![]() |
|
Log-Analyse und Auswertung: Bundestrojaner, Windows startet nicht im abgesicherten ModusWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
![]() |
|
![]() | #1 | |
Ruhe in Frieden † 2019 ![]() ![]() ![]() ![]() ![]() | ![]() Bundestrojaner, Windows startet nicht im abgesicherten Modus Hallo Hesse45, Zitat:
Schritt 1 Bitte deinstalliere folgende Programme (falls vorhanden) : RegClean Pro Dazu gehe auf: den Windowsbutton in der Taskleiste --> Systemsteuerung --> Programme (Unterpunkt Programme deinstallieren) --> Programm auswählen --> entfernen Schritt 2 Downloade Dir bitte Malwarebytes Anti-Malware
Schritt 3 Da der Scan mit Eset sehr gründlich ist, kann er unter Umständen mehrere Stunden dauern ![]() ESET Online Scanner
Schritt 4 Starte noch einmal FRST.
|
![]() | #2 |
![]() | ![]() Bundestrojaner, Windows startet nicht im abgesicherten Modus Hallo Sandra,
__________________hatte wenig Zeit die 2 Tage, deshalb erst heute die Antwort - Das Laptop wurde noch nicht defragmentiert Soll ich das jetzt machen ? Zu Schritt 1: erledigt Schritt 2: Hier das log: - erledigt Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 01.05.2014 Suchlauf-Zeit: 06:17:57 Logdatei: mbam.txt Administrator: Ja Version: 2.00.1.1004 Malware Datenbank: v2014.05.01.03 Rootkit Datenbank: v2014.03.27.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Chameleon: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x86 Dateisystem: NTFS Benutzer: Roland Gerlach Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 243299 Verstrichene Zeit: 37 Min, 34 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Shuriken: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 1 RiskWare.Tool.CK, C:\Windows\KMService.exe, 1952, Löschen bei Neustart, [f14677d51d5e0e288262c7e49968c739] Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 8 RiskWare.Tool.CK, C:\Windows\KMService.exe, Löschen bei Neustart, [f14677d51d5e0e288262c7e49968c739], PUP.Optional.Rapiddown, C:\$Recycle.Bin\S-1-5-21-3805556528-2364784008-1169793373-1000\$RUTM1X7.exe, In Quarantäne, [85b216365922d4622229c57eeb166799], Trojan.Kelihos.ED, C:\$Recycle.Bin\S-1-5-21-3805556528-2364784008-1169793373-1000\$RVAOBB9.zip, In Quarantäne, [ba7d23290d6e42f465dda77ae1205aa6], Trojan.Kelihos.ED, C:\$Recycle.Bin\S-1-5-21-3805556528-2364784008-1169793373-1000\$RNGLSWL.zip, In Quarantäne, [3502f8544833db5bb68c0e1353aea35d], PUP.RiskwareTool.CK, C:\$Recycle.Bin\S-1-5-21-3805556528-2364784008-1169793373-1000\$R5MYWIA\Microsoft Office 2010 Anti Aktivirung.rar, In Quarantäne, [6ccb3f0dd0aba195a54aad2119e8e020], Trojan.FakeMS, C:\Users\Roland Gerlach\AppData\Local\Temp\bwr.dll, In Quarantäne, [211676d6fc7f69cd70f670028d749c64], PUP.Optional.InstallMonetizer, C:\Users\Roland Gerlach\Downloads\FlashPlayersetup__4651_i342826456_il16.exe, In Quarantäne, [d85f79d3403bd0664865ae778f7223dd], PUP.Optional.PCPerformer.A, C:\Windows\System32\roboot.exe, In Quarantäne, [40f70a42b7c480b6a194940d0ef5847c], Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=940d14ce2cbc834d92652437406847d0 # engine=18096 # end=finished # remove_checked=true # archives_checked=false # unwanted_checked=false # unsafe_checked=false # antistealth_checked=true # utc_time=2014-05-01 08:19:53 # local_time=2014-05-01 10:19:53 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1031 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=5893 16776574 66 85 25456874 150563584 0 0 # scanned=428706 # found=7 # cleaned=7 # scan_time=12464 sh=3E43A4C7B67ABDFB7110A70D917854D284A38573 ft=0 fh=0000000000000000 vn="JS/Exploit.Pdfka.POF Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\found.000\file0001.chk" sh=A8B086BB67CBCAFF5989FF4AFE9EEB24F7E42366 ft=1 fh=2ec1e8680a59f12e vn="Win32/Reveton.V Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\FRST\Quarantine\C\ProgramData\2992199F9A\esz8dogcl.cpp.xBAD" sh=D18A67D19245722A9218166E8632946E7F121100 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Roland Gerlach\AppData\Roaming\Avant Profiles\.default\temp\cache\Content.IE5\FWM8CA6A\firstload_com[1].htm" sh=1928F2A40C3E2ED59C48EA161D45F095A9E1CC5E ft=0 fh=0000000000000000 vn="JS/TrojanClicker.Agent.NDW.Gen Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Roland Gerlach\AppData\Roaming\Avant Profiles\.default\temp\cache\Content.IE5\GRWO4YC4\laantiadmi_techniqueit_net_au[2].htm" sh=1928F2A40C3E2ED59C48EA161D45F095A9E1CC5E ft=0 fh=0000000000000000 vn="JS/TrojanClicker.Agent.NDW.Gen Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Roland Gerlach\AppData\Roaming\Avant Profiles\.default\temp\cache\Content.IE5\QOJWHAYN\laantiadmi_techniqueit_net_au[1].htm" sh=1928F2A40C3E2ED59C48EA161D45F095A9E1CC5E ft=0 fh=0000000000000000 vn="JS/TrojanClicker.Agent.NDW.Gen Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Roland Gerlach\AppData\Roaming\Avant Profiles\.default\temp\cache\Content.IE5\QOJWHAYN\laantiadmi_techniqueit_net_au[2].htm" sh=57EAE57EE96704C946C85195459B068BA8AAA72D ft=0 fh=0000000000000000 vn="JS/Exploit.Pdfka.PPO Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Roland Gerlach\AppData\Roaming\Avant Profiles\.default\temp\cache\Content.IE5\X4LONCBH\797ed[1].pdf" Hätte ich fast Schritt 4 vergessen: - erledigt frst: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:01-05-2014 Ran by Roland Gerlach (administrator) on ROLANDGERLACH on 03-05-2014 11:27:59 Running from C:\Users\Roland Gerlach\Desktop Microsoft Windows 7 Starter Service Pack 1 (X86) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe () C:\Windows\System32\AsusService.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version6\TeamViewer.exe (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (ASUSTeK Computer Inc.) C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe (ASUSTeK Computer Inc.) C:\Program Files\EeePC\HotkeyService\HotkeyService.exe () C:\Program Files\ASUS\Eee Docking\Eee Docking.exe (ASUSTeK Computer Inc.) C:\Program Files\EeePC\SHE\SuperHybridEngine.exe (AsusTek Computer Inc.) C:\Program Files\ASUS\LiveUpdate\LiveUpdate.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (ASUS) C:\Program Files\EeePC\CapsHook\CapsHook.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Boingo Wireless, Inc.) C:\Program Files\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe (ASUS Cloud Corporation) C:\Program Files\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe (AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe (Google Inc.) C:\Users\Roland Gerlach\AppData\Local\Google\Update\GoogleUpdate.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.3.132.0\SeaPort.EXE (Microsoft Corporation) C:\Windows\System32\wuauclt.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1594664 2010-04-13] (Synaptics Incorporated) HKLM\...\Run: [SynAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [83240 2010-04-13] (Synaptics Incorporated) HKLM\...\Run: [EeeSplendidAgent] => C:\Program Files\ASUS\EPC\EeeSplendid\AsAgent.exe HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems Incorporated) HKLM\...\Run: [HotkeyMon] => C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe [100328 2009-09-11] (ASUSTeK Computer Inc.) HKLM\...\Run: [HotkeyService] => C:\Program Files\EeePC\HotkeyService\HotkeyService.exe [1166768 2010-04-08] (ASUSTeK Computer Inc.) HKLM\...\Run: [SuperHybridEngine] => C:\Program Files\EeePC\SHE\SuperHybridEngine.exe [413688 2009-10-26] (ASUSTeK Computer Inc.) HKLM\...\Run: [LiveUpdate] => C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe [1095080 2011-07-13] (AsusTek Computer Inc.) HKLM\...\Run: [CapsHook] => C:\Program Files\EeePC\CapsHook\CapsHook.exe [439712 2010-03-09] (ASUS) HKLM\...\Run: [Eee Docking] => C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [415920 2010-03-30] () HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8555040 2010-04-09] (Realtek Semiconductor) HKLM\...\Run: [Boingo Wi-Fi] => C:\Program Files\Boingo\Boingo Wi-Fi\Boingo.lnk [2429 2010-10-09] () HKLM\...\Run: [ASUSPRP] => C:\Program Files\ASUS\APRP\APRP.EXE [2018032 2010-04-26] (ASUSTek Computer Inc.) HKLM\...\Run: [ASUSWebStorage] => C:\Program Files\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe [740736 2012-08-03] (ASUS Cloud Corporation) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3873704 2014-05-01] (AVAST Software) HKU\S-1-5-21-3805556528-2364784008-1169793373-1000\...\Run: [Google Update] => C:\Users\Roland Gerlach\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-08-04] (Google Inc.) HKU\S-1-5-21-3805556528-2364784008-1169793373-1000\...\Run: [msnmsgr] => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background HKU\S-1-5-21-3805556528-2364784008-1169793373-1000\...\MountPoints2: E - E:\AutoRun.exe HKU\S-1-5-21-3805556528-2364784008-1169793373-1000\...\MountPoints2: {12debd09-1a83-11e0-a890-1c4bd610723e} - E:\AutoRun.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/?pc=AVBR HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://eeepc.asus.com SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AVB3DF&pc=AVBR SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AVB3DF&pc=AVBR SearchScopes: HKCU - {B7B664DF-3AF9-4C8E-8148-F42BB7831D27} URL = hxxp://www.ask.com/web?o=15710&l=dis&q={searchTerms} BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.) Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.) Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553545000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Roland Gerlach\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Roland Gerlach\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) Chrome: ======= CHR HomePage: hxxp://www.google.com/ CHR StartupUrls: "hxxp://www.google.com/" CHR Plugin: (Shockwave Flash) - C:\Users\Roland Gerlach\AppData\Local\Google\Chrome\Application\34.0.1847.116\gcswf32.dll No File CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll No File CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL No File CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL No File CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll No File CHR Plugin: (Remoting Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Users\Roland Gerlach\AppData\Local\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Users\Roland Gerlach\AppData\Local\Google\Chrome\Application\34.0.1847.116\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll No File CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Default Plug-in) - default_plugin No File CHR Extension: (YouTube) - C:\Users\Roland Gerlach\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-18] CHR Extension: (Google-Suche) - C:\Users\Roland Gerlach\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-18] CHR Extension: (Google Wallet) - C:\Users\Roland Gerlach\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22] CHR Extension: (Google Mail) - C:\Users\Roland Gerlach\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-18] CHR StartMenuInternet: Google Chrome - C:\Users\Roland Gerlach\AppData\Local\Google\Chrome\Application\chrome.exe ========================== Services (Whitelisted) ================= R2 AsusService; C:\Windows\System32\AsusService.exe [219136 2009-08-19] () R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2014-05-01] (AVAST Software) S2 KMService; C:\windows\system32\srvany.exe [8192 2003-04-18] () R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation) ==================== Drivers (Whitelisted) ==================== R1 AsUpIO; C:\windows\System32\drivers\AsUpIO.sys [11832 2011-02-09] () R2 aswHwid; C:\windows\system32\drivers\aswHwid.sys [24184 2014-05-01] () R1 aswKbd; C:\windows\system32\Drivers\aswKbd.sys [21576 2013-03-07] (AVAST Software) R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [67824 2014-05-01] (AVAST Software) R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [81768 2014-05-01] (AVAST Software) R0 aswRvrt; C:\windows\system32\Drivers\aswRvrt.sys [49944 2014-05-01] () R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [776976 2014-05-01] (AVAST Software) R1 aswSP; C:\windows\system32\drivers\aswSP.sys [411552 2014-05-01] (AVAST Software) R2 aswStm; C:\windows\system32\drivers\aswStm.sys [67776 2014-05-01] (AVAST Software) R0 aswVmm; C:\windows\system32\Drivers\aswVmm.sys [180632 2014-05-01] () R3 kbfiltr; C:\windows\System32\DRIVERS\kbfiltr.sys [13880 2010-04-13] ( ) R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [23256 2014-04-03] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [107736 2014-05-03] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [51416 2014-04-03] (Malwarebytes Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-01 12:37 - 2014-05-01 12:37 - 00000000 ____D () C:\Users\Roland Gerlach\AppData\Roaming\AVAST Software 2014-05-01 11:25 - 2014-05-01 11:25 - 00067776 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys 2014-05-01 11:25 - 2014-05-01 11:25 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr 2014-05-01 11:25 - 2014-05-01 11:25 - 00024184 _____ () C:\windows\system32\Drivers\aswHwid.sys 2014-05-01 11:20 - 2014-05-01 11:20 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-05-01 06:47 - 2014-05-01 06:47 - 00000000 ____D () C:\Program Files\ESET 2014-05-01 05:40 - 2014-05-01 05:40 - 00000000 ___SD () C:\windows\system32\CompatTel 2014-05-01 05:36 - 2014-05-03 10:19 - 00107736 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2014-05-01 05:34 - 2014-05-01 12:42 - 00001064 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-05-01 05:34 - 2014-05-01 12:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-05-01 05:34 - 2014-05-01 12:42 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 2014-05-01 05:34 - 2014-05-01 05:34 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-01 05:34 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys 2014-05-01 05:34 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys 2014-05-01 05:34 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys 2014-05-01 05:30 - 2014-05-01 05:20 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Roland Gerlach\Desktop\mbam-setup-2.0.1.1004.exe 2014-04-30 17:55 - 2014-04-14 04:11 - 00361984 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll 2014-04-30 17:55 - 2014-04-14 04:07 - 00302592 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll 2014-04-29 06:15 - 2014-05-03 11:28 - 00013360 _____ () C:\Users\Roland Gerlach\Desktop\FRST.txt 2014-04-29 06:14 - 2014-05-03 11:27 - 00000000 ____D () C:\Users\Roland Gerlach\Desktop\FRST-OlderVersion 2014-04-29 06:12 - 2014-05-03 11:27 - 01050624 _____ (Farbar) C:\Users\Roland Gerlach\Desktop\FRST.exe 2014-04-28 21:38 - 2014-04-29 06:25 - 00000000 ____D () C:\Users\Roland Gerlach\AppData\Roaming\Systweak 2014-04-27 19:45 - 2014-05-03 11:27 - 00000000 ____D () C:\FRST 2014-04-09 23:11 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll 2014-04-09 23:11 - 2014-02-04 04:07 - 00234432 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys 2014-04-09 23:11 - 2014-02-04 04:07 - 00149440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys 2014-04-09 23:11 - 2014-02-04 04:07 - 00027072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Diskdump.sys 2014-04-09 23:11 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\iologmsg.dll 2014-04-09 23:11 - 2014-01-24 04:18 - 01212352 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys 2014-04-05 11:28 - 2014-04-05 11:28 - 00011804 _____ () C:\Users\Roland Gerlach\Documents\Ord123.xlsx ==================== One Month Modified Files and Folders ======= 2014-05-03 11:28 - 2014-04-29 06:15 - 00013360 _____ () C:\Users\Roland Gerlach\Desktop\FRST.txt 2014-05-03 11:27 - 2014-04-29 06:14 - 00000000 ____D () C:\Users\Roland Gerlach\Desktop\FRST-OlderVersion 2014-05-03 11:27 - 2014-04-29 06:12 - 01050624 _____ (Farbar) C:\Users\Roland Gerlach\Desktop\FRST.exe 2014-05-03 11:27 - 2014-04-27 19:45 - 00000000 ____D () C:\FRST 2014-05-03 10:56 - 2011-08-13 09:23 - 00001156 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3805556528-2364784008-1169793373-1000UA.job 2014-05-03 10:51 - 2011-01-29 16:36 - 00001114 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-05-03 10:49 - 2010-10-10 03:51 - 01649004 _____ () C:\windows\WindowsUpdate.log 2014-05-03 10:48 - 2013-04-21 21:34 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job 2014-05-03 10:28 - 2009-07-14 06:34 - 00009696 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-05-03 10:28 - 2009-07-14 06:34 - 00009696 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-05-03 10:19 - 2014-05-01 05:36 - 00107736 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2014-05-03 10:15 - 2011-01-29 16:36 - 00001110 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-05-03 10:15 - 2009-07-14 06:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT 2014-05-03 10:14 - 2009-07-14 06:39 - 00159636 _____ () C:\windows\setupact.log 2014-05-01 12:56 - 2013-11-20 00:07 - 02077982 _____ () C:\windows\IE11_main.log 2014-05-01 12:42 - 2014-05-01 05:34 - 00001064 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-05-01 12:42 - 2014-05-01 05:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-05-01 12:42 - 2014-05-01 05:34 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 2014-05-01 12:37 - 2014-05-01 12:37 - 00000000 ____D () C:\Users\Roland Gerlach\AppData\Roaming\AVAST Software 2014-05-01 12:35 - 2010-04-26 15:26 - 00263504 _____ () C:\windows\PFRO.log 2014-05-01 11:26 - 2013-05-09 18:55 - 00002058 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk 2014-05-01 11:25 - 2014-05-01 11:25 - 00067776 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys 2014-05-01 11:25 - 2014-05-01 11:25 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr 2014-05-01 11:25 - 2014-05-01 11:25 - 00024184 _____ () C:\windows\system32\Drivers\aswHwid.sys 2014-05-01 11:25 - 2013-04-21 21:18 - 00180632 _____ () C:\windows\system32\Drivers\aswVmm.sys 2014-05-01 11:25 - 2013-04-21 21:18 - 00049944 _____ () C:\windows\system32\Drivers\aswRvrt.sys 2014-05-01 11:25 - 2012-09-09 09:41 - 00081768 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys 2014-05-01 11:25 - 2011-05-17 20:44 - 00776976 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys 2014-05-01 11:25 - 2010-10-09 13:47 - 00411552 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys 2014-05-01 11:25 - 2010-10-09 13:47 - 00067824 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys 2014-05-01 11:25 - 2010-10-09 13:46 - 00271264 _____ (AVAST Software) C:\windows\system32\aswBoot.exe 2014-05-01 11:20 - 2014-05-01 11:20 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-05-01 11:19 - 2009-07-14 04:04 - 00002577 _____ () C:\windows\system32\config.nt 2014-05-01 10:18 - 2012-07-28 19:31 - 00000000 __SHD () C:\found.000 2014-05-01 06:47 - 2014-05-01 06:47 - 00000000 ____D () C:\Program Files\ESET 2014-05-01 06:33 - 2010-10-09 13:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live 2014-05-01 06:33 - 2010-10-09 13:13 - 00000000 ____D () C:\Program Files\Windows Live 2014-05-01 06:27 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared 2014-05-01 06:21 - 2011-12-29 21:56 - 00000000 ____D () C:\Users\Roland Gerlach\Tracing 2014-05-01 06:19 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\Web 2014-05-01 06:03 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\Microsoft.NET 2014-05-01 05:40 - 2014-05-01 05:40 - 00000000 ___SD () C:\windows\system32\CompatTel 2014-05-01 05:34 - 2014-05-01 05:34 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-01 05:20 - 2014-05-01 05:30 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Roland Gerlach\Desktop\mbam-setup-2.0.1.1004.exe 2014-05-01 05:17 - 2010-10-09 13:02 - 00110048 _____ () C:\Users\Roland Gerlach\AppData\Local\GDIPFONTCACHEV1.DAT 2014-04-30 19:46 - 2009-07-14 06:33 - 00407304 _____ () C:\windows\system32\FNTCACHE.DAT 2014-04-30 19:30 - 2010-04-26 15:05 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8 2014-04-30 19:30 - 2010-04-26 14:59 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-04-30 19:30 - 2010-04-26 14:59 - 00000000 ____D () C:\Program Files\Microsoft Office 2014-04-30 19:29 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\System 2014-04-30 18:20 - 2010-10-09 13:15 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition 2014-04-30 18:20 - 2010-04-26 15:01 - 00000000 ____D () C:\Program Files\Microsoft.NET 2014-04-30 18:17 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\MSBuild 2014-04-30 18:06 - 2009-07-14 04:04 - 00000387 _____ () C:\windows\win.ini 2014-04-29 06:25 - 2014-04-28 21:38 - 00000000 ____D () C:\Users\Roland Gerlach\AppData\Roaming\Systweak 2014-04-28 21:40 - 2009-07-25 09:50 - 01620684 _____ () C:\windows\system32\PerfStringBackup.INI 2014-04-28 21:34 - 2013-04-21 21:34 - 00692400 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe 2014-04-28 21:34 - 2013-04-21 21:34 - 00070832 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl 2014-04-22 23:56 - 2011-08-13 09:23 - 00001104 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3805556528-2364784008-1169793373-1000Core.job 2014-04-22 03:09 - 2013-05-01 03:06 - 01010761 _____ () C:\windows\IE10_main.log 2014-04-18 17:50 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\rescache 2014-04-14 04:11 - 2014-04-30 17:55 - 00361984 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll 2014-04-14 04:07 - 2014-04-30 17:55 - 00302592 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll 2014-04-13 01:00 - 2009-07-14 06:53 - 00032640 _____ () C:\windows\Tasks\SCHEDLGU.TXT 2014-04-11 21:18 - 2011-08-13 09:23 - 00002367 _____ () C:\Users\Roland Gerlach\Desktop\Google Chrome.lnk 2014-04-10 22:47 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\de-DE 2014-04-10 00:35 - 2013-08-13 20:32 - 00000000 ____D () C:\windows\system32\MRT 2014-04-10 00:29 - 2010-11-08 22:48 - 88028728 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe 2014-04-05 11:29 - 2014-01-26 14:07 - 00012337 _____ () C:\Users\Roland Gerlach\Documents\ord122.xlsx 2014-04-05 11:28 - 2014-04-05 11:28 - 00011804 _____ () C:\Users\Roland Gerlach\Documents\Ord123.xlsx 2014-04-03 09:51 - 2014-05-01 05:34 - 00073432 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys 2014-04-03 09:51 - 2014-05-01 05:34 - 00051416 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys 2014-04-03 09:50 - 2014-05-01 05:34 - 00023256 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys Some content of TEMP: ==================== C:\Users\Roland Gerlach\AppData\Local\Temp\$browser$.update.exe C:\Users\Roland Gerlach\AppData\Local\Temp\atl80.dll C:\Users\Roland Gerlach\AppData\Local\Temp\DataCard_Setup.exe C:\Users\Roland Gerlach\AppData\Local\Temp\FlashPlayerUpdate.exe C:\Users\Roland Gerlach\AppData\Local\Temp\FlashPlayerUpdate01.exe C:\Users\Roland Gerlach\AppData\Local\Temp\mfc80.dll C:\Users\Roland Gerlach\AppData\Local\Temp\mfc80u.dll C:\Users\Roland Gerlach\AppData\Local\Temp\mfcm80.dll C:\Users\Roland Gerlach\AppData\Local\Temp\mfcm80u.dll C:\Users\Roland Gerlach\AppData\Local\Temp\msvcm80.dll C:\Users\Roland Gerlach\AppData\Local\Temp\msvcp80.dll C:\Users\Roland Gerlach\AppData\Local\Temp\msvcr80.dll C:\Users\Roland Gerlach\AppData\Local\Temp\ose00000.exe C:\Users\Roland Gerlach\AppData\Local\Temp\ResetDevice.exe C:\Users\Roland Gerlach\AppData\Local\Temp\TmDbg32.dll C:\Users\Roland Gerlach\AppData\Local\Temp\Uni000.exe ==================== Bamital & volsnap Check ================= C:\windows\explorer.exe => MD5 is legit C:\windows\system32\winlogon.exe => MD5 is legit C:\windows\system32\wininit.exe => MD5 is legit C:\windows\system32\svchost.exe => MD5 is legit C:\windows\system32\services.exe => MD5 is legit C:\windows\system32\User32.dll => MD5 is legit C:\windows\system32\userinit.exe => MD5 is legit C:\windows\system32\rpcss.dll => MD5 is legit C:\windows\system32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-05-01 11:54 ==================== End Of Log ============================ Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version:01-05-2014 Ran by Roland Gerlach at 2014-05-03 11:30:21 Running from C:\Users\Roland Gerlach\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== 32 Bit HP CIO Components Installer (Version: 1.1.0 - Hewlett-Packard) Hidden Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated) Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.7.0.1530 - Adobe Systems Incorporated) Adobe AIR (Version: 3.7.0.1530 - Adobe Systems Incorporated) Hidden Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated) Adobe Reader 9.1 MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated) Alice Greenfingers (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version: - Oberon Media) ASUS WebStorage (HKLM\...\ASUS WebStorage) (Version: 3.0.143.296 - ASUS Cloud Corporation) ASUSUpdate for Eee PC (HKLM\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 1.03.06 - ASUSTeK Computer Inc.) AsusVibe2.0 (HKLM\...\Asus Vibe2.0) (Version: 2.0.9.157 - ASUSTEK) Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.10 - Atheros Communications Inc.) Avant Browser (remove only) (HKLM\...\AvantBrowser) (Version: 12.0.0.0 - Avant Force) avast! Free Antivirus (HKLM\...\avast) (Version: 9.0.2018 - Avast Software) Bing Bar (HKLM\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation) Boingo Wi-Fi (HKLM\...\{84C2B80B-64A2-4B22-93EC-F30C3D6BF7D8}) (Version: 1.7.0048 - Boingo Wireless, Inc.) CapsHook (HKLM\...\{4B5092B6-F231-4D18-83BC-2618B729CA45}) (Version: 1.0.0.3 - AsusTek Computer) Chicken Invaders 2 (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version: - Oberon Media) Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Dream Day Wedding Married in Manhattan (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115233673}) (Version: - Oberon Media) ebi.BookReader3J (HKLM\...\{F3D2DEDC-4732-4188-8A3A-1A3FFBD4D6C8}) (Version: 3.75.14 - eBOOK Initiative Japan Co., Ltd.) E-Cam (HKLM\...\{185AFA7A-F63E-450B-94AA-011CAC18090E}) (Version: 2.0.2.5 - ) Eee Docking 3.7.0 (HKLM\...\Eee Docking_is1) (Version: 3.7.0 - ASUSTek Computer Inc.) EeeSplendid (HKLM\...\{6333FC29-BFE5-4024-AC78-958A1A7555D1}) (Version: 5.1.2.0011 - ASUS) EeeSplendid (Version: 5.1.2.0011 - ASUS) Hidden ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - ) FontResizer (HKLM\...\InstallShield_{17780F99-A9DF-450B-81B3-6781B20A17A8}) (Version: 1.01.0011 - ASUSTek) FontResizer (Version: 1.01.0011 - ASUSTek) Hidden Game Park Console (HKLM\...\{D44AA979-47C2-4BC0-A860-09A54224EA44}_is1) (Version: 6.2.0.3 - Oberon Media, Inc.) Google Chrome (HKCU\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.) Google Drive (HKLM\...\{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}) (Version: 1.14.6059.644 - Google, Inc.) Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden Hotkey Service (HKLM\...\{71C0E38E-09F2-4386-9977-404D4F6640CD}) (Version: 1.22 - AsusTek Computer) Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.14.10.1929 - Intel Corporation) Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation) Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden LiveUpdate (HKLM\...\{38E5A3B1-ADF1-47E0-8024-76310A30EB36}) (Version: 1.29 - AsusTek Computer Inc.) LocaleMe (HKLM\...\{F58C1D44-4AC9-48E8-9049-7A6CDFCB415C}) (Version: 1.3 - ASUS) Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation) Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation) Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation) Mobile Partner (HKLM\...\Mobile Partner) (Version: 11.002.03.07.40 - Huawei Technologies Co.,Ltd) MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation) Piggly FREE (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-1173957}) (Version: - Oberon Media) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6086 - Realtek Semiconductor Corp.) Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.) Smileyville FREE (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117396510}) (Version: - Oberon Media) Super Hybrid Engine (HKLM\...\{88F08F98-12BC-4613-81A2-8F9B88CFC73E}) (Version: 2.10 - AsusTek Computer) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.16.0 - Synaptics Incorporated) TeamViewer 6 (HKLM\...\TeamViewer 6) (Version: 6.0.13992 - TeamViewer GmbH) Times Reader (HKLM\...\com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1) (Version: 2.055 - The New York Times Company) Times Reader (Version: 2.055 - The New York Times Company) Hidden WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.5.500 - Broadcom Corporation) Windows Driver Package - Broadcom Bluetooth (07/17/2009 6.2.0.9403) (HKLM\...\B41C7C96D83162A676DA7365ADEFD6C1AF62A4EE) (Version: 07/17/2009 6.2.0.9403 - Broadcom) Windows Driver Package - Broadcom Bluetooth (07/29/2009 6.1.7100.0) (HKLM\...\B5C82F3814F82FB37F1513B3185399BD88892B08) (Version: 07/29/2009 6.1.7100.0 - Broadcom) Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom) Windows Live Communications Platform (Version: 14.0.8064.206 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation) Windows Live Essentials (Version: 14.0.8089.726 - Microsoft Corporation) Hidden Windows Live Family Safety (Version: 14.0.8093.805 - Microsoft Corporation) Hidden Windows Live Fotogalerie (Version: 14.0.8081.709 - Microsoft Corporation) Hidden Windows Live Mail (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden Windows Live Sync (HKLM\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation) Windows Live Writer (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation) WinRAR (HKLM\...\WinRAR archiver) (Version: - ) ==================== Restore Points ========================= 30-04-2014 15:59:50 Removed Microsoft Office Professional Plus 2010 30-04-2014 16:39:43 Removed Microsoft Office Language Pack 2007 - Dutch/Nederlands 30-04-2014 17:01:39 Removed Microsoft Office Language Pack 2007 - French/Français 30-04-2014 17:08:05 Removed Microsoft Office Language Pack 2007 - German/Deutsch 30-04-2014 17:20:24 Removed Microsoft Office Language Pack 2007 - Italian/Italiano 30-04-2014 17:25:44 Removed Microsoft Office Language Pack 2010 - German/Deutsch 30-04-2014 17:33:31 Microsoft Office Live Add-in 1.3 wird entfernt 30-04-2014 17:37:42 Microsoft Office Live Add-in 1.3 wird entfernt 30-04-2014 17:38:43 Microsoft Office PowerPoint Viewer 2007 (German) wird entfernt 30-04-2014 17:41:42 Removed Microsoft Office Suite Activation Assistant. 01-05-2014 03:29:12 Windows Update 01-05-2014 04:25:46 Windows Live Anmelde-Assistent wird entfernt 01-05-2014 09:02:12 Windows Update 01-05-2014 09:21:07 avast! antivirus system restore point 01-05-2014 10:52:02 Windows Update ==================== Hosts content: ========================== 2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {52DEF552-2FC8-42FB-95A6-ABE8F42F2F9B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-29] (Google Inc.) Task: {6B43399D-92B5-4D8C-94F8-0349A433C5A9} - System32\Tasks\avast! Emergency Update => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [2014-05-01] (AVAST Software) Task: {7A6AB32E-577E-434A-8964-8E03B6839B7F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-29] (Google Inc.) Task: {8FBBEA4B-E1B2-42E2-8ED7-545CB14B9F2C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3805556528-2364784008-1169793373-1000UA => C:\Users\Roland Gerlach\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-04] (Google Inc.) Task: {B120883B-B555-49DE-93FB-8BBAEB87EF84} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-28] (Adobe Systems Incorporated) Task: {DAFD15D4-8C77-4FC0-8CC6-8380FE925D9C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3805556528-2364784008-1169793373-1000Core => C:\Users\Roland Gerlach\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-04] (Google Inc.) Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3805556528-2364784008-1169793373-1000Core.job => C:\Users\Roland Gerlach\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3805556528-2364784008-1169793373-1000UA.job => C:\Users\Roland Gerlach\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-05-01 11:25 - 2014-05-01 11:25 - 02252800 _____ () C:\Program Files\Alwil Software\Avast5\defs\14043002\algo.dll 2014-05-03 10:16 - 2014-05-03 10:16 - 02252800 _____ () C:\Program Files\Alwil Software\Avast5\defs\14050300\algo.dll 2010-04-26 14:56 - 2009-08-19 02:35 - 00219136 _____ () C:\Windows\System32\AsusService.exe 2009-08-02 16:05 - 2009-08-02 16:05 - 00132384 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll 2010-04-26 15:17 - 2010-03-30 01:29 - 00415920 _____ () C:\Program Files\ASUS\Eee Docking\Eee Docking.exe 2011-07-13 09:38 - 2011-07-13 09:38 - 00181664 _____ () C:\Program Files\Asus\LiveUpdate\Parser.dll 2011-09-05 09:19 - 2011-09-05 09:19 - 00028672 _____ () C:\Program Files\ASUS\ASUS WebStorage\3.0.143.296\AxInterop.ShockwaveFlashObjects.dll 2014-05-01 11:25 - 2014-05-01 11:25 - 19336120 _____ () C:\Program Files\Alwil Software\Avast5\libcef.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== Disabled items from MSCONFIG ============== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (05/03/2014 10:17:52 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1". Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (05/03/2014 10:17:52 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1". Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (05/03/2014 10:17:52 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1". Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (05/03/2014 10:17:46 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1". Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (05/03/2014 10:17:42 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1". Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (05/03/2014 10:17:42 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1". Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (05/03/2014 10:17:28 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1". Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (05/03/2014 10:17:28 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1". Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (05/03/2014 10:17:28 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1". Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (05/03/2014 10:17:28 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1". Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". System errors: ============= Error: (05/03/2014 10:22:14 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Windows Update" wurde nicht richtig gestartet. Error: (05/03/2014 10:15:36 AM) (Source: Service Control Manager) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: cdrom Error: (05/01/2014 00:52:02 PM) (Source: DCOM) (User: ) Description: {995C996E-D918-4A8C-A302-45719A6F4EA7} Error: (05/01/2014 00:36:18 PM) (Source: Service Control Manager) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: cdrom Error: (05/01/2014 11:09:28 AM) (Source: Service Control Manager) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: cdrom Error: (05/01/2014 10:32:26 AM) (Source: Service Control Manager) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: cdrom Error: (05/01/2014 08:43:09 AM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Wlansvc erreicht. Error: (05/01/2014 06:36:59 AM) (Source: Service Control Manager) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: cdrom Error: (05/01/2014 06:21:05 AM) (Source: Service Control Manager) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: cdrom Error: (05/01/2014 05:26:19 AM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst LanmanServer erreicht. Microsoft Office Sessions: ========================= Error: (05/03/2014 10:17:52 AM) (Source: SideBySide)(User: ) Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\MFC80.DLL Error: (05/03/2014 10:17:52 AM) (Source: SideBySide)(User: ) Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\MFC80.DLL Error: (05/03/2014 10:17:52 AM) (Source: SideBySide)(User: ) Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\MFC80.DLL Error: (05/03/2014 10:17:46 AM) (Source: SideBySide)(User: ) Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\MFC80.DLL Error: (05/03/2014 10:17:42 AM) (Source: SideBySide)(User: ) Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\MFC80.DLL Error: (05/03/2014 10:17:42 AM) (Source: SideBySide)(User: ) Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\MFC80.DLL Error: (05/03/2014 10:17:28 AM) (Source: SideBySide)(User: ) Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\MFC80U.DLL Error: (05/03/2014 10:17:28 AM) (Source: SideBySide)(User: ) Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\MFC80U.DLL Error: (05/03/2014 10:17:28 AM) (Source: SideBySide)(User: ) Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\MFC80.DLL Error: (05/03/2014 10:17:28 AM) (Source: SideBySide)(User: ) Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\MFC80.DLL ==================== Memory info =========================== Percentage of memory in use: 72% Total physical RAM: 1014.18 MB Available physical RAM: 276.06 MB Total Pagefile: 2038.18 MB Available Pagefile: 893.48 MB Total Virtual: 2047.88 MB Available Virtual: 1925.32 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:100 GB) (Free:58.01 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: () (Fixed) (Total:117.86 GB) (Free:117.62 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 29133921) Partition 1: (Active) - (Size=100 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=15 GB) - (Type=1B) Partition 3: (Not Active) - (Size=118 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=20 MB) - (Type=EF) ==================== End Of Log ============================ |
![]() |
Themen zu Bundestrojaner, Windows startet nicht im abgesicherten Modus |
adobe, antivirus, association, avast, browser, desktop, download, eeepc, explorer, explorer.exe, google, hängt, logfile, messenger, microsoft, realtek, registry, scan, services.exe, software, starten, svchost.exe, system, temp, windows, windows startet nicht, winlogon.exe |