| |
| |||||||
Log-Analyse und Auswertung: Bundestrojaner, Windows startet nicht im abgesicherten ModusWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
27.04.2014, 09:12
| #1 |
 |  Bundestrojaner, Windows startet nicht im abgesicherten Modus Mein Kumpel hat sich den Bundestrojaner eingefangen Ich wollte im abgesicheten Modus starten, aber da hängt er sich mit der Zeile "windows\system32\drivers\aswrvrt.sys auf. Habe frst drüber laufen lassen, hier das Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-04-2014 03
Ran by SYSTEM on MININT-OK2ITK0 on 27-04-2014 09:45:53
Running from E:\
Windows 7 Starter (X86) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Recovery
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1594664 2010-04-12] (Synaptics Incorporated)
HKLM\...\Run: [SynAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [83240 2010-04-12] (Synaptics Incorporated)
HKLM\...\Run: [EeeSplendidAgent] => C:\Program Files\ASUS\EPC\EeeSplendid\AsAgent.exe
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [HotkeyMon] => C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe [100328 2009-09-11] (ASUSTeK Computer Inc.)
HKLM\...\Run: [HotkeyService] => C:\Program Files\EeePC\HotkeyService\HotkeyService.exe [1166768 2010-04-07] (ASUSTeK Computer Inc.)
HKLM\...\Run: [SuperHybridEngine] => C:\Program Files\EeePC\SHE\SuperHybridEngine.exe [413688 2009-10-26] (ASUSTeK Computer Inc.)
HKLM\...\Run: [LiveUpdate] => C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe [1095080 2011-07-12] (AsusTek Computer Inc.)
HKLM\...\Run: [CapsHook] => C:\Program Files\EeePC\CapsHook\CapsHook.exe [439712 2010-03-09] (ASUS)
HKLM\...\Run: [Eee Docking] => C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [415920 2010-03-29] ()
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8555040 2010-04-09] (Realtek Semiconductor)
HKLM\...\Run: [Boingo Wi-Fi] => C:\Program Files\Boingo\Boingo Wi-Fi\Boingo.lnk [2429 2010-10-09] ()
HKLM\...\Run: [ASUSPRP] => C:\Program Files\ASUS\APRP\APRP.EXE [2018032 2010-04-26] (ASUSTek Computer Inc.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM\...\Run: [avast] => C:\Program Files\Alwil Software\Avast5\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM\...\Run: [ASUSWebStorage] => C:\Program Files\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe [740736 2012-08-03] (ASUS Cloud Corporation)
HKU\Default\...\RunOnce: [Reboot] - AsusSender.exe C:\Windows\AP\Reboot.exe 60
HKU\Default User\...\RunOnce: [Reboot] - AsusSender.exe C:\Windows\AP\Reboot.exe 60
HKU\Roland Gerlach\...\Run: [Google Update] => C:\Users\Roland Gerlach\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-08-04] (Google Inc.)
HKU\Roland Gerlach\...\Run: [msnmsgr] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe [3883840 2009-07-26] (Microsoft Corporation)
Startup: C:\Users\Roland Gerlach\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\lcgod8zse.lnk
ShortcutTarget: lcgod8zse.lnk -> C:\ProgramData\2992199F9A\esz8dogcl.cpp (Microsoft Corporation)
========================== Services (Whitelisted) =================
S2 AsusService; C:\Windows\System32\AsusService.exe [219136 2009-08-18] ()
S2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
S2 KMService; C:\windows\system32\srvany.exe [8192 2003-04-18] ()
S2 Winmgmt; C:\ProgramData\2992199F9A\esz8dogcl.cpp [139337 2014-04-24] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
S1 AsUpIO; C:\Windows\System32\drivers\AsUpIO.sys [11832 2011-02-09] ()
S2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software)
S1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21576 2013-03-06] (AVAST Software)
S2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software)
S1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [61680 2013-05-09] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-05-09] ()
S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-06-28] (AVAST Software)
S1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-06-28] (AVAST Software)
S1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [175176 2013-06-28] ()
S3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [13880 2010-04-12] ( )
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-27 09:45 - 2014-04-27 09:45 - 00000000 ____D () C:\FRST
2014-04-24 11:05 - 2014-04-26 23:06 - 00000000 ____D () C:\ProgramData\2992199F9A
2014-04-09 13:11 - 2014-03-04 01:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2014-04-09 13:11 - 2014-02-03 18:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\msiscsi.sys
2014-04-09 13:11 - 2014-02-03 18:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
2014-04-09 13:11 - 2014-02-03 18:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2014-04-09 13:11 - 2014-02-03 18:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\iologmsg.dll
2014-04-09 13:11 - 2014-01-23 18:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2014-04-05 01:28 - 2014-04-05 01:28 - 00011804 _____ () C:\Users\Roland Gerlach\Documents\Ord123.xlsx
==================== One Month Modified Files and Folders =======
2014-04-27 09:45 - 2014-04-27 09:45 - 00000000 ____D () C:\FRST
2014-04-26 23:31 - 2009-07-13 20:39 - 00156868 _____ () C:\Windows\setupact.log
2014-04-26 23:14 - 2009-07-13 20:34 - 00009696 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-26 23:14 - 2009-07-13 20:34 - 00009696 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-26 23:07 - 2011-12-29 11:56 - 00000000 ____D () C:\Users\Roland Gerlach\Tracing
2014-04-26 23:06 - 2014-04-24 11:05 - 00000000 ____D () C:\ProgramData\2992199F9A
2014-04-26 22:58 - 2010-10-09 17:51 - 01325497 _____ () C:\Windows\WindowsUpdate.log
2014-04-26 22:53 - 2013-11-19 14:07 - 02012162 _____ () C:\Windows\IE11_main.log
2014-04-21 17:09 - 2013-04-30 17:06 - 01010761 _____ () C:\Windows\IE10_main.log
2014-04-21 10:09 - 2009-07-24 23:50 - 01620684 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-04-18 07:50 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\rescache
2014-04-11 11:18 - 2011-08-12 23:23 - 00002367 _____ () C:\Users\Roland Gerlach\Desktop\Google Chrome.lnk
2014-04-10 12:47 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\System32\de-DE
2014-04-09 14:35 - 2010-04-26 04:59 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-09 14:29 - 2013-08-13 10:32 - 00000000 ____D () C:\Windows\System32\MRT
2014-04-09 14:29 - 2010-11-08 12:48 - 88028728 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-04-05 01:29 - 2014-01-26 04:07 - 00012337 _____ () C:\Users\Roland Gerlach\Documents\ord122.xlsx
2014-04-05 01:28 - 2014-04-05 01:28 - 00011804 _____ () C:\Users\Roland Gerlach\Documents\Ord123.xlsx
Files to move or delete:
====================
C:\ProgramData\4693231.pad
Some content of TEMP:
====================
C:\Users\Roland Gerlach\AppData\Local\Temp\$browser$.update.exe
C:\Users\Roland Gerlach\AppData\Local\Temp\atl80.dll
C:\Users\Roland Gerlach\AppData\Local\Temp\bwr.dll
C:\Users\Roland Gerlach\AppData\Local\Temp\DataCard_Setup.exe
C:\Users\Roland Gerlach\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Roland Gerlach\AppData\Local\Temp\FlashPlayerUpdate01.exe
C:\Users\Roland Gerlach\AppData\Local\Temp\mfc80.dll
C:\Users\Roland Gerlach\AppData\Local\Temp\mfc80u.dll
C:\Users\Roland Gerlach\AppData\Local\Temp\mfcm80.dll
C:\Users\Roland Gerlach\AppData\Local\Temp\mfcm80u.dll
C:\Users\Roland Gerlach\AppData\Local\Temp\msvcm80.dll
C:\Users\Roland Gerlach\AppData\Local\Temp\msvcp80.dll
C:\Users\Roland Gerlach\AppData\Local\Temp\msvcr80.dll
C:\Users\Roland Gerlach\AppData\Local\Temp\ose00000.exe
C:\Users\Roland Gerlach\AppData\Local\Temp\ResetDevice.exe
C:\Users\Roland Gerlach\AppData\Local\Temp\TmDbg32.dll
C:\Users\Roland Gerlach\AppData\Local\Temp\Uni000.exe
==================== Known DLLs (Whitelisted) ============
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
Restore point made on: 2014-04-19 15:52:23
Restore point made on: 2014-04-20 16:34:10
Restore point made on: 2014-04-21 06:47:11
Restore point made on: 2014-04-21 17:07:45
Restore point made on: 2014-04-22 13:53:22
Restore point made on: 2014-04-26 22:50:10
==================== Memory info ===========================
Percentage of memory in use: 37%
Total physical RAM: 1014.18 MB
Available physical RAM: 631.83 MB
Total Pagefile: 1014.18 MB
Available Pagefile: 636.7 MB
Total Virtual: 2047.88 MB
Available Virtual: 1962.95 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:100 GB) (Free:52.39 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:117.86 GB) (Free:117.62 GB) NTFS
Drive e: () (Removable) (Total:1.88 GB) (Free:1.56 GB) FAT
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 29133921)
Partition 1: (Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=15 GB) - (Type=1B)
Partition 3: (Not Active) - (Size=118 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=20 MB) - (Type=EF)
========================================================
Disk: 1 (Size: 2 GB) (Disk ID: 04DD5721)
Partition 1: (Active) - (Size=2 GB) - (Type=06)
LastRegBack: 2014-04-21 10:57
==================== End Of Log ============================
|
|
27.04.2014, 10:25
| #2 |
| Ruhe in Frieden † 2019     | Bundestrojaner, Windows startet nicht im abgesicherten Modus Mein Name ist Sandra, ich habe dein Thema in Arbeit und melde mich so schnell wie möglich mit weiteren Anweisungen. Ich bedanke mich für deine Geduld 
__________________ |
|
27.04.2014, 10:31
| #3 |
| Ruhe in Frieden † 2019 | Bundestrojaner, Windows startet nicht im abgesicherten Modus Hallo Hesse45,
__________________Startet der Rechner nach diesem Fix wieder normal? Drücke bitte die  + R Taste und schreibe notepad in das Ausführen Fenster.Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter Startup: C:\Users\Roland Gerlach\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\lcgod8zse.lnk
ShortcutTarget: lcgod8zse.lnk -> C:\ProgramData\2992199F9A\esz8dogcl.cpp (Microsoft Corporation)
S2 Winmgmt; C:\ProgramData\2992199F9A\esz8dogcl.cpp [139337 2014-04-24] (Microsoft Corporation)
C:\ProgramData\2992199F9A
C:\ProgramData\4693231.pad
Achtung. Dies ist ein Entsperrungsversuch. Auch wenn der Rechner nach diesem Fix normal startet, kann es sein, dass er weiterhin infiziert ist. Arbeite bitte weiterhin mit.
__________________ |
|
27.04.2014, 11:00
| #4 |
| | Bundestrojaner, Windows startet nicht im abgesicherten Modus Hallo Sandra, danke für die schnelle Antwort. Wenn ich starte, kommt ja die GVU seite Und dann kann ich nix mehr machen, auch wenn ich auf windows und r drücke passiert nichts In der startleiste ist kein ausführen drin, aber ich kann auch nicht in die eigenschaften um das einzustellen Er gibt mir zwar ab und zu die startleiste, aber ich kann nichts anklicken |
|
28.04.2014, 20:14
| #6 |
| | Bundestrojaner, Windows startet nicht im abgesicherten Modus Hallo Sandra, hier ist das Fixlog: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 26-04-2014 03
Ran by SYSTEM at 2014-04-28 20:51:30 Run:1
Running from E:\
Boot Mode: Recovery
==============================================
Content of fixlist:
*****************
Startup: C:\Users\Roland Gerlach\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\lcgod8zse.lnk
ShortcutTarget: lcgod8zse.lnk -> C:\ProgramData\2992199F9A\esz8dogcl.cpp (Microsoft Corporation)
S2 Winmgmt; C:\ProgramData\2992199F9A\esz8dogcl.cpp [139337 2014-04-24] (Microsoft Corporation)
C:\ProgramData\2992199F9A
C:\ProgramData\4693231.pad
*****************
C:\Users\Roland Gerlach\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\lcgod8zse.lnk => Moved successfully.
C:\ProgramData\2992199F9A\esz8dogcl.cpp => Moved successfully.
Winmgmt => Service restored successfully.
C:\ProgramData\2992199F9A => Moved successfully.
C:\ProgramData\4693231.pad => Moved successfully.
==== End of Fixlog ====
Der ganze Aufbau, bis etwas geöffnet wird wenn man draufklickt, dauert eiwg Gruß Hesse45 |
|
28.04.2014, 21:28
| #7 | |
| Ruhe in Frieden † 2019 | Bundestrojaner, Windows startet nicht im abgesicherten Modus Hallo Hesse45, Zitat:
 Dann schauen wir jetzt mal genauer: Ab jetzt alle Schritte im Normalmodus Schritt 1 Verschiebe nun die FRST.exe von deinem USB-Stick auf den Desktop deines Rechners. Starte jetzt noch einmal FRST.
|
|
29.04.2014, 05:31
| #8 |
| | Bundestrojaner, Windows startet nicht im abgesicherten Modus Guten Morgen Sandra, hier die beiden Log´s Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 29-04-2014
Ran by Roland Gerlach at 2014-04-29 06:19:38
Running from C:\Users\Roland Gerlach\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: avast! Internet Security (Disabled) {131692B0-0864-D491-4E21-3A3A1D8BBB47}
==================== Installed Programs ======================
32 Bit HP CIO Components Installer (Version: 1.1.0 - Hewlett-Packard) Hidden
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.7.0.1530 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.7.0.1530 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Alice Greenfingers (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version: - Oberon Media)
ASUS WebStorage (HKLM\...\ASUS WebStorage) (Version: 3.0.143.296 - ASUS Cloud Corporation)
ASUSUpdate for Eee PC (HKLM\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 1.03.06 - ASUSTeK Computer Inc.)
AsusVibe2.0 (HKLM\...\Asus Vibe2.0) (Version: 2.0.9.157 - ASUSTEK)
Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.10 - Atheros Communications Inc.)
Avant Browser (remove only) (HKLM\...\AvantBrowser) (Version: 12.0.0.0 - Avant Force)
avast! Free Antivirus (HKLM\...\avast) (Version: 8.0.1489.0 - AVAST Software)
Bing Bar (HKLM\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Boingo Wi-Fi (HKLM\...\{84C2B80B-64A2-4B22-93EC-F30C3D6BF7D8}) (Version: 1.7.0048 - Boingo Wireless, Inc.)
CapsHook (HKLM\...\{4B5092B6-F231-4D18-83BC-2618B729CA45}) (Version: 1.0.0.3 - AsusTek Computer)
Chicken Invaders 2 (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version: - Oberon Media)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5971CA1F-6BDE-498F-952C-9F2BF94070A4}) (Version: - Microsoft)
Dream Day Wedding Married in Manhattan (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115233673}) (Version: - Oberon Media)
ebi.BookReader3J (HKLM\...\{F3D2DEDC-4732-4188-8A3A-1A3FFBD4D6C8}) (Version: 3.75.14 - eBOOK Initiative Japan Co., Ltd.)
E-Cam (HKLM\...\{185AFA7A-F63E-450B-94AA-011CAC18090E}) (Version: 2.0.2.5 - )
Eee Docking 3.7.0 (HKLM\...\Eee Docking_is1) (Version: 3.7.0 - ASUSTek Computer Inc.)
EeeSplendid (HKLM\...\{6333FC29-BFE5-4024-AC78-958A1A7555D1}) (Version: 5.1.2.0011 - ASUS)
EeeSplendid (Version: 5.1.2.0011 - ASUS) Hidden
FontResizer (HKLM\...\InstallShield_{17780F99-A9DF-450B-81B3-6781B20A17A8}) (Version: 1.01.0011 - ASUSTek)
FontResizer (Version: 1.01.0011 - ASUSTek) Hidden
Game Park Console (HKLM\...\{D44AA979-47C2-4BC0-A860-09A54224EA44}_is1) (Version: 6.2.0.3 - Oberon Media, Inc.)
Google Chrome (HKCU\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Drive (HKLM\...\{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}) (Version: 1.14.6059.644 - Google, Inc.)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden
Hotkey Service (HKLM\...\{71C0E38E-09F2-4386-9977-404D4F6640CD}) (Version: 1.22 - AsusTek Computer)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.14.10.1929 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
LiveUpdate (HKLM\...\{38E5A3B1-ADF1-47E0-8024-76310A30EB36}) (Version: 1.29 - AsusTek Computer Inc.)
LocaleMe (HKLM\...\{F58C1D44-4AC9-48E8-9049-7A6CDFCB415C}) (Version: 1.3 - ASUS)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0100-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0100-0410-0000-0000000FF1CE}_OMUI.it-it_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0100-0413-0000-0000000FF1CE}_OMUI.nl-nl_{26257879-B20D-4D30-A429-B387A4890929}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Access MUI (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel 2007 Help - Aggiornamento (KB963678) (HKLM\...\{90120000-0016-0410-0000-0000000FF1CE}_OMUI.it-it_{9F57BDED-B51B-4D2F-B360-5B4EFAAF0F1A}) (Version: - Microsoft)
Microsoft Office Excel MUI (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2007 - Dutch/Nederlands (HKLM\...\OMUI.nl-nl) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - French/Français (HKLM\...\OMUI.fr-fr) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - German/Deutsch (HKLM\...\OMUI.de-de) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - Italian/Italiano (HKLM\...\OMUI.it-it) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2010 - German/Deutsch (HKLM\...\Office14.OMUI.de-de) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.3 (HKLM\...\{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}) (Version: 2.0.2313.0 - Microsoft Corporation)
Microsoft Office O MUI (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office O MUI (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office O MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office O MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office O MUI (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook 2007 Help - Aggiornamento (KB963677) (HKLM\...\{90120000-001A-0410-0000-0000000FF1CE}_OMUI.it-it_{2278E02A-AB15-4BF7-B2B4-5C0EEB4B7EEB}) (Version: - Microsoft)
Microsoft Office Outlook MUI (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Powerpoint 2007 Help - Aggiornamento (KB963669) (HKLM\...\{90120000-0018-0410-0000-0000000FF1CE}_OMUI.it-it_{C76C02F1-B07F-4974-876A-A18DEC9887C8}) (Version: - Microsoft)
Microsoft Office PowerPoint MUI (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Arabic) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Dutch) 2007 (Version: 12.0.4518.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Italian) 2007 (Version: 12.0.4518.1018 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office SharePoint Designer MUI (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer MUI (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer MUI (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word 2007 Help - Aggiornamento (KB963665) (HKLM\...\{90120000-001B-0410-0000-0000000FF1CE}_OMUI.it-it_{E5B82DB3-DD7D-4C45-BC5E-09864B26F9BC}) (Version: - Microsoft)
Microsoft Office Word MUI (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office X MUI (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office X MUI (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office X MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office X MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office X MUI (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mise à jour Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-040C-0000-0000000FF1CE}_OMUI.fr-fr_{B761869A-B85C-40E2-994C-A1CE78AC8F2C}) (Version: - Microsoft)
Mise à jour Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-040C-0000-0000000FF1CE}_OMUI.fr-fr_{51EFB347-1F3D-4BAC-8B79-F056B904FE21}) (Version: - Microsoft)
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-040C-0000-0000000FF1CE}_OMUI.fr-fr_{C3DCA38E-005E-41BA-A52A-7C3429F351C3}) (Version: - Microsoft)
Mise à jour Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-040C-0000-0000000FF1CE}_OMUI.fr-fr_{81536A04-DBFB-4DB3-978F-0F284590C223}) (Version: - Microsoft)
Mobile Partner (HKLM\...\Mobile Partner) (Version: 11.002.03.07.40 - Huawei Technologies Co.,Ltd)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Piggly FREE (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-1173957}) (Version: - Oberon Media)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6086 - Realtek Semiconductor Corp.)
RegClean Pro (HKLM\...\RegClean Pro_is1) (Version: 6.21 - Systweak Inc) <==== ATTENTION
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (HKLM\...\{90140000-0100-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{F3E80B62-3C51-4940-A434-A1F517AB8D6A}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (Version: - Microsoft) Hidden
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Smileyville FREE (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117396510}) (Version: - Oberon Media)
Super Hybrid Engine (HKLM\...\{88F08F98-12BC-4613-81A2-8F9B88CFC73E}) (Version: 2.10 - AsusTek Computer)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.16.0 - Synaptics Incorporated)
TeamViewer 6 (HKLM\...\TeamViewer 6) (Version: 6.0.13992 - TeamViewer GmbH)
Times Reader (HKLM\...\com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1) (Version: 2.055 - The New York Times Company)
Times Reader (Version: 2.055 - The New York Times Company) Hidden
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-0100-040C-0000-0000000FF1CE}_OMUI.fr-fr_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-0100-0410-0000-0000000FF1CE}_OMUI.it-it_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-0100-0413-0000-0000000FF1CE}_OMUI.nl-nl_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-0100-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-040C-0000-0000000FF1CE}_OMUI.fr-fr_{B83A8864-A85D-437E-9D4C-27350765BF46}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0410-0000-0000000FF1CE}_OMUI.it-it_{9D702FFD-3C2B-44D0-9B8B-CA1A30CA555B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0413-0000-0000000FF1CE}_OMUI.nl-nl_{F8564AF8-30AE-4427-ACF3-69714E1BB656}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Update voor Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0413-0000-0000000FF1CE}_OMUI.nl-nl_{5CF7002F-6F49-4482-9564-5614FBE560FA}) (Version: - Microsoft)
Update voor Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0413-0000-0000000FF1CE}_OMUI.nl-nl_{15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}) (Version: - Microsoft)
Update voor Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0413-0000-0000000FF1CE}_OMUI.nl-nl_{A66AE6A1-8D8C-4102-BC18-38CBDE40F809}) (Version: - Microsoft)
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.5.500 - Broadcom Corporation)
Windows Driver Package - Broadcom Bluetooth (07/17/2009 6.2.0.9403) (HKLM\...\B41C7C96D83162A676DA7365ADEFD6C1AF62A4EE) (Version: 07/17/2009 6.2.0.9403 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (07/29/2009 6.1.7100.0) (HKLM\...\B5C82F3814F82FB37F1513B3185399BD88892B08) (Version: 07/29/2009 6.1.7100.0 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Anmelde-Assistent (HKLM\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 14.0.8093.805 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
==================== Restore Points =========================
21-04-2014 00:33:19 Windows Update
21-04-2014 14:46:25 Windows Update
22-04-2014 01:06:32 Windows Update
22-04-2014 21:52:34 Windows Update
27-04-2014 06:49:28 Windows Update
28-04-2014 19:06:23 Windows Update
28-04-2014 19:46:41 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {1C444F65-F885-406A-8656-27D567C4A827} - System32\Tasks\avast! Emergency Update => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [2013-05-09] (AVAST Software)
Task: {52DEF552-2FC8-42FB-95A6-ABE8F42F2F9B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-29] (Google Inc.)
Task: {7A4CB9F0-5D1B-43BF-B93E-5D79E4E76914} - System32\Tasks\RegClean Pro => C:\Program Files\RegClean Pro\RegCleanPro.exe [2013-07-22] (Systweak Inc) <==== ATTENTION
Task: {7A6AB32E-577E-434A-8964-8E03B6839B7F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-29] (Google Inc.)
Task: {8FBBEA4B-E1B2-42E2-8ED7-545CB14B9F2C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3805556528-2364784008-1169793373-1000UA => C:\Users\Roland Gerlach\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-04] (Google Inc.)
Task: {A6D55903-CF1C-45FB-9B3E-EC5053E721A9} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files\RegClean Pro\RegCleanPro.exe [2013-07-22] (Systweak Inc) <==== ATTENTION
Task: {B120883B-B555-49DE-93FB-8BBAEB87EF84} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-28] (Adobe Systems Incorporated)
Task: {DAFD15D4-8C77-4FC0-8CC6-8380FE925D9C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3805556528-2364784008-1169793373-1000Core => C:\Users\Roland Gerlach\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-04] (Google Inc.)
Task: {F7DF1092-5288-4478-A90A-7EBFD17395AA} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files\RegClean Pro\RegCleanPro.exe [2013-07-22] (Systweak Inc) <==== ATTENTION
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3805556528-2364784008-1169793373-1000Core.job => C:\Users\Roland Gerlach\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3805556528-2364784008-1169793373-1000UA.job => C:\Users\Roland Gerlach\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files\RegClean Pro\RegCleanPro.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2014-04-28 21:03 - 2014-04-28 09:19 - 02292224 _____ () C:\Program Files\Alwil Software\Avast5\defs\14042800\algo.dll
2014-04-29 06:14 - 2014-04-28 21:29 - 02292224 _____ () C:\Program Files\Alwil Software\Avast5\defs\14042801\algo.dll
2010-04-26 14:56 - 2009-08-19 02:35 - 00219136 _____ () C:\Windows\System32\AsusService.exe
2011-02-05 13:19 - 2003-04-18 20:06 - 00008192 _____ () C:\windows\system32\srvany.exe
2011-02-05 13:19 - 2010-04-10 10:03 - 00077824 _____ () C:\windows\KMService.exe
2010-01-09 21:18 - 2010-01-09 21:18 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2011-01-07 19:33 - 2010-03-15 12:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2010-04-26 15:17 - 2010-03-30 01:29 - 00415920 _____ () C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
2011-07-13 09:38 - 2011-07-13 09:38 - 00181664 _____ () C:\Program Files\Asus\LiveUpdate\Parser.dll
2011-09-05 09:19 - 2011-09-05 09:19 - 00028672 _____ () C:\Program Files\ASUS\ASUS WebStorage\3.0.143.296\AxInterop.ShockwaveFlashObjects.dll
2009-08-02 16:05 - 2009-08-02 16:05 - 00132384 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/28/2014 08:43:46 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: HotkeyService.exe, Version: 6.1.1.2031, Zeitstempel: 0x4bbc67f4
Name des fehlerhaften Moduls: HotkeyService.exe, Version: 6.1.1.2031, Zeitstempel: 0x4bbc67f4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001ac56
ID des fehlerhaften Prozesses: 0x398
Startzeit der fehlerhaften Anwendung: 0xHotkeyService.exe0
Pfad der fehlerhaften Anwendung: HotkeyService.exe1
Pfad des fehlerhaften Moduls: HotkeyService.exe2
Berichtskennung: HotkeyService.exe3
Error: (04/28/2014 08:42:46 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: HotkeyService.exe, Version: 6.1.1.2031, Zeitstempel: 0x4bbc67f4
Name des fehlerhaften Moduls: HotkeyService.exe, Version: 6.1.1.2031, Zeitstempel: 0x4bbc67f4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001ac56
ID des fehlerhaften Prozesses: 0xcc4
Startzeit der fehlerhaften Anwendung: 0xHotkeyService.exe0
Pfad der fehlerhaften Anwendung: HotkeyService.exe1
Pfad des fehlerhaften Moduls: HotkeyService.exe2
Berichtskennung: HotkeyService.exe3
Error: (04/28/2014 08:41:46 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: HotkeyService.exe, Version: 6.1.1.2031, Zeitstempel: 0x4bbc67f4
Name des fehlerhaften Moduls: HotkeyService.exe, Version: 6.1.1.2031, Zeitstempel: 0x4bbc67f4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001ac56
ID des fehlerhaften Prozesses: 0x684
Startzeit der fehlerhaften Anwendung: 0xHotkeyService.exe0
Pfad der fehlerhaften Anwendung: HotkeyService.exe1
Pfad des fehlerhaften Moduls: HotkeyService.exe2
Berichtskennung: HotkeyService.exe3
Error: (04/28/2014 08:40:46 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: HotkeyService.exe, Version: 6.1.1.2031, Zeitstempel: 0x4bbc67f4
Name des fehlerhaften Moduls: HotkeyService.exe, Version: 6.1.1.2031, Zeitstempel: 0x4bbc67f4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001ac56
ID des fehlerhaften Prozesses: 0x88c
Startzeit der fehlerhaften Anwendung: 0xHotkeyService.exe0
Pfad der fehlerhaften Anwendung: HotkeyService.exe1
Pfad des fehlerhaften Moduls: HotkeyService.exe2
Berichtskennung: HotkeyService.exe3
Error: (04/28/2014 08:39:46 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: HotkeyService.exe, Version: 6.1.1.2031, Zeitstempel: 0x4bbc67f4
Name des fehlerhaften Moduls: HotkeyService.exe, Version: 6.1.1.2031, Zeitstempel: 0x4bbc67f4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001ac56
ID des fehlerhaften Prozesses: 0x548
Startzeit der fehlerhaften Anwendung: 0xHotkeyService.exe0
Pfad der fehlerhaften Anwendung: HotkeyService.exe1
Pfad des fehlerhaften Moduls: HotkeyService.exe2
Berichtskennung: HotkeyService.exe3
Error: (04/28/2014 08:38:46 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: HotkeyService.exe, Version: 6.1.1.2031, Zeitstempel: 0x4bbc67f4
Name des fehlerhaften Moduls: HotkeyService.exe, Version: 6.1.1.2031, Zeitstempel: 0x4bbc67f4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001ac56
ID des fehlerhaften Prozesses: 0xd10
Startzeit der fehlerhaften Anwendung: 0xHotkeyService.exe0
Pfad der fehlerhaften Anwendung: HotkeyService.exe1
Pfad des fehlerhaften Moduls: HotkeyService.exe2
Berichtskennung: HotkeyService.exe3
Error: (04/28/2014 08:37:46 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: HotkeyService.exe, Version: 6.1.1.2031, Zeitstempel: 0x4bbc67f4
Name des fehlerhaften Moduls: HotkeyService.exe, Version: 6.1.1.2031, Zeitstempel: 0x4bbc67f4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001ac56
ID des fehlerhaften Prozesses: 0x44c
Startzeit der fehlerhaften Anwendung: 0xHotkeyService.exe0
Pfad der fehlerhaften Anwendung: HotkeyService.exe1
Pfad des fehlerhaften Moduls: HotkeyService.exe2
Berichtskennung: HotkeyService.exe3
Error: (04/28/2014 08:36:46 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: HotkeyService.exe, Version: 6.1.1.2031, Zeitstempel: 0x4bbc67f4
Name des fehlerhaften Moduls: HotkeyService.exe, Version: 6.1.1.2031, Zeitstempel: 0x4bbc67f4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001ac56
ID des fehlerhaften Prozesses: 0x524
Startzeit der fehlerhaften Anwendung: 0xHotkeyService.exe0
Pfad der fehlerhaften Anwendung: HotkeyService.exe1
Pfad des fehlerhaften Moduls: HotkeyService.exe2
Berichtskennung: HotkeyService.exe3
Error: (04/28/2014 08:35:46 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: HotkeyService.exe, Version: 6.1.1.2031, Zeitstempel: 0x4bbc67f4
Name des fehlerhaften Moduls: HotkeyService.exe, Version: 6.1.1.2031, Zeitstempel: 0x4bbc67f4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001ac56
ID des fehlerhaften Prozesses: 0xe60
Startzeit der fehlerhaften Anwendung: 0xHotkeyService.exe0
Pfad der fehlerhaften Anwendung: HotkeyService.exe1
Pfad des fehlerhaften Moduls: HotkeyService.exe2
Berichtskennung: HotkeyService.exe3
Error: (04/28/2014 08:34:46 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: HotkeyService.exe, Version: 6.1.1.2031, Zeitstempel: 0x4bbc67f4
Name des fehlerhaften Moduls: HotkeyService.exe, Version: 6.1.1.2031, Zeitstempel: 0x4bbc67f4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001ac56
ID des fehlerhaften Prozesses: 0x1c8
Startzeit der fehlerhaften Anwendung: 0xHotkeyService.exe0
Pfad der fehlerhaften Anwendung: HotkeyService.exe1
Pfad des fehlerhaften Moduls: HotkeyService.exe2
Berichtskennung: HotkeyService.exe3
System errors:
=============
Error: (04/29/2014 06:12:17 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst LanmanServer erreicht.
Error: (04/29/2014 06:11:47 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst avast! Antivirus erreicht.
Error: (04/29/2014 06:08:42 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (04/28/2014 09:29:48 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (04/28/2014 09:28:25 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (04/28/2014 09:28:12 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (04/28/2014 09:27:58 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (04/28/2014 09:27:53 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (04/28/2014 09:26:15 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (04/28/2014 09:26:15 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Microsoft Office Sessions:
=========================
Error: (04/28/2014 08:43:46 PM) (Source: Application Error)(User: )
Description: HotkeyService.exe6.1.1.20314bbc67f4HotkeyService.exe6.1.1.20314bbc67f4c00000050001ac5639801cf6311a6555703C:\Program Files\EeePC\HotkeyService\HotkeyService.exeC:\Program Files\EeePC\HotkeyService\HotkeyService.exe0778a239-cf05-11e3-8af0-1c4bd610723e
Error: (04/28/2014 08:42:46 PM) (Source: Application Error)(User: )
Description: HotkeyService.exe6.1.1.20314bbc67f4HotkeyService.exe6.1.1.20314bbc67f4c00000050001ac56cc401cf6311835a5e3cC:\Program Files\EeePC\HotkeyService\HotkeyService.exeC:\Program Files\EeePC\HotkeyService\HotkeyService.exee3b0f31a-cf04-11e3-8af0-1c4bd610723e
Error: (04/28/2014 08:41:46 PM) (Source: Application Error)(User: )
Description: HotkeyService.exe6.1.1.20314bbc67f4HotkeyService.exe6.1.1.20314bbc67f4c00000050001ac5668401cf63116061c6d6C:\Program Files\EeePC\HotkeyService\HotkeyService.exeC:\Program Files\EeePC\HotkeyService\HotkeyService.exebfe943fc-cf04-11e3-8af0-1c4bd610723e
Error: (04/28/2014 08:40:46 PM) (Source: Application Error)(User: )
Description: HotkeyService.exe6.1.1.20314bbc67f4HotkeyService.exe6.1.1.20314bbc67f4c00000050001ac5688c01cf63113b8abad8C:\Program Files\EeePC\HotkeyService\HotkeyService.exeC:\Program Files\EeePC\HotkeyService\HotkeyService.exe9c2194de-cf04-11e3-8af0-1c4bd610723e
Error: (04/28/2014 08:39:46 PM) (Source: Application Error)(User: )
Description: HotkeyService.exe6.1.1.20314bbc67f4HotkeyService.exe6.1.1.20314bbc67f4c00000050001ac5654801cf6311188fc212C:\Program Files\EeePC\HotkeyService\HotkeyService.exeC:\Program Files\EeePC\HotkeyService\HotkeyService.exe785522ff-cf04-11e3-8af0-1c4bd610723e
Error: (04/28/2014 08:38:46 PM) (Source: Application Error)(User: )
Description: HotkeyService.exe6.1.1.20314bbc67f4HotkeyService.exe6.1.1.20314bbc67f4c00000050001ac56d1001cf6310f3bd78d5C:\Program Files\EeePC\HotkeyService\HotkeyService.exeC:\Program Files\EeePC\HotkeyService\HotkeyService.exe548d73e0-cf04-11e3-8af0-1c4bd610723e
Error: (04/28/2014 08:37:46 PM) (Source: Application Error)(User: )
Description: HotkeyService.exe6.1.1.20314bbc67f4HotkeyService.exe6.1.1.20314bbc67f4c00000050001ac5644c01cf6310d0c4e16eC:\Program Files\EeePC\HotkeyService\HotkeyService.exeC:\Program Files\EeePC\HotkeyService\HotkeyService.exe30c82622-cf04-11e3-8af0-1c4bd610723e
Error: (04/28/2014 08:36:46 PM) (Source: Application Error)(User: )
Description: HotkeyService.exe6.1.1.20314bbc67f4HotkeyService.exe6.1.1.20314bbc67f4c00000050001ac5652401cf6310abf036d1C:\Program Files\EeePC\HotkeyService\HotkeyService.exeC:\Program Files\EeePC\HotkeyService\HotkeyService.exe0cfe15a4-cf04-11e3-8af0-1c4bd610723e
Error: (04/28/2014 08:35:46 PM) (Source: Application Error)(User: )
Description: HotkeyService.exe6.1.1.20314bbc67f4HotkeyService.exe6.1.1.20314bbc67f4c00000050001ac56e6001cf631088f53e0aC:\Program Files\EeePC\HotkeyService\HotkeyService.exeC:\Program Files\EeePC\HotkeyService\HotkeyService.exee9366685-cf03-11e3-8af0-1c4bd610723e
Error: (04/28/2014 08:34:46 PM) (Source: Application Error)(User: )
Description: HotkeyService.exe6.1.1.20314bbc67f4HotkeyService.exe6.1.1.20314bbc67f4c00000050001ac561c801cf631065fa4543C:\Program Files\EeePC\HotkeyService\HotkeyService.exeC:\Program Files\EeePC\HotkeyService\HotkeyService.exec57118c7-cf03-11e3-8af0-1c4bd610723e
==================== Memory info ===========================
Percentage of memory in use: 84%
Total physical RAM: 1014.18 MB
Available physical RAM: 158.08 MB
Total Pagefile: 2038.18 MB
Available Pagefile: 838.12 MB
Total Virtual: 2047.88 MB
Available Virtual: 1932.86 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:100 GB) (Free:52.98 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:117.86 GB) (Free:117.62 GB) NTFS
Drive e: () (Removable) (Total:1.88 GB) (Free:1.55 GB) FAT
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 29133921)
Partition 1: (Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=15 GB) - (Type=1B)
Partition 3: (Not Active) - (Size=118 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=20 MB) - (Type=EF)
========================================================
Disk: 1 (Size: 2 GB) (Disk ID: 04DD5721)
Partition 1: (Active) - (Size=2 GB) - (Type=06)
==================== End Of Log ============================
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-04-2014
Ran by Roland Gerlach (administrator) on ROLANDGERLACH on 29-04-2014 06:15:35
Running from C:\Users\Roland Gerlach\Desktop
Microsoft Windows 7 Starter Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
() C:\Windows\System32\AsusService.exe
(Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.3.132.0\BBSvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
() C:\windows\system32\srvany.exe
() C:\windows\KMService.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Systweak Inc) C:\Program Files\RegClean Pro\RegCleanPro.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version6\TeamViewer.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
() C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
(AsusTek Computer Inc.) C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(ASUS) C:\Program Files\EeePC\CapsHook\CapsHook.exe
(ASUSTeK Computer Inc.) C:\Program Files\EeePC\SHE\SuperHybridEngine.exe
(ASUSTeK Computer Inc.) C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
(ASUSTeK Computer Inc.) C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Intel Corporation) C:\windows\system32\igfxsrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Boingo Wireless, Inc.) C:\Program Files\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(ASUS Cloud Corporation) C:\Program Files\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1594664 2010-04-13] (Synaptics Incorporated)
HKLM\...\Run: [SynAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [83240 2010-04-13] (Synaptics Incorporated)
HKLM\...\Run: [EeeSplendidAgent] => C:\Program Files\ASUS\EPC\EeeSplendid\AsAgent.exe
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems Incorporated)
HKLM\...\Run: [HotkeyMon] => C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe [100328 2009-09-11] (ASUSTeK Computer Inc.)
HKLM\...\Run: [HotkeyService] => C:\Program Files\EeePC\HotkeyService\HotkeyService.exe [1166768 2010-04-08] (ASUSTeK Computer Inc.)
HKLM\...\Run: [SuperHybridEngine] => C:\Program Files\EeePC\SHE\SuperHybridEngine.exe [413688 2009-10-26] (ASUSTeK Computer Inc.)
HKLM\...\Run: [LiveUpdate] => C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe [1095080 2011-07-13] (AsusTek Computer Inc.)
HKLM\...\Run: [CapsHook] => C:\Program Files\EeePC\CapsHook\CapsHook.exe [439712 2010-03-09] (ASUS)
HKLM\...\Run: [Eee Docking] => C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [415920 2010-03-30] ()
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8555040 2010-04-09] (Realtek Semiconductor)
HKLM\...\Run: [Boingo Wi-Fi] => C:\Program Files\Boingo\Boingo Wi-Fi\Boingo.lnk [2429 2010-10-09] ()
HKLM\...\Run: [ASUSPRP] => C:\Program Files\ASUS\APRP\APRP.EXE [2018032 2010-04-26] (ASUSTek Computer Inc.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM\...\Run: [avast] => C:\Program Files\Alwil Software\Avast5\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM\...\Run: [ASUSWebStorage] => C:\Program Files\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe [740736 2012-08-03] (ASUS Cloud Corporation)
HKU\S-1-5-21-3805556528-2364784008-1169793373-1000\...\Run: [Google Update] => C:\Users\Roland Gerlach\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-08-04] (Google Inc.)
HKU\S-1-5-21-3805556528-2364784008-1169793373-1000\...\Run: [msnmsgr] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe [3883840 2009-07-26] (Microsoft Corporation)
HKU\S-1-5-21-3805556528-2364784008-1169793373-1000\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-3805556528-2364784008-1169793373-1000\...\MountPoints2: {12debd09-1a83-11e0-a890-1c4bd610723e} - E:\AutoRun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/?pc=AVBR
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://eeepc.asus.com
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AVB3DF&pc=AVBR
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AVB3DF&pc=AVBR
SearchScopes: HKCU - {B7B664DF-3AF9-4C8E-8148-F42BB7831D27} URL = hxxp://www.ask.com/web?o=15710&l=dis&q={searchTerms}
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553545000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Roland Gerlach\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Roland Gerlach\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Users\Roland Gerlach\AppData\Local\Google\Chrome\Application\34.0.1847.116\gcswf32.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Roland Gerlach\AppData\Local\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Roland Gerlach\AppData\Local\Google\Chrome\Application\34.0.1847.116\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (YouTube) - C:\Users\Roland Gerlach\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-18]
CHR Extension: (Google-Suche) - C:\Users\Roland Gerlach\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-18]
CHR Extension: (Google Wallet) - C:\Users\Roland Gerlach\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Google Mail) - C:\Users\Roland Gerlach\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-18]
CHR StartMenuInternet: Google Chrome - C:\Users\Roland Gerlach\AppData\Local\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
R2 AsusService; C:\Windows\System32\AsusService.exe [219136 2009-08-19] ()
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 KMService; C:\windows\system32\srvany.exe [8192 2003-04-18] ()
==================== Drivers (Whitelisted) ====================
R1 AsUpIO; C:\windows\System32\drivers\AsUpIO.sys [11832 2011-02-09] ()
R2 aswFsBlk; C:\windows\system32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software)
R1 aswKbd; C:\windows\system32\Drivers\aswKbd.sys [21576 2013-03-07] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software)
R1 aswRdr; C:\windows\System32\Drivers\aswrdr2.sys [61680 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\windows\system32\Drivers\aswRvrt.sys [49376 2013-05-09] ()
R1 aswSnx; C:\windows\system32\Drivers\aswSnx.sys [770344 2013-06-28] (AVAST Software)
R1 aswSP; C:\windows\system32\Drivers\aswSP.sys [369584 2013-06-28] (AVAST Software)
R1 aswTdi; C:\windows\system32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software)
R0 aswVmm; C:\windows\system32\Drivers\aswVmm.sys [175176 2013-06-28] ()
R3 kbfiltr; C:\windows\System32\DRIVERS\kbfiltr.sys [13880 2010-04-13] ( )
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-29 06:15 - 2014-04-29 06:16 - 00014168 _____ () C:\Users\Roland Gerlach\Desktop\FRST.txt
2014-04-29 06:14 - 2014-04-29 06:14 - 00000000 ____D () C:\Users\Roland Gerlach\Desktop\FRST-OlderVersion
2014-04-29 06:12 - 2014-04-29 06:14 - 01049600 _____ (Farbar) C:\Users\Roland Gerlach\Desktop\FRST.exe
2014-04-28 21:39 - 2014-04-29 06:08 - 00000290 _____ () C:\windows\Tasks\RegClean Pro_UPDATES.job
2014-04-28 21:39 - 2014-04-29 06:08 - 00000282 _____ () C:\windows\Tasks\RegClean Pro_DEFAULT.job
2014-04-28 21:38 - 2014-04-28 21:38 - 00000000 ____D () C:\Users\Roland Gerlach\AppData\Roaming\Systweak
2014-04-28 21:37 - 2014-04-28 21:37 - 00001012 _____ () C:\Users\Public\Desktop\RegClean Pro.lnk
2014-04-28 21:37 - 2014-04-28 21:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
2014-04-28 21:37 - 2014-04-28 21:37 - 00000000 ____D () C:\Program Files\RegClean Pro
2014-04-28 21:37 - 2013-07-22 16:07 - 00018776 _____ (Systweak Inc., (www.systweak.com)) C:\windows\system32\roboot.exe
2014-04-27 19:45 - 2014-04-29 06:15 - 00000000 ____D () C:\FRST
2014-04-27 10:15 - 2014-04-27 10:15 - 00003344 ____N () C:\bootsqm.dat
2014-04-09 23:11 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-04-09 23:11 - 2014-02-04 04:07 - 00234432 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-04-09 23:11 - 2014-02-04 04:07 - 00149440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-04-09 23:11 - 2014-02-04 04:07 - 00027072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Diskdump.sys
2014-04-09 23:11 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\iologmsg.dll
2014-04-09 23:11 - 2014-01-24 04:18 - 01212352 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-04-05 11:28 - 2014-04-05 11:28 - 00011804 _____ () C:\Users\Roland Gerlach\Documents\Ord123.xlsx
==================== One Month Modified Files and Folders =======
2014-04-29 06:16 - 2014-04-29 06:15 - 00014168 _____ () C:\Users\Roland Gerlach\Desktop\FRST.txt
2014-04-29 06:15 - 2014-04-27 19:45 - 00000000 ____D () C:\FRST
2014-04-29 06:15 - 2010-10-10 03:51 - 01455981 _____ () C:\windows\WindowsUpdate.log
2014-04-29 06:14 - 2014-04-29 06:14 - 00000000 ____D () C:\Users\Roland Gerlach\Desktop\FRST-OlderVersion
2014-04-29 06:14 - 2014-04-29 06:12 - 01049600 _____ (Farbar) C:\Users\Roland Gerlach\Desktop\FRST.exe
2014-04-29 06:09 - 2011-12-29 21:56 - 00000000 ____D () C:\Users\Roland Gerlach\Tracing
2014-04-29 06:08 - 2014-04-28 21:39 - 00000290 _____ () C:\windows\Tasks\RegClean Pro_UPDATES.job
2014-04-29 06:08 - 2014-04-28 21:39 - 00000282 _____ () C:\windows\Tasks\RegClean Pro_DEFAULT.job
2014-04-29 06:08 - 2011-01-29 16:36 - 00001110 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-29 06:08 - 2009-07-14 06:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-04-29 06:08 - 2009-07-14 06:39 - 00159020 _____ () C:\windows\setupact.log
2014-04-28 21:50 - 2013-11-20 00:07 - 02034175 _____ () C:\windows\IE11_main.log
2014-04-28 21:50 - 2011-01-29 16:36 - 00001114 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-28 21:48 - 2013-04-21 21:34 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-04-28 21:40 - 2009-07-25 09:50 - 01620684 _____ () C:\windows\system32\PerfStringBackup.INI
2014-04-28 21:38 - 2014-04-28 21:38 - 00000000 ____D () C:\Users\Roland Gerlach\AppData\Roaming\Systweak
2014-04-28 21:38 - 2009-07-14 06:34 - 00009696 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-28 21:38 - 2009-07-14 06:34 - 00009696 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-28 21:37 - 2014-04-28 21:37 - 00001012 _____ () C:\Users\Public\Desktop\RegClean Pro.lnk
2014-04-28 21:37 - 2014-04-28 21:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
2014-04-28 21:37 - 2014-04-28 21:37 - 00000000 ____D () C:\Program Files\RegClean Pro
2014-04-28 21:34 - 2013-04-21 21:34 - 00692400 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2014-04-28 21:34 - 2013-04-21 21:34 - 00070832 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2014-04-28 20:57 - 2011-08-13 09:23 - 00001156 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3805556528-2364784008-1169793373-1000UA.job
2014-04-27 10:15 - 2014-04-27 10:15 - 00003344 ____N () C:\bootsqm.dat
2014-04-22 23:56 - 2011-08-13 09:23 - 00001104 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3805556528-2364784008-1169793373-1000Core.job
2014-04-22 03:09 - 2013-05-01 03:06 - 01010761 _____ () C:\windows\IE10_main.log
2014-04-18 17:50 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\rescache
2014-04-13 01:00 - 2009-07-14 06:53 - 00032640 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-04-11 21:18 - 2011-08-13 09:23 - 00002367 _____ () C:\Users\Roland Gerlach\Desktop\Google Chrome.lnk
2014-04-10 22:47 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\de-DE
2014-04-10 00:35 - 2013-08-13 20:32 - 00000000 ____D () C:\windows\system32\MRT
2014-04-10 00:35 - 2010-04-26 14:59 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-10 00:29 - 2010-11-08 22:48 - 88028728 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-04-05 11:29 - 2014-01-26 14:07 - 00012337 _____ () C:\Users\Roland Gerlach\Documents\ord122.xlsx
2014-04-05 11:28 - 2014-04-05 11:28 - 00011804 _____ () C:\Users\Roland Gerlach\Documents\Ord123.xlsx
Some content of TEMP:
====================
C:\Users\Roland Gerlach\AppData\Local\Temp\$browser$.update.exe
C:\Users\Roland Gerlach\AppData\Local\Temp\atl80.dll
C:\Users\Roland Gerlach\AppData\Local\Temp\bwr.dll
C:\Users\Roland Gerlach\AppData\Local\Temp\DataCard_Setup.exe
C:\Users\Roland Gerlach\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Roland Gerlach\AppData\Local\Temp\FlashPlayerUpdate01.exe
C:\Users\Roland Gerlach\AppData\Local\Temp\mfc80.dll
C:\Users\Roland Gerlach\AppData\Local\Temp\mfc80u.dll
C:\Users\Roland Gerlach\AppData\Local\Temp\mfcm80.dll
C:\Users\Roland Gerlach\AppData\Local\Temp\mfcm80u.dll
C:\Users\Roland Gerlach\AppData\Local\Temp\msvcm80.dll
C:\Users\Roland Gerlach\AppData\Local\Temp\msvcp80.dll
C:\Users\Roland Gerlach\AppData\Local\Temp\msvcr80.dll
C:\Users\Roland Gerlach\AppData\Local\Temp\ose00000.exe
C:\Users\Roland Gerlach\AppData\Local\Temp\ResetDevice.exe
C:\Users\Roland Gerlach\AppData\Local\Temp\TmDbg32.dll
C:\Users\Roland Gerlach\AppData\Local\Temp\Uni000.exe
==================== Bamital & volsnap Check =================
C:\windows\explorer.exe => MD5 is legit
C:\windows\system32\winlogon.exe => MD5 is legit
C:\windows\system32\wininit.exe => MD5 is legit
C:\windows\system32\svchost.exe => MD5 is legit
C:\windows\system32\services.exe => MD5 is legit
C:\windows\system32\User32.dll => MD5 is legit
C:\windows\system32\userinit.exe => MD5 is legit
C:\windows\system32\rpcss.dll => MD5 is legit
C:\windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-21 20:57
==================== End Of Log ============================
|
|
29.04.2014, 12:07
| #9 |
| Ruhe in Frieden † 2019 | Bundestrojaner, Windows startet nicht im abgesicherten Modus Hallo Hesse45, Supportunterbrechung  Lesestoff:Die Logfiles deuten stark darauf hin, dass du nicht legal erworbene Software einsetzt. Zudem sind Cracks und Patches aus dubioser Quelle sehr oft mit Schädlingen versehen, womit man sich also fast vorsätzlich infiziert. Wir haben uns hier auf dem Board darauf geeinigt, dass wir an dieser Stelle solange nicht weiter bereinigen, bis die Software entfernt wurde. Hinzu kommt, dass wir dich in unserer Anleitung und auch in diesem Wichtig-Thema unmissverständlich darauf hingewiesen haben, wie wir damit umgehen werden. Saubere, gute Software hat seinen Preis und die Softwarefirmen leben von diesen Einnahmen. Bitte entscheide Dich also, wie Du weiter vorgehen möchtest und teile mir dieses hier in Deinem Thread mit. Unsere Hilfe beschränkt sich, wenn Du diese Software nicht entfernst, nur auf das Neuaufsetzen und Absichern deines Systems. Fragen dazu beantworten wir dir aber weiterhin gerne und zwar in unserem Forum. |
|
29.04.2014, 17:16
| #10 |
| | Bundestrojaner, Windows startet nicht im abgesicherten Modus Hallo Sandra, da das Laptop ja nicht von mir ist, ich also nicht weis was er da auf dem Rechner hat, kannst Du mir kurz ne Info geben welches Program das ist, oder mehrere ? Ich werde dann das Programm löschen, damit wir hier sauber weitermachen können Gruß Hesse45 |
|
30.04.2014, 18:51
| #12 |
| | Bundestrojaner, Windows startet nicht im abgesicherten Modus Hallo Sandra, Das komplette Office wurde entfernt. Wie fahren wir jetzt fort ? Gruß Hesse45 |
|
30.04.2014, 23:12
| #13 | |
| Ruhe in Frieden † 2019 | Bundestrojaner, Windows startet nicht im abgesicherten Modus Hallo Hesse45, Zitat:
Schritt 1 Bitte deinstalliere folgende Programme (falls vorhanden) : RegClean Pro Dazu gehe auf: den Windowsbutton in der Taskleiste --> Systemsteuerung --> Programme (Unterpunkt Programme deinstallieren) --> Programm auswählen --> entfernen Schritt 2 Downloade Dir bitte Malwarebytes Anti-Malware
Schritt 3 Da der Scan mit Eset sehr gründlich ist, kann er unter Umständen mehrere Stunden dauern  ESET Online Scanner
Schritt 4 Starte noch einmal FRST.
|
|
03.05.2014, 10:36
| #14 |
| | Bundestrojaner, Windows startet nicht im abgesicherten Modus Hallo Sandra, hatte wenig Zeit die 2 Tage, deshalb erst heute die Antwort - Das Laptop wurde noch nicht defragmentiert Soll ich das jetzt machen ? Zu Schritt 1: erledigt Schritt 2: Hier das log: - erledigt Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 01.05.2014 Suchlauf-Zeit: 06:17:57 Logdatei: mbam.txt Administrator: Ja Version: 2.00.1.1004 Malware Datenbank: v2014.05.01.03 Rootkit Datenbank: v2014.03.27.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Chameleon: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x86 Dateisystem: NTFS Benutzer: Roland Gerlach Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 243299 Verstrichene Zeit: 37 Min, 34 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Shuriken: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 1 RiskWare.Tool.CK, C:\Windows\KMService.exe, 1952, Löschen bei Neustart, [f14677d51d5e0e288262c7e49968c739] Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 8 RiskWare.Tool.CK, C:\Windows\KMService.exe, Löschen bei Neustart, [f14677d51d5e0e288262c7e49968c739], PUP.Optional.Rapiddown, C:\$Recycle.Bin\S-1-5-21-3805556528-2364784008-1169793373-1000\$RUTM1X7.exe, In Quarantäne, [85b216365922d4622229c57eeb166799], Trojan.Kelihos.ED, C:\$Recycle.Bin\S-1-5-21-3805556528-2364784008-1169793373-1000\$RVAOBB9.zip, In Quarantäne, [ba7d23290d6e42f465dda77ae1205aa6], Trojan.Kelihos.ED, C:\$Recycle.Bin\S-1-5-21-3805556528-2364784008-1169793373-1000\$RNGLSWL.zip, In Quarantäne, [3502f8544833db5bb68c0e1353aea35d], PUP.RiskwareTool.CK, C:\$Recycle.Bin\S-1-5-21-3805556528-2364784008-1169793373-1000\$R5MYWIA\Microsoft Office 2010 Anti Aktivirung.rar, In Quarantäne, [6ccb3f0dd0aba195a54aad2119e8e020], Trojan.FakeMS, C:\Users\Roland Gerlach\AppData\Local\Temp\bwr.dll, In Quarantäne, [211676d6fc7f69cd70f670028d749c64], PUP.Optional.InstallMonetizer, C:\Users\Roland Gerlach\Downloads\FlashPlayersetup__4651_i342826456_il16.exe, In Quarantäne, [d85f79d3403bd0664865ae778f7223dd], PUP.Optional.PCPerformer.A, C:\Windows\System32\roboot.exe, In Quarantäne, [40f70a42b7c480b6a194940d0ef5847c], Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=940d14ce2cbc834d92652437406847d0
# engine=18096
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-05-01 08:19:53
# local_time=2014-05-01 10:19:53 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 66 85 25456874 150563584 0 0
# scanned=428706
# found=7
# cleaned=7
# scan_time=12464
sh=3E43A4C7B67ABDFB7110A70D917854D284A38573 ft=0 fh=0000000000000000 vn="JS/Exploit.Pdfka.POF Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\found.000\file0001.chk"
sh=A8B086BB67CBCAFF5989FF4AFE9EEB24F7E42366 ft=1 fh=2ec1e8680a59f12e vn="Win32/Reveton.V Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\FRST\Quarantine\C\ProgramData\2992199F9A\esz8dogcl.cpp.xBAD"
sh=D18A67D19245722A9218166E8632946E7F121100 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Roland Gerlach\AppData\Roaming\Avant Profiles\.default\temp\cache\Content.IE5\FWM8CA6A\firstload_com[1].htm"
sh=1928F2A40C3E2ED59C48EA161D45F095A9E1CC5E ft=0 fh=0000000000000000 vn="JS/TrojanClicker.Agent.NDW.Gen Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Roland Gerlach\AppData\Roaming\Avant Profiles\.default\temp\cache\Content.IE5\GRWO4YC4\laantiadmi_techniqueit_net_au[2].htm"
sh=1928F2A40C3E2ED59C48EA161D45F095A9E1CC5E ft=0 fh=0000000000000000 vn="JS/TrojanClicker.Agent.NDW.Gen Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Roland Gerlach\AppData\Roaming\Avant Profiles\.default\temp\cache\Content.IE5\QOJWHAYN\laantiadmi_techniqueit_net_au[1].htm"
sh=1928F2A40C3E2ED59C48EA161D45F095A9E1CC5E ft=0 fh=0000000000000000 vn="JS/TrojanClicker.Agent.NDW.Gen Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Roland Gerlach\AppData\Roaming\Avant Profiles\.default\temp\cache\Content.IE5\QOJWHAYN\laantiadmi_techniqueit_net_au[2].htm"
sh=57EAE57EE96704C946C85195459B068BA8AAA72D ft=0 fh=0000000000000000 vn="JS/Exploit.Pdfka.PPO Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Roland Gerlach\AppData\Roaming\Avant Profiles\.default\temp\cache\Content.IE5\X4LONCBH\797ed[1].pdf"
Hätte ich fast Schritt 4 vergessen: - erledigt frst: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:01-05-2014 Ran by Roland Gerlach (administrator) on ROLANDGERLACH on 03-05-2014 11:27:59 Running from C:\Users\Roland Gerlach\Desktop Microsoft Windows 7 Starter Service Pack 1 (X86) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe () C:\Windows\System32\AsusService.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version6\TeamViewer.exe (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (ASUSTeK Computer Inc.) C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe (ASUSTeK Computer Inc.) C:\Program Files\EeePC\HotkeyService\HotkeyService.exe () C:\Program Files\ASUS\Eee Docking\Eee Docking.exe (ASUSTeK Computer Inc.) C:\Program Files\EeePC\SHE\SuperHybridEngine.exe (AsusTek Computer Inc.) C:\Program Files\ASUS\LiveUpdate\LiveUpdate.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (ASUS) C:\Program Files\EeePC\CapsHook\CapsHook.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Boingo Wireless, Inc.) C:\Program Files\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe (ASUS Cloud Corporation) C:\Program Files\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe (AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe (Google Inc.) C:\Users\Roland Gerlach\AppData\Local\Google\Update\GoogleUpdate.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.3.132.0\SeaPort.EXE (Microsoft Corporation) C:\Windows\System32\wuauclt.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1594664 2010-04-13] (Synaptics Incorporated) HKLM\...\Run: [SynAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [83240 2010-04-13] (Synaptics Incorporated) HKLM\...\Run: [EeeSplendidAgent] => C:\Program Files\ASUS\EPC\EeeSplendid\AsAgent.exe HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems Incorporated) HKLM\...\Run: [HotkeyMon] => C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe [100328 2009-09-11] (ASUSTeK Computer Inc.) HKLM\...\Run: [HotkeyService] => C:\Program Files\EeePC\HotkeyService\HotkeyService.exe [1166768 2010-04-08] (ASUSTeK Computer Inc.) HKLM\...\Run: [SuperHybridEngine] => C:\Program Files\EeePC\SHE\SuperHybridEngine.exe [413688 2009-10-26] (ASUSTeK Computer Inc.) HKLM\...\Run: [LiveUpdate] => C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe [1095080 2011-07-13] (AsusTek Computer Inc.) HKLM\...\Run: [CapsHook] => C:\Program Files\EeePC\CapsHook\CapsHook.exe [439712 2010-03-09] (ASUS) HKLM\...\Run: [Eee Docking] => C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [415920 2010-03-30] () HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8555040 2010-04-09] (Realtek Semiconductor) HKLM\...\Run: [Boingo Wi-Fi] => C:\Program Files\Boingo\Boingo Wi-Fi\Boingo.lnk [2429 2010-10-09] () HKLM\...\Run: [ASUSPRP] => C:\Program Files\ASUS\APRP\APRP.EXE [2018032 2010-04-26] (ASUSTek Computer Inc.) HKLM\...\Run: [ASUSWebStorage] => C:\Program Files\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe [740736 2012-08-03] (ASUS Cloud Corporation) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3873704 2014-05-01] (AVAST Software) HKU\S-1-5-21-3805556528-2364784008-1169793373-1000\...\Run: [Google Update] => C:\Users\Roland Gerlach\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-08-04] (Google Inc.) HKU\S-1-5-21-3805556528-2364784008-1169793373-1000\...\Run: [msnmsgr] => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background HKU\S-1-5-21-3805556528-2364784008-1169793373-1000\...\MountPoints2: E - E:\AutoRun.exe HKU\S-1-5-21-3805556528-2364784008-1169793373-1000\...\MountPoints2: {12debd09-1a83-11e0-a890-1c4bd610723e} - E:\AutoRun.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/?pc=AVBR HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://eeepc.asus.com SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AVB3DF&pc=AVBR SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AVB3DF&pc=AVBR SearchScopes: HKCU - {B7B664DF-3AF9-4C8E-8148-F42BB7831D27} URL = hxxp://www.ask.com/web?o=15710&l=dis&q={searchTerms} BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.) Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.) Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553545000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Roland Gerlach\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Roland Gerlach\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) Chrome: ======= CHR HomePage: hxxp://www.google.com/ CHR StartupUrls: "hxxp://www.google.com/" CHR Plugin: (Shockwave Flash) - C:\Users\Roland Gerlach\AppData\Local\Google\Chrome\Application\34.0.1847.116\gcswf32.dll No File CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll No File CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL No File CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL No File CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll No File CHR Plugin: (Remoting Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Users\Roland Gerlach\AppData\Local\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Users\Roland Gerlach\AppData\Local\Google\Chrome\Application\34.0.1847.116\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll No File CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Default Plug-in) - default_plugin No File CHR Extension: (YouTube) - C:\Users\Roland Gerlach\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-18] CHR Extension: (Google-Suche) - C:\Users\Roland Gerlach\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-18] CHR Extension: (Google Wallet) - C:\Users\Roland Gerlach\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22] CHR Extension: (Google Mail) - C:\Users\Roland Gerlach\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-18] CHR StartMenuInternet: Google Chrome - C:\Users\Roland Gerlach\AppData\Local\Google\Chrome\Application\chrome.exe ========================== Services (Whitelisted) ================= R2 AsusService; C:\Windows\System32\AsusService.exe [219136 2009-08-19] () R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2014-05-01] (AVAST Software) S2 KMService; C:\windows\system32\srvany.exe [8192 2003-04-18] () R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation) ==================== Drivers (Whitelisted) ==================== R1 AsUpIO; C:\windows\System32\drivers\AsUpIO.sys [11832 2011-02-09] () R2 aswHwid; C:\windows\system32\drivers\aswHwid.sys [24184 2014-05-01] () R1 aswKbd; C:\windows\system32\Drivers\aswKbd.sys [21576 2013-03-07] (AVAST Software) R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [67824 2014-05-01] (AVAST Software) R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [81768 2014-05-01] (AVAST Software) R0 aswRvrt; C:\windows\system32\Drivers\aswRvrt.sys [49944 2014-05-01] () R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [776976 2014-05-01] (AVAST Software) R1 aswSP; C:\windows\system32\drivers\aswSP.sys [411552 2014-05-01] (AVAST Software) R2 aswStm; C:\windows\system32\drivers\aswStm.sys [67776 2014-05-01] (AVAST Software) R0 aswVmm; C:\windows\system32\Drivers\aswVmm.sys [180632 2014-05-01] () R3 kbfiltr; C:\windows\System32\DRIVERS\kbfiltr.sys [13880 2010-04-13] ( ) R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [23256 2014-04-03] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [107736 2014-05-03] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [51416 2014-04-03] (Malwarebytes Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-01 12:37 - 2014-05-01 12:37 - 00000000 ____D () C:\Users\Roland Gerlach\AppData\Roaming\AVAST Software 2014-05-01 11:25 - 2014-05-01 11:25 - 00067776 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys 2014-05-01 11:25 - 2014-05-01 11:25 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr 2014-05-01 11:25 - 2014-05-01 11:25 - 00024184 _____ () C:\windows\system32\Drivers\aswHwid.sys 2014-05-01 11:20 - 2014-05-01 11:20 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-05-01 06:47 - 2014-05-01 06:47 - 00000000 ____D () C:\Program Files\ESET 2014-05-01 05:40 - 2014-05-01 05:40 - 00000000 ___SD () C:\windows\system32\CompatTel 2014-05-01 05:36 - 2014-05-03 10:19 - 00107736 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2014-05-01 05:34 - 2014-05-01 12:42 - 00001064 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-05-01 05:34 - 2014-05-01 12:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-05-01 05:34 - 2014-05-01 12:42 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 2014-05-01 05:34 - 2014-05-01 05:34 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-01 05:34 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys 2014-05-01 05:34 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys 2014-05-01 05:34 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys 2014-05-01 05:30 - 2014-05-01 05:20 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Roland Gerlach\Desktop\mbam-setup-2.0.1.1004.exe 2014-04-30 17:55 - 2014-04-14 04:11 - 00361984 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll 2014-04-30 17:55 - 2014-04-14 04:07 - 00302592 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll 2014-04-29 06:15 - 2014-05-03 11:28 - 00013360 _____ () C:\Users\Roland Gerlach\Desktop\FRST.txt 2014-04-29 06:14 - 2014-05-03 11:27 - 00000000 ____D () C:\Users\Roland Gerlach\Desktop\FRST-OlderVersion 2014-04-29 06:12 - 2014-05-03 11:27 - 01050624 _____ (Farbar) C:\Users\Roland Gerlach\Desktop\FRST.exe 2014-04-28 21:38 - 2014-04-29 06:25 - 00000000 ____D () C:\Users\Roland Gerlach\AppData\Roaming\Systweak 2014-04-27 19:45 - 2014-05-03 11:27 - 00000000 ____D () C:\FRST 2014-04-09 23:11 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll 2014-04-09 23:11 - 2014-02-04 04:07 - 00234432 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys 2014-04-09 23:11 - 2014-02-04 04:07 - 00149440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys 2014-04-09 23:11 - 2014-02-04 04:07 - 00027072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Diskdump.sys 2014-04-09 23:11 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\iologmsg.dll 2014-04-09 23:11 - 2014-01-24 04:18 - 01212352 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys 2014-04-05 11:28 - 2014-04-05 11:28 - 00011804 _____ () C:\Users\Roland Gerlach\Documents\Ord123.xlsx ==================== One Month Modified Files and Folders ======= 2014-05-03 11:28 - 2014-04-29 06:15 - 00013360 _____ () C:\Users\Roland Gerlach\Desktop\FRST.txt 2014-05-03 11:27 - 2014-04-29 06:14 - 00000000 ____D () C:\Users\Roland Gerlach\Desktop\FRST-OlderVersion 2014-05-03 11:27 - 2014-04-29 06:12 - 01050624 _____ (Farbar) C:\Users\Roland Gerlach\Desktop\FRST.exe 2014-05-03 11:27 - 2014-04-27 19:45 - 00000000 ____D () C:\FRST 2014-05-03 10:56 - 2011-08-13 09:23 - 00001156 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3805556528-2364784008-1169793373-1000UA.job 2014-05-03 10:51 - 2011-01-29 16:36 - 00001114 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-05-03 10:49 - 2010-10-10 03:51 - 01649004 _____ () C:\windows\WindowsUpdate.log 2014-05-03 10:48 - 2013-04-21 21:34 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job 2014-05-03 10:28 - 2009-07-14 06:34 - 00009696 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-05-03 10:28 - 2009-07-14 06:34 - 00009696 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-05-03 10:19 - 2014-05-01 05:36 - 00107736 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2014-05-03 10:15 - 2011-01-29 16:36 - 00001110 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-05-03 10:15 - 2009-07-14 06:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT 2014-05-03 10:14 - 2009-07-14 06:39 - 00159636 _____ () C:\windows\setupact.log 2014-05-01 12:56 - 2013-11-20 00:07 - 02077982 _____ () C:\windows\IE11_main.log 2014-05-01 12:42 - 2014-05-01 05:34 - 00001064 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-05-01 12:42 - 2014-05-01 05:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-05-01 12:42 - 2014-05-01 05:34 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 2014-05-01 12:37 - 2014-05-01 12:37 - 00000000 ____D () C:\Users\Roland Gerlach\AppData\Roaming\AVAST Software 2014-05-01 12:35 - 2010-04-26 15:26 - 00263504 _____ () C:\windows\PFRO.log 2014-05-01 11:26 - 2013-05-09 18:55 - 00002058 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk 2014-05-01 11:25 - 2014-05-01 11:25 - 00067776 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys 2014-05-01 11:25 - 2014-05-01 11:25 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr 2014-05-01 11:25 - 2014-05-01 11:25 - 00024184 _____ () C:\windows\system32\Drivers\aswHwid.sys 2014-05-01 11:25 - 2013-04-21 21:18 - 00180632 _____ () C:\windows\system32\Drivers\aswVmm.sys 2014-05-01 11:25 - 2013-04-21 21:18 - 00049944 _____ () C:\windows\system32\Drivers\aswRvrt.sys 2014-05-01 11:25 - 2012-09-09 09:41 - 00081768 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys 2014-05-01 11:25 - 2011-05-17 20:44 - 00776976 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys 2014-05-01 11:25 - 2010-10-09 13:47 - 00411552 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys 2014-05-01 11:25 - 2010-10-09 13:47 - 00067824 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys 2014-05-01 11:25 - 2010-10-09 13:46 - 00271264 _____ (AVAST Software) C:\windows\system32\aswBoot.exe 2014-05-01 11:20 - 2014-05-01 11:20 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-05-01 11:19 - 2009-07-14 04:04 - 00002577 _____ () C:\windows\system32\config.nt 2014-05-01 10:18 - 2012-07-28 19:31 - 00000000 __SHD () C:\found.000 2014-05-01 06:47 - 2014-05-01 06:47 - 00000000 ____D () C:\Program Files\ESET 2014-05-01 06:33 - 2010-10-09 13:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live 2014-05-01 06:33 - 2010-10-09 13:13 - 00000000 ____D () C:\Program Files\Windows Live 2014-05-01 06:27 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared 2014-05-01 06:21 - 2011-12-29 21:56 - 00000000 ____D () C:\Users\Roland Gerlach\Tracing 2014-05-01 06:19 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\Web 2014-05-01 06:03 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\Microsoft.NET 2014-05-01 05:40 - 2014-05-01 05:40 - 00000000 ___SD () C:\windows\system32\CompatTel 2014-05-01 05:34 - 2014-05-01 05:34 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-01 05:20 - 2014-05-01 05:30 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Roland Gerlach\Desktop\mbam-setup-2.0.1.1004.exe 2014-05-01 05:17 - 2010-10-09 13:02 - 00110048 _____ () C:\Users\Roland Gerlach\AppData\Local\GDIPFONTCACHEV1.DAT 2014-04-30 19:46 - 2009-07-14 06:33 - 00407304 _____ () C:\windows\system32\FNTCACHE.DAT 2014-04-30 19:30 - 2010-04-26 15:05 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8 2014-04-30 19:30 - 2010-04-26 14:59 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-04-30 19:30 - 2010-04-26 14:59 - 00000000 ____D () C:\Program Files\Microsoft Office 2014-04-30 19:29 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\System 2014-04-30 18:20 - 2010-10-09 13:15 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition 2014-04-30 18:20 - 2010-04-26 15:01 - 00000000 ____D () C:\Program Files\Microsoft.NET 2014-04-30 18:17 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\MSBuild 2014-04-30 18:06 - 2009-07-14 04:04 - 00000387 _____ () C:\windows\win.ini 2014-04-29 06:25 - 2014-04-28 21:38 - 00000000 ____D () C:\Users\Roland Gerlach\AppData\Roaming\Systweak 2014-04-28 21:40 - 2009-07-25 09:50 - 01620684 _____ () C:\windows\system32\PerfStringBackup.INI 2014-04-28 21:34 - 2013-04-21 21:34 - 00692400 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe 2014-04-28 21:34 - 2013-04-21 21:34 - 00070832 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl 2014-04-22 23:56 - 2011-08-13 09:23 - 00001104 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3805556528-2364784008-1169793373-1000Core.job 2014-04-22 03:09 - 2013-05-01 03:06 - 01010761 _____ () C:\windows\IE10_main.log 2014-04-18 17:50 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\rescache 2014-04-14 04:11 - 2014-04-30 17:55 - 00361984 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll 2014-04-14 04:07 - 2014-04-30 17:55 - 00302592 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll 2014-04-13 01:00 - 2009-07-14 06:53 - 00032640 _____ () C:\windows\Tasks\SCHEDLGU.TXT 2014-04-11 21:18 - 2011-08-13 09:23 - 00002367 _____ () C:\Users\Roland Gerlach\Desktop\Google Chrome.lnk 2014-04-10 22:47 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\de-DE 2014-04-10 00:35 - 2013-08-13 20:32 - 00000000 ____D () C:\windows\system32\MRT 2014-04-10 00:29 - 2010-11-08 22:48 - 88028728 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe 2014-04-05 11:29 - 2014-01-26 14:07 - 00012337 _____ () C:\Users\Roland Gerlach\Documents\ord122.xlsx 2014-04-05 11:28 - 2014-04-05 11:28 - 00011804 _____ () C:\Users\Roland Gerlach\Documents\Ord123.xlsx 2014-04-03 09:51 - 2014-05-01 05:34 - 00073432 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys 2014-04-03 09:51 - 2014-05-01 05:34 - 00051416 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys 2014-04-03 09:50 - 2014-05-01 05:34 - 00023256 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys Some content of TEMP: ==================== C:\Users\Roland Gerlach\AppData\Local\Temp\$browser$.update.exe C:\Users\Roland Gerlach\AppData\Local\Temp\atl80.dll C:\Users\Roland Gerlach\AppData\Local\Temp\DataCard_Setup.exe C:\Users\Roland Gerlach\AppData\Local\Temp\FlashPlayerUpdate.exe C:\Users\Roland Gerlach\AppData\Local\Temp\FlashPlayerUpdate01.exe C:\Users\Roland Gerlach\AppData\Local\Temp\mfc80.dll C:\Users\Roland Gerlach\AppData\Local\Temp\mfc80u.dll C:\Users\Roland Gerlach\AppData\Local\Temp\mfcm80.dll C:\Users\Roland Gerlach\AppData\Local\Temp\mfcm80u.dll C:\Users\Roland Gerlach\AppData\Local\Temp\msvcm80.dll C:\Users\Roland Gerlach\AppData\Local\Temp\msvcp80.dll C:\Users\Roland Gerlach\AppData\Local\Temp\msvcr80.dll C:\Users\Roland Gerlach\AppData\Local\Temp\ose00000.exe C:\Users\Roland Gerlach\AppData\Local\Temp\ResetDevice.exe C:\Users\Roland Gerlach\AppData\Local\Temp\TmDbg32.dll C:\Users\Roland Gerlach\AppData\Local\Temp\Uni000.exe ==================== Bamital & volsnap Check ================= C:\windows\explorer.exe => MD5 is legit C:\windows\system32\winlogon.exe => MD5 is legit C:\windows\system32\wininit.exe => MD5 is legit C:\windows\system32\svchost.exe => MD5 is legit C:\windows\system32\services.exe => MD5 is legit C:\windows\system32\User32.dll => MD5 is legit C:\windows\system32\userinit.exe => MD5 is legit C:\windows\system32\rpcss.dll => MD5 is legit C:\windows\system32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-05-01 11:54 ==================== End Of Log ============================ Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version:01-05-2014
Ran by Roland Gerlach at 2014-05-03 11:30:21
Running from C:\Users\Roland Gerlach\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
32 Bit HP CIO Components Installer (Version: 1.1.0 - Hewlett-Packard) Hidden
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.7.0.1530 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.7.0.1530 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Alice Greenfingers (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version: - Oberon Media)
ASUS WebStorage (HKLM\...\ASUS WebStorage) (Version: 3.0.143.296 - ASUS Cloud Corporation)
ASUSUpdate for Eee PC (HKLM\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 1.03.06 - ASUSTeK Computer Inc.)
AsusVibe2.0 (HKLM\...\Asus Vibe2.0) (Version: 2.0.9.157 - ASUSTEK)
Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.10 - Atheros Communications Inc.)
Avant Browser (remove only) (HKLM\...\AvantBrowser) (Version: 12.0.0.0 - Avant Force)
avast! Free Antivirus (HKLM\...\avast) (Version: 9.0.2018 - Avast Software)
Bing Bar (HKLM\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Boingo Wi-Fi (HKLM\...\{84C2B80B-64A2-4B22-93EC-F30C3D6BF7D8}) (Version: 1.7.0048 - Boingo Wireless, Inc.)
CapsHook (HKLM\...\{4B5092B6-F231-4D18-83BC-2618B729CA45}) (Version: 1.0.0.3 - AsusTek Computer)
Chicken Invaders 2 (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version: - Oberon Media)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Dream Day Wedding Married in Manhattan (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115233673}) (Version: - Oberon Media)
ebi.BookReader3J (HKLM\...\{F3D2DEDC-4732-4188-8A3A-1A3FFBD4D6C8}) (Version: 3.75.14 - eBOOK Initiative Japan Co., Ltd.)
E-Cam (HKLM\...\{185AFA7A-F63E-450B-94AA-011CAC18090E}) (Version: 2.0.2.5 - )
Eee Docking 3.7.0 (HKLM\...\Eee Docking_is1) (Version: 3.7.0 - ASUSTek Computer Inc.)
EeeSplendid (HKLM\...\{6333FC29-BFE5-4024-AC78-958A1A7555D1}) (Version: 5.1.2.0011 - ASUS)
EeeSplendid (Version: 5.1.2.0011 - ASUS) Hidden
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
FontResizer (HKLM\...\InstallShield_{17780F99-A9DF-450B-81B3-6781B20A17A8}) (Version: 1.01.0011 - ASUSTek)
FontResizer (Version: 1.01.0011 - ASUSTek) Hidden
Game Park Console (HKLM\...\{D44AA979-47C2-4BC0-A860-09A54224EA44}_is1) (Version: 6.2.0.3 - Oberon Media, Inc.)
Google Chrome (HKCU\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Drive (HKLM\...\{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}) (Version: 1.14.6059.644 - Google, Inc.)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden
Hotkey Service (HKLM\...\{71C0E38E-09F2-4386-9977-404D4F6640CD}) (Version: 1.22 - AsusTek Computer)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.14.10.1929 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
LiveUpdate (HKLM\...\{38E5A3B1-ADF1-47E0-8024-76310A30EB36}) (Version: 1.29 - AsusTek Computer Inc.)
LocaleMe (HKLM\...\{F58C1D44-4AC9-48E8-9049-7A6CDFCB415C}) (Version: 1.3 - ASUS)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mobile Partner (HKLM\...\Mobile Partner) (Version: 11.002.03.07.40 - Huawei Technologies Co.,Ltd)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Piggly FREE (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-1173957}) (Version: - Oberon Media)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6086 - Realtek Semiconductor Corp.)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Smileyville FREE (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117396510}) (Version: - Oberon Media)
Super Hybrid Engine (HKLM\...\{88F08F98-12BC-4613-81A2-8F9B88CFC73E}) (Version: 2.10 - AsusTek Computer)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.16.0 - Synaptics Incorporated)
TeamViewer 6 (HKLM\...\TeamViewer 6) (Version: 6.0.13992 - TeamViewer GmbH)
Times Reader (HKLM\...\com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1) (Version: 2.055 - The New York Times Company)
Times Reader (Version: 2.055 - The New York Times Company) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.5.500 - Broadcom Corporation)
Windows Driver Package - Broadcom Bluetooth (07/17/2009 6.2.0.9403) (HKLM\...\B41C7C96D83162A676DA7365ADEFD6C1AF62A4EE) (Version: 07/17/2009 6.2.0.9403 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (07/29/2009 6.1.7100.0) (HKLM\...\B5C82F3814F82FB37F1513B3185399BD88892B08) (Version: 07/29/2009 6.1.7100.0 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Communications Platform (Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 14.0.8093.805 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
==================== Restore Points =========================
30-04-2014 15:59:50 Removed Microsoft Office Professional Plus 2010
30-04-2014 16:39:43 Removed Microsoft Office Language Pack 2007 - Dutch/Nederlands
30-04-2014 17:01:39 Removed Microsoft Office Language Pack 2007 - French/Français
30-04-2014 17:08:05 Removed Microsoft Office Language Pack 2007 - German/Deutsch
30-04-2014 17:20:24 Removed Microsoft Office Language Pack 2007 - Italian/Italiano
30-04-2014 17:25:44 Removed Microsoft Office Language Pack 2010 - German/Deutsch
30-04-2014 17:33:31 Microsoft Office Live Add-in 1.3 wird entfernt
30-04-2014 17:37:42 Microsoft Office Live Add-in 1.3 wird entfernt
30-04-2014 17:38:43 Microsoft Office PowerPoint Viewer 2007 (German) wird entfernt
30-04-2014 17:41:42 Removed Microsoft Office Suite Activation Assistant.
01-05-2014 03:29:12 Windows Update
01-05-2014 04:25:46 Windows Live Anmelde-Assistent wird entfernt
01-05-2014 09:02:12 Windows Update
01-05-2014 09:21:07 avast! antivirus system restore point
01-05-2014 10:52:02 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {52DEF552-2FC8-42FB-95A6-ABE8F42F2F9B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-29] (Google Inc.)
Task: {6B43399D-92B5-4D8C-94F8-0349A433C5A9} - System32\Tasks\avast! Emergency Update => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [2014-05-01] (AVAST Software)
Task: {7A6AB32E-577E-434A-8964-8E03B6839B7F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-29] (Google Inc.)
Task: {8FBBEA4B-E1B2-42E2-8ED7-545CB14B9F2C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3805556528-2364784008-1169793373-1000UA => C:\Users\Roland Gerlach\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-04] (Google Inc.)
Task: {B120883B-B555-49DE-93FB-8BBAEB87EF84} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-28] (Adobe Systems Incorporated)
Task: {DAFD15D4-8C77-4FC0-8CC6-8380FE925D9C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3805556528-2364784008-1169793373-1000Core => C:\Users\Roland Gerlach\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-04] (Google Inc.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3805556528-2364784008-1169793373-1000Core.job => C:\Users\Roland Gerlach\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3805556528-2364784008-1169793373-1000UA.job => C:\Users\Roland Gerlach\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-05-01 11:25 - 2014-05-01 11:25 - 02252800 _____ () C:\Program Files\Alwil Software\Avast5\defs\14043002\algo.dll
2014-05-03 10:16 - 2014-05-03 10:16 - 02252800 _____ () C:\Program Files\Alwil Software\Avast5\defs\14050300\algo.dll
2010-04-26 14:56 - 2009-08-19 02:35 - 00219136 _____ () C:\Windows\System32\AsusService.exe
2009-08-02 16:05 - 2009-08-02 16:05 - 00132384 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2010-04-26 15:17 - 2010-03-30 01:29 - 00415920 _____ () C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
2011-07-13 09:38 - 2011-07-13 09:38 - 00181664 _____ () C:\Program Files\Asus\LiveUpdate\Parser.dll
2011-09-05 09:19 - 2011-09-05 09:19 - 00028672 _____ () C:\Program Files\ASUS\ASUS WebStorage\3.0.143.296\AxInterop.ShockwaveFlashObjects.dll
2014-05-01 11:25 - 2014-05-01 11:25 - 19336120 _____ () C:\Program Files\Alwil Software\Avast5\libcef.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/03/2014 10:17:52 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/03/2014 10:17:52 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/03/2014 10:17:52 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/03/2014 10:17:46 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/03/2014 10:17:42 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/03/2014 10:17:42 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/03/2014 10:17:28 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/03/2014 10:17:28 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/03/2014 10:17:28 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/03/2014 10:17:28 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
System errors:
=============
Error: (05/03/2014 10:22:14 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (05/03/2014 10:15:36 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (05/01/2014 00:52:02 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (05/01/2014 00:36:18 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (05/01/2014 11:09:28 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (05/01/2014 10:32:26 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (05/01/2014 08:43:09 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Wlansvc erreicht.
Error: (05/01/2014 06:36:59 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (05/01/2014 06:21:05 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (05/01/2014 05:26:19 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst LanmanServer erreicht.
Microsoft Office Sessions:
=========================
Error: (05/03/2014 10:17:52 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\MFC80.DLL
Error: (05/03/2014 10:17:52 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\MFC80.DLL
Error: (05/03/2014 10:17:52 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\MFC80.DLL
Error: (05/03/2014 10:17:46 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\MFC80.DLL
Error: (05/03/2014 10:17:42 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\MFC80.DLL
Error: (05/03/2014 10:17:42 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\MFC80.DLL
Error: (05/03/2014 10:17:28 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\MFC80U.DLL
Error: (05/03/2014 10:17:28 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\MFC80U.DLL
Error: (05/03/2014 10:17:28 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\MFC80.DLL
Error: (05/03/2014 10:17:28 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\MFC80.DLL
==================== Memory info ===========================
Percentage of memory in use: 72%
Total physical RAM: 1014.18 MB
Available physical RAM: 276.06 MB
Total Pagefile: 2038.18 MB
Available Pagefile: 893.48 MB
Total Virtual: 2047.88 MB
Available Virtual: 1925.32 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:100 GB) (Free:58.01 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:117.86 GB) (Free:117.62 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 29133921)
Partition 1: (Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=15 GB) - (Type=1B)
Partition 3: (Not Active) - (Size=118 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=20 MB) - (Type=EF)
==================== End Of Log ============================
|
|
03.05.2014, 22:37
| #15 |
| Ruhe in Frieden † 2019 | Bundestrojaner, Windows startet nicht im abgesicherten Modus Ich seh da Malwaretechnisch aktuell nichts, was die Geschwindigkeit beeinträchtigen könnte, nur echt jede Menge Malwarereste und den Crack . Du kannst -nachdem wir hier fertig sind! - nach dieser Anleitung versuchen den PC zu optimieren. Bevor du defragmentierst solltest du allerdings erst die Festplatte auf fehlerhafte Sektoren untersuchen lassen. Ich möchte mir gerne die Services anschauen, ob da noch was verbogen ist Schritt 1 Downloade dir bitte  Farbar Service Scanner
Poste bitte den Inhalt hier. |
|
| Themen zu Bundestrojaner, Windows startet nicht im abgesicherten Modus |
| adobe, antivirus, association, avast, browser, desktop, download, eeepc, explorer, explorer.exe, google, hängt, logfile, messenger, microsoft, realtek, registry, scan, services.exe, software, starten, svchost.exe, system, temp, windows, windows startet nicht, winlogon.exe |
Linear-Darstellung
