![]() |
Log-Analyse und Auswertung: Vista Home Premium 32: Eingefrorener Bildschirm und unkontrolliertes, spontanes RunterfahrenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
![]() |
![]() | #1 |
![]() ![]() | ![]() Vista Home Premium 32: Eingefrorener Bildschirm und unkontrolliertes, spontanes Runterfahren Hallo, seit einigen Tagen ist sporadisch immer mal wieder der Bildschirm "eingefroren" - auf Maus und Tastaturbefehle erfolgt keine Reaktion. Teilweise sind auch Pulldownmenüs noch geöffnet. Manchmal fährt der Rechner nach kurzer Zeit selbständig runter und bootet gleich wieder mit dem Windows-Hinweis auf Probleme beim Runterfahren. In anderen Situationen muss ich den PC manuell per Schalter "killen". Seit gestern mittag bekomme ich von meinen IP-Kameras keine E-Mails mehr. Beim Test im Kameramenü wird ein Serverfehler gemeldet. Die Kameras sind auch mit dem eigenen IP-Scannertool von Instar nicht mehr zu sehen. Der Zugriff über Browser und eingene SW erfolgt aber problemlos. Malwarebytes läuft an, bleibt aber nach einiger Zeit hängen, sodass ich den Rechner wieder manuell über den Ein-/Ausschalter "killen" muss. Vielen Dank im Voraus für die Unterstützung. MfG Ralf |
![]() | #2 |
/// the machine /// TB-Ausbilder ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Vista Home Premium 32: Eingefrorener Bildschirm und unkontrolliertes, spontanes Runterfahren Hi,
__________________Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann auf Arbeit keine Anhänge öffnen, danke. ![]() Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
![]() | #3 |
![]() ![]() | ![]() Vista Home Premium 32: Eingefrorener Bildschirm und unkontrolliertes, spontanes RunterfahrenCode:
ATTFilter defogger_disable by jpshortstuff ( Log created at 06:49 on 15/05/2014 (Ralf) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:14-05-2014 Ran by Ralf (administrator) on AKOYA on 15-05-2014 06:49:42 Running from K:\Ralf\Desktop Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard Internet Explorer Version 9 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\SLsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel(R) Corporation) C:\Program Files\Intel\IntelDH\CCU\AlertService.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (REINER SCT) C:\Windows\System32\cjpcsc.exe () C:\Program Files\CPUCooL\CooLSRV.exe (T-Systems International GmbH) C:\Program Files\T-Online\Dialerschutz-Software\DFInject.exe () C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe (Sanford, L.P.) C:\Program Files\DYMO\DYMO Label Software\DymoPnpService.exe (Empolis GmbH) C:\Program Files\Common Files\Gnab\Service\ServiceController.exe (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Empolis GmbH) C:\Program Files\Medion\MEDIONbox\Program\GCS.exe (Deutsche Telekom AG) C:\Program Files\Telekom\Mediencenter\DTAG.Mediencenter.BackgroundService.exe (Memeo) C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe (Symantec Corporation) C:\Program Files\Norton 360\Engine\\n360.exe (Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nitro PDF Software) C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe () C:\Program Files\Generic\Network Printer Wizard\NPWService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (Nuance Communications, Inc.) C:\Program Files\Nuance\eCopy PDF Pro Office\PDFProFiltSrv.exe (Sony Corporation) C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Entriq, Inc.) C:\Program Files\maxdome\DCBin\DCService.exe (Intel(R) Corporation) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\QualityManager.exe () C:\Program Files\CyberLink\Shared Files\RichVideo.exe (Buhl Data Service GmbH) C:\Program Files\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe (X10) C:\Program Files\Common Files\X10\Common\X10nets.exe (Apple Inc.) C:\AirPrint\airprint.exe (Intel(R) Corporation) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\issm.exe (Intel(R) Corporation) C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe (Intel(R) Corporation) C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe (Symantec Corporation) C:\Program Files\Norton 360\Engine\\n360.exe () C:\Program Files\Hardcopy\hcdll2_ex_Win32.exe (ODSoft multimedia) C:\Program Files\Sceneo\AbsolutTV\Services\ODSBC\ODSBCApp.exe (Realtek Semiconductor) C:\Windows\RtHDVCpl.exe (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe (Intel(R) Corporation) C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe (Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe (T-Systems International GmbH) C:\Program Files\T-Online\Dialerschutz-Software\Defender.exe (Cyberlink Corp.) C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe (CyberLink Corp.) C:\Program Files\HomeCinema\PlayMovie\PMVService.exe (CyberLink Corp.) C:\Program Files\HomeCinema\TV Enhance\TVEService.exe (Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (cyberlink) C:\Program Files\CyberLink\Shared Files\brs.exe (Sony Corporation) C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Canon Electronics Inc.) C:\Program Files\Canon Electronics\DRC125\TouchDR.exe (Nuance Communications, Inc.) C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe (Nuance Communications, Inc.) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (Nuance Communications, Inc.) C:\Program Files\Nuance\eCopy PDF Pro Office\PdfPro7Hook.exe (Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe () C:\Program Files\Syncios\SynciosDeviceService.exe (Elaborate Bytes AG) C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe () C:\Windows\Samsung\PanelMgr\SSMMgr.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe () C:\Program Files\Medion AG\NSU\NSU.exe (Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe () C:\Users\Ralf\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe (FreeDownloadManager.ORG) C:\Program Files\Free Download Manager\fdm.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe (Deutsche Telekom AG) C:\Users\Ralf\AppData\Roaming\Telekom\MediencenterSync\Mediencenter.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe (Intel(R) Corporation) C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe (Memeo Inc.) C:\Program Files\Memeo\AutoBackup\MemeoUpdater.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8100\Bin\HPNetworkCommunicatorCom.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\conime.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [TVBroadcast] => C:\Program Files\Sceneo\AbsolutTV\SERVICES\ODSBC\ODSBCApp.exe [797696 2007-08-08] (ODSoft multimedia) HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4702208 2007-08-17] (Realtek Semiconductor) HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2007-10-09] (Intel Corporation) HKLM\...\Run: [NMSSupport] => C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe [439512 2007-06-27] (Intel Corporation) HKLM\...\Run: [CCUTRAYICON] => C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe [215256 2007-06-27] (Intel(R) Corporation) HKLM\...\Run: [toolbar_eula_launcher] => C:\Program Files\GoogleEULA\EULALauncher.exe [16896 2007-02-09] ( ) HKLM\...\Run: [Logitech Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [76304 2008-02-29] (Logitech, Inc.) HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdc.exe [563080 2007-01-24] (Microsoft Corporation) HKLM\...\Run: [T-Home Dialerschutz-Software] => C:\Program Files\T-Online\Dialerschutz-Software\Defender.exe [1411720 2010-03-29] (T-Systems International GmbH) HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [76304 2008-02-29] (Logitech, Inc.) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.) HKLM\...\Run: [RemoteControl] => C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe [87336 2008-07-21] (Cyberlink Corp.) HKLM\...\Run: [LanguageShortcut] => C:\Program Files\HomeCinema\PowerDVD\Language\Language.exe [62760 2008-05-14] () HKLM\...\Run: [PlayMovie] => C:\Program Files\HomeCinema\PlayMovie\PMVService.exe [172032 2007-09-07] (CyberLink Corp.) HKLM\...\Run: [TVEService] => C:\Program Files\HomeCinema\TV Enhance\TVEService.exe [155648 2007-10-19] (CyberLink Corp.) HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [220160 2007-11-30] (Google) HKLM\...\Run: [BDRegion] => C:\Program Files\Cyberlink\Shared Files\brs.exe [75048 2009-03-18] (cyberlink) HKLM\...\Run: [Memeo Instant Backup] => C:\Program Files\Memeo\AutoBackup\MemeoLauncher2.exe [136416 2011-09-28] (Memeo Inc.) HKLM\...\Run: [LexwareInfoService] => C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe [339312 2010-09-15] (Haufe-Lexware GmbH & Co. KG) HKLM\...\Run: [PMBVolumeWatcher] => C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724536 2012-04-22] (Sony Corporation) HKLM\...\Run: [CANON DR-C125 SVC] => C:\Windows\system32\DRDCSVC.DLL [110592 2011-07-12] (Canon Electronics) HKLM\...\Run: [DR-C125 CaptureOnTouch] => C:\Program Files\Canon Electronics\DRC125\TouchDR.exe [942080 2011-10-17] (Canon Electronics Inc.) HKLM\...\Run: [SSBkgdUpdate] => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.) HKLM\...\Run: [OpwareSE4] => C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [79136 2007-11-13] (Nuance Communications, Inc.) HKLM\...\Run: [PaperPort PTD] => C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [29984 2009-03-02] (Nuance Communications, Inc.) HKLM\...\Run: [IndexSearch] => C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [46368 2009-03-02] (Nuance Communications, Inc.) HKLM\...\Run: [PPort11reminder] => C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2008-11-03] (Nuance Communications, Inc.) HKLM\...\Run: [PDFHook] => C:\Program Files\Nuance\eCopy PDF Pro Office\pdfpro7hook.exe [1766688 2011-03-17] (Nuance Communications, Inc.) HKLM\...\Run: [PDF7 Registry Controller] => C:\Program Files\Nuance\eCopy PDF Pro Office\RegistryController.exe [138528 2011-03-17] (Nuance Communications, Inc.) HKLM\...\Run: [PdfProInboxMonitor] => C:\Program Files\Nuance\eCopy PDF Pro Office\InboxMonitor.exe [114176 2011-03-17] () HKLM\...\Run: [InboxMonitor] => C:\Program Files\Nuance\eCopy PDF Pro Office\InboxMonitor.exe [114176 2011-03-17] () HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Run: [Syncios device service] => C:\Program Files\Syncios\SynciosDeviceService.exe [723456 2013-11-15] () HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2007-08-03] (Realtek Semiconductor Corp.) HKLM\...\Run: [VirtualCloneDrive] => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG) HKLM\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\ssmmgr.exe [606208 2009-10-13] () HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation) HKLM\...\Run: [DLSService] => "C:\Program Files\DYMO\DYMO Label Software\DLSService.exe" HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.) HKU\S-1-5-21-1931517720-1549907669-1186193416-1003\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-21-1931517720-1549907669-1186193416-1004\...\Run: [NSU] => C:\Program Files\Medion AG\NSU\NSU.exe [1789440 2011-10-20] () HKU\S-1-5-21-1931517720-1549907669-1186193416-1004\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation) HKU\S-1-5-21-1931517720-1549907669-1186193416-1004\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-02-20] (Google Inc.) HKU\S-1-5-21-1931517720-1549907669-1186193416-1004\...\Run: [ISUSPM] => -scheduler HKU\S-1-5-21-1931517720-1549907669-1186193416-1004\...\Run: [Amazon Cloud Player] => C:\Users\Ralf\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3168576 2014-03-07] () HKU\S-1-5-21-1931517720-1549907669-1186193416-1004\...\Run: [Free Download Manager] => C:\Program Files\Free Download Manager\fdm.exe [6950400 2013-10-25] (FreeDownloadManager.ORG) HKU\S-1-5-21-1931517720-1549907669-1186193416-1004\...\Run: [DymoQuickPrint] => C:\Program Files\DYMO\DYMO Label Software\DymoQuickPrint.exe [1825360 2011-01-28] (Sanford, L.P.) AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [146432 2007-11-30] (Google) AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [146432 2007-11-30] (Google) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.) Startup: C:\Users\Ralf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Ralf\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\Ralf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mediencenter.lnk ShortcutTarget: Mediencenter.lnk -> C:\Users\Ralf\AppData\Roaming\Telekom\MediencenterSync\Mediencenter.exe (Deutsche Telekom AG) Startup: C:\Users\Ralf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8100 (Netzwerk).lnk ShortcutTarget: Tintenwarnungen überwachen - HP Officejet Pro 8100 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet Pro 8100\Bin\HPStatusBL.dll (Hewlett-Packard Co.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKLM - Backup.Old.DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} SearchScopes: HKCU - Backup.Old.DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files\Nuance\eCopy PDF Pro Office\Bin\PlusIEContextMenu.dll (Zeon Corporation) BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\\coIEPlg.dll (Symantec Corporation) BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\\IPS\IPSBHO.DLL (Symantec Corporation) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\\coIEPlg.dll (Symantec Corporation) Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation) DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab DPF: {680285A8-96D3-43DA-9D3D-51DD987D0B77} hxxp://www.nero.com/doc/NeroVersionCheckerControl.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab DPF: {A4150320-98EC-4DB6-9BFB-EBF4B6FBEB16} hxxp:// DPF: {A796D216-2DE1-4EA8-BABB-FE6E7C959098} hxxp://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab DPF: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_12-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://tonline.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab DPF: {DF6504AC-3EFE-4287-B259-FB299B069C95} https://img.web.de/v/mail/activex/fa_os_mms/upload_1141.cab Handler: fluxhttp\0x00000007 - {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Program Files\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax (ACE GmbH) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Winsock: Catalog5 07 C:\Program Files\Generic\Network Printer Wizard\NPWprint.dll [151552] (Elite Silicon Technology Inc.) Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] FireFox: ======== FF ProfilePath: C:\Users\Ralf\AppData\Roaming\Mozilla\Firefox\Profiles\b85l1wqd.default FF Homepage: hxxp://www.t-online.de/ FF Keyword.URL: user_pref("keyword.URL", ""); FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.) FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin: @dymo.com/DymoLabelFramework - C:\Program Files\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll ( Sanford L.P.) FF Plugin: @fluxdvd.com/NPWMDRMWrapper - C:\Program Files\Videoload Manager\NPWMDRMWrapper.dll ( ) FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @nitropdf.com/NitroPDF - C:\Program Files\Nitro PDF\Reader 2\npnitromozilla.dll ( ) FF Plugin: @protectdisc.com/NPMPDRM - C:\Program Files\Common Files\mpDRM\NPMPDRM.dll ( ) FF Plugin: @real.com/nppl3260;version= - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprjplug;version= - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version= - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin: ZEON/PDF,version=2.0 - C:\Program Files\Nuance\eCopy PDF Pro Office\bin\nppdf.dll (Zeon Corporation) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Ralf\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101727.dll (Amazon.com, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF SearchPlugin: C:\Users\Ralf\AppData\Roaming\Mozilla\Firefox\Profiles\b85l1wqd.default\searchplugins\youtube.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: ProxTube - Unblock YouTube - C:\Users\Ralf\AppData\Roaming\Mozilla\Firefox\Profiles\b85l1wqd.default\Extensions\ich@maltegoetz.de [2013-12-12] FF Extension: Microsoft .NET Framework Assistant - C:\Users\Ralf\AppData\Roaming\Mozilla\Firefox\Profiles\b85l1wqd.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-05-01] FF Extension: DownloadHelper - C:\Users\Ralf\AppData\Roaming\Mozilla\Firefox\Profiles\b85l1wqd.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-26] FF Extension: CSHelper - C:\Users\Ralf\AppData\Roaming\Mozilla\Firefox\Profiles\b85l1wqd.default\Extensions\{d91a2be6-3b56-4dfb-97f5-5e48fe3ed473} [2012-02-20] FF Extension: SearchYa NewTab - C:\Users\Ralf\AppData\Roaming\Mozilla\Firefox\Profiles\b85l1wqd.default\Extensions\{5ebdca98-43b3-45bb-87e0-716029fb42ab}.xpi [2013-11-09] FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Ralf\AppData\Roaming\Mozilla\Firefox\Profiles\b85l1wqd.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-20] FF Extension: Adblock Plus - C:\Users\Ralf\AppData\Roaming\Mozilla\Firefox\Profiles\b85l1wqd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-07-01] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [] FF HKLM\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ FF Extension: Freemake Video Converter Plugin - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [] FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\coFFPlgn\ FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\coFFPlgn\ [] FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\IPSFF FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\IPSFF [2014-05-08] FF HKCU\...\Thunderbird\Extensions: [{0E810812-F4BB-4309-942A-755587587A5E}] - C:\Program Files\BullGuard Software\BullGuard\antispam\tbspamfilter ========================== Services (Whitelisted) ================= R2 AirPrint; C:\AirPrint\airprint.exe [234784 2012-06-16] (Apple Inc.) R2 AlertService; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [223448 2007-06-27] (Intel(R) Corporation) R2 cjpcsc; C:\Windows\system32\cjpcsc.exe [654640 2009-04-15] (REINER SCT) R2 CPUCooLServer; C:\Program Files\CPUCooL\CooLSrv.exe [743936 2011-12-01] () R2 DFSVC; C:\Program Files\T-Online\Dialerschutz-Software\DFInject.exe [288768 2009-10-21] (T-Systems International GmbH) S3 DHTRACE; C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe [39640 2007-06-27] (Intel(R) Corporation) R2 DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [208896 2007-02-12] () R2 DymoPnpService; C:\Program Files\DYMO\DYMO Label Software\DymoPnpService.exe [32336 2011-01-28] (Sanford, L.P.) S3 FirebirdServerMAGIXInstance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®) R2 GnabService; c:\program files\common files\gnab\service\servicecontroller.exe [36864 2007-04-13] (Empolis GmbH) S3 GoogleDesktopManager; C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe [69120 2007-11-30] (Google) R2 ISSM; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [59096 2007-06-27] (Intel(R) Corporation) S3 LBTServ; C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe [121360 2008-05-02] (Logitech, Inc.) S2 M1 Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [268504 2007-06-27] () R2 MCLServiceATL; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [157912 2007-06-27] (Intel(R) Corporation) R2 MCSWASVR; C:\Program Files\Telekom\Mediencenter\DTAG.Mediencenter.BackgroundService.exe [12800 2011-11-23] (Deutsche Telekom AG) R2 MemeoBackgroundService; C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe [25824 2011-09-28] (Memeo) R2 N360; C:\Program Files\Norton 360\Engine\\N360.exe [265040 2014-03-12] (Symantec Corporation) R2 NitroReaderDriverReadSpool2; C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe [196904 2011-12-20] (Nitro PDF Software) R2 NMSCore; C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe [317656 2007-06-27] (Intel(R) Corporation) R2 NPWService; C:\Program Files\Generic\Network Printer Wizard\NPWService.exe [462848 2008-09-17] () U2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation) R2 PDFProFiltSrv; C:\Program Files\Nuance\eCopy PDF Pro Office\PDFProFiltSrv.exe [134432 2011-03-17] (Nuance Communications, Inc.) R2 PMBDeviceInfoProvider; C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474168 2012-04-22] (Sony Corporation) R2 Prosieben; C:\Program Files\maxdome\DCBin\DCService.exe [77032 2009-05-01] (Entriq, Inc.) R2 QualityManager; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe [272600 2007-06-27] (Intel(R) Corporation) R2 Remote UI Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [446680 2007-06-27] (Intel(R) Corporation) R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2007-01-09] () R2 srvcPVR; C:\Program Files\Sceneo\AbsolutTV\Services\PVR\PVRService.exe [1681408 2007-08-16] (Buhl Data Service GmbH) R2 TVECapSvc; C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe [290909 2007-10-19] () R2 TVESched; C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe [114779 2007-10-19] () S3 UPnPService; C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [544768 2006-12-14] (Magix AG) R2 x10nets; C:\Program Files\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10) ==================== Drivers (Whitelisted) ==================== R3 3xHybrid; C:\Windows\System32\DRIVERS\3xHybrid.sys [1006816 2009-09-24] (NXP Semiconductors Germany GmbH) R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [120616 2014-02-13] (SlySoft, Inc.) R1 BHDrvx86; C:\Program Files\Norton 360\NortonData\\Definitions\BASHDefs\20140409.001\BHDrvx86.sys [1098968 2014-04-09] (Symantec Corporation) R1 bizVSerial; C:\Windows\System32\drivers\bizVSerialNT.sys [14949 2007-05-31] (franson.biz) R1 ccSet_N360; C:\Windows\system32\drivers\N360\1502000.026\ccSetx86.sys [127064 2014-02-25] (Symantec Corporation) S3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [23040 2008-02-17] (REINER SCT) S3 DectEnum; C:\Windows\System32\Drivers\DectEnum.sys [8448 2005-03-01] (Siemens AG) R3 DFSYS; C:\Program Files\T-Online\Dialerschutz-Software\DFSYS.SYS [14624 2009-10-15] (T-Systems International GmbH) R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2014-05-05] (Symantec Corporation) R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [30616 2013-03-04] (Elaborate Bytes AG) S3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd5.sys [45568 2006-11-02] (VIA Technologies, Inc. ) S3 GigasetGenericUSB; C:\Windows\System32\DRIVERS\GigasetGenericUSB.sys [44032 2009-02-20] (Siemens Home and Office Communication Devices GmbH & Co. KG) S3 Gigusb; C:\Windows\System32\Drivers\Gigusb.sys [53632 2005-03-01] (Siemens AG) R0 hotcore3; C:\Windows\System32\drivers\hotcore3.sys [38448 2007-04-24] (Paragon Software Group) S3 HRCMPA; C:\Windows\System32\DRIVERS\hrcmpa.sys [263751 2004-09-08] (SIEMENS AG) R1 IDSVix86; C:\Program Files\Norton 360\NortonData\\Definitions\IPSDefs\20140514.001\IDSvix86.sys [395992 2014-05-06] (Symantec Corporation) R3 IntelDH; C:\Windows\System32\Drivers\IntelDH.sys [5632 2007-10-15] (Intel Corporation) S3 IUAPIWDM; C:\Windows\System32\DRIVERS\IUAPIWDM.sys [50759 2004-09-08] (SIEMENS AG) R3 MirayVirtualDisk; C:\Windows\System32\DRIVERS\mvd.sys [168016 2013-05-12] (Miray) R3 NAVENG; C:\Program Files\Norton 360\NortonData\\Definitions\VirusDefs\20140514.008\NAVENG.SYS [93272 2014-05-07] (Symantec Corporation) R3 NAVEX15; C:\Program Files\Norton 360\NortonData\\Definitions\VirusDefs\20140514.008\NAVEX15.SYS [1612376 2014-05-07] (Symantec Corporation) S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [554496 2007-09-21] (Ralink Technology Corp.) R2 nmsunidr; C:\Windows\System32\DRIVERS\nmsunidr.sys [5376 2007-02-18] (Gteko Ltd.) R2 npf; C:\Windows\System32\drivers\npf.sys [34064 2009-02-08] (CACE Technologies) S3 siellif; C:\Windows\System32\Drivers\siellif.sys [113408 2005-03-01] (Siemens AG) R3 SipIMNDI; C:\Windows\System32\DRIVERS\SipIMNDI.sys [24352 2009-10-15] (T-Systems International GmbH) R3 SRTSP; C:\Windows\System32\Drivers\N360\1502000.026\SRTSP.SYS [664280 2014-02-13] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\N360\1502000.026\SRTSPX.SYS [32344 2013-07-31] (Symantec Corporation) R0 SymDS; C:\Windows\System32\drivers\N360\1502000.026\SYMDS.SYS [367704 2013-08-01] (Symantec Corporation) R0 SymEFA; C:\Windows\System32\drivers\N360\1502000.026\SYMEFA.SYS [936152 2014-03-04] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142936 2014-05-07] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\N360\1502000.026\Ironx86.SYS [206936 2013-07-31] (Symantec Corporation) R1 SYMTDIv; C:\Windows\System32\Drivers\N360\1502000.026\SYMTDIV.SYS [384728 2014-02-18] (Symantec Corporation) S3 teamviewervpn; C:\Windows\System32\DRIVERS\teamviewervpn.sys [25088 2011-11-11] (TeamViewer GmbH) S3 TSHWMDTCP; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys [14552 2007-06-27] () R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13976 2006-11-17] (X10 Wireless Technology, Inc.) R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.) R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files\HomeCinema\PlayMovie\000.fcl [41456 2007-10-11] (Cyberlink Corp.) R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B}; C:\Program Files\HomeCinema\PowerDVD\000.fcl [87536 2009-03-18] (CyberLink Corp.) U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation) S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X] S3 catchme; \??\C:\Users\Ralf\AppData\Local\Temp\catchme.sys [X] S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x32.sys [X] S3 dsltestSp5; System32\Drivers\dsltestSp5.sys [X] S3 EST_BusEnum; system32\DRIVERS\GenBus.sys [X] U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [43904 2009-02-18] (Microsoft Corporation) S3 IpInIp; system32\DRIVERS\ipinip.sys [X] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-15 06:49 - 2014-05-15 06:49 - 00000000 ____D () C:\FRST 2014-05-15 06:49 - 2014-05-15 06:49 - 00000000 _____ () C:\Users\Ralf\defogger_reenable 2014-05-15 06:13 - 2014-05-15 06:14 - 00000000 ____D () C:\Users\Ralf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 2014-05-15 03:27 - 2014-05-15 03:27 - 00000020 ___SH () C:\Users\TEMP\ntuser.ini 2014-05-15 03:27 - 2014-05-15 03:27 - 00000000 _SHDL () C:\Users\TEMP\Startmenü 2014-05-15 03:27 - 2014-05-15 03:27 - 00000000 _SHDL () C:\Users\TEMP\Netzwerkumgebung 2014-05-15 03:27 - 2014-05-15 03:27 - 00000000 _SHDL () C:\Users\TEMP\Druckumgebung 2014-05-15 03:27 - 2014-05-15 03:27 - 00000000 _SHDL () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-05-15 03:27 - 2014-05-15 03:27 - 00000000 _SHDL () C:\Users\TEMP\AppData\Local\Verlauf 2014-05-15 03:27 - 2013-11-08 22:47 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-05-15 03:27 - 2013-11-08 22:47 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-05-15 03:27 - 2008-09-10 19:21 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Microsoft Help 2014-05-15 03:04 - 2014-05-15 03:04 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER 2014-05-15 03:02 - 2014-05-06 01:32 - 12347392 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-15 03:02 - 2014-05-06 01:14 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-15 03:02 - 2014-05-06 01:14 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-05-14 21:25 - 2014-05-14 21:25 - 00135216 _____ () C:\Windows\Minidump\Mini051414-01.dmp 2014-05-14 19:39 - 2014-05-14 19:39 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe 2014-05-14 18:36 - 2014-03-25 15:26 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-05-13 00:13 - 2014-05-13 00:14 - 00159416 _____ () C:\Windows\Minidump\Mini051314-01.dmp 2014-05-11 18:08 - 2014-05-11 18:08 - 00159416 _____ () C:\Windows\Minidump\Mini051114-01.dmp 2014-05-10 10:07 - 2014-05-10 10:07 - 00159096 _____ () C:\Windows\Minidump\Mini051014-01.dmp 2014-05-10 00:38 - 2014-05-10 00:38 - 00001668 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-05-10 00:38 - 2014-05-10 00:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-05-10 00:37 - 2014-05-10 00:38 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 2014-05-10 00:37 - 2014-05-10 00:38 - 00000000 ____D () C:\Program Files\iTunes 2014-05-10 00:37 - 2014-05-10 00:37 - 00000000 ____D () C:\Program Files\iPod 2014-05-10 00:26 - 2014-05-10 00:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2014-05-10 00:26 - 2014-05-10 00:26 - 00000000 ____D () C:\Program Files\QuickTime 2014-05-09 22:44 - 2014-05-09 22:44 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-05-07 21:11 - 2014-05-08 09:01 - 00002063 _____ () C:\Users\Public\Desktop\Norton 360.lnk 2014-05-07 21:11 - 2014-05-07 21:11 - 00142936 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT.SYS 2014-05-07 21:11 - 2014-05-07 21:11 - 00008194 _____ () C:\Windows\system32\Drivers\SYMEVENT.CAT 2014-05-07 21:10 - 2014-05-08 09:03 - 00000000 ____D () C:\Windows\system32\Drivers\N360 2014-05-07 21:10 - 2014-05-08 09:01 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360 2014-05-07 21:10 - 2014-05-07 21:10 - 00000000 ____D () C:\Program Files\Norton 360 2014-05-06 08:29 - 2014-05-06 08:29 - 00000000 ____D () C:\ProgramData\PCSettings 2014-05-06 08:23 - 2014-05-06 10:06 - 00000000 ____D () C:\Users\Ralf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton 2014-05-06 08:23 - 2014-05-06 08:23 - 00000000 ____D () C:\Users\Public\Downloads\Norton 2014-05-04 14:00 - 2014-05-04 14:00 - 00000000 ____D () C:\Users\Ralf\dwhelper 2014-04-23 10:00 - 2014-04-23 10:00 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_LMouFilt_01005.Wdf 2014-04-23 10:00 - 2014-04-23 10:00 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_LHidFilt_01005.Wdf 2014-04-20 00:44 - 2014-04-20 00:44 - 00000000 ____D () C:\Users\Ralf\AppData\Roaming\Colasoft MAC Scanner 2014-04-20 00:44 - 2014-04-20 00:44 - 00000000 ____D () C:\Program Files\Common Files\Colasoft Shared 2014-04-20 00:43 - 2014-04-20 00:49 - 00000000 ____D () C:\Program Files\Colasoft MAC Scanner 2.2 Free 2014-04-19 20:20 - 2014-04-19 20:20 - 00000000 ____D () C:\Users\Ralf\AppData\Roaming\Overlook 2014-04-19 20:18 - 2014-04-19 20:18 - 00000000 ____D () C:\ProgramData\Overlook 2014-04-19 20:18 - 2014-04-19 20:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Overlook Fing 2014-04-19 20:18 - 2014-04-19 20:18 - 00000000 ____D () C:\Program Files\WinPcap 2014-04-19 20:18 - 2014-04-19 20:18 - 00000000 ____D () C:\Program Files\Overlook Fing 2.2 2014-04-19 10:54 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-04-19 10:53 - 2014-04-14 20:13 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2014-04-19 10:53 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-04-19 10:53 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-04-19 10:52 - 2014-04-19 10:53 - 00004241 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log 2014-04-18 21:00 - 2014-03-08 01:20 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-04-18 21:00 - 2014-03-08 01:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-04-18 21:00 - 2014-03-08 01:03 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-04-18 21:00 - 2014-03-08 01:02 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-04-18 21:00 - 2014-03-08 01:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-04-18 21:00 - 2014-03-08 01:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-04-18 21:00 - 2014-03-08 00:59 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-04-18 21:00 - 2014-03-08 00:57 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-04-18 21:00 - 2014-03-08 00:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-04-18 21:00 - 2014-03-08 00:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-04-18 21:00 - 2014-03-08 00:54 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-04-18 21:00 - 2014-03-08 00:53 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-04-18 21:00 - 2014-03-08 00:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-04-18 14:47 - 2014-02-06 03:56 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll ==================== One Month Modified Files and Folders ======= 2014-05-15 06:49 - 2014-05-15 06:49 - 00000000 ____D () C:\FRST 2014-05-15 06:49 - 2014-05-15 06:49 - 00000000 _____ () C:\Users\Ralf\defogger_reenable 2014-05-15 06:49 - 2007-11-30 11:17 - 00000000 ____D () C:\Users\Ralf 2014-05-15 06:43 - 2010-02-20 15:13 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-05-15 06:38 - 2012-04-06 00:01 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-05-15 06:15 - 2011-09-17 20:44 - 00000000 ___RD () C:\Users\Ralf\Dropbox 2014-05-15 06:15 - 2011-09-17 20:36 - 00000000 ____D () C:\Users\Ralf\AppData\Roaming\Dropbox 2014-05-15 06:15 - 2007-11-30 11:07 - 01528783 _____ () C:\Windows\WindowsUpdate.log 2014-05-15 06:14 - 2014-05-15 06:13 - 00000000 ____D () C:\Users\Ralf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 2014-05-15 06:13 - 2010-02-20 15:13 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-05-15 05:27 - 2006-11-02 14:47 - 00003296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2014-05-15 05:27 - 2006-11-02 14:47 - 00003296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2014-05-15 03:34 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET 2014-05-15 03:33 - 2006-11-02 12:33 - 01594468 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-05-15 03:29 - 2013-11-09 20:16 - 00000430 _____ () C:\Windows\system32\Drivers\etc\hosts.ics 2014-05-15 03:27 - 2014-05-15 03:27 - 00000020 ___SH () C:\Users\TEMP\ntuser.ini 2014-05-15 03:27 - 2014-05-15 03:27 - 00000000 _SHDL () C:\Users\TEMP\Startmenü 2014-05-15 03:27 - 2014-05-15 03:27 - 00000000 _SHDL () C:\Users\TEMP\Netzwerkumgebung 2014-05-15 03:27 - 2014-05-15 03:27 - 00000000 _SHDL () C:\Users\TEMP\Druckumgebung 2014-05-15 03:27 - 2014-05-15 03:27 - 00000000 _SHDL () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-05-15 03:27 - 2014-05-15 03:27 - 00000000 _SHDL () C:\Users\TEMP\AppData\Local\Verlauf 2014-05-15 03:27 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-05-15 03:26 - 2007-10-10 13:56 - 02513136 _____ () C:\Windows\PFRO.log 2014-05-15 03:25 - 2008-07-07 19:08 - 00000012 _____ () C:\Windows\bthservsdp.dat 2014-05-15 03:25 - 2006-11-02 15:01 - 00032578 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-05-15 03:09 - 2013-08-15 03:09 - 00000000 ____D () C:\Windows\system32\MRT 2014-05-15 03:04 - 2014-05-15 03:04 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER 2014-05-15 03:04 - 2007-10-10 12:37 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-05-15 03:04 - 2006-11-02 12:24 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe 2014-05-15 00:00 - 2009-02-15 17:38 - 00000368 _____ () C:\Windows\Tasks\NeroLiveEpgUpdate-Akoya_Ralf.job 2014-05-14 21:25 - 2014-05-14 21:25 - 00135216 _____ () C:\Windows\Minidump\Mini051414-01.dmp 2014-05-14 21:25 - 2012-07-20 16:59 - 356191060 _____ () C:\Windows\MEMORY.DMP 2014-05-14 21:25 - 2012-07-20 16:59 - 00000000 ____D () C:\Windows\Minidump 2014-05-14 21:02 - 2013-12-01 16:34 - 00000000 ____D () C:\Users\Ralf\AppData\Roaming\FileZilla 2014-05-14 20:07 - 2011-06-15 11:38 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk 2014-05-14 19:39 - 2014-05-14 19:39 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe 2014-05-14 19:39 - 2012-04-06 00:01 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-05-14 19:39 - 2011-05-22 17:18 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-05-13 00:14 - 2014-05-13 00:13 - 00159416 _____ () C:\Windows\Minidump\Mini051314-01.dmp 2014-05-11 18:08 - 2014-05-11 18:08 - 00159416 _____ () C:\Windows\Minidump\Mini051114-01.dmp 2014-05-11 18:08 - 2012-04-25 22:48 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-05-11 16:47 - 2012-03-24 12:36 - 00000000 ____D () C:\Users\Ralf\AppData\Local\CrashDumps 2014-05-11 15:00 - 2014-01-07 19:23 - 00000000 ____D () C:\Users\Ralf\AppData\Roaming\Free Download Manager 2014-05-10 10:15 - 2012-12-29 19:04 - 00000180 _____ () C:\Windows\setscan.ini 2014-05-10 10:07 - 2014-05-10 10:07 - 00159096 _____ () C:\Windows\Minidump\Mini051014-01.dmp 2014-05-10 00:38 - 2014-05-10 00:38 - 00001668 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-05-10 00:38 - 2014-05-10 00:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-05-10 00:38 - 2014-05-10 00:37 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 2014-05-10 00:38 - 2014-05-10 00:37 - 00000000 ____D () C:\Program Files\iTunes 2014-05-10 00:37 - 2014-05-10 00:37 - 00000000 ____D () C:\Program Files\iPod 2014-05-10 00:37 - 2011-12-20 00:27 - 00000000 ____D () C:\Program Files\Common Files\Apple 2014-05-10 00:29 - 2007-10-15 17:13 - 00000000 ____D () C:\ProgramData\Apple 2014-05-10 00:26 - 2014-05-10 00:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2014-05-10 00:26 - 2014-05-10 00:26 - 00000000 ____D () C:\Program Files\QuickTime 2014-05-09 22:44 - 2014-05-09 22:44 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-05-09 17:33 - 2012-02-20 21:37 - 00004416 _____ () C:\Users\Ralf\AppData\Roaming\CamStudio.cfg 2014-05-09 17:33 - 2012-02-20 21:37 - 00000408 _____ () C:\Users\Ralf\AppData\Roaming\CamShapes.ini 2014-05-09 17:33 - 2012-02-20 21:37 - 00000408 _____ () C:\Users\Ralf\AppData\Roaming\CamLayout.ini 2014-05-09 17:33 - 2012-02-20 21:37 - 00000117 _____ () C:\Users\Ralf\AppData\Roaming\Camdata.ini 2014-05-09 14:59 - 2012-01-22 11:33 - 00000000 ____D () C:\Users\Ralf\AppData\Roaming\Nitro PDF 2014-05-08 22:56 - 2012-02-20 00:46 - 00000000 ____D () C:\Users\Ralf\AppData\Roaming\vlc 2014-05-08 19:16 - 2013-02-22 21:20 - 00000000 ____D () C:\Users\Ralf\AppData\Local\Apps\2.0 2014-05-08 13:38 - 2006-11-02 14:37 - 00000000 ___RD () C:\Users\Public\Recorded TV 2014-05-08 09:03 - 2014-05-07 21:10 - 00000000 ____D () C:\Windows\system32\Drivers\N360 2014-05-08 09:01 - 2014-05-07 21:11 - 00002063 _____ () C:\Users\Public\Desktop\Norton 360.lnk 2014-05-08 09:01 - 2014-05-07 21:10 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360 2014-05-08 08:38 - 2009-09-24 19:58 - 00000000 ____D () C:\Users\Ralf\AppData\Roaming\Mozilla 2014-05-07 21:55 - 2007-09-27 11:20 - 00000000 ____D () C:\Program Files\Windows Sidebar 2014-05-07 21:13 - 2009-12-16 04:06 - 00000000 ____D () C:\ProgramData\Norton 2014-05-07 21:11 - 2014-05-07 21:11 - 00142936 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT.SYS 2014-05-07 21:11 - 2014-05-07 21:11 - 00008194 _____ () C:\Windows\system32\Drivers\SYMEVENT.CAT 2014-05-07 21:11 - 2008-05-20 21:30 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared 2014-05-07 21:10 - 2014-05-07 21:10 - 00000000 ____D () C:\Program Files\Norton 360 2014-05-07 20:32 - 2008-05-20 21:36 - 00000000 ____D () C:\Program Files\Norton Internet Security 2014-05-06 10:06 - 2014-05-06 08:23 - 00000000 ____D () C:\Users\Ralf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton 2014-05-06 08:35 - 2008-05-20 21:30 - 00000000 ____D () C:\ProgramData\Symantec 2014-05-06 08:29 - 2014-05-06 08:29 - 00000000 ____D () C:\ProgramData\PCSettings 2014-05-06 08:23 - 2014-05-06 08:23 - 00000000 ____D () C:\Users\Public\Downloads\Norton 2014-05-06 01:32 - 2014-05-15 03:02 - 12347392 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-06 01:14 - 2014-05-15 03:02 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-06 01:14 - 2014-05-15 03:02 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-05-04 14:00 - 2014-05-04 14:00 - 00000000 ____D () C:\Users\Ralf\dwhelper 2014-04-30 18:55 - 2006-11-02 14:47 - 00494360 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-04-29 17:48 - 2007-11-30 14:34 - 00000000 ____D () C:\Users\Ralf\AppData\Local\Adobe 2014-04-29 09:15 - 2013-10-27 12:33 - 00000000 ____D () C:\Users\Ralf\AppData\Local\WEB.DE Application {sync-000021} 2014-04-28 13:19 - 2007-11-30 11:17 - 00163992 _____ () C:\Users\Ralf\AppData\Local\GDIPFONTCACHEV1.DAT 2014-04-23 19:52 - 2014-01-04 20:30 - 00000863 _____ () C:\Users\Public\Desktop\VLC media player.lnk 2014-04-23 10:00 - 2014-04-23 10:00 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_LMouFilt_01005.Wdf 2014-04-23 10:00 - 2014-04-23 10:00 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_LHidFilt_01005.Wdf 2014-04-23 10:00 - 2006-11-02 14:52 - 00190306 _____ () C:\Windows\setupact.log 2014-04-22 21:45 - 2013-08-22 17:02 - 00000000 ____D () C:\INSTAR_Rec 2014-04-21 23:30 - 2007-12-02 17:52 - 00148992 _____ () C:\Users\Ralf\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-04-20 00:49 - 2014-04-20 00:43 - 00000000 ____D () C:\Program Files\Colasoft MAC Scanner 2.2 Free 2014-04-20 00:44 - 2014-04-20 00:44 - 00000000 ____D () C:\Users\Ralf\AppData\Roaming\Colasoft MAC Scanner 2014-04-20 00:44 - 2014-04-20 00:44 - 00000000 ____D () C:\Program Files\Common Files\Colasoft Shared 2014-04-19 22:45 - 2010-05-28 21:16 - 00011792 _____ () C:\Users\Ralf\AppData\Roaming\SmarThruOptions.xml 2014-04-19 20:20 - 2014-04-19 20:20 - 00000000 ____D () C:\Users\Ralf\AppData\Roaming\Overlook 2014-04-19 20:18 - 2014-04-19 20:18 - 00000000 ____D () C:\ProgramData\Overlook 2014-04-19 20:18 - 2014-04-19 20:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Overlook Fing 2014-04-19 20:18 - 2014-04-19 20:18 - 00000000 ____D () C:\Program Files\WinPcap 2014-04-19 20:18 - 2014-04-19 20:18 - 00000000 ____D () C:\Program Files\Overlook Fing 2.2 2014-04-19 15:39 - 2014-03-05 15:34 - 00000000 ____D () C:\Users\Ralf\AppData\Local\NVIDIA 2014-04-19 10:53 - 2014-04-19 10:52 - 00004241 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log 2014-04-19 10:53 - 2007-12-27 17:56 - 00000000 ____D () C:\Program Files\Java 2014-04-18 16:47 - 2013-11-27 17:02 - 00000000 ____D () C:\Users\Ralf\AppData\Local\Amazon Cloud Player Files to move or delete: ==================== C:\Users\Ralf\AppData\Roaming\CamLayout.ini C:\Users\Ralf\AppData\Roaming\CamShapes.ini C:\ProgramData\NortonProtectionMemo.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\system32\winlogon.exe => MD5 is legit C:\Windows\system32\wininit.exe => MD5 is legit C:\Windows\system32\svchost.exe => MD5 is legit C:\Windows\system32\services.exe => MD5 is legit C:\Windows\system32\User32.dll => MD5 is legit C:\Windows\system32\userinit.exe => MD5 is legit C:\Windows\system32\rpcss.dll => MD5 is legit C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-05-15 03:36 ==================== End Of Log ============================ --- --- --- FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version:14-05-2014 Ran by Ralf at 2014-05-15 06:50:55 Running from K:\Ralf\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Norton 360 Online (Disabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB} AS: Norton 360 Online (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466} FW: Norton 360 Online (Disabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0} ==================== Installed Programs ====================== Overlook Fing (HKLM\...\Overlook Fing 2.2) (Version: 2.2 - Overlook) Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft) "Nero SoundTrax Help (Version: - Nero AG) Hidden Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: - Adobe Systems Incorporated) Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: - Adobe Systems Incorporated) Adobe Photoshop 5.0 Limited Edition (HKLM\...\Adobe Photoshop 5.0 Limited Edition) (Version: 5.0 - Adobe Systems, Inc.) Adobe Reader X (10.1.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: - Adobe Systems, Inc.) Advertising Center (Version: - Nero AG) Hidden Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: - Amazon Services LLC) Amazon MP3-Downloader 1.0.17 (HKLM\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC) AnyDVD (HKLM\...\AnyDVD) (Version: - SlySoft) Apple Application Support (HKLM\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: - Apple Inc.) Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: - Apple Inc.) Audible Download Manager (HKLM\...\AudibleDownloadManager) (Version: - Audible, Inc.) Auslogics DiskDefrag (HKLM\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: - Auslogics Labs Pty Ltd) Avery Wizard 3.1 (HKLM\...\{4D87149D-A160-4958-AAD2-51994F140AED}) (Version: 3.1.10 - Avery) AviSynth 2.5 (HKLM\...\AviSynth) (Version: - ) Bewerbungsfoto-/Passbild-Generator v3.5a (HKLM\...\Passbild-Generator_is1) (Version: - ) Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: - Apple Inc.) Canon Camera Window DC_DV 6 for ZoomBrowser EX (HKLM\...\CameraWindowDVC6) (Version: - ) Canon Camera Window MC 6 for ZoomBrowser EX (HKLM\...\CameraWindowMC) (Version: - ) Canon driver for DR-C125 (HKLM\...\{C416C3E5-B8C4-4876-9705-10CD3104FE61}) (Version: 1.0.4309 - Canon Electronics inc.) Canon G.726 WMP-Decoder (HKLM\...\Canon G.726 WMP-Decoder) (Version: - ) CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM\...\CANON iMAGE GATEWAY Task) (Version: - ) Canon Internet Library for ZoomBrowser EX (HKLM\...\Canon Internet Library for ZoomBrowser EX) (Version: - ) Canon MovieEdit Task for ZoomBrowser EX (HKLM\...\MovieEditTask) (Version: - ) Canon RAW Image Task for ZoomBrowser EX (HKLM\...\RAW Image Task) (Version: - ) Canon RemoteCapture Task for ZoomBrowser EX (HKLM\...\RemoteCaptureTask) (Version: - ) Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: - ) CaptureOnTouch Evernote Plugin (HKLM\...\{CE27CA2B-7663-4F6B-8E61-A455390AC71F}) (Version: 1.2.11005 - Canon Electronics Inc.) CaptureOnTouch Google Docs(TM) Plugin (HKLM\...\{5B264EE1-5639-4647-A53F-7D946304A950}) (Version: 1.1.4311 - Canon Electronics Inc.) CCleaner (HKLM\...\CCleaner) (Version: 4.06 - Piriform) CDDRV_Installer (Version: 4.60 - Logitech) Hidden CloneDVD2 (HKLM\...\CloneDVD2) (Version: - Elaborate Bytes) Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) ConvertHelper 2.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version: - DownloadHelper) cyberJack Base Components (HKLM\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 6.8.0 - REINER SCT) CyberLink PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.3.5105.0 - CyberLink Corp.) DDBAC (HKLM\...\{DEF597FA-FE10-4DF1-B937-251EDA491E22}) (Version: 5.3.1 - DataDesign) DDBAC (HKLM\...\{E33FC8F2-F11F-473C-8F9C-4F0B80031F75}) (Version: 04.02.0000 - windata GmbH & Co.KG) Deutsche Post E-Porto (HKLM\...\{5CCF8330-F742-411A-8A04-719806D168B5}) (Version: 2.3.0 - Deutsche Post AG) DirSync 2.95 (HKLM\...\DirSync) (Version: - Stephen Kalisch) DolbyFiles (Version: 2.0 - Nero AG) Hidden DR-C125 CaptureOnTouch (HKLM\...\{C67FF523-F257-4A3F-AE4D-08671E727A0E}) (Version: - Canon Electronics Inc.) DR-C125 UserManual (HKLM\...\{E3171A4D-FC3B-48CE-87A8-8C1BE9953E5F}) (Version: 1.04.0000 - Canon Electronics Inc.) Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.) Duden Home (HKLM\...\{288A423E-D6CA-47C3-B480-D1203EB08948}) (Version: 10.0.0 - Bibliographisches Institut GmbH) DYMO Label v.8 (HKLM\...\DYMO Label v.8) (Version: - Sanford, L.P.) eCopy PDF Pro Office (HKLM\...\{5AB961A4-8811-4931-9874-4625C6E5838F}) (Version: 7.10.3290 - Nuance Communications, Inc) EPSON TWAIN 5 (HKLM\...\{254BEB3E-1085-4D66-9CDC-0152C0DC2E93}) (Version: 5.71.0000 - SEIKO EPSON Corp.) Evernote v. 4.6 (HKLM\...\{A23AADDA-3DBF-11E2-A6F2-984BE15F174E}) (Version: - Evernote Corp.) FileZilla Client 3.8.0 (HKLM\...\FileZilla Client) (Version: 3.8.0 - Tim Kosse) Firebird SQL Server - MAGIX Edition (HKLM\...\Firebird SQL Server D) (Version: - MAGIX AG) FormatFactory 2.90 (HKLM\...\FormatFactory) (Version: 2.90 - Free Time) Free Download Manager 3.9.3 (HKLM\...\Free Download Manager_is1) (Version: - FreeDownloadManager.ORG) Free YouTube to MP3 Converter version (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: - DVDVideoSoft Ltd.) FreeCommander 2009.02b (HKLM\...\FreeCommander_is1) (Version: 2009.02 - Marek Jasinski) Freemake Video Converter Version 3.0.2 (HKLM\...\Freemake Video Converter_is1) (Version: 3.0.2 - Ellora Assets Corporation) funScreenScraping Client Version (HKLM\...\{32148D5D-909F-4A7B-93EE-5C16B71F4A8C}) (Version: 1.0.173 - fun communications GmbH) funScreenScraping Microsoft Systemdateien (HKLM\...\{AC849092-6F19-4395-8860-BC3B82CAFE51}) (Version: 1.0.6 - fun communications GmbH) Gigaset QuickSync (HKLM\...\{31a52f2e-32e8-4c8f-9d99-6fd0c37c99ef}) (Version: 7.2.0844.6 - Gigaset Communications GmbH) Google Desktop (HKLM\...\Google Desktop) (Version: - - Google) Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: - Google) Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.) Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (Version: - Google Inc.) Hidden Hardcopy (HKLM\...\Hardcopy) (Version: 2014.01.27 - www.hardcopy.de) HD Tune 2.55 (HKLM\...\HD Tune_is1) (Version: - EFD Software) HDClone 4.2 Standard Edition (HKLM\...\HDClone.Standard.{3F4C9295-FC5E-482D-A640-2F7A436D1DB3}) (Version: 4.2 - Miray Software AG) HP FWUpdateEDO2 (HKLM\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: - Hewlett-Packard) HP Officejet Pro 8100 - Grundlegende Software für das Gerät (HKLM\...\{778511E7-621D-4CEE-AF1E-93432132C706}) (Version: 28.0.1321.0 - Hewlett-Packard Co.) HP Officejet Pro 8100 Hilfe (HKLM\...\{73DB9F06-C125-4A1C-A982-5801338EBE84}) (Version: 28.0.0 - Hewlett Packard) HP Update (HKLM\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: - Hewlett-Packard) HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden HPV Solo 2010 (HKLM\...\{256B9D9E-9706-4E6D-814B-CD54237D7FA2}) (Version: 10.8.0 - Viewer Central, Inc.) ImagXpress (Version: - Nero AG) Hidden Inkscape 0.48.4 (HKLM\...\Inkscape) (Version: 0.48.4 - ) inSSIDer 2.0 (HKLM\...\{A12EA295-32EA-42BB-8442-2C2BE852D4AA}) (Version: 2.0.7 - MetaGeek) INSTAR Camera Tool (HKLM\...\{630473B5-3AA9-4477-B6DD-F9EA5BEEDD42}) (Version: - INSTAR) InstarVision 1.3 (HKLM\...\InstarVision_is1) (Version: 1.3 - INSTAR) Intel(R) Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - ) Intel(R) PRO Network Connections (HKLM\...\PROSetDX) (Version: - Intel) Intel(R) PRO Network Connections (Version: - Intel) Hidden Intel(R) PRO Network Connections Drivers (HKLM\...\PROSet) (Version: - ) Intel® Viiv™ Software (HKLM\...\Intel(R) Configuration Center) (Version: 1.7.512.0 - Intel Corporation) Intel® Viiv™ Software (Version: 1.7.512.0 - Intel Corporation) Hidden IPCamClient (HKLM\...\{B1534528-3E4B-4630-A06D-8115917A2B92}) (Version: - ) iTunes (HKLM\...\{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}) (Version: - Apple Inc.) J2SE Runtime Environment 5.0 Update 12 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0150120}) (Version: - Sun Microsystems, Inc.) Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle) Java Auto Updater (Version: - Sun Microsystems, Inc.) Hidden Java(TM) 6 Update 20 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216020F0}) (Version: 6.0.200 - Sun Microsystems, Inc.) Java(TM) 6 Update 21 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216021FF}) (Version: 6.0.210 - Oracle) Java(TM) 6 Update 6 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160060}) (Version: - Sun Microsystems, Inc.) Java(TM) 6 Update 7 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160070}) (Version: - Sun Microsystems, Inc.) JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation) KhalInstallWrapper (Version: 4.60.122 - Logitech) Hidden Letstrade (HKLM\...\{E0091C29-DEE8-4B24-BF65-8C35B5940D77}) (Version: 1.00.0000 - Buhl Data Service) Lexware Info Service (HKLM\...\{15B2BC56-D179-4450-84B9-7A8D7F4CE1B9}) (Version: - Haufe-Lexware GmbH & Co.KG) Lexware online banking (HKLM\...\{C908A5AC-4F61-4B9A-8A51-48B5696C53B1}) (Version: - Haufe-Lexware GmbH & Co.KG) Lexware online banking 4.90 (Version: 4.90 - Lexware) Hidden Logitech SetPoint (HKLM\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.60 - Logitech) Logitech Updater (HKLM\...\{53735ECE-E461-4FD0-B742-23A352436D3A}) (Version: 1.70 - Ihr Firmenname) MAGIX MP3 Maker 12 (D) (HKLM\...\MAGIX MP3 Maker 12 D) (Version: - MAGIX AG) MAGIX Online Druck Service (D) (HKLM\...\MAGIX Online Druck Service D) (Version: - MAGIX AG) MakeDisc (HKLM\...\{B145EC69-66F5-11D8-9D75-000129760D75}) (Version: 3.0.2203 - CyberLink Corp.) Malwarebytes Anti-Malware Version (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: - Malwarebytes Corporation) maxdome Download Manager 4.1.300.78 (HKLM\...\{E948B551-08DB-4163-8995-8C43B03D1B19}) (Version: 4.1.30078 - Prosieben) MCE Software Encoder 1.1 (HKLM\...\{7655E113-C306-11D9-A373-0050BAE317E1}) (Version: - CyberLink Corporation) MediaShow (HKLM\...\{D5A9B7C0-8751-11D8-9D75-000129760D75}) (Version: 3.0.4325 - CyberLink Corporation) Mediencenter 3.8.9799.6 (HKCU\...\Mediencenter) (Version: 3.8.9799.6 - Deutsche Telekom AG) Mediencenter Assistent (HKLM\...\Mediencenter Software) (Version: - Telekom) MEDIONbox (HKLM\...\{27FDF949-69CE-435A-8372-339F72336AC5}) (Version: 1.09.0000.00050 - Medion) Memeo Instant Backup (HKLM\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: - Memeo Inc.) Menu Templates - Starter Kit (Version: - Nero AG) Hidden Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - ) Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - ) Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - ) Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - ) Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation) Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Movie Templates - Starter Kit (Version: - Nero AG) Hidden Mozilla Firefox 29.0.1 (x86 de) (HKLM\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla) MSXML 4.0 SP2 (KB925672) (HKLM\...\{A9CF9052-F4A0-475D-A00F-A8388C62DD63}) (Version: 4.20.9839.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) NAVIGON Fresh 1.4.9 (HKLM\...\NAVIGON Fresh) (Version: 1.4.9 - NAVIGON) NAVIGON Fresh BETA 2.6.0 (HKLM\...\NAVIGON Fresh BETA) (Version: 2.6.0 - NAVIGON) Nero 9 (HKLM\...\{c0ff42f0-d4a2-4122-aa8c-42d14552b756}) (Version: - Nero AG) Nero Burning ROM Help (Version: - Nero AG) Hidden Nero BurnRights (Version: - Nero AG) Hidden Nero ControlCenter (Version: - Nero AG) Hidden Nero ControlCenter (Version: - Nero AG) Hidden Nero CoverDesigner (Version: - Nero AG) Hidden Nero CoverDesigner Help (Version: - Nero AG) Hidden Nero Disc Copy Gadget (Version: - Nero AG) Hidden Nero Disc Copy Gadget Help (Version: - Nero AG) Hidden Nero DiscSpeed (Version: - Nero AG) Hidden Nero DriveSpeed (Version: - Nero AG) Hidden Nero Express Help (Version: - Nero AG) Hidden Nero InfoTool (Version: - Nero AG) Hidden Nero Installer (Version: - Nero AG) Hidden Nero Live (Version: - Nero AG) Hidden Nero Live Help (Version: - Nero AG) Hidden Nero PhotoSnap (Version: - Nero AG) Hidden Nero PhotoSnap Help (Version: - Nero AG) Hidden Nero Recode (Version: - Nero AG) Hidden Nero Recode Help (Version: - Nero AG) Hidden Nero Rescue Agent (Version: - Nero AG) Hidden Nero RescueAgent Help (Version: - Nero AG) Hidden Nero ShowTime (Version: - Nero AG) Hidden Nero StartSmart (Version: - Nero AG) Hidden Nero StartSmart Help (Version: - Nero AG) Hidden Nero Vision (Version: - Nero AG) Hidden Nero Vision (Version: - Nero AG) Hidden Nero WaveEditor (Version: - Nero AG) Hidden Nero WaveEditor Help (Version: - Nero AG) Hidden NeroBurningROM (Version: - Nero AG) Hidden NeroExpress (Version: - Nero AG) Hidden NeroLiveGadget (Version: - Nero AG) Hidden NeroLiveGadget Help (Version: - Nero AG) Hidden neroxml (Version: 1.0.0 - Nero AG) Hidden Network Printer Wizard (HKLM\...\InstallShield_{12F3BB85-62FB-476D-AAB9-9AB94AF864D4}) (Version: - Generic) Network Printer Wizard (Version: - Generic) Hidden Nitro PDF Reader 2 (HKLM\...\{AA14583F-BD72-4F05-A445-3D7EC7BB8052}) (Version: - Nitro PDF Software) Norton 360 (HKLM\...\N360) (Version: - Symantec Corporation) Norton Security Scan (Symantec Corporation) (HKLM\...\NSSSetup.{D16D8A48-65A4-4B19-8A02-DC9A40FB80C4}) (Version: 2.0.0 - Symantec Corporation) Norton Security Scan (Version: 2.0.0 - Symantec Corporation) Hidden NPS - Nolte Collection / Horizont Edition 4.0.30 (NP) (HKLM\...\{49CF420F-CF5D-470B-B8C7-FAD8E80E285F}) (Version: 4.00.0030 - Nolte Möbel Germersheim) NSU (HKLM\...\{323F7AD9-1F4D-49E1-973B-80E1B6F1623A}) (Version: 1.00.1000 - Medion AG) NVIDIA 3D Vision Controller-Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 334.89 - NVIDIA Corporation) NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: - NVIDIA Corporation) NVIDIA GeForce Experience (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: - NVIDIA Corporation) NVIDIA Grafiktreiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 334.89 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA PhysX (Version: 9.13.1220 - NVIDIA Corporation) Hidden NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA Systemsteuerung 334.89 (Version: 334.89 - NVIDIA Corporation) Hidden NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden ocxinstall (HKLM\...\{1A2606DD-5E86-4ADA-954B-D98012A174E0}) (Version: - apexis) OnlineFotoservice (HKLM\...\OnlineFotoservice) (Version: - ) PaperPort Image Printer (HKLM\...\{2BC2781A-F7F6-452E-95EB-018A522F1B2C}) (Version: 1.00.0000 - Nuance Communications, Inc.) PaperPort SharePoint Link (HKLM\...\{8D09F3C8-C890-4118-B3CC-697BE7FA0421}) (Version: 12.000.0001 - Nuance Communications, Inc.) Paragon Partition Manager 8.5 Personal (HKLM\...\{49CC1A6A-3A1A-4EE7-913F-8106B51B59D1}) (Version: - ) PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge) PhotoNow! 1.0 (HKLM\...\{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 3.0.4310 - CyberLink Corporation) Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.) PixiePack Codec Pack (HKLM\...\{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}) (Version: 1.1.1200.0 - None) Play Movie (HKLM\...\{A450831D-25F6-4F42-9662-D000B25E0D82}) (Version: BD+HD 1.5.3307.0 - CyberLink Corp.) PlayMemories Home (HKLM\...\{E03CD71A-F595-49DF-9ADC-0CFC93B1B211}) (Version: - Sony Corporation) PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.2209a - CyberLink Corp.) PowerDirector (Version: 6.5.2209a - CyberLink Corp.) Hidden PowerProducer (HKLM\...\{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: - ) PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden Quicken 2008 - ServicePack 2 (HKLM\...\{1B7DD202-20F6-489F-B7CD-42B9AB2002A0}) (Version: 15.05.0711 - Lexware GmbH & Co KG) Quicken 2008 (Version: - Lexware) Hidden Quicken 2012 (HKLM\...\{2FC7CE3A-23E5-41E8-975B-AA0236D649FD}) (Version: - Haufe-Lexware GmbH & Co.KG) Quicken Deluxe 2008 (HKLM\...\InstallShield_{15411A8C-34CC-41BB-A48C-52E3C052F20F}) (Version: - Lexware) Quicken Import Export Server 2008 (HKLM\...\{4CE9FE44-077C-46F9-A8EC-4557D2D86790}) (Version: - Lexware GmbH & Co KG) Quicken Import Export Server 2012 (HKLM\...\{7FC74607-ED6E-49C3-87FA-56B50A2EE158}) (Version: - Haufe-Lexware GmbH & Co.KG) QuickImmobilie 2013 - Hotfix 1 (HKLM\...\{E81F9653-892E-43E0-8273-CCA68F351F17}) (Version: 13.01 - Haufe-Lexware Real Estate AG) QuickImmobilie 2013 (HKLM\...\{52175683-38AC-4275-A5CD-9CF09E5E16EF}) (Version: 13.0.0 - Haufe-Lexware Real Estate AG) QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: - Apple Inc.) Radiotracker (HKLM\...\{A8BB05BC-2C4A-4178-A819-64B8F5392960}) (Version: 6.2.13700.0 - RapidSolution Software AG) Readiris Pro 10 (HKLM\...\{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}) (Version: - ) RealPlayer (HKLM\...\RealPlayer 6.0) (Version: - RealNetworks) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - Realtek Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.44 - Piriform) Rossmann Fotoservice (HKLM\...\Rossmann Fotoservice_is1) (Version: - ) Samsung CLX-3170 Series (HKLM\...\Samsung CLX-3170 Series) (Version: - Samsung Electronics CO.,LTD) ScanSoft OmniPage SE 4 (HKLM\...\{C95BE4FF-D112-4358-82AF-25197C6A6399}) (Version: 15.2.0020 - Nuance Communications, Inc.) ScanSoft PaperPort 11 (HKLM\...\{EA820D43-3E3F-4B16-BAA2-DCAB0D4E7F1A}) (Version: 11.2.0000 - Nuance Communications, Inc.) Scansoft PDF Professional (Version: - ) Hidden Sceneo AbsolutTV (HKLM\...\{4C73B683-B15D-4B94-AC7A-520B70C4FFE9}) (Version: - ) SD Formatter (HKLM\...\{3F9FB449-93DB-4C47-BB5B-7334C4D1736E}) (Version: 2.9.5 - SDA) Servicepack Datumsaktualisierung (Version: - Haufe-Lexware) Hidden Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.) SmarThru 4 (HKLM\...\{90F1943D-EA4A-4460-B59F-30023F3BA69A}) (Version: - ) SmarThru PC Fax (HKLM\...\SmarThru PC Fax) (Version: - ) SMPlayer 0.7.0 (HKLM\...\SMPlayer) (Version: 0.7.0 - Ricardo Villalba) SoundTrax (Version: - Nero AG) Hidden StreamTransport version: (HKLM\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version: - ) swMSM (Version: - Adobe Systems, Inc) Hidden Syncios Version 3.0.1 (HKLM\...\{068A5D84-8419-4BDE-9689-FE65F412EFBB}_is1) (Version: 3.0.1 - Anvsoft, Inc.) TeamViewer 8 (HKLM\...\TeamViewer 8) (Version: 8.0.20935 - TeamViewer) Text-To-Speech-Runtime (HKLM\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: - Magix Development GmbH) T-Home Dialerschutz-Software (HKLM\...\{E8C5BD56-F5D8-41D3-8A71-273468FE256A}) (Version: - ) TreeSize Free V2.4 (HKLM\...\TreeSize Free_is1) (Version: 2.4 - JAM Software) TV Enhance (HKLM\...\{E4C891D6-6844-41B8-86E8-633CACCC644F}) (Version: 1.0.4619 - CyberLink Corp.) TVsweeper (HKLM\...\{8025AF82-272B-4CBE-9820-392BFA46E7F6}) (Version: 3.0.5 - Sonavis) Ulead PhotoImpact 12 (HKLM\...\{11AFE21E-B193-430D-B57A-DFF7815BB962}) (Version: 12.0 - Ulead System) Uninstall (HKLM\...\Uninstall_is1) (Version: - ) Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS) Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft) Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft) Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft) VCRedistSetup (Version: 1.0.0 - Nero AG) Hidden Videoload Manager 2.0.2220 (HKLM\...\Videoload Manager) (Version: 2.0.2220 - T-Online) VirtualCloneDrive (HKLM\...\VirtualCloneDrive) (Version: - Elaborate Bytes) VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN) WEB.DE Online-Speicher 1.6.2862.0 (HKCU\...\WEB.DE Application {sync-000021}) (Version: 1.6.2862.0 - 1&1 Mail & Media GmbH) Wertpapieranalyse 2008 (HKLM\...\{C9CDE360-1077-43B1-BD83-842CE8A14034}) (Version: 1.00.0000 - Lexware) Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: - Microsoft Corp) Windows Mobile-Gerätecenter (HKLM\...\{1F2A5DF9-40E1-4644-ADBD-D80F347BA6C8}) (Version: 6.0.6783.0 - Microsoft Corporation) Windows Mobile-Gerätecenter: Treiberupdate (HKLM\...\{CB8CA439-DA83-419C-A4CF-5A0A50025144}) (Version: 6.0.6783.0 - Microsoft Corporation) winpcap-overlook 4.02 (HKLM\...\winpcap-overlook) (Version: - ) WinRAR 4.00 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH) X10 Hardware(TM) (HKLM\...\X10Hardware) (Version: - ) ZDFmediathek Version 2.1.6 (HKLM\...\ZDFmediathek_is1) (Version: - ZDF) ==================== Restore Points ========================= 10-05-2014 11:25:24 Geplanter Prüfpunkt 11-05-2014 19:12:11 Geplanter Prüfpunkt 12-05-2014 22:00:58 Geplanter Prüfpunkt 13-05-2014 22:00:55 Geplanter Prüfpunkt 15-05-2014 00:01:28 Geplanter Prüfpunkt 15-05-2014 01:00:32 Windows Update ==================== Hosts content: ========================== 2006-11-02 12:23 - 2013-11-09 19:15 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {045913E0-0D88-4E88-B14C-7F44CDB30F98} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-20] (Google Inc.) Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM Task: {3A5CB8E8-15A3-4CFA-BEC6-B9B97B7DE4BA} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files\Norton 360\Engine\\SymErr.exe [2014-01-30] (Symantec Corporation) Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages Task: {3CD9570C-105D-4BBE-858E-26620DF30DCB} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Ralf => C:\Program Files\Windows Calendar\wincal.exe [2009-04-11] (Microsoft Corporation) Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation) Task: {454516B5-18D1-4BBC-A990-6A347DE07BD5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-20] (Google Inc.) Task: {4C63B5CB-730D-4D8B-89A6-CFB922D96CA6} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation) Task: {55B87CE8-4B5E-45E3-863A-4E9B275BE164} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files\Norton 360\Engine\\SymErr.exe [2014-01-30] (Symantec Corporation) Task: {64090134-083B-439F-A294-A6B3A47F4484} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated) Task: {6E9494BB-1DC7-44CE-99E8-C2C28F280995} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton 360\Engine\\WSCStub.exe [2014-03-12] (Symantec Corporation) Task: {7B7781F9-F443-4560-9CEF-BA60B0AAE1F3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-09-19] (Piriform Ltd) Task: {7B9C349F-4811-43A0-9139-A64DC3B09DB6} - System32\Tasks\NeroLiveEpgUpdate-Akoya_Ralf => C:\Program Files\Nero\Nero 9\Nero Live\NeroLive.exe [2008-10-27] (Nero AG) Task: {84DC2DB2-5AF9-4684-9099-8B5BBBB227CC} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI Task: {999F0C1C-C8BB-4674-9590-16D5DC291517} - System32\Tasks\hcdll2_ex_Win32 => C:\Program Files\Hardcopy\hcdll2_ex_Win32.exe [2013-07-17] () Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] () Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\NeroLiveEpgUpdate-Akoya_Ralf.job => C:\Program Files\Nero\Nero 9\Nero Live\NeroLive.exe ==================== Loaded Modules (whitelisted) ============= 2010-05-28 21:15 - 2009-05-08 11:48 - 00094208 _____ () C:\Windows\System32\SamFaxPort.dll 2010-05-28 21:10 - 2007-08-14 03:01 - 00022723 _____ () C:\Windows\System32\sst1cl3.dll 2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2009-09-30 22:33 - 2007-05-31 08:38 - 00167936 ____N () C:\Windows\system32\SerialXP.dll 2011-12-01 18:11 - 2011-12-01 18:11 - 00743936 _____ () C:\Program Files\CPUCooL\CooLSrv.exe 2007-02-12 11:46 - 2007-02-12 11:46 - 00208896 _____ () C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe 2013-07-13 03:27 - 2013-07-13 03:27 - 03391488 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_1ad752bd\mscorlib.dll 2013-07-13 03:26 - 2013-07-13 03:26 - 01966080 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_3f403984\system.dll 2013-07-13 03:26 - 2013-07-13 03:26 - 03035136 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_6a95c472\system.windows.forms.dll 2013-07-13 03:26 - 2013-07-13 03:26 - 02088960 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_35998bcd\system.xml.dll 2007-10-15 16:38 - 2007-04-13 18:14 - 00006656 _____ () c:\program files\medion\medionbox\program\structconverter.dll 2009-06-08 21:13 - 2009-04-11 08:28 - 00368640 _____ () C:\Windows\system32\msjetoledb40.dll 2008-09-17 14:43 - 2008-09-17 14:43 - 00462848 _____ () C:\Program Files\Generic\Network Printer Wizard\NPWService.exe 2008-09-17 14:42 - 2008-09-17 14:42 - 00225280 _____ () C:\Program Files\Generic\Network Printer Wizard\NPWpsm.dll 2008-09-17 14:42 - 2008-09-17 14:42 - 00086016 _____ () C:\Program Files\Generic\Network Printer Wizard\NPWlog.dll 2008-09-17 14:42 - 2008-09-17 14:42 - 00290816 _____ () C:\Program Files\Generic\Network Printer Wizard\NPWdcp.dll 2008-09-17 14:42 - 2008-09-17 14:42 - 00122880 _____ () C:\Program Files\Generic\Network Printer Wizard\NPWuntp.dll 2009-05-01 17:58 - 2009-05-01 17:58 - 01057512 _____ () C:\Program Files\maxdome\DCBin\PocoFoundation.dll 2009-05-01 17:58 - 2009-05-01 17:58 - 00627944 _____ () C:\Program Files\maxdome\DCBin\PocoNet.dll 2009-05-01 17:58 - 2009-05-01 17:58 - 00514352 _____ () C:\Program Files\maxdome\DCBin\sqlite3.dll 2009-05-01 17:58 - 2009-05-01 17:58 - 00517352 _____ () C:\Program Files\maxdome\DCBin\PocoXML.dll 2007-10-22 14:01 - 2007-01-09 10:25 - 00272024 _____ () C:\Program Files\CyberLink\Shared Files\RichVideo.exe 2007-10-22 13:49 - 2007-05-16 22:48 - 00421955 _____ () C:\Program Files\Sceneo\AbsolutTV\Services\PVR\tvtvRemote.dll 2007-10-22 14:03 - 2007-10-19 17:42 - 00290909 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe 2007-10-22 14:03 - 2007-10-19 17:42 - 00094208 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\CLSchRecordMonitor.dll 2007-10-22 14:03 - 2007-10-19 17:42 - 00245858 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\CLCapEngine.dll 2007-10-22 14:03 - 2007-10-19 17:42 - 00032768 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\CLCapSvcps.dll 2007-10-22 14:03 - 2007-10-19 17:42 - 00114779 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe 2007-10-22 14:03 - 2007-10-19 17:42 - 00114780 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\CLSchMgr.dll 2007-10-22 14:03 - 2007-10-19 17:42 - 00339968 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\CLTinyDB.dll 2014-02-06 14:51 - 2012-07-05 15:56 - 00052800 _____ () C:\Program Files\Hardcopy\hardcopy_05.dll 2014-02-06 14:51 - 2013-07-17 17:03 - 00037880 _____ () C:\Program Files\Hardcopy\hcdll2_ex_Win32.exe 2011-04-23 22:55 - 2011-03-02 12:40 - 00140288 _____ () C:\Program Files\WinRAR\rarext.dll 2013-11-14 12:25 - 2013-11-15 18:44 - 00723456 _____ () C:\Program Files\Syncios\SynciosDeviceService.exe 2013-11-14 12:25 - 2013-11-15 18:44 - 00377344 _____ () C:\Program Files\Syncios\DuiLib.dll 2013-11-14 12:25 - 2013-03-01 11:30 - 00059904 _____ () C:\Program Files\Syncios\zlib.dll 2013-11-14 12:25 - 2013-03-01 11:30 - 00526848 _____ () C:\Program Files\Syncios\sqlite3.dll 2014-02-12 20:58 - 2014-02-12 20:58 - 00237384 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxslt.dll 2010-05-28 21:11 - 2009-10-13 12:41 - 00606208 _____ () C:\Windows\Samsung\PanelMgr\SSMMgr.exe 2011-12-24 13:14 - 2011-10-20 23:22 - 01789440 _____ () C:\Program Files\Medion AG\NSU\NSU.exe 2011-12-24 13:14 - 2011-07-01 12:46 - 00806912 _____ () C:\Program Files\Medion AG\NSU\LIBEAY32.dll 2013-11-27 17:02 - 2014-03-07 22:39 - 03168576 _____ () C:\Users\Ralf\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe 2014-01-07 19:22 - 2013-10-04 15:38 - 03560960 _____ () C:\Program Files\Free Download Manager\fdmbtsupp.dll 2011-12-13 21:41 - 2011-12-13 21:41 - 00006144 _____ () C:\Users\Ralf\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.5.gadget\CoreTempReader.dll 2011-12-13 21:41 - 2011-12-13 21:41 - 00008704 _____ () C:\Users\Ralf\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.5.gadget\GetCoreTempInfoNET.dll 2011-12-13 21:41 - 2011-12-13 21:41 - 00007680 _____ () C:\Users\Ralf\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.5.gadget\SystemInfo.dll 2014-05-09 22:44 - 2014-05-09 22:44 - 03839088 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll 2014-05-13 10:39 - 2014-05-13 10:39 - 00283648 _____ () C:\ProgramData\Free Download Manager\Firefox\Extensions\\components\vmsfdmff22.dll 2014-01-07 19:22 - 2013-10-04 15:15 - 00106496 _____ () C:\Program Files\Free Download Manager\fdmumsp.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\ProgramData\TEMP:0574215C AlternateDataStreams: C:\ProgramData\TEMP:7311BB85 AlternateDataStreams: C:\ProgramData\TEMP:7631EA83 AlternateDataStreams: C:\ProgramData\TEMP:D95ACC7D ==================== Safe Mode (whitelisted) =================== ==================== EXE Association (whitelisted) ============= ==================== Disabled items from MSCONFIG ============== ==================== Faulty Device Manager Devices ============= Name: 802.11 n/g/b Wireless LAN USB Adapter Description: 802.11 n/g/b Wireless LAN USB Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: AzureWave Technologies, Inc. Service: netr28u Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Flash HS-CF Description: Flash HS-CF Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a} Manufacturer: Generic Service: WUDFRd Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19) Resolution: A registry problem was detected. This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options: On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver. Name: Flash HS-MS/SD Description: Flash HS-MS/SD Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a} Manufacturer: Generic Service: WUDFRd Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19) Resolution: A registry problem was detected. This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options: On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver. Name: Flash HS-SM Description: Flash HS-SM Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a} Manufacturer: Generic Service: WUDFRd Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19) Resolution: A registry problem was detected. This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options: On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver. ==================== Event log errors: ========================= Application errors: ================== Error: (05/15/2014 03:27:39 AM) (Source: MemeoBackgroundService) (EventID: 0) (User: ) Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden. bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data) bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.SetupChannel() bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor) bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider) --- Ende der internen Ausnahmestapelüberwachung --- bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType) bei System.RuntimeMethodHandle.InvokeConstructor(Object[] args, SignatureStruct signature, RuntimeTypeHandle declaringType) bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes) bei System.Activator.CreateInstance(Type type, BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes) bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfigHandler.DoConfiguration(String filename, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity) bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args) Error: (05/15/2014 03:01:55 AM) (Source: Windows Search Service) (EventID: 3007) (User: ) Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut. Kontext: Anwendung, SystemIndex Katalog Error: (05/15/2014 03:01:55 AM) (Source: Windows Search Service) (EventID: 3006) (User: ) Description: Die Leistungsüberwachung kann für den Gatherer-Dienst nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut. Error: (05/15/2014 03:00:33 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539. Vorgang: OnIdentify-Ereignis Generatordaten werden gesammelt Kontext: Ausführungskontext: Shadow Copy Optimization Writer Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f} Generatorname: Shadow Copy Optimization Writer Generatorinstanz-ID: {23762b90-16f9-4f5b-b5b1-aff3dc4c9c55} Error: (05/15/2014 02:01:29 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539. Vorgang: OnIdentify-Ereignis Generatordaten werden gesammelt Kontext: Ausführungskontext: Shadow Copy Optimization Writer Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f} Generatorname: Shadow Copy Optimization Writer Generatorinstanz-ID: {35b4a822-189d-4186-a36c-d5123989bf21} Error: (05/14/2014 10:13:16 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Eintrag <C:\USERS\TEMP\FAVORITES\TIPPS FÜRS SURFEN\FREIZEIT\PARTNER FÜR´S LEBEN - ZEIT ZUM FLIRTEN.URL> in der Hash-Zuordnung kann nicht aktualisiert werden. Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) Error: (05/14/2014 10:13:16 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Eintrag <C:\USERS\TEMP\FAVORITES\TIPPS FÜRS SURFEN\FREIZEIT\NATURPARK STERNBERGER SEENLAND.URL> in der Hash-Zuordnung kann nicht aktualisiert werden. Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) Error: (05/14/2014 10:13:16 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Eintrag <C:\USERS\TEMP\FAVORITES\TIPPS FÜRS SURFEN\FREIZEIT\MÄRKLIN EISENBAHN.URL> in der Hash-Zuordnung kann nicht aktualisiert werden. Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) Error: (05/14/2014 10:13:16 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Eintrag <C:\USERS\TEMP\FAVORITES\TIPPS FÜRS SURFEN\FREIZEIT\LEGO - LEGOLAND GERMANY.URL> in der Hash-Zuordnung kann nicht aktualisiert werden. Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) Error: (05/14/2014 10:13:16 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Eintrag <C:\USERS\TEMP\FAVORITES\TIPPS FÜRS SURFEN\FREIZEIT\KERNIE'S FAMILIENPARK.URL> in der Hash-Zuordnung kann nicht aktualisiert werden. Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) System errors: ============= Error: (05/15/2014 03:29:13 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: i8042prt Error: (05/15/2014 03:28:08 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Intel(R) Viiv(TM) Media Server%%2147549183 Error: (05/15/2014 03:28:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: DgiVecp%%20 Error: (05/15/2014 03:24:52 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: {D6E6C8DD-D0C9-4EAA-9FD5-941F69B34405} Error: (05/15/2014 03:24:25 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (05/15/2014 03:04:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Windows Search%%1053 Error: (05/15/2014 03:04:37 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: 30000Windows Search Error: (05/15/2014 03:02:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Windows Search%%1053 Error: (05/15/2014 03:02:33 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: 30000Windows Search Error: (05/15/2014 03:01:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Windows Search%%1053 Microsoft Office Sessions: ========================= Error: (03/03/2014 02:07:05 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 18, Application Name: Picture Manager, Application Version: 12.0.6606.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 77 seconds with 60 seconds of active time. This session ended with a crash. Error: (02/26/2014 10:44:16 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 18, Application Name: Picture Manager, Application Version: 12.0.6606.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 45 seconds with 0 seconds of active time. This session ended with a crash. Error: (02/26/2014 10:43:15 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 18, Application Name: Picture Manager, Application Version: 12.0.6606.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 62 seconds with 60 seconds of active time. This session ended with a crash. Error: (02/26/2014 04:00:40 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 18, Application Name: Picture Manager, Application Version: 12.0.6606.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 27 seconds with 0 seconds of active time. This session ended with a crash. Error: (01/26/2014 03:30:26 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 18, Application Name: Picture Manager, Application Version: 12.0.6606.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 98 seconds with 60 seconds of active time. This session ended with a crash. Error: (01/23/2014 07:21:48 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 18, Application Name: Picture Manager, Application Version: 12.0.6606.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 10 seconds with 0 seconds of active time. This session ended with a crash. Error: (01/22/2014 09:06:10 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 18, Application Name: Picture Manager, Application Version: 12.0.6606.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 57 seconds with 0 seconds of active time. This session ended with a crash. Error: (01/22/2014 04:31:07 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 18, Application Name: Picture Manager, Application Version: 12.0.6606.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 88 seconds with 60 seconds of active time. This session ended with a crash. Error: (01/10/2014 05:47:39 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 18, Application Name: Picture Manager, Application Version: 12.0.6606.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 195 seconds with 180 seconds of active time. This session ended with a crash. Error: (01/10/2014 02:09:39 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 18, Application Name: Picture Manager, Application Version: 12.0.6606.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 72 seconds with 60 seconds of active time. This session ended with a crash. CodeIntegrity Errors: =================================== Date: 2014-05-15 06:50:48.984 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-05-15 06:50:48.740 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-05-15 06:50:48.495 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-05-15 06:50:48.245 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-05-15 06:50:47.998 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-05-15 06:50:47.751 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-05-15 06:50:47.502 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-05-15 06:50:47.252 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-05-15 06:50:47.003 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-05-15 06:50:46.757 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Memory info =========================== Percentage of memory in use: 67% Total physical RAM: 3325.45 MB Available physical RAM: 1072.57 MB Total Pagefile: 6865.88 MB Available Pagefile: 4594.02 MB Total Virtual: 2047.88 MB Available Virtual: 1913.33 MB ==================== Drives ================================ Drive c: (BOOT) (Fixed) (Total:445.76 GB) (Free:249.37 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (RECOVER) (Fixed) (Total:19.99 GB) (Free:6.31 GB) FAT32 Drive j: () (Fixed) (Total:1.88 GB) (Free:1.37 GB) FAT Drive k: (Daten) (Fixed) (Total:589.02 GB) (Free:234.67 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 2BAB359D) Partition 1: (Active) - (Size=446 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=20 GB) - (Type=OF Extended) ======================================================== Disk: 1 (Size: 596 GB) (Disk ID: B749BCF6) Partition 1: (Not Active) - (Size=7 GB) - (Type=27) Partition 2: (Active) - (Size=589 GB) - (Type=07 NTFS) ======================================================== Disk: 5 (Size: 2 GB) (Disk ID: 04DD5721) Partition 1: (Active) - (Size=2 GB) - (Type=06) ==================== End Of Log ============================ GMER-Log fehlt noch (Größe wird übrschritten). Wie kann ich denn weitere Posts erstellen? Geändert von Taipan8 (15.05.2014 um 17:23 Uhr) |
![]() | #4 |
/// the machine /// TB-Ausbilder ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Vista Home Premium 32: Eingefrorener Bildschirm und unkontrolliertes, spontanes Runterfahren Wie oft kommt der Fehler vor? Malware seh ich keine.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
![]() | #5 |
![]() ![]() | ![]() Vista Home Premium 32: Eingefrorener Bildschirm und unkontrolliertes, spontanes Runterfahren Mittlerweile kommt der Fehler täglich - teilweise sogar mehrmals - vor. Ich hatte bereits vor einigen Tagen versucht Malwarebytes laufen zu lassen. Es kam immer vor Beendigung zum Einfrieren des Bildschirms oder direkt zum Absturz mit neuem Booten. Es wurden auch keine Logfiles geschrieben (zumindest waren keine in dem Verzeichnis, wo die anderen abgelegt werden zu finden. Während des Laufs von GMER kam einige Male eine Meldung irgendetwas mit mit "Rootkit". Das Logfile kann wegen Überschreitung der Zeichenanzahl (148566 Zeichen) nicht posten. Kann ich das File teilen? Kannst du mir bitte noch kurz mitteilen, wie ich mehrere Postings als eine Antwort erstellen kann? Vielen Dank. |
![]() | #6 |
/// the machine /// TB-Ausbilder ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Vista Home Premium 32: Eingefrorener Bildschirm und unkontrolliertes, spontanes Runterfahren Boote mal mit F8, als wenn Du in den Safe Mode willst, in der Auswahl wähle Automatischen Neustart bei Systemfehler deaktivieren. Beim nächsten Mal sollte ein Bluescreen kommen, den Inhalt davon brauche ich.
__________________ --> Vista Home Premium 32: Eingefrorener Bildschirm und unkontrolliertes, spontanes Runterfahren |
![]() | #7 |
![]() ![]() | ![]() Vista Home Premium 32: Eingefrorener Bildschirm und unkontrolliertes, spontanes Runterfahren Hallo Schrauber, ich habe deine Anweisung befolgt und den automatischen Neustart bei Systemfehler deaktiviert. Danach gab es gestern und heute bis gerade eben keinen Absturz mehr. Als es jetzt zu Problemen kam, hatte ich keinen Bluescreen sondern der Bildschirm war schwarz und nicht mehr zur Anzeige zu bewegen - weder mit Tatstatur noch mit der Maus. Habe dann per Schalter ausgeschaltet, was auch ohne die sonstige Verzögerung klappte. Beim erneuten Starten kam dann der übliche Heinweis: "Windows wird nach unerwartetem Herunterfahren wieder ausgeführt. Windows kann online nach einer Lösung suchen." Hier die angezeigten Problemdetails: Problemsignatur: Problemereignisname: BlueScreen Betriebsystemversion: 6.0.6002. Gebietsschema-ID: 1031 Zusatzinformationen zum Problem: BCCode: 50 BCP1: 9A272000 BCP2: 00000001 BCP3: 916108F8 BCP4: 00000000 OS Version: 6_0_6002 Service Pack: 2_0 Product: 768_1 Dateien, die bei der Beschreibung des Problems hilfreich sind: C:\Windows\Minidump\Mini051814-01.dmp C:\Users\Ralf\AppData\Local\temp\WER-217668-0.sysdata.xml C:\Users\Ralf\AppData\Local\temp\WER6141.tmp.version.txt Lesen Sie unsere Datenschutzrichtlinie: hxxp://go.microsoft.com/fwlink/?linkid=50163&clcid=0x0407 Kannst du damit etwas anfangen? Gruß Taipan8 |
![]() | #8 | |
/// the machine /// TB-Ausbilder ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Vista Home Premium 32: Eingefrorener Bildschirm und unkontrolliertes, spontanes Runterfahren BlueScreenView - Download - Filepony Das laden und installieren, dann den aktuellen Dump öffnen: Zitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
![]() | #9 |
![]() ![]() | ![]() Vista Home Premium 32: Eingefrorener Bildschirm und unkontrolliertes, spontanes RunterfahrenCode:
ATTFilter Mini051914-01.dmp 19.05.2014 08:23:52 PAGE_FAULT_IN_NONPAGED_AREA 0x00000050 0x9a0ac000 0x00000001 0x902128f8 0x00000000 nvlddmkm.sys nvlddmkm.sys+733fe8 NVIDIA Windows Kernel Mode Driver, Version 334.89 NVIDIA Windows Kernel Mode Driver, Version 334.89 NVIDIA Corporation 32-bit ntkrnlpa.exe+98292 ntkrnlpa.exe+4dde4 nvlddmkm.sys+58f8 nvlddmkm.sys+7901c9 C:\Windows\Minidump\Mini051914-01.dmp 2 15 6002 159.272 19.05.2014 08:26:45 Taipan8 |
![]() | #10 |
/// the machine /// TB-Ausbilder ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Vista Home Premium 32: Eingefrorener Bildschirm und unkontrolliertes, spontanes Runterfahren Treiber der Graka mal erneuern.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
![]() | #11 |
![]() ![]() | ![]() Vista Home Premium 32: Eingefrorener Bildschirm und unkontrolliertes, spontanes Runterfahren Vielen Dank für den Tipp. Treiber habe ich aktualisiert, trotzdem weitere Abstürze mit Hinweis auf GraKa. Ist da evtl. eine neue fällig? Hier nochmal das Ergebnis des letzten Bluescreens: Code:
ATTFilter Mini052114-01.dmp 21.05.2014 20:45:42 PAGE_FAULT_IN_NONPAGED_AREA 0x00000050 0xa4ddc000 0x00000001 0x91a118f8 0x00000000 nvlddmkm.sys nvlddmkm.sys+76d988 NVIDIA Windows Kernel Mode Driver, Version 335.23 NVIDIA Windows Kernel Mode Driver, Version 335.23 NVIDIA Corporation 32-bit ntkrnlpa.exe+98292 ntkrnlpa.exe+4dde4 nvlddmkm.sys+58f8 nvlddmkm.sys+7ca1c9 C:\Windows\Minidump\Mini052114-01.dmp 2 15 6002 159.256 21.05.2014 21:34:44 Taipan8 |
![]() | #12 |
/// the machine /// TB-Ausbilder ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Vista Home Premium 32: Eingefrorener Bildschirm und unkontrolliertes, spontanes Runterfahren Instalier mal aus Spass nen älteren Treiber.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
![]() | #13 |
![]() ![]() | ![]() Vista Home Premium 32: Eingefrorener Bildschirm und unkontrolliertes, spontanes Runterfahren Hallo Schrauber, sorry, habe mich lange nicht gemeldet - war im Urlaub. Der Einsatz eines älteren Treibers brachte auf Dauer auch keinen Erfolg. Inzwischen habe ich mir ein neues NB zugelegt. Somit ist das Problem zwar nicht erledigt, für mich aber nicht mehr relevant. Vielen Dank für deine Hilfe. MfG |
![]() | #14 |
/// the machine /// TB-Ausbilder ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Vista Home Premium 32: Eingefrorener Bildschirm und unkontrolliertes, spontanes Runterfahren ok ![]()
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
![]() |
Themen zu Vista Home Premium 32: Eingefrorener Bildschirm und unkontrolliertes, spontanes Runterfahren |
andere, anderen, bildschirm, bootet, browser, eingefrorener bildschirm, einiger, gestern, home, hänge, hängen, manuell, maus, nicht mehr, probleme, rechner, runter, runterfahren, selbständig, serverfehler, tagen, test, unkontrolliertes, unkontrolliertes runterfahren, vista, vista 32bit, vista home premium, zugriff |