| |
| |||||||
Log-Analyse und Auswertung: Ungewöhnlicher datenverkehr aus ihrem netzwerkWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
21.01.2015, 12:03
| #1 |
| |  Ungewöhnlicher datenverkehr aus ihrem netzwerk Google: Ungewöhnlicher Datenverkehr aus ihrem Netzwerk Hallo liebe Mitarbeiter des Trojanerboards. Seit einigen Tagen tritt bei mir folgendes Problem auf. Wenn ich in Firefox die Google-Suchmaschine benutze, werde ich auf eine Seite umgeleitet, mit der Meldung: "Unsere Systeme haben ungewöhnlichen Datenverkehr aus Ihrem Computernetzwerk festgestellt". Anschließend soll ich ein "Captchas" eingeben, um fortzufahren. Jetzt bin ich etwas verunsichert, da dieses Problem nicht immer auftritt. Ich benutze Bitdefender IS und halte mein System immer auf den neuesten Stand. Malwarebytes und Bitdefender geben KEINE Warnung aus. Danke für Eure Hilfe Rolf Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 10:37 on 21/01/2015 (HS)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by HS (administrator) on HS-PC on 21-01-2015 10:54:54
Running from C:\Users\HS\Downloads
Loaded Profiles: HS (Available profiles: HS & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
() C:\Program Files (x86)\ASRock Utility\AXTU\Bin\AsrXTU.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe
(South Bay Software) D:\AutoSizer.exe
() C:\Program Files\ASRock Utility\XFast RAM\asrRd.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe [1575192 2013-10-24] (Bitdefender)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-398972580-570915619-4107308109-1000\...\Run: [ASRockXTU] => [X]
HKU\S-1-5-21-398972580-570915619-4107308109-1000\...\Run: [AutoSizer] => D:\AutoSizer.exe [131072 2014-02-04] (South Bay Software)
HKU\S-1-5-21-398972580-570915619-4107308109-1000\...\MountPoints2: {ab06f8d1-6005-11e2-a886-806e6f6e6963} - F:\ASRSetup.exe
HKU\S-1-5-21-398972580-570915619-4107308109-1000\...\MountPoints2: {f5408643-5e5d-11e2-811e-806e6f6e6963} - F:\ASRSetup.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [178632 2014-12-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [165760 2014-12-13] (NVIDIA Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-398972580-570915619-4107308109-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.focus.de/
SearchScopes: HKLM-x32 -> DefaultScope {1C31D725-18ED-490E-A18B-4C53EEC3E7E0} URL =
SearchScopes: HKU\S-1-5-21-398972580-570915619-4107308109-1000 -> DefaultScope {1C31D725-18ED-490E-A18B-4C53EEC3E7E0} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3312329&CUI=UN29972065413410224&UM=2
SearchScopes: HKU\S-1-5-21-398972580-570915619-4107308109-1000 -> {1C31D725-18ED-490E-A18B-4C53EEC3E7E0} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3312329&CUI=UN29972065413410224&UM=2
SearchScopes: HKU\S-1-5-21-398972580-570915619-4107308109-1000 -> {36377DD7-B3EB-42f5-986F-680BAF59BA9D} URL = hxxp://start.gamesagogo.iplay.com/searchresultsredirect.aspx?o=chrome&q={searchTerms}
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: AusweisApp 1.8.0.0 -> {C9EE92B7-EDD5-4ad9-8029-2EC6818E653A} -> C:\Program Files (x86)\AusweisApp\siqeCardClient.ols (OpenLimit SignCubes AG)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-398972580-570915619-4107308109-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-398972580-570915619-4107308109-1000 -> No Name - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - No File
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\HS\AppData\Roaming\Mozilla\Firefox\Profiles\wgr5pfjk.default
FF Homepage: hxxp://www.spiegel.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @innoplus.de/ino3DViewer -> C:\Program Files (x86)\innoplus\3D-Viewer-innoPlus\npIno3DViewer.dll (INNOVA-engineering GmbH Dresden)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-398972580-570915619-4107308109-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\HS\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: WOT - C:\Users\HS\AppData\Roaming\Mozilla\Firefox\Profiles\wgr5pfjk.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-12-10]
FF Extension: Adblock Plus - C:\Users\HS\AppData\Roaming\Mozilla\Firefox\Profiles\wgr5pfjk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-11]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext [2013-02-27]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext
Chrome:
=======
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe [69392 2013-10-24] (Bitdefender)
R2 cjpcsc; C:\Windows\SysWOW64\cjpcsc.exe [514128 2012-03-19] (REINER SCT)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [149032 2012-08-16] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe [67320 2013-10-24] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe [1645256 2013-10-24] (Bitdefender)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2011-09-21] (Asmedia Technology)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [31016 2012-01-13] (ASRock Inc.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [727592 2013-10-24] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [601360 2013-10-24] (BitDefender)
S3 AVEO; C:\Windows\System32\DRIVERS\AVEOdcnt.sys [305920 2011-10-24] (AVEO)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2013-04-29] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-10-24] (BitDefender SRL)
S3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [34672 2011-03-29] (REINER SCT)
S3 cpuz137; C:\Program Files (x86)\CPUID\PC Wizard 2013\pcwiz_x64.sys [26856 2014-02-17] (CPUID)
S2 EIO; C:\Windows\system32\drivers\EIO64.sys [15360 2006-06-14] (ASUSTeK Computer Inc.) [File not signed]
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-10-24] (BitDefender LLC)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [26528 2015-01-06] (REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-09-01] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [20968 2012-08-16] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [19944 2012-08-16] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46016 2012-08-16] ()
R3 MirayVirtualDisk; C:\Windows\System32\DRIVERS\mvd.sys [162384 2013-10-10] (Miray)
S3 NmPar; C:\Windows\System32\DRIVERS\NmPar.sys [95744 2010-07-09] (Windows (R) Codename Longhorn DDK provider)
S3 nmserial; C:\Windows\System32\DRIVERS\nmserial.sys [75264 2010-07-09] (Windows (R) Codename Longhorn DDK provider)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2013-07-01] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2013-07-01] ()
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-10-24] (BitDefender S.R.L.)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-01-21] ()
S3 ALSysIO; \??\C:\Users\HS\AppData\Local\Temp\ALSysIO64.sys [X]
R3 AxtuDrv; \??\C:\Windows\SysWOW64\Drivers\AxtuDrv.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-21 10:54 - 2015-01-21 10:54 - 00014108 _____ () C:\Users\HS\Downloads\FRST.txt
2015-01-21 10:54 - 2015-01-21 10:54 - 00000000 ____D () C:\FRST
2015-01-21 10:51 - 2015-01-21 10:51 - 02126848 _____ (Farbar) C:\Users\HS\Downloads\FRST64.exe
2015-01-21 10:37 - 2015-01-21 10:37 - 00000466 _____ () C:\Users\HS\Downloads\defogger_disable.log
2015-01-21 10:37 - 2015-01-21 10:37 - 00000000 _____ () C:\Users\HS\defogger_reenable
2015-01-21 10:36 - 2015-01-21 10:36 - 00050477 _____ () C:\Users\HS\Downloads\Defogger(1).exe
2015-01-21 10:35 - 2015-01-21 10:36 - 00050477 _____ () C:\Users\HS\Downloads\Defogger.exe
2015-01-16 19:43 - 2015-01-16 19:43 - 00076056 _____ () C:\Users\HS\Downloads\74e407c84612bd19ba2823a93333d883_Schwabacher.otf
2015-01-16 19:42 - 2015-01-16 19:42 - 00026952 _____ () C:\Users\HS\Downloads\f8cae009ccd698491debce4a2ecf8f6d_GesType.ttf
2015-01-16 19:28 - 2015-01-16 19:29 - 00056572 _____ () C:\Users\HS\Downloads\LHANDW.TTF
2015-01-16 13:24 - 2015-01-21 10:00 - 00002948 _____ () C:\Windows\System32\Tasks\AsrXTU
2015-01-16 13:22 - 2015-01-21 10:00 - 00003014 _____ () C:\Windows\System32\Tasks\asrRd
2015-01-15 11:35 - 2015-01-15 11:35 - 00000950 _____ () C:\Users\HS\Desktop\Ahnenblatt.lnk
2015-01-15 11:33 - 2015-01-15 11:34 - 06572568 _____ (Dirk Böttcher ) C:\Users\HS\Downloads\absetup.exe
2015-01-14 14:36 - 2015-01-14 14:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-14 10:49 - 2015-01-14 10:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-01-14 10:08 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 10:08 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 10:08 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 10:08 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 10:08 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 10:08 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 10:08 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 10:08 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 10:08 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 10:08 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 10:08 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 10:08 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 10:08 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-11 15:56 - 2015-01-11 15:57 - 07040424 _____ () C:\Users\HS\Downloads\bitdefender_isecurity2015.exe
2015-01-11 12:48 - 2015-01-11 12:48 - 01866009 _____ () C:\Users\HS\Downloads\com.google.android.apps.adm-1.2.12.apk
2015-01-06 18:05 - 2015-01-21 09:59 - 00016864 _____ () C:\Windows\PFRO.log
2015-01-06 18:05 - 2015-01-21 09:59 - 00006036 _____ () C:\Windows\setupact.log
2015-01-06 18:05 - 2015-01-06 18:05 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-06 16:22 - 2015-01-06 16:22 - 02699320 _____ (Martin Malík - REALiX ) C:\Users\HS\Downloads\hw64_448.exe
2015-01-06 16:22 - 2015-01-06 16:22 - 00026528 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO64A.SYS
2015-01-06 16:13 - 2015-01-06 16:13 - 01190544 _____ ( ) C:\Users\HS\Downloads\hwmonitor_1.26-setup.exe
2015-01-06 16:13 - 2015-01-06 16:13 - 00000936 _____ () C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2015-01-06 16:13 - 2015-01-06 16:13 - 00000000 ____D () C:\Program Files\CPUID
2015-01-06 12:49 - 2015-01-06 13:08 - 00003718 _____ () C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2015-01-06 12:49 - 2015-01-06 12:49 - 00003476 _____ () C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2015-01-06 12:49 - 2015-01-06 12:49 - 00000000 ____D () C:\ProgramData\Intel(R) Update Manager
2015-01-04 14:38 - 2014-12-13 11:08 - 32099472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 25460552 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 24764232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 20465808 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 17264312 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 16040184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 13288360 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 13202520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 10770120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 10710160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 10345280 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-01-04 14:38 - 2014-12-13 11:08 - 03610440 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 03248968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 02897824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 01895056 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434709.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 01556624 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434709.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 00994384 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 00968336 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 00942400 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 00928072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 00906560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 00876976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 00496272 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 00399688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 00391488 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 00353224 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 00346944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 00306328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-01-04 14:02 - 2014-12-13 11:08 - 14128496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-01-04 14:02 - 2014-11-17 23:18 - 01538880 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-01-04 14:02 - 2014-11-17 23:18 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-01-04 14:02 - 2014-11-17 23:18 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-01-04 14:02 - 2014-11-13 01:20 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434475.dll
2015-01-04 14:02 - 2014-11-13 01:20 - 01540424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434475.dll
2015-01-04 13:18 - 2015-01-04 13:39 - 308364224 _____ (NVIDIA Corporation) C:\Users\HS\Downloads\344.75-desktop-win8-win7-winvista-64bit-international-whql.exe
2015-01-04 09:50 - 2015-01-04 13:59 - 00001161 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2015-01-04 09:50 - 2015-01-04 13:59 - 00001111 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2015-01-04 09:50 - 2015-01-04 13:59 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2015-01-04 09:48 - 2015-01-04 09:48 - 05641056 _____ (Canneverbe Limited ) C:\Users\HS\Downloads\cdbxp_setup_4.5.4.5306.exe
2015-01-02 15:23 - 2015-01-02 15:23 - 07005576 _____ (Microsoft Corporation) C:\Users\HS\Downloads\proofingtools_nl-nl-x64(3).exe
2015-01-02 15:19 - 2015-01-02 15:20 - 07005576 _____ (Microsoft Corporation) C:\Users\HS\Downloads\proofingtools_nl-nl-x64(2).exe
2015-01-02 12:52 - 2015-01-02 12:52 - 00000000 ____D () C:\Users\HS\.jivex
2015-01-01 14:50 - 2015-01-01 16:05 - 00000000 ____D () C:\Users\HS\AppData\Roaming\MyPhoneExplorer
2015-01-01 14:50 - 2015-01-01 14:50 - 00000799 _____ () C:\Users\Public\Desktop\MyPhoneExplorer.lnk
2015-01-01 14:50 - 2015-01-01 14:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer
2015-01-01 14:48 - 2015-01-01 14:48 - 07403840 _____ () C:\Users\HS\Downloads\MyPhoneExplorer_Setup_v1.8.6.exe
2014-12-31 14:38 - 2014-12-31 14:38 - 00000000 ____D () C:\Windows\system32\Neuer Ordner
2014-12-22 13:32 - 2014-12-22 13:33 - 17925296 _____ (Adobe Systems Incorporated) C:\Users\HS\Downloads\flashplayer_16_ax_debug.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-21 10:37 - 2013-01-14 16:52 - 00000000 ____D () C:\Users\HS
2015-01-21 10:14 - 2013-03-06 09:58 - 00000501 _____ () C:\Windows\system32\checkdnsid.xml
2015-01-21 10:08 - 2009-07-14 05:45 - 00035776 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-21 10:08 - 2009-07-14 05:45 - 00035776 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-21 10:07 - 2013-01-26 14:16 - 01264580 _____ () C:\Windows\WindowsUpdate.log
2015-01-21 10:04 - 2013-01-15 01:18 - 00700470 _____ () C:\Windows\system32\perfh007.dat
2015-01-21 10:04 - 2013-01-15 01:18 - 00150108 _____ () C:\Windows\system32\perfc007.dat
2015-01-21 10:04 - 2009-07-14 06:13 - 01624106 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-21 10:00 - 2013-01-14 18:28 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-21 09:59 - 2014-12-10 12:07 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2015-01-21 09:59 - 2014-10-17 12:43 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2015-01-21 09:59 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-20 20:15 - 2014-07-02 14:31 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-20 20:07 - 2013-07-23 13:26 - 00000459 _____ () C:\Users\HS\Desktop\FRITZ!Box.website
2015-01-20 19:57 - 2013-01-14 18:28 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-20 19:28 - 2013-02-01 20:01 - 01597450 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-20 12:07 - 2011-05-15 17:05 - 00000000 ____D () C:\WsWin-Cresta
2015-01-20 12:04 - 2013-09-23 14:47 - 00000000 ____D () C:\WsWin-Davis
2015-01-19 12:17 - 2013-01-14 22:33 - 00000000 ____D () C:\Users\HS\AppData\Roaming\ALFBanCo5
2015-01-18 15:41 - 2013-01-14 22:46 - 00000000 ____D () C:\Users\HS\AppData\Roaming\Skype
2015-01-17 16:07 - 2013-05-19 20:35 - 00000000 ____D () C:\Users\HS\AppData\Roaming\Ahnenblatt
2015-01-17 15:26 - 2014-09-13 19:48 - 00000000 ____D () C:\ProgramData\Stammbaumdrucker 7 Premium
2015-01-16 19:45 - 2009-07-14 05:45 - 00417464 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-16 19:39 - 2013-01-14 17:16 - 00110856 _____ () C:\Users\HS\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-15 16:27 - 2013-11-20 21:51 - 00000000 ____D () C:\ProgramData\tmp
2015-01-15 15:11 - 2013-11-20 21:51 - 00000000 ____D () C:\ProgramData\hps
2015-01-15 10:24 - 2013-07-12 11:17 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-15 10:22 - 2013-01-16 19:02 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-14 20:15 - 2013-01-17 20:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-11 10:45 - 2013-01-14 22:46 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-11 10:45 - 2013-01-14 22:46 - 00000000 ____D () C:\ProgramData\Skype
2015-01-06 16:22 - 2013-01-29 20:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2015-01-06 16:13 - 2014-08-24 09:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2015-01-06 14:00 - 2014-01-29 19:15 - 00000000 ____D () C:\Users\HS\AppData\Local\NVIDIA Corporation
2015-01-06 14:00 - 2013-01-14 17:06 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-01-06 14:00 - 2013-01-14 17:06 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-01-06 14:00 - 2013-01-14 17:06 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-01-06 13:08 - 2013-01-16 21:09 - 00000000 ____D () C:\ProgramData\Intel
2015-01-06 12:49 - 2013-01-16 20:55 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-01-06 12:49 - 2013-01-16 20:45 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-01-06 12:47 - 2013-01-16 19:37 - 00000000 ____D () C:\temp
2015-01-06 12:46 - 2013-01-14 17:06 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-06 04:36 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-02 13:16 - 2014-09-25 15:15 - 00000001 ____R () C:\Users\HS\serverport
2015-01-02 13:16 - 2013-02-27 13:43 - 00000000 ____D () C:\Users\HS\AppData\Temp
2014-12-25 19:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\TAPI
2014-12-23 09:47 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-22 13:34 - 2013-01-14 17:13 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-22 13:34 - 2013-01-14 17:13 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2013-02-26 15:19 - 2013-02-26 15:19 - 0000288 _____ () C:\Users\HS\AppData\Roaming\.backup.dm
2013-01-16 21:13 - 2013-01-16 21:13 - 0000003 _____ () C:\Users\HS\AppData\Local\user_data.ini
2013-02-27 13:22 - 2013-02-27 13:22 - 0867058 _____ () C:\ProgramData\1361966845.bdinstall.bin
2013-01-23 13:21 - 2013-01-23 13:21 - 0000057 _____ () C:\ProgramData\Ament.ini
Some content of TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\_is7E07.exe
C:\Users\HS\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-14 10:35
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015
Ran by HS at 2015-01-21 10:55:29
Running from C:\Users\HS\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Bitdefender Virenschutz (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
FW: Bitdefender Firewall (Enabled) {A364D236-8096-DCCF-EF3F-4E4DBCD170CF}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
3D-Viewer-innoplus (HKLM-x32\...\{B96DB037-DBEA-4186-9081-9CBD537F82E8}) (Version: 14.00.231 - INNOVA-engineering GmbH)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Ahnenblatt 2.86 (HKLM-x32\...\Ahnenblatt_is1) (Version: 2.86.0.1 - Dirk Böttcher)
ALF-BanCo 5 (HKLM-x32\...\Alf-BanCo5_is1) (Version: - ALF AG)
ALNO AG Küchenplaner (HKLM-x32\...\{A89131FD-3D18-4DA8-84C8-622423011B51}_is1) (Version: 14a - ALNO AG)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: - )
ASRock eXtreme Tuner v0.1.188 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version: - )
ASRock XFast RAM v2.0.9 (HKLM\...\ASRock XFast RAM_is1) (Version: - ASRock Inc.)
ASUS nVidia Driver (x32 Version: 4.00.0000 - Ihr Firmenname) Hidden
AusweisApp (HKLM-x32\...\{6E2E92F9-A81B-426F-8F35-4F3718A7D0AF}) (Version: 1.11.0 - OpenLimit SignCubes AG)
AutoSizer (HKLM-x32\...\AutoSizer) (Version: - )
AVM FRITZ!fax für FRITZ!Box (HKLM-x32\...\FRITZ! 2.0) (Version: - AVM Berlin)
Bitdefender Internet Security 2013 (HKLM\...\Bitdefender) (Version: 16.26.0.1739 - Bitdefender)
Brother MFL-Pro Suite DCP-165C (HKLM-x32\...\{48D082B9-18F6-4426-AFAC-8B6A3E7021B1}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
CloudReading (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.0.27.1025 - Foxit Corporation)
Corel Paint Shop Pro X (HKLM-x32\...\{1A15507A-8551-4626-915D-3D5FA095CC1B}) (Version: 10.01 - Corel Inc)
CPUID HWMonitor 1.26 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
CrystalDiskInfo 5.6.2 Shizuku Edition (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 5.6.2 - Crystal Dew World)
CrystalDiskMark 3.0.2f (HKLM\...\CrystalDiskMark_is1) (Version: 3.0.2f - Crystal Dew World)
cyberJack Base Components (HKLM-x32\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 6.10.0 - REINER SCT)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 5.1.6 - CEWE Stiftung u Co. KGaA)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.2.13992 - Landesfinanzdirektion Thüringen)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.1.1031 - Foxit Corporation)
GenDaLim7ES (HKLM-x32\...\{56693A2D-F918-46CD-8F13-BAA4E5FA1089}) (Version: 7.0.2.0 - LGGI)
GIMP 2.6.8 (HKLM-x32\...\WinGimp-2.0_is1) (Version: - )
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
HDClone 4.2 Standard Edition (HKLM-x32\...\HDClone.Standard.4.2.8.1031-{128829BF-F190-4B7D-88C9-889EFB557284}) (Version: 4.2 - Miray Software AG)
HijackThis 2.0.2 (HKLM-x32\...\HijackThis) (Version: 2.0.2 - TrendMicro)
HP Photosmart 6510 series - Grundlegende Software für das Gerät (HKLM\...\{B21D3221-335D-45B0-B5F8-DC9EA1F30558}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart Essential (HKLM-x32\...\{6994491D-D491-48F1-AE1F-E179C1FFFC2F}) (Version: 1.9.1.2 - HP)
HWiNFO64 Version 4.48 (HKLM\...\HWiNFO64_is1) (Version: 4.48 - Martin Malík - REALiX)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) Smart Connect Technology 3.0 x64 (HKLM\...\{01C324B7-3744-4EC0-9C4F-40BCCDD47CFB}) (Version: 3.0.41.1571 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java SE Development Kit 7 Update 51 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170510}) (Version: 1.7.0.510 - Oracle)
MailStore Home 8.1.0.9075 (HKLM-x32\...\MailStore Home_universal1) (Version: 8.1.0.9075 - MailStore Software GmbH)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 - Nederlands (HKLM\...\{90150000-001F-0413-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
MiniTool Partition Wizard Home Edition 8.0 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 35.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 de)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
Mozilla Thunderbird 31.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.4.0 (x86 de)) (Version: 31.4.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
NVIDIA Grafiktreiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
Paragon Alignment Tool™ 3.0 (HKLM-x32\...\{4D83E500-4D0C-11DF-A750-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PC Wizard 2013.2.12 (HKLM-x32\...\PC Wizard 2013_is1) (Version: - CPUID)
Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
Pixum Fotobuch (HKLM-x32\...\Pixum Fotobuch) (Version: 5.1.2 - CEWE COLOR AG u Co. OHG)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6482 - Realtek Semiconductor Corp.)
Samsung Data Migration (HKLM-x32\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.6 - Samsung)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SSDlife Free (HKLM-x32\...\{18302BF2-AA3C-46E3-B039-996FD0DB5639}) (Version: 2.5.82 - BinarySense Inc.)
TAPI Services for FRITZ!Box (HKLM\...\{8505C641-422E-4E3C-B6B0-0F070E289FDD}) (Version: 1.0.4 - AVM Berlin)
Turbo Lister 2 (HKLM-x32\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)
Unity Web Player (HKU\S-1-5-21-398972580-570915619-4107308109-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
VCRedistSetup (x32 Version: 1.0.0 - Nero AG) Hidden
Visitenkarten in 2 Minuten (HKLM-x32\...\Visitenkarten in 2 Minuten) (Version: - )
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
Weather Capture Advance 1.1 (HKLM-x32\...\{E10017D0-CDC3-4205-87F8-B1AC58124DE9}_is1) (Version: - Hideki Electronics Limited)
WsWin V2.97.0 - 2013-03-30 (HKLM-x32\...\PC-Wetterstation_is1) (Version: 2.97.0 - Werner Krenn)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
13-01-2015 11:19:31 Geplanter Prüfpunkt
15-01-2015 10:22:37 Windows Update
16-01-2015 19:08:26 Windows Update
20-01-2015 09:51:53 Windows Update
20-01-2015 19:28:31 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {02A07B2D-F71B-411B-A6FE-DF44C79FE30C} - System32\Tasks\{4E028CFE-4CB4-4225-9A7C-6030701A6E13} => pcalua.exe -a F:\AutoRun\setup32.exe -d F:\
Task: {1785D2F7-3C29-4062-8F0F-7C32677479A1} - System32\Tasks\{18E38F82-0A01-4821-A98F-A1F9BAD8D13E} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsMain
Task: {230B2D9F-585F-4C72-B388-C1E7ACF68225} - System32\Tasks\asrRd => C:\Program Files\ASRock Utility\XFast RAM\asrRd.exe [2012-01-13] ()
Task: {2606A93F-DD3C-40FC-8C90-88DC182C569F} - System32\Tasks\{55E7B22C-1028-4AAB-8ABE-CC8DA23ACA7E} => pcalua.exe -a F:\AutoRun\setup32.exe -d F:\
Task: {267E4AC9-40A2-4B1E-853C-8F64311CD8BA} - System32\Tasks\{5D05DA9B-599D-43A3-A092-F429B025D984} => pcalua.exe -a "D:\Revo unlocker\Revo Uninstaller\Revouninstaller.exe" -d "D:\Revo unlocker\Revo Uninstaller"
Task: {5F582DE8-CF67-4497-9B70-B1CC07A664AA} - System32\Tasks\{A85746E7-0943-469D-9E07-F8A2DC77ED96} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.11.0.102/de/abandoninstall?page=tsMain
Task: {6F58A212-ED5B-4EF7-87B3-9559A105E347} - System32\Tasks\AsrXTU => C:\Program Files (x86)\ASRock Utility\AXTU\Bin\AsrXTU.exe [2012-03-06] ()
Task: {7228BE87-343C-475B-8FF1-CFA0DA752161} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {73B980B4-6F9C-4102-B0DB-5B2F9D2138CE} - System32\Tasks\{774669B2-DD19-4CE6-A6EE-F3A794D0CEF7} => pcalua.exe -a D:\Irfan\IrfanView\i_view32.exe
Task: {7E530D5D-EAEE-4649-9357-DD60825C91D8} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {86DEB3C9-A59A-4A30-B89C-2945E4F50B57} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {8C774AAD-5518-478D-AE39-1FAEB4601166} - System32\Tasks\{166380E5-3AFA-4CA7-A9F3-086175797D50} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.10.0.104/de/abandoninstall?page=tsMain
Task: {91F5E202-6293-464B-8701-3AE13C347915} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-15] (Adobe Systems Incorporated)
Task: {936F9441-7B45-43CA-A547-2C150F20F630} - System32\Tasks\{30F1A4F0-047A-412D-B760-78F298FFA481} => pcalua.exe -a C:\Users\HS\Downloads\CC3up_1.30.0020(1).EXE
Task: {9B44DB43-D2E3-4644-A76D-1DA24FFBA99D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner64.exe [2013-03-25] (Piriform Ltd)
Task: {9C91ABA5-1224-4F47-9267-FE1A1E4DB57C} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {A4DB31C2-72BB-44C3-8041-A5C2FBF1083C} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {A7D01E30-26DF-4EA9-B149-FC4C11E6E660} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {B51702D4-C8FB-4543-ACA6-6860942988D5} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {C74AAFC5-0DB5-4E82-A835-DB9BB8AD890B} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {C8F61A30-9FFE-4B3B-85CA-83460EDBD1FD} - System32\Tasks\{559ABFF1-06A0-4998-994F-9662FD815A34} => pcalua.exe -a D:\Tools\HiJackThis\HiJackThis.exe -d D:\Tools\HiJackThis
Task: {D1F73893-0946-40AB-B855-853462D520E0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-14] (Google Inc.)
Task: {E3DC853C-8E7F-45AA-BE9F-5EEF1064EAD9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-14] (Google Inc.)
Task: {FAF1FAA4-D1C3-40F9-A695-8872A2B7401B} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {FE6CCA61-7B75-4024-90E3-B37D2F0A7E90} - System32\Tasks\Lüftersteuerung => D:\Speedfan\speedfan.exe
Task: {FFD43660-069C-43A1-ABE3-0815BDDC4BE9} - System32\Tasks\{EE999195-4E55-4278-943A-3E22E5A61A83} => pcalua.exe -a G:\AVM\Fritz!Fax\FRITZ!fax_3.07.04.exe -d C:\Users\Administrator\Desktop
Task: C:\Windows\Tasks\Ad-Aware Update (Weekly).job => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-03-30 11:15 - 2013-10-24 15:48 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\txmlutil.dll
2013-10-24 15:51 - 2013-10-24 15:51 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\UI\accessl.ui
2013-02-27 13:22 - 2011-11-14 19:17 - 00153680 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\bdfwcore.dll
2013-03-30 11:15 - 2013-10-24 15:47 - 00005120 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\UI\IMSecurityAL.ui
2014-07-24 08:35 - 2014-07-24 08:35 - 00780592 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\otengines_00047_027\ashttpbr.mdl
2014-07-24 08:35 - 2014-07-24 08:35 - 00568400 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\otengines_00047_027\ashttpdsp.mdl
2014-07-24 08:35 - 2014-07-24 08:36 - 02602680 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\otengines_00047_027\ashttpph.mdl
2014-07-24 08:35 - 2014-07-24 08:36 - 01323408 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\otengines_00047_027\ashttprbl.mdl
2013-01-14 17:06 - 2014-12-13 09:03 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-25 12:17 - 2006-02-23 10:35 - 00020480 _____ () C:\Windows\System32\FritzColorPort64.dll
2013-09-25 12:17 - 2006-02-22 09:39 - 00020480 _____ () C:\Windows\System32\FritzPort64.dll
2012-08-16 19:36 - 2012-08-16 19:36 - 00149032 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2012-08-16 19:36 - 2012-08-16 19:36 - 00058920 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-02-27 11:13 - 2012-03-06 18:14 - 08238376 _____ () C:\Program Files (x86)\ASRock Utility\AXTU\Bin\AsrXTU.exe
2013-02-27 11:13 - 2012-01-13 15:47 - 01448744 _____ () C:\Program Files\ASRock Utility\XFast RAM\asrRd.exe
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-01-18 10:20 - 2007-05-31 07:38 - 00167936 ____N () C:\Windows\SysWOW64\SerialXP.dll
2013-02-27 11:13 - 2012-02-24 10:53 - 00094208 _____ () C:\Program Files (x86)\ASRock Utility\AXTU\Bin\IccLibDll.DLL
2014-02-04 10:40 - 2014-02-04 10:40 - 00086016 _____ () D:\AutoSizer.dll
2015-01-14 10:49 - 2015-01-14 10:49 - 03347056 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2015-01-14 10:49 - 2015-01-14 10:49 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-01-14 10:49 - 2015-01-14 10:49 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2015-01-17 11:20 - 2015-01-17 11:20 - 00016384 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\bc9bcf53b97e0180a22783ef8b2567c2\PSIClient.ni.dll
2013-01-16 21:09 - 2012-07-18 06:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-01-14 14:36 - 2015-01-14 14:36 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\HS\Downloads\344.75-desktop-win8-win7-winvista-64bit-international-whql.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\385-INST-WIN7-A.EXE:BDU
AlternateDataStreams: C:\Users\HS\Downloads\absetup.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\ALNO_KPLSetup14a(1).exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\ALNO_KPLSetup14a.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\ALNO_KPLSetup14a_CB-DL-Manager.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\bitdefender_isecurity2015.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\CC3up_1.30.0020(1).EXE:BDU
AlternateDataStreams: C:\Users\HS\Downloads\CC3up_1.30.0020(2).EXE:BDU
AlternateDataStreams: C:\Users\HS\Downloads\CC3up_1.30.0020.EXE:BDU
AlternateDataStreams: C:\Users\HS\Downloads\cdbxp_setup_4.5.4.5306.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\Defogger(1).exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\Defogger.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\delinf_10200(1).EXE:BDU
AlternateDataStreams: C:\Users\HS\Downloads\delinf_10200.EXE:BDU
AlternateDataStreams: C:\Users\HS\Downloads\flashplayer_16_ax_debug.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\FRST64.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\Google Earth - CHIP-Installer.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\googleearth-win-bundle-7.1.2.2041.1.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\GoogleEarthSetup.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\googleupdatesetup.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\hw64_448.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\hwmonitor_1.26-setup.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\install_flashplayer13x32_mssa_aaa_aih.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\install_flashplayer16x32au_mssa_aaa_aih(1).exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\iview438_setup.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\jdk-8u11-windows-x64(1).exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\jdk-8u11-windows-x64.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\jre-8u20-windows-x64.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\Manuals.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\MyPhoneExplorer_Setup_v1.8.6.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\proofingtools_nl-nl-x64(1).exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\proofingtools_nl-nl-x64(2).exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\proofingtools_nl-nl-x64(3).exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\proofingtools_nl-nl-x64.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\setup_dm_Fotowelt(1).exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\setup_dm_Fotowelt.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\SoftonicDownloader_fuer_java-runtime-environment(1).exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\SoftonicDownloader_fuer_java-runtime-environment.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\SSDlife - CHIP-Installer(1).exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\SSDlife - CHIP-Installer.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\SSDTweaker(1).exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\SSDTweaker(2).exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\SSDTweaker.exe:BDU
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^iSCTsysTray.lnk => C:\Windows\pss\iSCTsysTray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\Windows\pss\Microsoft Office.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^HS^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupfolder: C:^Users^HS^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Tintenwarnungen überwachen - HP Photosmart 6510 series.lnk => C:\Windows\pss\Tintenwarnungen überwachen - HP Photosmart 6510 series.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Speed Launcher => 1418738232
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BrMfcWnd => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
MSCONFIG\startupreg: Browser Infrastructure Helper => C:\Users\HS\AppData\Local\Smartbar\Application\QuickShare.exe startup
MSCONFIG\startupreg: BrowserChoice => "C:\Windows\System32\browserchoice.exe" /run
MSCONFIG\startupreg: ControlCenter3 => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
MSCONFIG\startupreg: FlashPlayerUpdate => C:\Windows\system32\Macromed\Flash\FlashUtil64_11_6_602_171_ActiveX.exe -update activex
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: iTunesHelper => "D:\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: MSC => "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: NBKeyScan => "D:\Nero\Nero 8\Nero BackItUp\NBKeyScan.exe"
MSCONFIG\startupreg: NeroFilterCheck => C:\Windows\system32\NeroCheck.exe
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
========================= Accounts: ==========================
Administrator (S-1-5-21-398972580-570915619-4107308109-500 - Administrator - Enabled) => C:\Users\Administrator
Gast (S-1-5-21-398972580-570915619-4107308109-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-398972580-570915619-4107308109-1002 - Limited - Enabled)
HS (S-1-5-21-398972580-570915619-4107308109-1000 - Administrator - Enabled) => C:\Users\HS
==================== Faulty Device Manager Devices =============
Name: Intel(R) HD Graphics
Description: Intel(R) HD Graphics
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/21/2015 10:01:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/20/2015 07:32:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/20/2015 06:22:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/20/2015 00:06:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Wswin32.exe, Version 2.97.8.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 15bc
Startzeit: 01d034a0b732a321
Endzeit: 0
Anwendungspfad: C:\WsWin-Davis\Wswin32.exe
Berichts-ID:
Error: (01/20/2015 09:49:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/19/2015 04:11:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/19/2015 03:43:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/19/2015 01:51:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/19/2015 10:25:07 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/18/2015 04:24:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (01/21/2015 09:59:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "EIO" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error: (01/20/2015 07:30:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "EIO" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error: (01/20/2015 06:21:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "EIO" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error: (01/20/2015 09:47:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "EIO" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error: (01/19/2015 04:09:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "EIO" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error: (01/19/2015 03:41:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "EIO" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error: (01/19/2015 01:49:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "EIO" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error: (01/19/2015 00:19:02 PM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Das Gerät ist nicht angeschlossen.REINER SCT cyberJack pinpad/e-com USB 52GET_STATEXX XX XX XX
Error: (01/19/2015 10:23:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "EIO" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error: (01/18/2015 04:22:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "EIO" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Microsoft Office Sessions:
=========================
Error: (01/21/2015 10:01:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/20/2015 07:32:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/20/2015 06:22:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/20/2015 00:06:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Wswin32.exe2.97.8.015bc01d034a0b732a3210C:\WsWin-Davis\Wswin32.exe
Error: (01/20/2015 09:49:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/19/2015 04:11:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/19/2015 03:43:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/19/2015 01:51:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/19/2015 10:25:07 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/18/2015 04:24:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2015-01-21 09:59:54.467
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\EIO64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-21 09:59:54.447
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\EIO64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-20 19:30:18.132
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\EIO64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-20 19:30:18.112
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\EIO64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-20 18:21:02.786
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\EIO64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-20 18:21:02.766
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\EIO64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-20 09:47:35.360
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\EIO64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-20 09:47:35.340
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\EIO64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-19 16:09:56.268
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\EIO64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-19 16:09:56.248
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\EIO64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
Percentage of memory in use: 32%
Total physical RAM: 8078.16 MB
Available physical RAM: 5462.74 MB
Total Pagefile: 8276.34 MB
Available Pagefile: 5231.54 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB
==================== Drives ================================
Drive c: (Volume) (Fixed) (Total:90.4 GB) (Free:28.22 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Progs/ Treiber/ Tools) (Fixed) (Total:39.27 GB) (Free:27.63 GB) NTFS
Drive e: (Daten/ Grafiken) (Fixed) (Total:103.22 GB) (Free:64.11 GB) NTFS
Drive h: (Volume) (Fixed) (Total:111.66 GB) (Free:78.46 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: E58904D8)
Partition 1: (Active) - (Size=90.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=142.5 GB) - (Type=05)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
Gmer.txt folgt (weil zu groß) |
| Themen zu Ungewöhnlicher datenverkehr aus ihrem netzwerk |
| ad-aware, adware, autorun, browser, böttcher, computer, ebay, firefox, flash player, google, helper, homepage, iexplore.exe, karte, launch, mozilla, netzwerk, nvbackend, problem, registry, revo uninstaller, rundll, scan, schutz, services.exe, software, svchost.exe, warnung, windows |
Baum-Darstellung