RapidSolution\Tunebite\boost_system-vc80-mt-1_39.dll
2009-09-10 18:58 - 2009-09-10 18:58 - 01365296 _____ (RapidSolution Software AG) C:\Program Files\RapidSolution\Tunebite\update.dll
2009-09-10 18:57 - 2009-09-10 18:57 - 02086192 _____ (RapidSolution Software AG) C:\Program Files\RapidSolution\Tunebite\EncodingBackend.dll
2009-09-10 18:53 - 2009-09-10 18:53 - 00212992 _____ (RapidSolution Software AG) C:\Program Files\RapidSolution\Tunebite\MediaFinalizer.dll
2009-09-10 18:56 - 2009-09-10 18:56 - 00503808 _____ (RapidSolution Software AG) C:\Program Files\RapidSolution\Tunebite\lang\de.dll
2009-09-10 18:53 - 2009-09-10 18:53 - 00028672 _____ (RapidSolution Software AG) C:\Program Files\RapidSolution\Tunebite\lang\EncodingBackend\de.dll
2009-07-14 02:03 - 2009-07-14 03:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\imaadp32.acm
2009-07-14 02:03 - 2009-07-14 03:14 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\msg711.acm
2009-07-14 02:03 - 2009-07-14 03:14 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\msgsm32.acm
2009-07-14 02:03 - 2009-07-14 03:14 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\msadp32.acm
2009-07-14 02:07 - 2009-07-14 03:14 - 00064000 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\System32\l3codeca.acm
2009-09-10 18:52 - 2009-09-10 18:52 - 00040960 _____ () C:\Program Files\RapidSolution\Tunebite\lang\miniplay\de.dll
2013-08-10 10:35 - 2013-08-10 10:35 - 00386328 _____ (RapidSolution Software) C:\ProgramData\RapidSolution\Tunebite\WebRipDLLs\WebRip.dll
2013-08-10 10:35 - 2013-08-10 10:35 - 00505112 _____ (RapidSolution Software) C:\ProgramData\RapidSolution\Tunebite\WebRipDLLs\BadJojo.dll
2013-08-10 10:35 - 2013-08-10 10:35 - 00496920 _____ (RapidSolution Software) C:\ProgramData\RapidSolution\Tunebite\WebRipDLLs\BlipTV.dll
2013-08-10 10:35 - 2013-08-10 10:35 - 00501016 _____ (RapidSolution Software) C:\ProgramData\RapidSolution\Tunebite\WebRipDLLs\DailyMotion.dll
2013-08-10 10:35 - 2013-08-10 10:35 - 00505112 _____ (RapidSolution Software) C:\ProgramData\RapidSolution\Tunebite\WebRipDLLs\MetaCafe.dll
2013-08-10 10:35 - 2013-08-10 10:35 - 00566552 _____ (RapidSolution Software) C:\ProgramData\RapidSolution\Tunebite\WebRipDLLs\MusicLoad.dll
2013-08-10 10:35 - 2013-08-10 10:35 - 00509208 _____ (RapidSolution Software) C:\ProgramData\RapidSolution\Tunebite\WebRipDLLs\MySpace.dll
2013-08-10 10:35 - 2013-08-10 10:35 - 00521496 _____ (RapidSolution Software) C:\ProgramData\RapidSolution\Tunebite\WebRipDLLs\MyVideo.dll
2013-08-10 10:35 - 2013-08-10 10:35 - 00492824 _____ (RapidSolution Software) C:\ProgramData\RapidSolution\Tunebite\WebRipDLLs\PornoTube.dll
2013-08-10 10:35 - 2013-08-10 10:35 - 01537304 _____ (RapidSolution Software AG) C:\ProgramData\RapidSolution\Tunebite\WebRipDLLs\RadioRip.dll
2013-08-10 10:35 - 2013-08-10 10:35 - 00156952 _____ (RapidSolution Software AG) C:\ProgramData\RapidSolution\Tunebite\WebRipDLLs\PlgIJigg.dll
2013-08-10 10:35 - 2013-08-10 10:35 - 00177432 _____ (RapidSolution Software AG) C:\ProgramData\RapidSolution\Tunebite\WebRipDLLs\PlgImeem.dll
2013-08-10 10:35 - 2013-08-10 10:35 - 00136472 _____ (RapidSolution Software AG) C:\ProgramData\RapidSolution\Tunebite\WebRipDLLs\PlgLastfm.dll
2013-08-10 10:35 - 2013-08-10 10:35 - 00156952 _____ (RapidSolution Software AG) C:\ProgramData\RapidSolution\Tunebite\WebRipDLLs\PlgPandora.dll
2013-08-10 10:35 - 2013-08-10 10:35 - 00242968 _____ (RapidSolution Software AG) C:\ProgramData\RapidSolution\Tunebite\WebRipDLLs\PlgSoundclick.dll
2013-08-10 10:35 - 2013-08-10 10:35 - 00496920 _____ (RapidSolution Software) C:\ProgramData\RapidSolution\Tunebite\WebRipDLLs\RedTube.dll
2013-08-10 10:35 - 2013-08-10 10:35 - 00488728 _____ (RapidSolution Software) C:\ProgramData\RapidSolution\Tunebite\WebRipDLLs\ROFL.dll
2013-08-10 10:35 - 2013-08-10 10:35 - 00501016 _____ (RapidSolution Software) C:\ProgramData\RapidSolution\Tunebite\WebRipDLLs\SevenLoad.dll
2013-08-10 10:35 - 2013-08-10 10:35 - 00509208 _____ (RapidSolution Software) C:\ProgramData\RapidSolution\Tunebite\WebRipDLLs\Tangle.dll
2013-08-10 10:35 - 2013-08-10 10:35 - 00505112 _____ (RapidSolution Software) C:\ProgramData\RapidSolution\Tunebite\WebRipDLLs\TimTube.dll
2013-08-10 10:35 - 2013-08-10 10:35 - 00496920 _____ (RapidSolution Software) C:\ProgramData\RapidSolution\Tunebite\WebRipDLLs\YouPorn.dll
2013-08-10 10:35 - 2013-08-10 10:35 - 00292120 _____ (RapidSolution Software) C:\ProgramData\RapidSolution\Tunebite\WebRipDLLs\YouTube.dll
2013-09-05 12:25 - 2013-08-13 08:38 - 00100352 _____ () C:\Program Files\HomeTab\InstallHelper.dll
2013-09-05 12:25 - 2013-08-13 08:38 - 00152136 _____ (Simply Tech Ltd.) C:\Program Files\HomeTab\cinshlpr.dll
2013-09-05 12:25 - 2013-06-27 07:14 - 00923720 _____ () C:\Program Files\HomeTab\System.Data.SQLite.dll
2012-04-13 12:04 - 2012-04-13 12:04 - 00985088 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll
2012-04-13 12:00 - 2012-04-13 12:00 - 00180224 _____ (The cURL library, hxxp://curl.haxx.se/) C:\Program Files\OpenOffice.org 3\program\libcurl.dll
2012-04-13 12:00 - 2012-04-13 12:00 - 00170496 _____ () C:\Program Files\OpenOffice.org 3\program\libxslt.dll
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/23/2013 06:24:27 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/23/2013 06:02:51 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Procmon.exe, Version: 3.5.0.0, Zeitstempel: 0x519b927b
Name des fehlerhaften Moduls: Procmon.exe, Version: 3.5.0.0, Zeitstempel: 0x519b927b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000b10da
ID des fehlerhaften Prozesses: 0x1564
Startzeit der fehlerhaften Anwendung: 0xProcmon.exe0
Pfad der fehlerhaften Anwendung: Procmon.exe1
Pfad des fehlerhaften Moduls: Procmon.exe2
Berichtskennung: Procmon.exe3
Error: (09/23/2013 05:59:37 PM) (Source: Application Hang) (User: )
Description: Programm Skype.exe, Version 6.6.60.106 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 830
Startzeit: 01ceb86fea4d843d
Endzeit: 123
Anwendungspfad: C:\Program Files\Skype\Phone\Skype.exe
Berichts-ID:
Error: (09/23/2013 05:17:08 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/22/2013 07:27:05 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "DeviceIoControl(\\?\Volume{66afc441-ad89-11e2-961d-806e6f6e6963} - 000000BC,0x0053c008,00029FA8,0,0002AFB0,4096,[0])". hr = 0x80070079, Das Zeitlimit für die Semaphore wurde erreicht.
.
Vorgang:
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (09/22/2013 07:14:42 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde nicht erfolgreich abgeschlossen, da eine Schattenkopie nicht erstellt werden konnte. Löschen Sie auf dem zu sichernden Laufwerk nicht benötigte Dateien, um Speicherplatz freizugeben, und wiederholen Sie den Vorgang.
Error: (09/22/2013 05:05:48 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: wmprph.exe, Version: 12.0.7600.16385, Zeitstempel: 0x4a5bccac
Name des fehlerhaften Moduls: wmp.dll, Version: 12.0.7601.17514, Zeitstempel: 0x4ce7ba7f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00480fc4
ID des fehlerhaften Prozesses: 0xa78
Startzeit der fehlerhaften Anwendung: 0xwmprph.exe0
Pfad der fehlerhaften Anwendung: wmprph.exe1
Pfad des fehlerhaften Moduls: wmprph.exe2
Berichtskennung: wmprph.exe3
Error: (09/22/2013 00:36:34 PM) (Source: Application Hang) (User: )
Description: Programm Skype.exe, Version 6.6.60.106 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 9a4
Startzeit: 01ceb759a316bf79
Endzeit: 223
Anwendungspfad: C:\Program Files\Skype\Phone\Skype.exe
Berichts-ID: d5dedf49-2372-11e3-b6fd-4487fcd157d6
Error: (09/22/2013 08:05:03 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/21/2013 04:33:35 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {6ccd5e48-3064-49fa-a29d-4732efe3537d}
System errors:
=============
Error: (09/23/2013 06:24:58 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (09/23/2013 06:24:58 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)
Error: (09/23/2013 05:17:46 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (09/22/2013 07:27:05 PM) (Source: volsnap) (User: )
Description: Die Schattenkopie des erstellten Volumes "C:" konnte nicht installiert werden.
Error: (09/22/2013 05:29:20 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Browser-Schutz" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/22/2013 05:18:32 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Browser-Schutz" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/22/2013 08:11:20 AM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (09/22/2013 08:05:41 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (09/21/2013 04:08:02 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (09/21/2013 04:07:26 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Freemake Improver" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Microsoft Office Sessions:
=========================
Error: (09/23/2013 06:24:27 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/23/2013 06:02:51 PM) (Source: Application Error)(User: )
Description: Procmon.exe3.5.0.0519b927bProcmon.exe3.5.0.0519b927bc0000005000b10da156401ceb8764d866eb8E:\Dokumente\Computer\portable\PortableApps\ProcessMonitorPortable\App\ProcessMonitor\Procmon.exeE:\Dokumente\Computer\portable\PortableApps\ProcessMonitorPortable\App\ProcessMonitor\Procmon.exe98860d80-2469-11e3-b9dd-4487fcd157d6
Error: (09/23/2013 05:59:37 PM) (Source: Application Hang)(User: )
Description: Skype.exe6.6.60.10683001ceb86fea4d843d123C:\Program Files\Skype\Phone\Skype.exe
Error: (09/23/2013 05:17:08 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/22/2013 07:27:05 PM) (Source: VSS)(User: )
Description: DeviceIoControl(\\?\Volume{66afc441-ad89-11e2-961d-806e6f6e6963} - 000000BC,0x0053c008,00029FA8,0,0002AFB0,4096,[0])0x80070079, Das Zeitlimit für die Semaphore wurde erreicht.
Vorgang:
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (09/22/2013 07:14:42 PM) (Source: Windows Backup)(User: )
Description: Bei der Erstellung einer Schattenkopie ist eine Zeitüberschreitung aufgetreten. Wiederholen Sie diesen Vorgang. (0x81000101)
Error: (09/22/2013 05:05:48 PM) (Source: Application Error)(User: )
Description: wmprph.exe12.0.7600.163854a5bccacwmp.dll12.0.7601.175144ce7ba7fc000000500480fc4a7801ceb7a4efbe08bdC:\Program Files\Windows Media Player\wmprph.exeC:\Windows\system32\wmp.dll75d94368-2398-11e3-b6fd-4487fcd157d6
Error: (09/22/2013 00:36:34 PM) (Source: Application Hang)(User: )
Description: Skype.exe6.6.60.1069a401ceb759a316bf79223C:\Program Files\Skype\Phone\Skype.exed5dedf49-2372-11e3-b6fd-4487fcd157d6
Error: (09/22/2013 08:05:03 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/21/2013 04:33:35 PM) (Source: VSS)(User: )
Description: 0x80070005, Zugriff verweigert
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {6ccd5e48-3064-49fa-a29d-4732efe3537d}
==================== Memory info ===========================
Percentage of memory in use: 38%
Total physical RAM: 3197.24 MB
Available physical RAM: 1972.59 MB
Total Pagefile: 6392.77 MB
Available Pagefile: 4841.02 MB
Total Virtual: 2047.88 MB
Available Virtual: 1914.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:32.23 GB) (Free:2.38 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: () (Fixed) (Total:265.76 GB) (Free:21.24 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 000C6A20)
Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=32 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=266 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 18:32 on 23/09/2013 (Kini)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
Unable to read sptd.sys
SPTD -> Disabled (Service running -> reboot required)
-=E.O.F=-
avira hat keinen Virus gefunden. Vor ein paar Tagen ist mir aufgefallen, daß Avira ausgeschaltet war, obwohl ich das ganz sicher nicht selbst gemacht habe. Für den gmer-Scan konnte ich avira nicht deaktivieren, es kam die Fehlermeldung, ich müßte Admistrator sein, um das zu tun. Nachdem ich mir dann für mein Benutzerkonto ein Passwort gesetzt habe, hat avira meinen Befehl angenommen. Bin für jede Hilfe dankbar. Kini |
| Themen zu dauernd 100% CPU-Auslastung durch svchost.exe |
| 100%, adware.packed.ranver, antivirus, browser, canon, desktop, farbar, farbar recovery scan tool, fehlermeldung, flash player, homepage, hometab\tbupdater.dll, installation, minidump, mozilla, nicht installiert, plug-in, problem, prozess, pup.optional.babylon.a, pup.optional.bundledtoolbar.a, pup.optional.datamngr.a, pup.optional.delta.a, pup.optional.hometab.a, pup.optional.opencandy, required, services.exe, software, speicherplatz, svchost.exe, system, taskmanager |
Baum-Darstellung