| |
| |||||||
Log-Analyse und Auswertung: Windows(7)-Explorer - Fehler beim HochfahrenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
20.06.2014, 16:40
| #1 |
 |  Windows(7)-Explorer - Fehler beim Hochfahren Hallo, ich habe einen Hilferuf in "Alles rund um Windows" geöffnet und hier sehr schnell den Tipp bekommen hier zu posten, da evtl. Malware im Spiel ist. Nochmal kurz zu den Sympthomen. Vor 2 Monaten hatte ich Probleme mit Trojan.Gen.2. Dank eurer Hilfe konnte ich es beseitigen. Seit 1 bis 2 Monaten macht mein Labtop Probleme beim Hochfahren. Der Windows-Explorer startet sich häufiger neu, bis das System funktioniert. Auch während dem Arbeiten mit dem Explorer, oder auch dem Editor ergeben sich Probleme und die Programme starten neu. Nach dem oben genannten Hinweis führte ich folgende Schritte durch Schritt 1: Laufwerksemulationen abschalten mit Defogger Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 16:38 on 20/06/2014 (Bleicher)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Systemscan mit FRST Hier die beiden Log-Dateien Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-06-2014
Ran by Bleicher (administrator) on BLEICHER-PC on 20-06-2014 16:41:56
Running from C:\Users\Bleicher\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
(ASUS) C:\Windows\AsScrPro.exe
() C:\Program Files (x86)\Tor\tor.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
() C:\Users\Bleicher\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(Intel® Corporation) C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Symantec Corporation) C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2587944 2010-12-31] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [Setwallpaper] => c:\programdata\SetWallpaper.cmd
HKLM-x32\...\Run: [Nuance PDF Reader-reminder] => C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [328992 2008-11-03] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [ccApp] => C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe [115560 2010-01-25] (Symantec Corporation)
HKLM-x32\...\Run: [SSDMonitor] => C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [103896 2012-01-04] (PC Tools)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
HKLM-x32\...\Run: [NBKeyScan] => "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-525802556-1916836350-3712072045-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-06] (Acresso Corporation)
HKU\S-1-5-21-525802556-1916836350-3712072045-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-06] (Acresso Corporation)
HKU\S-1-5-21-525802556-1916836350-3712072045-1001\...\Run: [Amazon Cloud Player] => C:\Users\Bleicher\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3168576 2014-03-07] ()
HKU\S-1-5-21-525802556-1916836350-3712072045-1001\...\Run: [WinPatrol] => C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [533568 2014-04-23] (BillP Studios)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [226920 2011-04-28] (NVIDIA Corporation)
Startup: C:\Users\Bleicher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk
ShortcutTarget: Intel(R) Turbo Boost Technology Monitor 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Bleicher\AppData\Roaming\Mozilla\Firefox\Profiles\wmrcdugc.default
FF Homepage: about:home
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.13.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.13.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Users\Bleicher\Downloads\npAmazonMP3DownloaderPlugin101721.dll (Amazon.com, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{20d1f7b3-7721-4da0-b6f3-78bb4d7248f4}] - C:\Program Files (x86)\Browser Guard\browserguard.xpi
Chrome:
=======
CHR Extension: (Google Wallet) - C:\Users\Bleicher\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-11]
==================== Services (Whitelisted) =================
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-03-13] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [74912 2011-03-13] (Atheros Commnucations) [File not signed]
R2 ccEvtMgr; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [108392 2010-01-25] (Symantec Corporation)
R2 ccSetMgr; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [108392 2010-01-25] (Symantec Corporation)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [241648 2010-11-13] (CyberLink)
R2 HPSLPSVC; C:\Users\Bleicher\AppData\Local\Temp\7zS03CE\hpslpsvc64.dll [1039360 2013-02-06] (Hewlett-Packard Co.) [File not signed]
S3 LiveUpdate; C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_3.EXE [3093880 2010-02-17] (Symantec Corporation)
R2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [793048 2012-01-04] (PC Tools)
S2 SmcService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe [3218880 2010-04-16] (Symantec Corporation)
S4 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE [419656 2010-04-01] (Symantec Corporation)
R2 Symantec AntiVirus; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe [1831024 2010-04-23] (Symantec Corporation)
R2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-09-11] () [File not signed]
==================== Drivers (Whitelisted) ====================
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-16] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-16] (Symantec Corporation)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-23] (Malwarebytes Corporation)
R3 NAVENG; C:\ProgramData\Symantec\Definitions\VirusDefs\20140616.024\ENG64.SYS [126040 2013-08-22] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Symantec\Definitions\VirusDefs\20140616.024\EX64.SYS [2099288 2013-08-22] (Symantec Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\SRTSP64.SYS [447536 2010-03-08] (Symantec Corporation)
R1 SRTSP; C:\Windows\SysWOW64\Drivers\SRTSP64.SYS [447536 2010-03-08] (Symantec Corporation)
S3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL64.SYS [482352 2010-03-08] (Symantec Corporation)
S3 SRTSPL; C:\Windows\SysWOW64\Drivers\SRTSPL64.SYS [482352 2010-03-08] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX64.SYS [32304 2010-03-08] (Symantec Corporation)
R1 SRTSPX; C:\Windows\SysWOW64\Drivers\SRTSPX64.SYS [32304 2010-03-08] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [172592 2014-04-22] (Symantec Corporation)
R3 Teefer2; C:\Windows\System32\DRIVERS\teefer2.sys [64048 2009-12-28] (Symantec Corporation)
R1 WPS; C:\Windows\system32\drivers\wpsdrvnt.sys [52784 2010-04-16] (Symantec Corporation)
S3 WpsHelper; C:\Windows\system32\drivers\WpsHelper.sys [233120 2012-11-14] (Symantec Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-20 16:41 - 2014-06-20 16:42 - 00020267 _____ () C:\Users\Bleicher\Desktop\FRST.txt
2014-06-20 16:41 - 2014-06-20 16:42 - 00000000 ____D () C:\FRST
2014-06-20 16:40 - 2014-06-20 16:40 - 02083328 _____ (Farbar) C:\Users\Bleicher\Desktop\FRST64.exe
2014-06-20 16:38 - 2014-06-20 16:38 - 00000478 _____ () C:\Users\Bleicher\Desktop\defogger_disable.log
2014-06-20 16:38 - 2014-06-20 16:38 - 00000000 _____ () C:\Users\Bleicher\defogger_reenable
2014-06-20 16:36 - 2014-06-20 16:36 - 00050477 _____ () C:\Users\Bleicher\Desktop\Defogger.exe
2014-06-20 11:07 - 2014-06-20 11:07 - 00006576 ____N () C:\bootsqm.dat
2014-06-16 12:15 - 2014-06-16 12:15 - 00000000 ____D () C:\Users\Bleicher\AppData\Local\{B490D864-52E2-4570-9AE5-EFDE1A8C5839}
2014-06-12 16:55 - 2014-06-12 16:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-11 19:31 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 19:31 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 19:31 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 19:31 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 19:31 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 19:31 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 19:31 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 19:31 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 19:31 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 19:31 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 19:31 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 19:31 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 19:31 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 19:31 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 19:31 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 19:31 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 19:31 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 19:31 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 19:31 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 19:31 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 19:31 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 19:31 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 19:31 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 19:31 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 19:31 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 19:31 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 19:31 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 19:31 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 19:31 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 19:31 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 19:31 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 19:31 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 19:31 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 19:31 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 19:31 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 19:31 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 19:31 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 19:31 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 19:31 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 19:31 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 19:31 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 19:31 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 19:31 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 19:31 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-11 19:31 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 19:31 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 19:31 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 19:31 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 19:31 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 19:31 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 19:31 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 19:31 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 19:31 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 19:31 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 19:31 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 19:31 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 19:31 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 19:31 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 19:31 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 19:31 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 19:31 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 19:31 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 19:31 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 19:31 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-11 19:29 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-11 19:29 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-29 18:19 - 2014-05-29 18:20 - 01631072 _____ () C:\Users\Bleicher\Downloads\setup_Pixum_Fotobuch.exe
==================== One Month Modified Files and Folders =======
2014-06-20 16:42 - 2014-06-20 16:41 - 00020267 _____ () C:\Users\Bleicher\Desktop\FRST.txt
2014-06-20 16:42 - 2014-06-20 16:41 - 00000000 ____D () C:\FRST
2014-06-20 16:40 - 2014-06-20 16:40 - 02083328 _____ (Farbar) C:\Users\Bleicher\Desktop\FRST64.exe
2014-06-20 16:38 - 2014-06-20 16:38 - 00000478 _____ () C:\Users\Bleicher\Desktop\defogger_disable.log
2014-06-20 16:38 - 2014-06-20 16:38 - 00000000 _____ () C:\Users\Bleicher\defogger_reenable
2014-06-20 16:38 - 2011-12-26 16:21 - 00000000 ____D () C:\Users\Bleicher
2014-06-20 16:36 - 2014-06-20 16:36 - 00050477 _____ () C:\Users\Bleicher\Desktop\Defogger.exe
2014-06-20 16:31 - 2014-04-23 16:36 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-20 16:06 - 2011-04-13 04:33 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-20 15:22 - 2011-08-18 23:56 - 02021987 _____ () C:\Windows\WindowsUpdate.log
2014-06-20 14:06 - 2011-04-13 04:33 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-20 12:50 - 2009-07-14 06:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-20 12:50 - 2009-07-14 06:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-20 12:43 - 2011-08-19 00:03 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-20 12:43 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-20 12:42 - 2009-07-14 06:51 - 00178182 _____ () C:\Windows\setupact.log
2014-06-20 12:33 - 2012-01-04 21:07 - 00000000 ____D () C:\Users\Bleicher\AppData\Local\CrashDumps
2014-06-20 11:07 - 2014-06-20 11:07 - 00006576 ____N () C:\bootsqm.dat
2014-06-20 10:23 - 2011-12-30 16:59 - 00000000 ____D () C:\Users\Bleicher\Ulli
2014-06-19 15:46 - 2011-08-19 00:23 - 00000000 ____D () C:\ProgramData\Temp
2014-06-18 12:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-16 12:15 - 2014-06-16 12:15 - 00000000 ____D () C:\Users\Bleicher\AppData\Local\{B490D864-52E2-4570-9AE5-EFDE1A8C5839}
2014-06-13 18:34 - 2012-01-01 20:05 - 00344064 ___SH () C:\Users\Bleicher\Thumbs.db
2014-06-13 16:17 - 2012-05-12 15:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-12 17:26 - 2011-08-19 00:21 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2014-06-12 17:06 - 2013-08-11 17:22 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 17:04 - 2014-04-27 12:43 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-12 16:58 - 2011-12-27 13:09 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-12 16:55 - 2014-06-12 16:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-12 16:54 - 2014-05-07 14:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-08 11:13 - 2014-06-11 19:29 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-11 19:29 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-30 12:21 - 2014-06-11 19:31 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 12:02 - 2014-06-11 19:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 12:02 - 2014-06-11 19:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 11:45 - 2014-06-11 19:31 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 11:39 - 2014-06-11 19:31 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 11:39 - 2014-06-11 19:31 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 11:38 - 2014-06-11 19:31 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 11:28 - 2014-06-11 19:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 11:27 - 2014-06-11 19:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 11:24 - 2014-06-11 19:31 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 11:21 - 2014-06-11 19:31 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 11:21 - 2014-06-11 19:31 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 11:20 - 2014-06-11 19:31 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 11:18 - 2014-06-11 19:31 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 11:11 - 2014-06-11 19:31 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 11:08 - 2014-06-11 19:31 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 11:06 - 2014-06-11 19:31 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 11:02 - 2014-06-11 19:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 10:55 - 2014-06-11 19:31 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 10:49 - 2014-06-11 19:31 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 10:46 - 2014-06-11 19:31 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 10:44 - 2014-06-11 19:31 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 10:44 - 2014-06-11 19:31 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 10:43 - 2014-06-11 19:31 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 10:42 - 2014-06-11 19:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 10:38 - 2014-06-11 19:31 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 10:35 - 2014-06-11 19:31 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 10:34 - 2014-06-11 19:31 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 10:33 - 2014-06-11 19:31 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 10:30 - 2014-06-11 19:31 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 10:29 - 2014-06-11 19:31 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 10:28 - 2014-06-11 19:31 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 10:27 - 2014-06-11 19:31 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 10:24 - 2014-06-11 19:31 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 10:23 - 2014-06-11 19:31 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 10:16 - 2014-06-11 19:31 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 10:10 - 2014-06-11 19:31 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 10:06 - 2014-06-11 19:31 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 10:04 - 2014-06-11 19:31 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 10:02 - 2014-06-11 19:31 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 09:56 - 2014-06-11 19:31 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 09:56 - 2014-06-11 19:31 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 09:54 - 2014-06-11 19:31 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 09:50 - 2014-06-11 19:31 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 09:49 - 2014-06-11 19:31 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 09:43 - 2014-06-11 19:31 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 09:40 - 2014-06-11 19:31 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 09:30 - 2014-06-11 19:31 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 09:21 - 2014-06-11 19:31 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 09:15 - 2014-06-11 19:31 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 09:13 - 2014-06-11 19:31 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 09:13 - 2014-06-11 19:31 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-29 18:20 - 2014-05-29 18:19 - 01631072 _____ () C:\Users\Bleicher\Downloads\setup_Pixum_Fotobuch.exe
2014-05-29 18:19 - 2012-08-26 16:34 - 00000000 ____D () C:\ProgramData\tmp
2014-05-24 13:14 - 2012-11-12 21:12 - 00007618 _____ () C:\Users\Bleicher\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-18 12:44
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-06-2014
Ran by Bleicher at 2014-06-20 16:43:03
Running from C:\Users\Bleicher\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Symantec Endpoint Protection (Enabled - Up to date) {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Symantec Endpoint Protection (Enabled - Up to date) {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Symantec Endpoint Protection (Disabled) {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
==================== Installed Programs ======================
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.7.700.224 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.3.633 - Adobe Systems, Inc.)
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.4.0.26 - Amazon Services LLC)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.14 - ASUS)
ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.1.0 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.22 - ASUS)
ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{33B98264-A889-4913-A0CA-C364A75032B3}) (Version: 1.1.45 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0011 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0031 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{AECA3622-E634-4A55-A696-70A511CBE06E}) (Version: 2.0.0 - AsusTek Computer Inc.)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.21 - asus)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.84.161 - eCareme Technologies, Inc.)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.4.617 - ASUSTEK)
Atheros Client Installation Program (HKLM-x32\...\{D3694B69-6F8C-42D3-8A0A-EB2AB528C02C}) (Version: 7.0 - Atheros)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0010 - ASUS)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.65 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bookworm Deluxe (HKLM-x32\...\Bookworm Deluxe) (Version: - Oberon Media Inc.)
Browser Guard (HKLM-x32\...\Browser Guard) (Version: - )
Civilization III (HKLM-x32\...\{0AD84416-63A4-4CF3-BDDF-8FA866711FB0}) (Version: - )
Civilization III: Conquests (HKLM-x32\...\{F31BC49F-AB7B-4A53-A399-EB7331B585BC}) (Version: - )
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Cooking Dash (HKLM-x32\...\Cooking Dash) (Version: - Oberon Media Inc.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1908 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.1.3602c - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.2312.52 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.2312.52 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{CA75CBF9-B078-47CB-ABA3-74EFD4FC9A43}) (Version: - Microsoft)
ETDWare PS/2-X64 8.0.5.1_WHQL (HKLM\...\Elantech) (Version: 8.0.5.1 - ELAN Microelectronic Corp.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.9 - ASUS)
FunPhotor 6.1 (HKLM-x32\...\FunPhotor_is1) (Version: - ZeallSoft, Inc.)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Game Park Console (HKLM-x32\...\{E71E60C1-533E-45A5-8D80-E475E88D2B17}_is1) (Version: 6.2.1.1 - Oberon Media, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Hotel Dash Suite Success (HKLM-x32\...\Hotel Dash Suite Success) (Version: - Oberon Media Inc.)
HP Deskjet 1050 J410 series - Grundlegende Software für das Gerät (HKLM\...\{C3F12DD0-54B1-4B2B-A82B-FA43502BC550}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 1050 J410 series Hilfe (HKLM-x32\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3781 - HP Photo Creations Powered by RocketLife)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2345 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Intel(R) Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 13 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217013FF}) (Version: 7.0.130 - Oracle)
Java 8 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418005FF}) (Version: 8.0.50 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.05.13 - Oracle, Inc.) Hidden
Jewel Quest 3 (HKLM-x32\...\Jewel Quest 3) (Version: - Oberon Media Inc.)
Juniper Networks Host Checker (HKCU\...\Neoteris_Host_Checker) (Version: 7.1.0.19243 - Juniper Networks)
Juniper Networks, Inc. Setup Client (HKCU\...\Juniper_Setup_Client) (Version: 7.1.4.13103 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Konz 2012 (HKLM-x32\...\InstallShield_{1D33BCF7-B5B6-4148-B888-9CC2EC208556}) (Version: 1.00.0000 - USM)
Konz 2012 (x32 Version: 1.00.0000 - USM) Hidden
Konz 2013 (HKLM-x32\...\InstallShield_{76651FD7-2B71-4B61-9F3A-E82F52F08D92}) (Version: 1.00.0000 - USM)
Konz 2013 (x32 Version: 1.00.0000 - USM) Hidden
LiveUpdate 3.3 (Symantec Corporation) (HKLM-x32\...\LiveUpdate) (Version: 3.3.0.96 - Symantec Corporation)
LOGO!Soft Comfort V7.0 (Demo) (HKLM\...\LOGO!Soft Comfort V7.0 (Demo)) (Version: 7.0.0.0 - Siemens AG)
Luxor 3 (HKLM-x32\...\Luxor 3) (Version: - Oberon Media Inc.)
Mahjongg dimensions (HKLM-x32\...\Mahjongg dimensions) (Version: - Oberon Media Inc.)
McDonald's Dragons (HKLM-x32\...\McDonald's Dragons ) (Version: - Name of your company)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NAVIGON Fresh 3.5.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.5.1 - NAVIGON)
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
NetSchafkopf (HKLM-x32\...\{A617C55E-08F5-4AD0-B644-1A7939A77A45}) (Version: 1.1.1 - CuteSoft)
netWatten (HKCU\...\netWatten) (Version: - netWatten.com)
Nuance PDF Reader (HKLM-x32\...\{B480904D-F73F-4673-B034-8A5F492C9184}) (Version: 6.00.0041 - Nuance Communications, Inc.)
NVIDIA 3D Vision Driver 268.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 268.39 - NVIDIA Corporation)
NVIDIA Control Panel 268.39 (Version: 268.39 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 268.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.39 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.2.22.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.22.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.265.41.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.0.21 (Version: 1.0.21 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6839 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 1.0.21 - NVIDIA Corporation) Hidden
PC Tools Registry Mechanic 11.0 (HKLM-x32\...\Registry Mechanic_is1) (Version: 11.0 - PC Tools)
Pixum Fotobuch (HKLM-x32\...\Pixum Fotobuch) (Version: 5.1.5 - CEWE Stiftung u Co. KGaA)
Plants vs Zombies (HKLM-x32\...\Plants vs Zombies) (Version: - Oberon Media Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Ravensburger tiptoi (HKLM-x32\...\Ravensburger tiptoi) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6370 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10008 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Sonic Focus (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.0.0.4 - Synopsys )
Steuer 2011 (HKLM-x32\...\{4785CED6-73B3-45FA-AFE6-EDEDFDE67842}) (Version: 19.00.7304 - Buhl Data Service GmbH)
Steuer 2012 (HKLM-x32\...\{01159E8A-44F7-4885-A7F9-872CE4D74063}) (Version: 20.00.8137 - Buhl Data Service GmbH)
Studie zur Verbesserung von HP Deskjet 1050 J410 series Produkten (HKLM\...\{B099E941-4789-46A1-9B14-01CFD04E03B3}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
Sudoku Deluxe 4 Kids (HKLM-x32\...\Sudoku Deluxe 4 Kids_is1) (Version: - cerasus.media)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Symantec Endpoint Protection (HKLM\...\{0A2163CB-4F47-44AA-A219-36133260CF17}) (Version: 11.0.6005.562 - *Symantec Corporation)
syncables desktop SE (HKLM-x32\...\{341697D8-9923-445E-B42A-529E5A99CB7A}) (Version: 5.5.746.11492 - syncables)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.31.1 - ASUS)
WinPatrol (HKLM\...\{84481A87-2316-4923-8FAB-3BA8CA29323D}) (Version: 30.9.2014.0 - BillP Studios)
WinZip 17.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240D9}) (Version: 17.0.10381 - WinZip Computing, S.L. )
Wireless Console 3 (HKLM-x32\...\{8150221C-8F7E-4997-AD4E-AFDEE7F4B410}) (Version: 3.0.21 - ASUS)
World of Goo (HKLM-x32\...\World of Goo) (Version: - Oberon Media Inc.)
Zahlenbuch 2 (HKLM-x32\...\Zahlenbuch 2) (Version: - )
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים (HKLM-x32\...\{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}) (Version: 15.4.5722.2 - Microsoft Corporation)
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (HKLM-x32\...\{E18B30AA-6E2D-480C-B918-AF61009F4010}) (Version: 15.4.5722.2 - Microsoft Corporation)
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)
==================== Restore Points =========================
02-06-2014 14:59:02 Geplanter Prüfpunkt
12-06-2014 14:52:43 Windows Update
20-06-2014 08:53:02 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2009-07-14 04:34 - 2014-03-17 19:13 - 00450709 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
Task: {09E8C366-90BC-4C44-90E8-6EC25B787EE7} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {0F688D4E-7DE0-4EBC-B0F5-D1F599365003} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2011-06-01] (ASUS)
Task: {1D66CDFD-B660-429C-9F2C-DCD7398EA952} - System32\Tasks\RMSmartUpdate => C:\Program Files (x86)\PC Tools Registry Mechanic\update.exe [2012-01-04] (PC Tools)
Task: {4599A43F-1B0F-4E65-BDC0-E50DBAC79208} - System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {53F6718F-03F8-44D5-8C42-7E08AEF09B17} - \MySearchDial No Task File <==== ATTENTION
Task: {5F24787F-E7C4-4958-B662-311873036BCF} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {60F398C6-F009-4FEB-B4EF-955537F134F2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13] (Google Inc.)
Task: {6D01AAEE-4E12-4945-859B-70DF673D933B} - System32\Tasks\HpWebReg.exe => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HpWebReg.exe
Task: {6FF3778F-AA47-4A28-B679-AA64FDC0BC6D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-23] (Adobe Systems Incorporated)
Task: {7D450A38-827E-48FA-BFFB-52CD0092749E} - \Digital Sites No Task File <==== ATTENTION
Task: {84A77F86-B445-48DE-B57F-B89B693CD5C2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13] (Google Inc.)
Task: {88B08C30-6E1B-4A02-A1DF-75993B46CE4D} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {9721A1D1-A166-4253-B566-19BE97550D92} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {9B795544-62AB-4C35-A187-526EB3E3B666} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2010-11-15] (ASUS)
Task: {AF35A640-026F-4A4F-A614-7AC0643E77FC} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2010-08-02] (ASUS)
Task: {D510E29A-1C26-44D8-ADBA-E439C9AA0492} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2010-07-15 01:11 - 2010-07-15 01:11 - 00031360 _____ () C:\Program Files\P4G\DevMng.dll
2011-08-19 00:19 - 2007-11-30 20:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
2010-04-03 04:21 - 2008-10-01 08:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2013-09-01 12:30 - 2013-09-11 08:44 - 03233806 _____ () C:\Program Files (x86)\Tor\tor.exe
2011-06-20 16:01 - 2011-03-26 09:29 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-12-19 23:28 - 2014-03-07 22:39 - 03168576 _____ () C:\Users\Bleicher\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2010-11-30 00:04 - 2010-11-30 00:04 - 00403968 _____ () C:\Program Files\Intel\TurboBoost\de\SignalIslandUi.resources.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-04-23 17:03 - 2014-04-22 20:39 - 00645592 ____N () C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll
2014-06-12 16:55 - 2014-06-12 16:55 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2011-04-28 15:03 - 2011-04-28 15:03 - 00235112 _____ () C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-02-14 21:28 - 2014-02-14 21:28 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\3e27ac2000641918e7215d97c63e957d\IsdiInterop.ni.dll
2011-08-18 23:59 - 2011-01-13 02:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:3E7393FC
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
AlternateDataStreams: C:\ProgramData\Temp:D20FFA63
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antvirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccEvtMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccSetMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmcService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Symantec Antivirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Symantec Antvirus => ""="Service"
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AsusVibeLauncher.lnk => C:\Windows\pss\AsusVibeLauncher.lnkCommon Startup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk => C:\Windows\pss\FancyStart daemon.lnkCommon Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: ASUSPRP => "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
MSCONFIG\startupreg: ASUSWebStorage => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: ATKMEDIA => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
MSCONFIG\startupreg: ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: BDRegion => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
MSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NBKeyScan => "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
MSCONFIG\startupreg: NUSB3MON => "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
MSCONFIG\startupreg: RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: SonicMasterTray => C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Syncables => C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe
MSCONFIG\startupreg: USBChargerPlusTray => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
MSCONFIG\startupreg: Wireless Console 3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/20/2014 04:40:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000053290
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Error: (06/20/2014 04:37:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000053290
ID des fehlerhaften Prozesses: 0x128c
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Error: (06/20/2014 04:37:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: ASUSWSShellExt64.dll, Version: 1.1.0.27, Zeitstempel: 0x4c7f631d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000051da
ID des fehlerhaften Prozesses: 0x15d8
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Error: (06/20/2014 04:37:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000053290
ID des fehlerhaften Prozesses: 0xaa4
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Error: (06/20/2014 04:37:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: ASUSWSShellExt64.dll, Version: 1.1.0.27, Zeitstempel: 0x4c7f631d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000051da
ID des fehlerhaften Prozesses: 0x360
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Error: (06/20/2014 04:37:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000053290
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Error: (06/20/2014 00:44:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: ASUSWSShellExt64.dll, Version: 1.1.0.27, Zeitstempel: 0x4c7f631d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000051da
ID des fehlerhaften Prozesses: 0xef4
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Error: (06/20/2014 00:43:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: ASUSWSShellExt64.dll, Version: 1.1.0.27, Zeitstempel: 0x4c7f631d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000051da
ID des fehlerhaften Prozesses: 0x884
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Error: (06/20/2014 00:41:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: ASUSWSShellExt64.dll, Version: 1.1.0.27, Zeitstempel: 0x4c7f631d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000051da
ID des fehlerhaften Prozesses: 0x158
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Error: (06/20/2014 00:40:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: ASUSWSShellExt64.dll, Version: 1.1.0.27, Zeitstempel: 0x4c7f631d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000051da
ID des fehlerhaften Prozesses: 0x94
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
System errors:
=============
Error: (06/20/2014 00:45:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update Service (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (06/20/2014 00:45:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Google Update Service (gupdate) erreicht.
Error: (06/20/2014 00:41:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (06/20/2014 00:41:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (06/20/2014 00:41:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (06/20/2014 00:41:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (06/20/2014 00:41:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (06/20/2014 00:41:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (06/20/2014 00:41:12 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (06/20/2014 00:41:12 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Microsoft Office Sessions:
=========================
Error: (06/20/2014 04:40:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c00000050000000000053290
Error: (06/20/2014 04:37:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c00000050000000000053290128c01cf8c95314b64f3C:\Windows\explorer.exeC:\Windows\SYSTEM32\ntdll.dll6f558925-f888-11e3-90bf-d0df9a8539d2
Error: (06/20/2014 04:37:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d672ee4ASUSWSShellExt64.dll1.1.0.274c7f631dc000000500000000000051da15d801cf8c952d083b60C:\Windows\explorer.exeC:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll6b0a48ec-f888-11e3-90bf-d0df9a8539d2
Error: (06/20/2014 04:37:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c00000050000000000053290aa401cf8c9528bbc382C:\Windows\explorer.exeC:\Windows\SYSTEM32\ntdll.dll66c4fd24-f888-11e3-90bf-d0df9a8539d2
Error: (06/20/2014 04:37:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d672ee4ASUSWSShellExt64.dll1.1.0.274c7f631dc000000500000000000051da36001cf8c952448ff28C:\Windows\explorer.exeC:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll627af654-f888-11e3-90bf-d0df9a8539d2
Error: (06/20/2014 04:37:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c00000050000000000053290
Error: (06/20/2014 00:44:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ASUSWSShellExt64.dll1.1.0.274c7f631dc000000500000000000051daef401cf8c749c873906C:\Windows\Explorer.EXEC:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dlldb7888af-f867-11e3-90bf-d0df9a8539d2
Error: (06/20/2014 00:43:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ASUSWSShellExt64.dll1.1.0.274c7f631dc000000500000000000051da88401cf8c746accd2bcC:\Windows\Explorer.EXEC:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dllb9a389d6-f867-11e3-90bf-d0df9a8539d2
Error: (06/20/2014 00:41:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ASUSWSShellExt64.dll1.1.0.274c7f631dc000000500000000000051da15801cf8c7418303ccfC:\Windows\Explorer.EXEC:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll5f1d40e0-f867-11e3-a0dd-f080336ee2ae
Error: (06/20/2014 00:40:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ASUSWSShellExt64.dll1.1.0.274c7f631dc000000500000000000051da9401cf8c740cc522feC:\Windows\Explorer.EXEC:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll53afc5af-f867-11e3-a0dd-f080336ee2ae
==================== Memory info ===========================
Percentage of memory in use: 31%
Total physical RAM: 8100.97 MB
Available physical RAM: 5571.32 MB
Total Pagefile: 16200.13 MB
Available Pagefile: 13623.24 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:400.55 GB) (Free:254.21 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:505.96 GB) (Free:505.75 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 0CD9B3F5)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=401 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=506 GB) - (Type=OF Extended)
==================== End Of Log ============================
|
|
20.06.2014, 16:41
| #2 |
| | Windows(7)-Explorer - Fehler beim Hochfahren Fortsetzung
__________________Schritt 3: Scan mit GMER Hier das File Code:
ATTFilter MER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-06-20 17:08:01
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST310005 rev.CC46 931,51GB
Running: Gmer-19357.exe; Driver: C:\Users\Bleicher\AppData\Local\Temp\pwddikod.sys
---- User code sections - GMER 2.1 ----
.text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1196] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 000000007706f2e0 5 bytes JMP 000000016fff0148
.text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1196] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 0000000077099a30 7 bytes JMP 000000016fff00d8
.text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1196] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000770a94c0 5 bytes JMP 000000016fff0180
.text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1196] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 00000000770a9630 5 bytes JMP 000000016fff0110
.text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1196] C:\Windows\system32\kernel32.dll!RegSetValueExA 00000000770c87e0 7 bytes JMP 000000016fff01b8
.text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1196] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd1a2db0 5 bytes JMP 000007fffd190180
.text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1196] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd1a37d0 7 bytes JMP 000007fffd1900d8
.text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1196] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd1a8ef0 6 bytes JMP 000007fffd190148
.text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1196] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd1baf60 5 bytes JMP 000007fffd190110
.text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1196] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe3389e0 8 bytes JMP 000007fffd1901f0
.text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1196] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe33be40 8 bytes JMP 000007fffd1901b8
.text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1196] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefe147490 11 bytes JMP 000007fffd190228
.text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1196] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefe15bf00 7 bytes JMP 000007fffd190260
.text C:\Windows\system32\Dwm.exe[2128] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd1a2db0 5 bytes JMP 000007fffd190180
.text C:\Windows\system32\Dwm.exe[2128] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd1a37d0 7 bytes JMP 000007fffd1900d8
.text C:\Windows\system32\Dwm.exe[2128] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd1a8ef0 6 bytes JMP 000007fffd190148
.text C:\Windows\system32\Dwm.exe[2128] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd1baf60 5 bytes JMP 000007fffd190110
.text C:\Windows\system32\Dwm.exe[2128] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe3389e0 8 bytes JMP 000007fffd1901f0
.text C:\Windows\system32\Dwm.exe[2128] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe33be40 8 bytes JMP 000007fffd1901b8
.text C:\Windows\system32\taskeng.exe[2292] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd1a2db0 5 bytes JMP 000007fffd190180
.text C:\Windows\system32\taskeng.exe[2292] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd1a37d0 7 bytes JMP 000007fffd1900d8
.text C:\Windows\system32\taskeng.exe[2292] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd1a8ef0 6 bytes JMP 000007fffd190148
.text C:\Windows\system32\taskeng.exe[2292] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd1baf60 5 bytes JMP 000007fffd190110
.text C:\Windows\system32\taskeng.exe[2292] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe3389e0 8 bytes JMP 000007fffd1901f0
.text C:\Windows\system32\taskeng.exe[2292] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe33be40 8 bytes JMP 000007fffd1901b8
.text C:\Windows\system32\taskeng.exe[2292] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefe147490 11 bytes JMP 000007fffd190228
.text C:\Windows\system32\taskeng.exe[2292] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefe15bf00 7 bytes JMP 000007fffd190260
.text C:\Windows\system32\taskeng.exe[2344] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd1a2db0 5 bytes JMP 000007fffd190180
.text C:\Windows\system32\taskeng.exe[2344] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd1a37d0 7 bytes JMP 000007fffd1900d8
.text C:\Windows\system32\taskeng.exe[2344] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd1a8ef0 6 bytes JMP 000007fffd190148
.text C:\Windows\system32\taskeng.exe[2344] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd1baf60 5 bytes JMP 000007fffd190110
.text C:\Windows\system32\taskeng.exe[2344] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe3389e0 8 bytes JMP 000007fffd1901f0
.text C:\Windows\system32\taskeng.exe[2344] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe33be40 8 bytes JMP 000007fffd1901b8
.text C:\Windows\system32\taskeng.exe[2344] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefe147490 11 bytes JMP 000007fffd190228
.text C:\Windows\system32\taskeng.exe[2344] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefe15bf00 7 bytes JMP 000007fffd190260
.text C:\Windows\AsScrPro.exe[2844] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076a11465 2 bytes [A1, 76]
.text C:\Windows\AsScrPro.exe[2844] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076a114bb 2 bytes [A1, 76]
.text ... * 2
.text C:\Windows\System32\igfxpers.exe[3540] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd1a2db0 5 bytes JMP 000007fffd190180
.text C:\Windows\System32\igfxpers.exe[3540] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd1a37d0 7 bytes JMP 000007fffd1900d8
.text C:\Windows\System32\igfxpers.exe[3540] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd1a8ef0 6 bytes JMP 000007fffd190148
.text C:\Windows\System32\igfxpers.exe[3540] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd1baf60 5 bytes JMP 000007fffd190110
.text C:\Windows\System32\igfxpers.exe[3540] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe3389e0 8 bytes JMP 000007fffd1901f0
.text C:\Windows\System32\igfxpers.exe[3540] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe33be40 8 bytes JMP 000007fffd1901b8
.text C:\Windows\System32\igfxpers.exe[3540] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefe147490 11 bytes JMP 000007fffd190228
.text C:\Windows\System32\igfxpers.exe[3540] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefe15bf00 7 bytes JMP 000007fffd190260
.text C:\Program Files\Elantech\ETDCtrl.exe[3548] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 000000007706f2e0 5 bytes JMP 000000016fff0148
.text C:\Program Files\Elantech\ETDCtrl.exe[3548] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 0000000077099a30 7 bytes JMP 000000016fff00d8
.text C:\Program Files\Elantech\ETDCtrl.exe[3548] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000770a94c0 5 bytes JMP 000000016fff0180
.text C:\Program Files\Elantech\ETDCtrl.exe[3548] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 00000000770a9630 5 bytes JMP 000000016fff0110
.text C:\Program Files\Elantech\ETDCtrl.exe[3548] C:\Windows\system32\kernel32.dll!RegSetValueExA 00000000770c87e0 7 bytes JMP 000000016fff01b8
.text C:\Program Files\Elantech\ETDCtrl.exe[3548] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd1a2db0 5 bytes JMP 000007fffd190180
.text C:\Program Files\Elantech\ETDCtrl.exe[3548] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd1a37d0 7 bytes JMP 000007fffd1900d8
.text C:\Program Files\Elantech\ETDCtrl.exe[3548] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd1a8ef0 6 bytes JMP 000007fffd190148
.text C:\Program Files\Elantech\ETDCtrl.exe[3548] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd1baf60 5 bytes JMP 000007fffd190110
.text C:\Program Files\Elantech\ETDCtrl.exe[3548] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe3389e0 8 bytes JMP 000007fffd1901f0
.text C:\Program Files\Elantech\ETDCtrl.exe[3548] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe33be40 8 bytes JMP 000007fffd1901b8
.text C:\Program Files\Elantech\ETDCtrl.exe[3548] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefe147490 11 bytes JMP 000007fffd190228
.text C:\Program Files\Elantech\ETDCtrl.exe[3548] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefe15bf00 7 bytes JMP 000007fffd190260
.text C:\Users\Bleicher\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe[3660] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076a11465 2 bytes [A1, 76]
.text C:\Users\Bleicher\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe[3660] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076a114bb 2 bytes [A1, 76]
.text ... * 2
.text C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe[3668] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076a11465 2 bytes [A1, 76]
.text C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe[3668] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076a114bb 2 bytes [A1, 76]
.text ... * 2
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[3724] C:\Windows\system32\KERNEL32.dll!K32GetMappedFileNameW 000000007706f2e0 5 bytes JMP 000000016fff0148
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[3724] C:\Windows\system32\KERNEL32.dll!K32EnumProcessModulesEx 0000000077099a30 7 bytes JMP 000000016fff00d8
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[3724] C:\Windows\system32\KERNEL32.dll!K32GetModuleInformation 00000000770a94c0 5 bytes JMP 000000016fff0180
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[3724] C:\Windows\system32\KERNEL32.dll!K32GetModuleFileNameExW 00000000770a9630 5 bytes JMP 000000016fff0110
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[3724] C:\Windows\system32\KERNEL32.dll!RegSetValueExA 00000000770c87e0 7 bytes JMP 000000016fff01b8
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[3724] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd1a2db0 5 bytes JMP 000007fffd190180
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[3724] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd1a37d0 7 bytes JMP 000007fffd1900d8
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[3724] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd1a8ef0 6 bytes JMP 000007fffd190148
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[3724] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd1baf60 5 bytes JMP 000007fffd190110
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[3724] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe3389e0 8 bytes JMP 000007fffd1901f0
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[3724] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe33be40 8 bytes JMP 000007fffd1901b8
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[3724] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefe147490 11 bytes JMP 000007fffd190228
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[3724] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefe15bf00 7 bytes JMP 000007fffd190260
.text C:\Program Files\Elantech\ETDCtrlHelper.exe[4332] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 000000007706f2e0 5 bytes JMP 000000016fff0148
.text C:\Program Files\Elantech\ETDCtrlHelper.exe[4332] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 0000000077099a30 7 bytes JMP 000000016fff00d8
.text C:\Program Files\Elantech\ETDCtrlHelper.exe[4332] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000770a94c0 5 bytes JMP 000000016fff0180
.text C:\Program Files\Elantech\ETDCtrlHelper.exe[4332] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 00000000770a9630 5 bytes JMP 000000016fff0110
.text C:\Program Files\Elantech\ETDCtrlHelper.exe[4332] C:\Windows\system32\kernel32.dll!RegSetValueExA 00000000770c87e0 7 bytes JMP 000000016fff01b8
.text C:\Program Files\Elantech\ETDCtrlHelper.exe[4332] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd1a2db0 5 bytes JMP 000007fffd190180
.text C:\Program Files\Elantech\ETDCtrlHelper.exe[4332] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd1a37d0 7 bytes JMP 000007fffd1900d8
.text C:\Program Files\Elantech\ETDCtrlHelper.exe[4332] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd1a8ef0 6 bytes JMP 000007fffd190148
.text C:\Program Files\Elantech\ETDCtrlHelper.exe[4332] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd1baf60 5 bytes JMP 000007fffd190110
.text C:\Program Files\Elantech\ETDCtrlHelper.exe[4332] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe3389e0 8 bytes JMP 000007fffd1901f0
.text C:\Program Files\Elantech\ETDCtrlHelper.exe[4332] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe33be40 8 bytes JMP 000007fffd1901b8
.text C:\Windows\SysWOW64\ACEngSvr.exe[4592] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd1a2db0 5 bytes JMP 000007fffd190180
.text C:\Windows\SysWOW64\ACEngSvr.exe[4592] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd1a37d0 7 bytes JMP 000007fffd1900d8
.text C:\Windows\SysWOW64\ACEngSvr.exe[4592] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd1a8ef0 6 bytes JMP 000007fffd190148
.text C:\Windows\SysWOW64\ACEngSvr.exe[4592] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd1baf60 5 bytes JMP 000007fffd190110
.text C:\Windows\SysWOW64\ACEngSvr.exe[4592] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe3389e0 8 bytes JMP 000007fffd1901f0
.text C:\Windows\SysWOW64\ACEngSvr.exe[4592] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe33be40 8 bytes JMP 000007fffd1901b8
.text C:\Windows\SysWOW64\ACEngSvr.exe[4592] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefe147490 11 bytes JMP 000007fffd190228
.text C:\Windows\SysWOW64\ACEngSvr.exe[4592] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefe15bf00 7 bytes JMP 000007fffd190260
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[3992] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076a11465 2 bytes [A1, 76]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[3992] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076a114bb 2 bytes [A1, 76]
.text ... * 2
---- Processes - GMER 2.1 ----
Library c:\users\bleicher\appdata\local\temp\7zs03ce\hpslpsvc64.dll (*** suspicious ***) @ C:\Windows\system32\svchost.exe [4700] (HP Network Devices Support/Hewlett-Packard Co.)(2013-08-11 17:42:48) 0000000180000000
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0025d3b2962e
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\d0df9a8539d2
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\d0df9a8539d2@c8e0eb8819a6 0x18 0x0A 0xE5 0x7F ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0025d3b2962e (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\d0df9a8539d2 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\d0df9a8539d2@c8e0eb8819a6 0x18 0x0A 0xE5 0x7F ...
---- EOF - GMER 2.1 ----
Darüber hinaus hab ich noch folgendes File. Könnte Hinweise auf Defekte enthalten. Code:
ATTFilter 2014-04-27 10:41:42, Info CSI 00000009 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:41:42, Info CSI 0000000a [SR] Beginning Verify and Repair transaction
2014-04-27 10:41:44, Info CSI 0000000c [SR] Verify complete
2014-04-27 10:41:44, Info CSI 0000000d [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:41:44, Info CSI 0000000e [SR] Beginning Verify and Repair transaction
2014-04-27 10:41:45, Info CSI 00000010 [SR] Verify complete
2014-04-27 10:41:45, Info CSI 00000011 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:41:45, Info CSI 00000012 [SR] Beginning Verify and Repair transaction
2014-04-27 10:41:46, Info CSI 00000014 [SR] Verify complete
2014-04-27 10:41:46, Info CSI 00000015 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:41:46, Info CSI 00000016 [SR] Beginning Verify and Repair transaction
2014-04-27 10:41:48, Info CSI 00000018 [SR] Verify complete
2014-04-27 10:41:48, Info CSI 00000019 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:41:48, Info CSI 0000001a [SR] Beginning Verify and Repair transaction
2014-04-27 10:41:49, Info CSI 0000001c [SR] Verify complete
2014-04-27 10:41:49, Info CSI 0000001d [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:41:49, Info CSI 0000001e [SR] Beginning Verify and Repair transaction
2014-04-27 10:41:50, Info CSI 00000020 [SR] Verify complete
2014-04-27 10:41:50, Info CSI 00000021 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:41:50, Info CSI 00000022 [SR] Beginning Verify and Repair transaction
2014-04-27 10:41:54, Info CSI 00000024 [SR] Verify complete
2014-04-27 10:41:54, Info CSI 00000025 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:41:54, Info CSI 00000026 [SR] Beginning Verify and Repair transaction
2014-04-27 10:41:56, Info CSI 00000028 [SR] Verify complete
2014-04-27 10:41:56, Info CSI 00000029 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:41:56, Info CSI 0000002a [SR] Beginning Verify and Repair transaction
2014-04-27 10:41:58, Info CSI 0000002c [SR] Verify complete
2014-04-27 10:41:58, Info CSI 0000002d [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:41:58, Info CSI 0000002e [SR] Beginning Verify and Repair transaction
2014-04-27 10:41:59, Info CSI 00000030 [SR] Verify complete
2014-04-27 10:42:00, Info CSI 00000031 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:42:00, Info CSI 00000032 [SR] Beginning Verify and Repair transaction
2014-04-27 10:42:01, Info CSI 00000034 [SR] Verify complete
2014-04-27 10:42:01, Info CSI 00000035 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:42:01, Info CSI 00000036 [SR] Beginning Verify and Repair transaction
2014-04-27 10:42:04, Info CSI 00000038 [SR] Verify complete
2014-04-27 10:42:04, Info CSI 00000039 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:42:04, Info CSI 0000003a [SR] Beginning Verify and Repair transaction
2014-04-27 10:42:05, Info CSI 0000003c [SR] Verify complete
2014-04-27 10:42:05, Info CSI 0000003d [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:42:05, Info CSI 0000003e [SR] Beginning Verify and Repair transaction
2014-04-27 10:42:06, Info CSI 00000040 [SR] Verify complete
2014-04-27 10:42:06, Info CSI 00000041 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:42:06, Info CSI 00000042 [SR] Beginning Verify and Repair transaction
2014-04-27 10:42:10, Info CSI 00000045 [SR] Verify complete
2014-04-27 10:42:10, Info CSI 00000046 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:42:10, Info CSI 00000047 [SR] Beginning Verify and Repair transaction
2014-04-27 10:42:14, Info CSI 0000004b [SR] Verify complete
2014-04-27 10:42:14, Info CSI 0000004c [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:42:14, Info CSI 0000004d [SR] Beginning Verify and Repair transaction
2014-04-27 10:42:17, Info CSI 00000051 [SR] Verify complete
2014-04-27 10:42:17, Info CSI 00000052 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:42:17, Info CSI 00000053 [SR] Beginning Verify and Repair transaction
2014-04-27 10:42:20, Info CSI 00000055 [SR] Verify complete
2014-04-27 10:42:20, Info CSI 00000056 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:42:20, Info CSI 00000057 [SR] Beginning Verify and Repair transaction
2014-04-27 10:42:25, Info CSI 0000006a [SR] Verify complete
2014-04-27 10:42:25, Info CSI 0000006b [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:42:25, Info CSI 0000006c [SR] Beginning Verify and Repair transaction
2014-04-27 10:42:30, Info CSI 00000080 [SR] Verify complete
2014-04-27 10:42:30, Info CSI 00000081 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:42:30, Info CSI 00000082 [SR] Beginning Verify and Repair transaction
2014-04-27 10:42:34, Info CSI 00000084 [SR] Verify complete
2014-04-27 10:42:34, Info CSI 00000085 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:42:34, Info CSI 00000086 [SR] Beginning Verify and Repair transaction
2014-04-27 10:42:38, Info CSI 00000088 [SR] Verify complete
2014-04-27 10:42:38, Info CSI 00000089 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:42:38, Info CSI 0000008a [SR] Beginning Verify and Repair transaction
2014-04-27 10:42:42, Info CSI 0000008c [SR] Verify complete
2014-04-27 10:42:42, Info CSI 0000008d [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:42:42, Info CSI 0000008e [SR] Beginning Verify and Repair transaction
2014-04-27 10:42:45, Info CSI 00000090 [SR] Verify complete
2014-04-27 10:42:45, Info CSI 00000091 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:42:45, Info CSI 00000092 [SR] Beginning Verify and Repair transaction
2014-04-27 10:42:50, Info CSI 00000094 [SR] Verify complete
2014-04-27 10:42:50, Info CSI 00000095 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:42:50, Info CSI 00000096 [SR] Beginning Verify and Repair transaction
2014-04-27 10:42:56, Info CSI 000000c3 [SR] Verify complete
2014-04-27 10:42:56, Info CSI 000000c4 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:42:56, Info CSI 000000c5 [SR] Beginning Verify and Repair transaction
2014-04-27 10:43:01, Info CSI 000000c7 [SR] Verify complete
2014-04-27 10:43:01, Info CSI 000000c8 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:43:01, Info CSI 000000c9 [SR] Beginning Verify and Repair transaction
2014-04-27 10:43:09, Info CSI 000000cb [SR] Verify complete
2014-04-27 10:43:09, Info CSI 000000cc [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:43:09, Info CSI 000000cd [SR] Beginning Verify and Repair transaction
2014-04-27 10:43:15, Info CSI 000000d1 [SR] Verify complete
2014-04-27 10:43:15, Info CSI 000000d2 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:43:15, Info CSI 000000d3 [SR] Beginning Verify and Repair transaction
2014-04-27 10:43:17, Info CSI 000000d5 [SR] Verify complete
2014-04-27 10:43:18, Info CSI 000000d6 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:43:18, Info CSI 000000d7 [SR] Beginning Verify and Repair transaction
2014-04-27 10:43:18, Info CSI 000000d9 [SR] Verify complete
2014-04-27 10:43:19, Info CSI 000000da [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:43:19, Info CSI 000000db [SR] Beginning Verify and Repair transaction
2014-04-27 10:43:21, Info CSI 000000dd [SR] Verify complete
2014-04-27 10:43:21, Info CSI 000000de [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:43:21, Info CSI 000000df [SR] Beginning Verify and Repair transaction
2014-04-27 10:43:28, Info CSI 000000f2 [SR] Verify complete
2014-04-27 10:43:28, Info CSI 000000f3 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:43:28, Info CSI 000000f4 [SR] Beginning Verify and Repair transaction
2014-04-27 10:43:29, Info CSI 000000f6 [SR] Verify complete
2014-04-27 10:43:29, Info CSI 000000f7 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:43:29, Info CSI 000000f8 [SR] Beginning Verify and Repair transaction
2014-04-27 10:43:30, Info CSI 000000fa [SR] Cannot repair member file [l:22{11}]"PINTLGB.IMD" of Microsoft-Windows-IME-Simplified-Chinese-Core, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2014-04-27 10:43:31, Info CSI 000000fc [SR] Cannot repair member file [l:22{11}]"PINTLGB.IMD" of Microsoft-Windows-IME-Simplified-Chinese-Core, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2014-04-27 10:43:31, Info CSI 000000fd [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2014-04-27 10:43:31, Info CSI 00000100 [SR] Could not reproject corrupted file [ml:520{260},l:62{31}]"\??\C:\Windows\IME\IMESC5\DICTS"\[l:22{11}]"PINTLGB.IMD"; source file in store is also corrupted
2014-04-27 10:43:31, Info CSI 00000102 [SR] Verify complete
2014-04-27 10:43:31, Info CSI 00000103 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:43:31, Info CSI 00000104 [SR] Beginning Verify and Repair transaction
2014-04-27 10:43:33, Info CSI 00000106 [SR] Verify complete
2014-04-27 10:43:33, Info CSI 00000107 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:43:33, Info CSI 00000108 [SR] Beginning Verify and Repair transaction
2014-04-27 10:43:36, Info CSI 0000010a [SR] Verify complete
2014-04-27 10:43:36, Info CSI 0000010b [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:43:36, Info CSI 0000010c [SR] Beginning Verify and Repair transaction
2014-04-27 10:43:44, Info CSI 00000110 [SR] Verify complete
2014-04-27 10:43:44, Info CSI 00000111 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:43:44, Info CSI 00000112 [SR] Beginning Verify and Repair transaction
2014-04-27 10:43:47, Info CSI 00000114 [SR] Verify complete
2014-04-27 10:43:48, Info CSI 00000115 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:43:48, Info CSI 00000116 [SR] Beginning Verify and Repair transaction
2014-04-27 10:43:50, Info CSI 00000118 [SR] Verify complete
2014-04-27 10:43:50, Info CSI 00000119 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:43:50, Info CSI 0000011a [SR] Beginning Verify and Repair transaction
2014-04-27 10:43:54, Info CSI 0000011c [SR] Verify complete
2014-04-27 10:43:54, Info CSI 0000011d [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:43:54, Info CSI 0000011e [SR] Beginning Verify and Repair transaction
2014-04-27 10:43:57, Info CSI 00000120 [SR] Verify complete
2014-04-27 10:43:57, Info CSI 00000121 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:43:57, Info CSI 00000122 [SR] Beginning Verify and Repair transaction
2014-04-27 10:44:01, Info CSI 00000124 [SR] Verify complete
2014-04-27 10:44:02, Info CSI 00000125 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:44:02, Info CSI 00000126 [SR] Beginning Verify and Repair transaction
2014-04-27 10:44:10, Info CSI 00000132 [SR] Verify complete
2014-04-27 10:44:10, Info CSI 00000133 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:44:10, Info CSI 00000134 [SR] Beginning Verify and Repair transaction
2014-04-27 10:44:15, Info CSI 00000142 [SR] Verify complete
2014-04-27 10:44:15, Info CSI 00000143 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:44:15, Info CSI 00000144 [SR] Beginning Verify and Repair transaction
2014-04-27 10:44:32, Info CSI 00000146 [SR] Verify complete
2014-04-27 10:44:32, Info CSI 00000147 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:44:32, Info CSI 00000148 [SR] Beginning Verify and Repair transaction
2014-04-27 10:44:36, Info CSI 0000014a [SR] Verify complete
2014-04-27 10:44:36, Info CSI 0000014b [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:44:36, Info CSI 0000014c [SR] Beginning Verify and Repair transaction
2014-04-27 10:44:44, Info CSI 0000014e [SR] Verify complete
2014-04-27 10:44:44, Info CSI 0000014f [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:44:44, Info CSI 00000150 [SR] Beginning Verify and Repair transaction
2014-04-27 10:44:49, Info CSI 00000152 [SR] Verify complete
2014-04-27 10:44:49, Info CSI 00000153 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:44:49, Info CSI 00000154 [SR] Beginning Verify and Repair transaction
2014-04-27 10:44:53, Info CSI 00000156 [SR] Verify complete
2014-04-27 10:44:53, Info CSI 00000157 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:44:53, Info CSI 00000158 [SR] Beginning Verify and Repair transaction
2014-04-27 10:44:56, Info CSI 0000015a [SR] Verify complete
2014-04-27 10:44:56, Info CSI 0000015b [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:44:56, Info CSI 0000015c [SR] Beginning Verify and Repair transaction
2014-04-27 10:45:00, Info CSI 00000160 [SR] Verify complete
2014-04-27 10:45:00, Info CSI 00000161 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:45:00, Info CSI 00000162 [SR] Beginning Verify and Repair transaction
2014-04-27 10:45:07, Info CSI 00000164 [SR] Verify complete
2014-04-27 10:45:07, Info CSI 00000165 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:45:07, Info CSI 00000166 [SR] Beginning Verify and Repair transaction
2014-04-27 10:45:13, Info CSI 00000169 [SR] Verify complete
2014-04-27 10:45:13, Info CSI 0000016a [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:45:13, Info CSI 0000016b [SR] Beginning Verify and Repair transaction
2014-04-27 10:45:17, Info CSI 0000016d [SR] Verify complete
2014-04-27 10:45:18, Info CSI 0000016e [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:45:18, Info CSI 0000016f [SR] Beginning Verify and Repair transaction
2014-04-27 10:45:21, Info CSI 00000172 [SR] Verify complete
2014-04-27 10:45:22, Info CSI 00000173 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:45:22, Info CSI 00000174 [SR] Beginning Verify and Repair transaction
2014-04-27 10:45:27, Info CSI 00000177 [SR] Verify complete
2014-04-27 10:45:28, Info CSI 00000178 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:45:28, Info CSI 00000179 [SR] Beginning Verify and Repair transaction
2014-04-27 10:45:33, Info CSI 0000017b [SR] Verify complete
2014-04-27 10:45:33, Info CSI 0000017c [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:45:33, Info CSI 0000017d [SR] Beginning Verify and Repair transaction
2014-04-27 10:45:37, Info CSI 0000017f [SR] Verify complete
2014-04-27 10:45:37, Info CSI 00000180 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:45:37, Info CSI 00000181 [SR] Beginning Verify and Repair transaction
2014-04-27 10:45:41, Info CSI 00000183 [SR] Verify complete
2014-04-27 10:45:41, Info CSI 00000184 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:45:41, Info CSI 00000185 [SR] Beginning Verify and Repair transaction
2014-04-27 10:45:45, Info CSI 00000188 [SR] Verify complete
2014-04-27 10:45:45, Info CSI 00000189 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:45:45, Info CSI 0000018a [SR] Beginning Verify and Repair transaction
2014-04-27 10:45:51, Info CSI 0000018c [SR] Verify complete
2014-04-27 10:45:51, Info CSI 0000018d [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:45:51, Info CSI 0000018e [SR] Beginning Verify and Repair transaction
2014-04-27 10:45:53, Info CSI 00000190 [SR] Verify complete
2014-04-27 10:45:53, Info CSI 00000191 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:45:53, Info CSI 00000192 [SR] Beginning Verify and Repair transaction
2014-04-27 10:45:57, Info CSI 00000195 [SR] Verify complete
2014-04-27 10:45:57, Info CSI 00000196 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:45:57, Info CSI 00000197 [SR] Beginning Verify and Repair transaction
2014-04-27 10:46:02, Info CSI 0000019a [SR] Verify complete
2014-04-27 10:46:02, Info CSI 0000019b [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:46:02, Info CSI 0000019c [SR] Beginning Verify and Repair transaction
2014-04-27 10:46:06, Info CSI 0000019f [SR] Verify complete
2014-04-27 10:46:06, Info CSI 000001a0 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:46:06, Info CSI 000001a1 [SR] Beginning Verify and Repair transaction
2014-04-27 10:46:12, Info CSI 000001a3 [SR] Verify complete
2014-04-27 10:46:12, Info CSI 000001a4 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:46:12, Info CSI 000001a5 [SR] Beginning Verify and Repair transaction
2014-04-27 10:46:17, Info CSI 000001a8 [SR] Verify complete
2014-04-27 10:46:17, Info CSI 000001a9 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:46:17, Info CSI 000001aa [SR] Beginning Verify and Repair transaction
2014-04-27 10:46:20, Info CSI 000001ac [SR] Verify complete
2014-04-27 10:46:20, Info CSI 000001ad [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:46:20, Info CSI 000001ae [SR] Beginning Verify and Repair transaction
2014-04-27 10:46:23, Info CSI 000001b0 [SR] Verify complete
2014-04-27 10:46:23, Info CSI 000001b1 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:46:23, Info CSI 000001b2 [SR] Beginning Verify and Repair transaction
2014-04-27 10:46:26, Info CSI 000001b4 [SR] Verify complete
2014-04-27 10:46:26, Info CSI 000001b5 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:46:26, Info CSI 000001b6 [SR] Beginning Verify and Repair transaction
2014-04-27 10:46:29, Info CSI 000001b8 [SR] Verify complete
2014-04-27 10:46:29, Info CSI 000001b9 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:46:29, Info CSI 000001ba [SR] Beginning Verify and Repair transaction
2014-04-27 10:46:33, Info CSI 000001bc [SR] Verify complete
2014-04-27 10:46:33, Info CSI 000001bd [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:46:33, Info CSI 000001be [SR] Beginning Verify and Repair transaction
2014-04-27 10:46:36, Info CSI 000001c0 [SR] Verify complete
2014-04-27 10:46:36, Info CSI 000001c1 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:46:36, Info CSI 000001c2 [SR] Beginning Verify and Repair transaction
2014-04-27 10:46:40, Info CSI 000001c4 [SR] Verify complete
2014-04-27 10:46:40, Info CSI 000001c5 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:46:40, Info CSI 000001c6 [SR] Beginning Verify and Repair transaction
2014-04-27 10:46:53, Info CSI 000001c8 [SR] Verify complete
2014-04-27 10:46:53, Info CSI 000001c9 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:46:53, Info CSI 000001ca [SR] Beginning Verify and Repair transaction
2014-04-27 10:47:04, Info CSI 000001cc [SR] Verify complete
2014-04-27 10:47:04, Info CSI 000001cd [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:47:04, Info CSI 000001ce [SR] Beginning Verify and Repair transaction
2014-04-27 10:47:08, Info CSI 000001d0 [SR] Verify complete
2014-04-27 10:47:08, Info CSI 000001d1 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:47:08, Info CSI 000001d2 [SR] Beginning Verify and Repair transaction
2014-04-27 10:47:09, Info CSI 000001d4 [SR] Verify complete
2014-04-27 10:47:09, Info CSI 000001d5 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:47:09, Info CSI 000001d6 [SR] Beginning Verify and Repair transaction
2014-04-27 10:47:12, Info CSI 000001d8 [SR] Verify complete
2014-04-27 10:47:12, Info CSI 000001d9 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:47:12, Info CSI 000001da [SR] Beginning Verify and Repair transaction
2014-04-27 10:47:14, Info CSI 000001dc [SR] Verify complete
2014-04-27 10:47:14, Info CSI 000001dd [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:47:14, Info CSI 000001de [SR] Beginning Verify and Repair transaction
2014-04-27 10:47:17, Info CSI 000001e0 [SR] Verify complete
2014-04-27 10:47:17, Info CSI 000001e1 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:47:17, Info CSI 000001e2 [SR] Beginning Verify and Repair transaction
2014-04-27 10:47:18, Info CSI 000001e4 [SR] Verify complete
2014-04-27 10:47:18, Info CSI 000001e5 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:47:18, Info CSI 000001e6 [SR] Beginning Verify and Repair transaction
2014-04-27 10:47:19, Info CSI 000001e8 [SR] Verify complete
2014-04-27 10:47:19, Info CSI 000001e9 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:47:19, Info CSI 000001ea [SR] Beginning Verify and Repair transaction
2014-04-27 10:47:24, Info CSI 000001f2 [SR] Verify complete
2014-04-27 10:47:24, Info CSI 000001f3 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:47:24, Info CSI 000001f4 [SR] Beginning Verify and Repair transaction
2014-04-27 10:47:27, Info CSI 000001f6 [SR] Verify complete
2014-04-27 10:47:27, Info CSI 000001f7 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:47:27, Info CSI 000001f8 [SR] Beginning Verify and Repair transaction
2014-04-27 10:47:30, Info CSI 000001fa [SR] Verify complete
2014-04-27 10:47:30, Info CSI 000001fb [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:47:30, Info CSI 000001fc [SR] Beginning Verify and Repair transaction
2014-04-27 10:47:34, Info CSI 000001fe [SR] Verify complete
2014-04-27 10:47:34, Info CSI 000001ff [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:47:34, Info CSI 00000200 [SR] Beginning Verify and Repair transaction
2014-04-27 10:47:39, Info CSI 00000203 [SR] Verify complete
2014-04-27 10:47:39, Info CSI 00000204 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:47:39, Info CSI 00000205 [SR] Beginning Verify and Repair transaction
2014-04-27 10:47:43, Info CSI 00000207 [SR] Verify complete
2014-04-27 10:47:44, Info CSI 00000208 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:47:44, Info CSI 00000209 [SR] Beginning Verify and Repair transaction
2014-04-27 10:47:44, Info CSI 0000020b [SR] Verify complete
2014-04-27 10:47:44, Info CSI 0000020c [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:47:44, Info CSI 0000020d [SR] Beginning Verify and Repair transaction
2014-04-27 10:47:46, Info CSI 0000020f [SR] Verify complete
2014-04-27 10:47:46, Info CSI 00000210 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:47:46, Info CSI 00000211 [SR] Beginning Verify and Repair transaction
2014-04-27 10:47:57, Info CSI 00000216 [SR] Verify complete
2014-04-27 10:47:58, Info CSI 00000217 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:47:58, Info CSI 00000218 [SR] Beginning Verify and Repair transaction
2014-04-27 10:48:03, Info CSI 0000021d [SR] Verify complete
2014-04-27 10:48:03, Info CSI 0000021e [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:48:03, Info CSI 0000021f [SR] Beginning Verify and Repair transaction
2014-04-27 10:48:08, Info CSI 00000222 [SR] Verify complete
2014-04-27 10:48:08, Info CSI 00000223 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:48:08, Info CSI 00000224 [SR] Beginning Verify and Repair transaction
2014-04-27 10:48:12, Info CSI 0000022f [SR] Verify complete
2014-04-27 10:48:13, Info CSI 00000230 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:48:13, Info CSI 00000231 [SR] Beginning Verify and Repair transaction
2014-04-27 10:48:18, Info CSI 00000237 [SR] Verify complete
2014-04-27 10:48:18, Info CSI 00000238 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:48:18, Info CSI 00000239 [SR] Beginning Verify and Repair transaction
2014-04-27 10:48:21, Info CSI 0000023b [SR] Verify complete
2014-04-27 10:48:21, Info CSI 0000023c [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:48:21, Info CSI 0000023d [SR] Beginning Verify and Repair transaction
2014-04-27 10:48:24, Info CSI 00000241 [SR] Verify complete
2014-04-27 10:48:24, Info CSI 00000242 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:48:24, Info CSI 00000243 [SR] Beginning Verify and Repair transaction
2014-04-27 10:48:27, Info CSI 00000245 [SR] Verify complete
2014-04-27 10:48:27, Info CSI 00000246 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:48:27, Info CSI 00000247 [SR] Beginning Verify and Repair transaction
2014-04-27 10:48:31, Info CSI 0000026c [SR] Verify complete
2014-04-27 10:48:31, Info CSI 0000026d [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:48:31, Info CSI 0000026e [SR] Beginning Verify and Repair transaction
2014-04-27 10:48:34, Info CSI 00000270 [SR] Verify complete
2014-04-27 10:48:34, Info CSI 00000271 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:48:34, Info CSI 00000272 [SR] Beginning Verify and Repair transaction
2014-04-27 10:48:37, Info CSI 00000274 [SR] Verify complete
2014-04-27 10:48:38, Info CSI 00000275 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:48:38, Info CSI 00000276 [SR] Beginning Verify and Repair transaction
2014-04-27 10:48:41, Info CSI 00000278 [SR] Verify complete
2014-04-27 10:48:41, Info CSI 00000279 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:48:41, Info CSI 0000027a [SR] Beginning Verify and Repair transaction
2014-04-27 10:48:44, Info CSI 0000027e [SR] Verify complete
2014-04-27 10:48:44, Info CSI 0000027f [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:48:44, Info CSI 00000280 [SR] Beginning Verify and Repair transaction
2014-04-27 10:48:49, Info CSI 00000282 [SR] Verify complete
2014-04-27 10:48:49, Info CSI 00000283 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:48:49, Info CSI 00000284 [SR] Beginning Verify and Repair transaction
2014-04-27 10:48:53, Info CSI 00000292 [SR] Verify complete
2014-04-27 10:48:53, Info CSI 00000293 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:48:53, Info CSI 00000294 [SR] Beginning Verify and Repair transaction
2014-04-27 10:48:55, Info CSI 00000296 [SR] Verify complete
2014-04-27 10:48:55, Info CSI 00000297 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:48:55, Info CSI 00000298 [SR] Beginning Verify and Repair transaction
2014-04-27 10:48:57, Info CSI 0000029a [SR] Verify complete
2014-04-27 10:48:57, Info CSI 0000029b [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:48:57, Info CSI 0000029c [SR] Beginning Verify and Repair transaction
2014-04-27 10:49:01, Info CSI 0000029f [SR] Verify complete
2014-04-27 10:49:01, Info CSI 000002a0 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:49:01, Info CSI 000002a1 [SR] Beginning Verify and Repair transaction
2014-04-27 10:49:03, Info CSI 000002a3 [SR] Verify complete
2014-04-27 10:49:04, Info CSI 000002a4 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:49:04, Info CSI 000002a5 [SR] Beginning Verify and Repair transaction
2014-04-27 10:49:07, Info CSI 000002a7 [SR] Verify complete
2014-04-27 10:49:07, Info CSI 000002a8 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:49:07, Info CSI 000002a9 [SR] Beginning Verify and Repair transaction
2014-04-27 10:49:10, Info CSI 000002ab [SR] Verify complete
2014-04-27 10:49:10, Info CSI 000002ac [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:49:10, Info CSI 000002ad [SR] Beginning Verify and Repair transaction
2014-04-27 10:49:14, Info CSI 000002af [SR] Verify complete
2014-04-27 10:49:15, Info CSI 000002b0 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:49:15, Info CSI 000002b1 [SR] Beginning Verify and Repair transaction
2014-04-27 10:49:21, Info CSI 000002cb [SR] Verify complete
2014-04-27 10:49:21, Info CSI 000002cc [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:49:21, Info CSI 000002cd [SR] Beginning Verify and Repair transaction
2014-04-27 10:49:34, Info CSI 000002cf [SR] Verify complete
2014-04-27 10:49:34, Info CSI 000002d0 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:49:34, Info CSI 000002d1 [SR] Beginning Verify and Repair transaction
2014-04-27 10:49:37, Info CSI 000002d3 [SR] Verify complete
2014-04-27 10:49:37, Info CSI 000002d4 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:49:37, Info CSI 000002d5 [SR] Beginning Verify and Repair transaction
2014-04-27 10:49:39, Info CSI 000002d7 [SR] Verify complete
2014-04-27 10:49:40, Info CSI 000002d8 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:49:40, Info CSI 000002d9 [SR] Beginning Verify and Repair transaction
2014-04-27 10:49:42, Info CSI 000002dd [SR] Verify complete
2014-04-27 10:49:42, Info CSI 000002de [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:49:42, Info CSI 000002df [SR] Beginning Verify and Repair transaction
2014-04-27 10:49:45, Info CSI 000002e1 [SR] Verify complete
2014-04-27 10:49:45, Info CSI 000002e2 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:49:45, Info CSI 000002e3 [SR] Beginning Verify and Repair transaction
2014-04-27 10:49:48, Info CSI 000002e5 [SR] Verify complete
2014-04-27 10:49:49, Info CSI 000002e6 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:49:49, Info CSI 000002e7 [SR] Beginning Verify and Repair transaction
2014-04-27 10:49:52, Info CSI 000002e9 [SR] Verify complete
2014-04-27 10:49:52, Info CSI 000002ea [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:49:52, Info CSI 000002eb [SR] Beginning Verify and Repair transaction
2014-04-27 10:49:55, Info CSI 000002ee [SR] Verify complete
2014-04-27 10:49:55, Info CSI 000002ef [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:49:55, Info CSI 000002f0 [SR] Beginning Verify and Repair transaction
2014-04-27 10:49:57, Info CSI 000002f2 [SR] Verify complete
2014-04-27 10:49:57, Info CSI 000002f3 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:49:57, Info CSI 000002f4 [SR] Beginning Verify and Repair transaction
2014-04-27 10:50:01, Info CSI 000002f6 [SR] Verify complete
2014-04-27 10:50:01, Info CSI 000002f7 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:50:01, Info CSI 000002f8 [SR] Beginning Verify and Repair transaction
2014-04-27 10:50:06, Info CSI 000002fa [SR] Verify complete
2014-04-27 10:50:06, Info CSI 000002fb [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:50:06, Info CSI 000002fc [SR] Beginning Verify and Repair transaction
2014-04-27 10:50:10, Info CSI 000002ff [SR] Verify complete
2014-04-27 10:50:10, Info CSI 00000300 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:50:10, Info CSI 00000301 [SR] Beginning Verify and Repair transaction
2014-04-27 10:50:14, Info CSI 00000303 [SR] Verify complete
2014-04-27 10:50:14, Info CSI 00000304 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:50:14, Info CSI 00000305 [SR] Beginning Verify and Repair transaction
2014-04-27 10:50:17, Info CSI 00000307 [SR] Verify complete
2014-04-27 10:50:17, Info CSI 00000308 [SR] Verifying 100 (0x0000000000000064) components
2014-04-27 10:50:17, Info CSI 00000309 [SR] Beginning Verify and Repair transaction
2014-04-27 10:50:21, Info CSI 0000030b [SR] Verify complete
2014-04-27 10:50:21, Info CSI 0000030c [SR] Verifying 73 (0x0000000000000049) components
2014-04-27 10:50:21, Info CSI 0000030d [SR] Beginning Verify and Repair transaction
2014-04-27 10:50:23, Info CSI 0000030f [SR] Verify complete
2014-04-27 10:50:23, Info CSI 00000310 [SR] Repairing 1 components
2014-04-27 10:50:23, Info CSI 00000311 [SR] Beginning Verify and Repair transaction
2014-04-27 10:50:23, Info CSI 00000313 [SR] Cannot repair member file [l:22{11}]"PINTLGB.IMD" of Microsoft-Windows-IME-Simplified-Chinese-Core, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2014-04-27 10:50:23, Info CSI 00000315 [SR] Cannot repair member file [l:22{11}]"PINTLGB.IMD" of Microsoft-Windows-IME-Simplified-Chinese-Core, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2014-04-27 10:50:23, Info CSI 00000316 [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2014-04-27 10:50:23, Info CSI 00000319 [SR] Could not reproject corrupted file [ml:520{260},l:62{31}]"\??\C:\Windows\IME\IMESC5\DICTS"\[l:22{11}]"PINTLGB.IMD"; source file in store is also corrupted
2014-04-27 10:50:23, Info CSI 0000031b [SR] Repair complete
2014-04-27 10:50:23, Info CSI 0000031c [SR] Committing transaction
2014-04-27 10:50:23, Info CSI 00000320 [SR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction have been successfully repaired
Ich nutze Symantec. Der meldete vor einigen Tagen erneut Hinweise auf Trojan.Gen.2. Ach ja, beim Gmer-Scan konnte ich im Vorfeld Symantec nicht ausschalten. Scan lief mit aktivem Virenscanner. Ich hoffe das sind alle Infos die ich habe. Im voraus schon mal herzlichen Dank für eure Hilfe!!! |
|
05.08.2014, 08:14
| #3 |
| /// the machine /// TB-Ausbilder    | Windows(7)-Explorer - Fehler beim Hochfahren hi,
__________________Scan mit Combofix
__________________ |
|
07.08.2014, 16:09
| #4 |
| | Windows(7)-Explorer - Fehler beim Hochfahren Hallo Schrauber, herzlichen Dank für deinen Hinweis. Ich öffnete dieses Thema Anfang Juni, da auch nach einer Woche keine Antwort kam eröffnete ich ein neues "Thema". Hier hast du mir geantwortet und auch geholfen!!! Nochmals vielen Dank dafür!!! Derzeitiger Stand, ich muß den Rechner platt machen und neu installieren. Wird das erste nach meinem Urlaub sein was ich anpacke!!! Danke & Grüße Stoffl |
|
08.08.2014, 13:21
| #5 |
| /// the machine /// TB-Ausbilder | Windows(7)-Explorer - Fehler beim Hochfahren ok 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Windows(7)-Explorer - Fehler beim Hochfahren |
| antivirus, association, bonjour, browser, error, excel, fehler, firefox, flash player, focus, home, homepage, installation, malware, mozilla, registry, rundll, security, services.exe, software, starten, svchost.exe, symantec, system, usb, windows, wlan, wscript.exe |
WARNUNG an die MITLESER: 
Linear-Darstellung
