Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Blauer Bildschirm, Bluescreen !

Blauer Bildschirm, Bluescreen !


Log-Analyse und Auswertung: Blauer Bildschirm, Bluescreen !

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 27.12.2014, 11:45   #1
MF99
 
Blauer Bildschirm, Bluescreen ! - Standard

Blauer Bildschirm, Bluescreen !


Guten Tag,
ich brauche Hilfe den ich habe ein Problem mit meinem Computer. Es ist schon zum 2 mal passiert das ein Blauer Bildschirm aufgetaucht ist. Beim ersten mal als es passiert ist kam ein Blauer Bildschirm mit weißem Schriftzug und auf Englisch. Es passierte nichts dann habe ich denn Computer ausgeschaltet und wieder angeschaltet (Windows normal starten) dann blieb er hängen (schwarzer Hintergrund nur mit dem Mauszeiger). Habe ihn wieder ausgemacht und wieder angemacht im Abgesichertem Modus. Dann ging er normal an, bin dann auf Systemwiederherstellung gegangen habe das Ausgeführt, dann ging er wieder normal.
Und beim 2 mal erschien wieder ein Blauer Bildschirm mit weißem Schriftzug. Doch das ging nach ca. 5 sec weg und der Computer startet neu, hat sich dabei aber aufgehangen aber dies mal gleich am Anfang. Habe dann das gleiche gemacht wie beim ersten mal, das hat wieder geklappt. Und bis jetzt ist es nichts mehr passiert.

Wäre nett wenn mir jemand helfen würde.

Alt 27.12.2014, 11:49   #2
schrauber
/// the machine
/// TB-Ausbilder
 
Blauer Bildschirm, Bluescreen ! - Standard

Blauer Bildschirm, Bluescreen !


hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________
Alt 27.12.2014, 18:16   #3
MF99
 
Blauer Bildschirm, Bluescreen ! - Standard

Blauer Bildschirm, Bluescreen !


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-12-2014
Ran by Leonard (administrator) on LEONARD-PC on 27-12-2014 14:55:13
Running from C:\Users\Leonard\Downloads
Loaded Profiles: Leonard & UpdatusUser (Available profiles: Leonard & UpdatusUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATICAE.EXE
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Google Inc.) C:\Users\Leonard\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Leonard\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Leonard\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Leonard\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\winsxs\amd64_windowssearchengine_31bf3856ad364e35_7.0.7601.17610_none_d17c28e532189242\SearchProtocolHost.exe
(Microsoft Corporation) C:\Windows\winsxs\amd64_windowssearchengine_31bf3856ad364e35_7.0.7601.17610_none_d17c28e532189242\SearchFilterHost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-10-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [Google Updater] => C:\Program Files (x86)\Google\Google Updater\GoogleUpdater.exe [160752 2010-01-03] (Google)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [MobileConnect] => C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2072576 2008-07-04] (Vodafone)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3653136 2014-11-09] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [843480 2014-10-08] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKU\S-1-5-21-3191044685-3579606741-2919163407-1000\...\Run: [Google Update] => C:\Users\Leonard\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-11-07] (Google Inc.)
HKU\S-1-5-21-3191044685-3579606741-2919163407-1000\...\Run: [EPSON Stylus DX4400 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICAE.EXE [211456 2007-03-01] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3191044685-3579606741-2919163407-1000\...\MountPoints2: {46d3396f-3c09-11e2-8866-0016e611faac} - M:\AutoRun.exe
HKU\S-1-5-21-3191044685-3579606741-2919163407-1000\...\MountPoints2: {46d33981-3c09-11e2-8866-0016e611faac} - G:\AutoRun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-11-09] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3191044685-3579606741-2919163407-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-3191044685-3579606741-2919163407-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3191044685-3579606741-2919163407-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKU\S-1-5-21-3191044685-3579606741-2919163407-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Leonard\AppData\Roaming\Mozilla\Firefox\Profiles\btu71e19.default
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @pack.google.com/Google Updater;version=14 -> C:\Program Files (x86)\Google\Google Updater\2.4.1808.5272\npCIDetect14.dll (Google)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-3191044685-3579606741-2919163407-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Leonard\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3191044685-3579606741-2919163407-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Leonard\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Extension: DownloadHelper - C:\Users\Leonard\AppData\Roaming\Mozilla\Firefox\Profiles\btu71e19.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-12-23]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2014-12-17]
FF HKU\S-1-5-21-3191044685-3579606741-2919163407-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-12-17]

Chrome: 
=======
CHR Profile: C:\Users\Leonard\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Battlefield Heroes) - C:\Users\Leonard\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh [2014-11-24]
CHR StartMenuInternet: Google Chrome - C:\Users\Leonard\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3488784 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2014-10-08] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2014-10-08] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [782040 2014-10-08] (BlueStack Systems, Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-11-26] ()
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP3e\RpcAgentSrv.exe [73200 2014-10-06] (SiSoftware) [File not signed]
R2 VMCService; C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [14336 2008-07-04] (Vodafone) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [263960 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-10-10] (AVG Technologies CZ, s.r.o.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-10-08] (BlueStack Systems)
R3 E100B; C:\Windows\System32\DRIVERS\efe5b32e.sys [192256 2009-06-10] (Intel Corporation)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP3e\WNt600x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-27 14:55 - 2014-12-27 14:56 - 00014413 _____ () C:\Users\Leonard\Downloads\FRST.txt
2014-12-27 14:55 - 2014-12-27 14:55 - 00000000 ____D () C:\FRST
2014-12-27 14:54 - 2014-12-27 14:54 - 02122752 _____ (Farbar) C:\Users\Leonard\Downloads\FRST64.exe
2014-12-27 11:45 - 2014-12-27 11:45 - 00000107 _____ () C:\Users\Leonard\Desktop\Blauer Bildschirm, Bluescreen ! - Trojaner-Board.url
2014-12-25 17:29 - 2014-12-25 17:29 - 02173952 _____ () C:\Users\Leonard\Downloads\adwcleaner_4.106.exe
2014-12-24 19:11 - 2014-12-24 19:11 - 00000000 ____D () C:\ProgramData\Sun
2014-12-24 19:10 - 2014-12-24 19:10 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-24 19:10 - 2014-12-24 19:10 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-24 16:41 - 2014-12-25 10:46 - 00000000 ____D () C:\Users\Leonard\Documents\Apowersoft Free Screen Recorder
2014-12-24 16:38 - 2014-12-24 16:38 - 00001392 _____ () C:\Users\Public\Desktop\Apowersoft kostenloser Bildschirmrekorder.lnk
2014-12-24 16:38 - 2014-12-24 16:38 - 00000000 ____D () C:\Users\Leonard\AppData\Roaming\Apowersoft
2014-12-24 16:38 - 2014-12-24 16:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft
2014-12-24 16:38 - 2014-12-24 16:38 - 00000000 ____D () C:\Program Files (x86)\Apowersoft
2014-12-24 16:38 - 2014-04-09 20:50 - 00443568 ____H (Bytescout) C:\Windows\SysWOW64\ApowersoftScreenCapturing.dll
2014-12-24 16:38 - 2014-04-09 20:50 - 00271536 ____H (Bytescout) C:\Windows\SysWOW64\ApowersoftScreenCapturingFilter.dll
2014-12-24 16:38 - 2014-04-09 20:50 - 00181424 ____H (Bytescout) C:\Windows\SysWOW64\ApowersoftVideoMixerFilter.dll
2014-12-24 16:36 - 2014-12-24 16:36 - 06129000 _____ (APOWERSOFT LIMITED ) C:\Users\Leonard\Downloads\free-screen-recorder-chipde-1.4.0.exe
2014-12-24 16:30 - 2014-12-24 16:45 - 143259382 _____ () C:\Users\Leonard\Downloads\Minecraft 1.8.rar
2014-12-24 16:22 - 2014-12-25 10:47 - 00000000 ____D () C:\Users\Leonard\AppData\Roaming\.minecraft
2014-12-24 16:22 - 2014-12-24 16:22 - 00000000 ____D () C:\Users\Leonard\AppData\Roaming\java
2014-12-24 16:19 - 2014-12-24 16:19 - 01291528 _____ (Mojang) C:\Users\Leonard\Downloads\Minecraft.exe
2014-12-24 16:16 - 2014-12-24 16:17 - 08297745 _____ () C:\Users\Leonard\Downloads\minecraft_server.1.8.1.exe
2014-12-24 00:04 - 2014-12-24 00:04 - 00001458 _____ () C:\Users\Public\Desktop\Free Dailymotion Download.lnk
2014-12-23 23:59 - 2014-12-24 00:00 - 03529376 _____ (DVDVideoSoft Ltd. ) C:\Users\Leonard\Downloads\FreeDailymotion1215Download.exe
2014-12-23 22:05 - 2014-12-23 22:05 - 00029286 _____ () C:\Users\Leonard\Downloads\G2015.htm
2014-12-23 22:03 - 2014-12-23 23:50 - 00000000 ____D () C:\Users\Leonard\dwhelper
2014-12-23 21:59 - 2014-12-23 22:00 - 00000000 ____D () C:\Users\Leonard\AppData\Roaming\Mozilla
2014-12-23 21:59 - 2014-12-23 22:00 - 00000000 ____D () C:\Users\Leonard\AppData\Local\Mozilla
2014-12-23 21:59 - 2014-12-23 21:59 - 00001123 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-23 21:59 - 2014-12-23 21:59 - 00001111 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-23 21:52 - 2014-12-23 21:58 - 39441776 _____ () C:\Users\Leonard\Downloads\Firefox_Setup_de34.0.5.exe
2014-12-23 01:07 - 2014-12-23 01:19 - 00000000 ____D () C:\Users\Leonard\Desktop\PAPA
2014-12-22 11:08 - 2014-12-22 11:08 - 00286968 _____ () C:\Windows\Minidump\122214-81765-01.dmp
2014-12-21 17:12 - 2014-12-21 17:12 - 00279046 _____ () C:\Users\Leonard\Downloads\untitled.bmp
2014-12-19 20:45 - 2014-12-19 20:45 - 00000077 _____ () C:\Users\Leonard\Desktop\https---de.opitec.com-opitec-web-pages-xmas2014.jsf.url
2014-12-19 19:12 - 2014-12-19 19:22 - 00000000 ____D () C:\Users\Leonard\AppData\Roaming\Apple Computer
2014-12-19 19:12 - 2014-12-19 19:12 - 00001743 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-12-19 19:12 - 2014-12-19 19:12 - 00000000 ____D () C:\Users\Leonard\AppData\Local\Apple Computer
2014-12-19 19:12 - 2014-12-19 19:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-12-19 19:12 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-12-19 19:11 - 2014-12-19 19:12 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-12-19 19:11 - 2014-12-19 19:12 - 00000000 ____D () C:\Program Files\iTunes
2014-12-19 19:11 - 2014-12-19 19:12 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-12-19 19:11 - 2014-12-19 19:11 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-12-19 19:11 - 2014-12-19 19:11 - 00000000 ____D () C:\Program Files\iPod
2014-12-19 19:09 - 2014-12-19 19:09 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-12-19 19:09 - 2014-12-19 19:09 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-12-19 19:09 - 2014-12-19 19:09 - 00000000 ____D () C:\Users\Leonard\AppData\Local\Apple
2014-12-19 19:09 - 2014-12-19 19:09 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-12-19 19:08 - 2014-12-19 19:11 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-12-19 19:08 - 2014-12-19 19:08 - 00000000 ____D () C:\Program Files\Bonjour
2014-12-19 19:08 - 2014-12-19 19:08 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-12-19 19:07 - 2014-12-19 19:08 - 00000000 ____D () C:\ProgramData\Apple
2014-12-19 18:34 - 2014-12-19 18:40 - 122418480 _____ (Apple Inc.) C:\Users\Leonard\Downloads\iTunes64Setup.exe
2014-12-17 16:06 - 2014-12-24 00:04 - 00001205 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-12-17 16:06 - 2014-12-24 00:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-12-17 16:06 - 2014-12-18 14:48 - 00001400 _____ () C:\Users\Public\Desktop\Free YouTube Download.lnk
2014-12-17 16:05 - 2014-12-23 21:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-17 16:05 - 2014-12-18 14:48 - 00000000 ____D () C:\Program Files (x86)\Free Codec Pack
2014-12-17 16:04 - 2014-12-24 00:04 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-12-17 16:01 - 2014-12-24 00:04 - 00000000 ____D () C:\Users\Leonard\AppData\Roaming\DVDVideoSoft
2014-12-17 16:00 - 2014-12-17 16:01 - 03531024 _____ (DVDVideoSoft Ltd. ) C:\Users\Leonard\Downloads\FreeYouTube1122Download.exe
2014-12-16 18:41 - 2014-12-16 18:42 - 01855046 _____ () C:\Users\Leonard\Downloads\Crack.zip
2014-12-16 18:38 - 2014-12-16 18:38 - 00000000 ____D () C:\Users\Leonard\AppData\Roaming\PDAppFlex
2014-12-15 10:02 - 2014-12-22 11:07 - 527042576 _____ () C:\Windows\MEMORY.DMP
2014-12-15 10:02 - 2014-12-15 10:03 - 00994984 _____ () C:\Windows\Minidump\121514-88625-01.dmp
2014-12-11 07:29 - 2014-12-11 07:29 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-10 22:22 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 22:22 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-10 22:22 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-10 22:22 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-10 22:22 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-10 22:22 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-10 22:22 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-10 22:22 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-10 22:22 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-10 22:21 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 22:12 - 2014-12-10 22:12 - 00000971 _____ () C:\Users\UpdatusUser\Desktop\SpeedFan.lnk
2014-12-10 22:12 - 2014-12-10 22:12 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo
2014-12-10 22:12 - 2014-12-10 22:12 - 00000000 ____D () C:\Users\Leonard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-12-10 22:12 - 2014-12-10 22:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-12-10 22:12 - 2014-12-10 22:12 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-12-10 22:11 - 2014-12-10 22:11 - 02174848 _____ () C:\Users\Leonard\Downloads\SpeedFan4.50.exe
2014-12-10 16:41 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-10 16:41 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-10 16:41 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-10 16:41 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-10 16:41 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-10 16:41 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-10 16:41 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-10 16:41 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-10 16:40 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 16:40 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 16:40 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 16:40 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 16:40 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 16:40 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 16:40 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 16:40 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 16:40 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 16:40 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 16:40 - 2014-11-22 03:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-10 16:40 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 16:40 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 16:40 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 16:40 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 16:40 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 16:40 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 16:40 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 16:40 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 16:40 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 16:40 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 16:40 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 16:40 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 16:40 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 16:40 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 16:40 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 16:40 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 16:40 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 16:40 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 16:40 - 2014-11-22 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-10 16:40 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 16:40 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 16:40 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 16:40 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 16:40 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 16:40 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 16:40 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 16:40 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 16:40 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 16:40 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 16:40 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 16:40 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 16:40 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 16:40 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 16:40 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 16:40 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 16:40 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 16:40 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 16:40 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 16:40 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 16:40 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 16:40 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 16:40 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 16:40 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 16:39 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 16:39 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 16:39 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 16:39 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 16:39 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 16:35 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 16:35 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-10 16:35 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 16:35 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-10 16:35 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 16:35 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 16:35 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 16:35 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 16:35 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 16:35 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-10 16:35 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-10 16:35 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-10 16:35 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-10 16:35 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-09 17:30 - 2014-12-09 17:30 - 00000000 ____D () C:\Users\Leonard\AppData\Roaming\EPSON
2014-12-06 22:27 - 2014-12-10 16:25 - 00000290 _____ () C:\siw_debug.txt
2014-12-06 22:07 - 2014-12-06 22:07 - 00001031 _____ () C:\Users\Leonard\Desktop\SIW Home Edition.lnk
2014-12-06 22:07 - 2014-12-06 22:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SIW
2014-12-06 22:07 - 2014-12-06 22:07 - 00000000 ____D () C:\Program Files (x86)\SIW 2013 Home Edition
2014-12-06 22:05 - 2014-12-06 22:05 - 04524952 _____ (Topala Software Solutions ) C:\Users\Leonard\Downloads\siw13-setup.exe
2014-12-05 21:54 - 2014-12-05 21:54 - 00000055 _____ () C:\AdwCleanerDebug.txt
2014-12-05 21:53 - 2014-12-05 21:54 - 02153472 _____ () C:\Users\Leonard\Downloads\adwcleaner_4.104.exe
2014-12-04 17:33 - 2014-12-22 11:08 - 00000000 ____D () C:\Windows\Minidump
2014-12-03 21:53 - 2014-12-03 21:53 - 00000064 _____ () C:\Users\Leonard\AppData\Roaming\Sandra.ldb
2014-12-03 21:51 - 2014-12-03 21:51 - 00007605 _____ () C:\Users\Leonard\AppData\Local\Resmon.ResmonCfg
2014-12-03 20:37 - 2014-12-03 20:37 - 00000069 _____ () C:\Users\Leonard\Documents\DesignLibrary_Photoshop.log
2014-12-03 20:32 - 2014-12-03 20:33 - 01808737 _____ () C:\Users\Leonard\Downloads\Photoshop CC-UltimatenAnonymous.zip
2014-12-03 20:22 - 2014-12-03 20:22 - 00000000 ____D () C:\Users\Leonard\Downloads\wsedrft4567
2014-11-29 11:59 - 2014-12-14 19:25 - 00000000 ____D () C:\Users\Leonard\Documents\Mergim
2014-11-29 11:59 - 2014-11-29 12:00 - 00000000 ____D () C:\Users\Leonard\Documents\Marigona

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-27 14:52 - 2005-02-22 22:53 - 01685497 _____ () C:\Windows\WindowsUpdate.log
2014-12-27 14:51 - 2012-12-02 00:27 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3191044685-3579606741-2919163407-1000UA.job
2014-12-27 14:51 - 2010-01-03 09:58 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-27 14:51 - 2010-01-03 03:38 - 00004140 _____ () C:\Windows\System32\Tasks\Google Software Updater
2014-12-27 14:51 - 2010-01-03 03:38 - 00001034 _____ () C:\Windows\Tasks\Google Software Updater.job
2014-12-27 10:54 - 2009-07-14 05:45 - 00025648 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-27 10:54 - 2009-07-14 05:45 - 00025648 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-27 10:51 - 2014-11-08 00:27 - 00000000 ____D () C:\ProgramData\MFAData
2014-12-27 10:48 - 2010-01-03 09:46 - 00000000 ____D () C:\Users\Leonard\AppData\Local\Adobe
2014-12-27 10:42 - 2010-01-03 09:58 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-27 10:41 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-27 10:41 - 2009-07-14 05:51 - 00040882 _____ () C:\Windows\setupact.log
2014-12-26 21:56 - 2014-11-24 19:45 - 00000000 ____D () C:\Users\Leonard\AppData\Roaming\TeamViewer
2014-12-26 17:07 - 2009-07-14 18:58 - 00702602 _____ () C:\Windows\system32\perfh007.dat
2014-12-26 17:07 - 2009-07-14 18:58 - 00150242 _____ () C:\Windows\system32\perfc007.dat
2014-12-26 17:07 - 2009-07-14 06:13 - 01627948 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-26 15:18 - 2012-12-02 00:27 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3191044685-3579606741-2919163407-1000Core.job
2014-12-25 17:46 - 2012-12-01 23:49 - 00228532 _____ () C:\Windows\PFRO.log
2014-12-25 17:44 - 2014-11-06 19:47 - 00000000 ____D () C:\AdwCleaner
2014-12-25 17:17 - 2012-12-30 18:54 - 00000000 ____D () C:\Users\Leonard
2014-12-25 17:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-12-24 16:21 - 2014-11-08 15:04 - 00000000 ____D () C:\Users\Leonard\Downloads\Gameforge Live
2014-12-23 12:56 - 2014-11-25 18:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2014-12-16 18:14 - 2014-11-07 23:23 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-12-16 17:52 - 2014-11-07 23:28 - 00000000 ____D () C:\Program Files\Adobe
2014-12-16 17:52 - 2010-01-03 04:39 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-12-15 18:40 - 2014-11-24 19:24 - 00000000 ____D () C:\Users\Leonard\Documents\Merigm Klasse 10
2014-12-14 16:48 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-12-13 17:20 - 2014-11-25 17:59 - 00000000 ____D () C:\Users\Leonard\Documents\Salih
2014-12-13 12:11 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-11 07:29 - 2014-11-07 20:26 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-11 07:29 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-11 07:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-10 22:28 - 2014-11-07 18:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 22:24 - 2010-01-04 00:52 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-10 17:20 - 2014-11-07 18:15 - 00002372 _____ () C:\Users\Leonard\Desktop\Google Chrome.lnk
2014-12-09 19:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-05 21:09 - 2010-01-03 09:46 - 00000000 ____D () C:\Users\Leonard\AppData\Roaming\Adobe
2014-12-03 22:12 - 2014-11-07 23:19 - 14286848 _____ () C:\Users\Leonard\AppData\Roaming\Sandra.mdb
2014-11-29 18:35 - 2014-11-26 15:45 - 00282296 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-11-29 18:35 - 2014-11-26 14:48 - 00282296 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-11-29 18:28 - 2014-11-26 14:48 - 00282296 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-11-29 12:16 - 2014-11-26 15:36 - 00000000 ____D () C:\Users\Leonard\Documents\Battlefield Heroes

Some content of TEMP:
====================
C:\Users\Leonard\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\Leonard\AppData\Local\Temp\FreeYouTubeDownload.exe
C:\Users\Leonard\AppData\Local\Temp\ose00000.exe
C:\Users\Leonard\AppData\Local\Temp\PromptInfo.exe
C:\Users\Leonard\AppData\Local\Temp\Quarantine.exe
C:\Users\Leonard\AppData\Local\Temp\ResetDevice.exe
C:\Users\Leonard\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Leonard\AppData\Local\Temp\sfextra.dll
C:\Users\Leonard\AppData\Local\Temp\sqlite3.dll
C:\Users\Leonard\AppData\Local\Temp\tmd_34013492.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-25 12:17

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-12-2014
Ran by Leonard at 2014-12-27 14:57:26
Running from C:\Users\Leonard\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.8.1.451 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.2.2 - Adobe Systems Incorporated)
Adobe Reader 9.1 - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Apowersoft kostenloser Bildschirmrekorder V1.4.0 (HKLM-x32\...\{4EFA42DB-E4EC-4537-9DF3-5158D08A9785}_is1) (Version: 1.4.0 - APOWERSOFT LIMITED)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5577 - AVG Technologies)
AVG 2015 (Version: 15.0.4257 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5577 - AVG Technologies) Hidden
Battlefield Heroes (HKLM-x32\...\{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}) (Version:  - EA Digital illusions)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.4.4079 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{8DCCC556-265B-478A-8B32-C12DA988BA74}) (Version: 0.9.4.4079 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
EPSON-Drucker-Software (HKLM\...\EPSON Printer and Utilities) (Version:  - SEIKO EPSON Corporation)
Free Dailymotion Download version 1.0.36.1215 (HKLM-x32\...\Free Dailymotion Download_is1) (Version: 1.0.36.1215 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.51.1215 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.51.1215 - DVDVideoSoft Ltd.)
Gameforge Live 2.0.5 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge)
Google Chrome (HKU\S-1-5-21-3191044685-3579606741-2919163407-1000\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Earth (HKLM-x32\...\{C084BC61-E537-11DE-8616-005056806466}) (Version: 5.1.7894.7252 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Updater (HKLM-x32\...\Google Updater) (Version: 2.4.1808.5272 - Google Inc.)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Metin2 (HKLM-x32\...\Metin2_is1) (Version:  - Gameforge 4D GmbH)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
NVIDIA Grafiktreiber 307.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.83 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
SiSoftware Sandra Lite 2014.SP3e (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2496}_is1) (Version: 20.50.2014.10 - SiSoftware)
SIW 2013 Home Edition (HKLM-x32\...\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1) (Version: 2013.05.14 - Topala Software Solutions)
Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.107 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Vodafone Mobile Connect Lite (HKLM-x32\...\{C656142F-EFE1-44CD-BFAD-6CBC6DCB9860}) (Version: 9.3.3.10523 - Vodafone)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3191044685-3579606741-2919163407-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Leonard\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3191044685-3579606741-2919163407-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Leonard\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3191044685-3579606741-2919163407-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Leonard\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)

==================== Restore Points  =========================

07-12-2014 14:04:55 Geplanter Prüfpunkt
10-12-2014 22:20:40 Windows Update
12-12-2014 23:25:46 Windows Update
18-12-2014 22:35:27 Windows Update
19-12-2014 16:27:57 Windows Update
19-12-2014 19:09:11 Installed iTunes
24-12-2014 16:39:25 Gerätetreiber-Paketinstallation: Apowersoft Audio-, Video- und Gamecontroller

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0BC1B365-CEB6-4A33-81A3-AB30DA06ECB0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3191044685-3579606741-2919163407-1000Core => C:\Users\Leonard\AppData\Local\Google\Update\GoogleUpdate.exe [2014-11-07] (Google Inc.)
Task: {202F29A5-1270-412E-8314-D41D046CB676} - System32\Tasks\{A621B655-E9A2-44C0-8BC5-EF54D39203D2} => pcalua.exe -a "D:\Programme\OFFICE 2007 englisch\setup.exe" -d "D:\Programme\OFFICE 2007 englisch"
Task: {3469E6E5-9C8E-4802-9725-C105E07DEC48} - System32\Tasks\{2C18DBB9-C595-464D-B8C9-D47A34B306FC} => C:\Program Files (x86)\Haufe\UPlaner\BusinessPlanner.exe
Task: {5B033D15-7B80-4C56-A5D2-DFB4338BE54F} - System32\Tasks\Google Software Updater => C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-01-03] (Google)
Task: {8E5B5ED0-383D-4C0A-A4DB-AFE9B3A7DF8B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A0ADDB08-6788-489A-B340-E141EA1058DB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-07] (Google Inc.)
Task: {F2A0EBAC-90B2-4ABF-B722-451DAA30700F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3191044685-3579606741-2919163407-1000UA => C:\Users\Leonard\AppData\Local\Google\Update\GoogleUpdate.exe [2014-11-07] (Google Inc.)
Task: {F5337DEC-B879-42BD-B70D-C580DCC1F4FD} - System32\Tasks\{6D05FF25-63FD-47BD-9921-C93D575BEE9F} => pcalua.exe -a E:\setup.exe -d E:\
Task: {FB0E59FD-5170-4D3E-B821-9C0103571F69} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-07] (Google Inc.)
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3191044685-3579606741-2919163407-1000Core.job => C:\Users\Leonard\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3191044685-3579606741-2919163407-1000UA.job => C:\Users\Leonard\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-11-07 18:12 - 2013-01-31 10:25 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-09-26 14:41 - 2014-09-26 14:41 - 01021088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2014-11-26 14:48 - 2014-11-26 15:50 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-09-26 14:40 - 2014-09-26 14:40 - 06237856 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2009-07-13 22:03 - 2009-07-14 02:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2014-09-28 21:01 - 2014-09-28 21:01 - 36730032 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll
2014-09-28 21:01 - 2014-09-28 21:01 - 00746160 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libglesv2.dll
2014-09-28 21:01 - 2014-09-28 21:01 - 00136368 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libegl.dll
2014-12-10 17:20 - 2014-12-06 02:50 - 01077064 _____ () C:\Users\Leonard\AppData\Local\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-10 17:20 - 2014-12-06 02:50 - 00211272 _____ () C:\Users\Leonard\AppData\Local\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-10 17:20 - 2014-12-06 02:50 - 09009480 _____ () C:\Users\Leonard\AppData\Local\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-10 17:20 - 2014-12-06 02:50 - 01677128 _____ () C:\Users\Leonard\AppData\Local\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-12-10 17:20 - 2014-12-06 02:50 - 14913352 _____ () C:\Users\Leonard\AppData\Local\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-3191044685-3579606741-2919163407-500 - Administrator - Disabled)
Gast (S-1-5-21-3191044685-3579606741-2919163407-501 - Limited - Disabled)
Leonard (S-1-5-21-3191044685-3579606741-2919163407-1000 - Administrator - Enabled) => C:\Users\Leonard
UpdatusUser (S-1-5-21-3191044685-3579606741-2919163407-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: I:\
Description: STORAGE DEVICE  
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic 
Service: WUDFRd
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Netzwerkcontroller
Description: Netzwerkcontroller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: G:\
Description: STORAGE DEVICE  
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic 
Service: WUDFRd
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 


==================== Event log errors: =========================

Application errors:
==================
Error: (12/27/2014 02:50:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10470547

Error: (12/27/2014 02:50:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10470547

Error: (12/27/2014 02:50:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/27/2014 02:50:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10468593

Error: (12/27/2014 02:50:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10468593

Error: (12/27/2014 02:50:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/27/2014 02:50:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10466640

Error: (12/27/2014 02:50:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10466640

Error: (12/27/2014 02:50:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/27/2014 11:56:41 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 20328


System errors:
=============
Error: (12/27/2014 10:49:28 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst avgwd erreicht.

Error: (12/27/2014 10:48:57 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst avgwd erreicht.

Error: (12/27/2014 10:48:27 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst avgwd erreicht.

Error: (12/27/2014 10:47:57 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst avgwd erreicht.

Error: (12/27/2014 10:45:35 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst avgwd erreicht.

Error: (12/27/2014 10:44:54 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde nicht richtig gestartet.

Error: (12/27/2014 10:42:29 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.

Error: (12/26/2014 01:50:31 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst avgwd erreicht.

Error: (12/26/2014 01:50:01 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst avgwd erreicht.

Error: (12/26/2014 01:49:31 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst avgwd erreicht.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-11-08 00:36:01.382
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\AVG\AVG2015\avghooka.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) D CPU 3.20GHz
Percentage of memory in use: 55%
Total physical RAM: 3327.55 MB
Available physical RAM: 1487.91 MB
Total Pagefile: 6653.29 MB
Available Pagefile: 3891.55 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.88 GB) (Free:104.9 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Extra Festpaltte) (Fixed) (Total:232.88 GB) (Free:230.61 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 1CCD06EC)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 232.9 GB) (Disk ID: 3A0DC176)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Habe ich das richtig so gemacht? Bin mir nicht sicher da ich hier Neu bin.
__________________
Alt 28.12.2014, 13:40   #4
schrauber
/// the machine
/// TB-Ausbilder
 
Blauer Bildschirm, Bluescreen ! - Standard

Blauer Bildschirm, Bluescreen !


Lade Dir bitte Bluescreenview und installiere es:
BlueScreenView - Download - Filepony

Öffnen und den aktuellsten Dump analysieren lassen (macht das Tool automatisch).
Output hier posten.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 28.12.2014, 18:05   #5
MF99
 
Blauer Bildschirm, Bluescreen ! - Standard

Blauer Bildschirm, Bluescreen !


Das ist der Erste
Code:
ATTFilter
==================================================
Dump File         : 122214-81765-01.dmp
Crash Time        : 22.12.2014 11:05:41
Bug Check String  : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code    : 0x0000000a
Parameter 1       : 00000000`00000000
Parameter 2       : 00000000`00000002
Parameter 3       : 00000000`00000001
Parameter 4       : fffff800`02c8697c
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+75bc0
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.1.7601.18409 (win7sp1_gdr.140303-2144)
Processor         : x64
Crash Address     : ntoskrnl.exe+75bc0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\122214-81765-01.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 286.968
Dump File Time    : 22.12.2014 11:08:33
==================================================
Hier ist der 2
Code:
ATTFilter
==================================================
Dump File         : 122214-81765-01.dmp
Crash Time        : 22.12.2014 11:05:41
Bug Check String  : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code    : 0x0000000a
Parameter 1       : 00000000`00000000
Parameter 2       : 00000000`00000002
Parameter 3       : 00000000`00000001
Parameter 4       : fffff800`02c8697c
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+75bc0
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.1.7601.18409 (win7sp1_gdr.140303-2144)
Processor         : x64
Crash Address     : ntoskrnl.exe+75bc0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\122214-81765-01.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 286.968
Dump File Time    : 22.12.2014 11:08:33
==================================================


Alt 29.12.2014, 08:27   #6
schrauber
/// the machine
/// TB-Ausbilder
 
Blauer Bildschirm, Bluescreen ! - Standard

Blauer Bildschirm, Bluescreen !


Doll, der nichtssagendste Bluescreen den man haben kann. In welchem Abstand kamen die Bluescreens? UNd wie lange schon nicht mehr?
Irgendwas neu installiert an Software oder Treibern?
__________________
--> Blauer Bildschirm, Bluescreen !

Alt 29.12.2014, 12:50   #7
MF99
 
Blauer Bildschirm, Bluescreen ! - Standard

Blauer Bildschirm, Bluescreen !


Der Erste kam am 15.12.2014 um 10:00:32
Der zweite kam am 22.12.2014 um 11:05:41
Und der dritte ist gestern aufgetreten am 28.12.2014 um 22:31:51
Gestern ist zuletzt einer aufgetreten.
Zuletzt Heruntergeladen habe ich ab dem 16.12.2014= Minecraft, Free Dailymotion Download version 1.0.36.1215, Mozilla Firefox 34.0.5 (x86 de), Apple Mobile Device Support, Apple Software Update, Bonjour, iTunes, Free Youtube Download version 3.2.51.1215, Adobe Photoshop CC 2014 30Tage version.

Alt 29.12.2014, 21:31   #8
schrauber
/// the machine
/// TB-Ausbilder
 
Blauer Bildschirm, Bluescreen ! - Standard

Blauer Bildschirm, Bluescreen !


Hm, dann würde ich jetzt mal Windows Updates machen bis keine mehr da sind, dann mal Chipsatz und Grafiktreiber erneuern.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Blauer Bildschirm, Bluescreen !
aufgetaucht, ausgeführt, ausgeschaltet, bildschirm, blauer, blauer bildschirm, bluescreen, brauche, fehlercode 28, fehlercode 43, hintergrund, hängen, irql_not_less_or_equal 0x0000000a, mauszeiger, nichts, problem, schwarzer, starte, starten, startet, systemwiederherstellung, windows


« Windows 7: Schwarzer Desktop und "Computer" läuft | PC hängt sich immer nach kuzer Zeit auf (Win 8) »


Ähnliche Themen: Blauer Bildschirm, Bluescreen !


  1. BlueScreen : es kommt ein blauer Bildschirm
    Log-Analyse und Auswertung - 28.09.2015 (5)
  2. Bluescreen Problem-Anleitung für Bluescreen nicht anwenbar bei Bildschirm Freeze
    Alles rund um Windows - 04.04.2015 (18)
  3. Blauer Bildschirm mit Fehlermeldung
    Log-Analyse und Auswertung - 31.10.2014 (9)
  4. notebook blauer bildschirm
    Plagegeister aller Art und deren Bekämpfung - 11.05.2014 (24)
  5. Blauer Bildschirm
    Alles rund um Windows - 21.12.2013 (2)
  6. Spy Eyes und blauer Bildschirm
    Plagegeister aller Art und deren Bekämpfung - 29.10.2013 (28)
  7. Blauer Bildschirm nach Anmeldung
    Alles rund um Windows - 03.10.2013 (3)
  8. Blauer Bildschirm beim booten von USB (Bekämpfung d."Weißer Bildschirm-please wait")
    Log-Analyse und Auswertung - 08.07.2012 (6)
  9. Blauer Bildschirm von Windows
    Alles rund um Windows - 14.02.2012 (17)
  10. Blauer Bildschirm beim booten von cd
    Plagegeister aller Art und deren Bekämpfung - 21.06.2011 (4)
  11. PC stürzt ab - Blauer Bildschirm
    Netzwerk und Hardware - 11.10.2010 (4)
  12. Blauer Bildschirm, dann stürzt PC ab!
    Plagegeister aller Art und deren Bekämpfung - 19.11.2009 (0)
  13. PC stürzt ab. Blauer Bildschirm.
    Netzwerk und Hardware - 11.07.2009 (5)
  14. Blauer Bildschirm / TR/Dldr.FraudLoa.NC
    Plagegeister aller Art und deren Bekämpfung - 24.08.2008 (14)
  15. Blauer Bildschirm und Virus Warnungen
    Mülltonne - 14.08.2008 (0)
  16. mir kommt immer ein blauer bildschirm...
    Plagegeister aller Art und deren Bekämpfung - 13.01.2008 (1)
  17. Blauer Bildschirm(Hardwarefehler)
    Netzwerk und Hardware - 17.12.2007 (4)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Blauer Bildschirm, Bluescreen ! - Guten Tag, ich brauche Hilfe den ich habe ein Problem mit meinem Computer. Es ist schon zum 2 mal passiert das ein Blauer Bildschirm aufgetaucht ist. Beim ersten mal als - Blauer Bildschirm, Bluescreen !...
Archiv
Du betrachtest: Blauer Bildschirm, Bluescreen ! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131