![]() |
|
Log-Analyse und Auswertung: dllhost.exe poppt alle 10-20 Sekunden aufWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
![]() | #1 |
![]() ![]() ![]() ![]() | ![]() dllhost.exe poppt alle 10-20 Sekunden auf Moin, wie oben beschrieben gibt es Bootperioden in denen alle 10-20 Sekunden eine Instanz der dllhost.exe aufpoppt und sich nach 1-2 Sekunden wieder schließt. Das Problem ist meistens nach einem Neustart behoben. Parallel dazu blinkt das Ladesymbol am Mauszeiger immer auf, wenn die dllhost.exe startet. Dieses Problem tritt auch nie beim Systemstart auf, sondern erst nachdem das System einige Zeit gelaufen ist. Desweiteren hab ich das merkwürdige Problem, dass wenn ich vom PC weggehen, mein Headset weglegen, dann wiederkomme und es aufsetze. Das Geräusch kommt, als wenn ein USB-Gerät eingesteckt würde. Google konnte mir nicht weiterhelfen. Da gibt es Leute die das gleiche Problem schildern, aber ohne jegliche Lösungen, lediglich Spekulationen. Emsisoft und Malwarebytes mit Rootkiterkennung sowie TDSSKiller konnten nichts finden. Die FRST-Logs sind von gestern als das Problem mit der dllhost.exe aufgetreten ist. FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2015 01 Ran by T (administrator) on TIMPC on 25-01-2015 20:36:14 Running from C:\Users\T\Desktop Loaded Profiles: T (Available profiles: T) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe (TeamSpeak Systems GmbH) F:\Program Files(x86)\TeamSpeak 3 Client\ts3client_win64.exe (Mozilla Corporation) F:\Program Files(x86)\Mozilla Firefox\firefox.exe (Sysinternals - www.sysinternals.com) C:\Users\T\Desktop\TB\procexp.exe (Sysinternals - www.sysinternals.com) C:\Users\T\AppData\Local\Temp\procexp64.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [emsisoft anti-malware] => c:\program files (x86)\emsisoft anti-malware\a2guard.exe [4997872 2014-12-31] (Emsisoft GmbH) HKU\S-1-5-21-3416555695-689590634-2451952551-1000\...\MountPoints2: {39072ab4-e697-11e3-aa48-806e6f6e6963} - D:\Run.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\T\AppData\Roaming\Mozilla\Firefox\Profiles\cnbaf2xm.default FF Homepage: https://www.google.de FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll () FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Extension: NoScript - C:\Users\T\AppData\Roaming\Mozilla\Firefox\Profiles\cnbaf2xm.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-07-01] FF Extension: Adblock Plus - C:\Users\T\AppData\Roaming\Mozilla\Firefox\Profiles\cnbaf2xm.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-28] StartMenuInternet: FIREFOX.EXE - F:\Program Files(x86)\Mozilla Firefox\firefox.exe ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4920104 2014-12-31] (Emsisoft GmbH) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [71472 2014-05-12] (Emsisoft GmbH) R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH) R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH) R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [23088 2014-05-12] (Emsisoft GmbH) R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH) R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [110744 2012-07-19] (Qualcomm Atheros Co., Ltd.) R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [205312 2012-01-20] (VIA Technologies, Inc.) R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [254464 2012-01-20] (VIA Technologies, Inc.) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-25 20:36 - 2015-01-25 20:36 - 00004608 _____ () C:\Users\T\Desktop\FRST.txt 2015-01-25 20:34 - 2015-01-25 20:34 - 02129920 _____ (Farbar) C:\Users\T\Desktop\FRST64.exe 2015-01-25 19:06 - 2015-01-25 19:06 - 00000000 ____D () C:\Users\T\AppData\Roaming\Macromedia 2015-01-25 19:06 - 2015-01-25 19:06 - 00000000 ____D () C:\Users\T\AppData\Roaming\Adobe 2015-01-25 19:06 - 2015-01-25 19:06 - 00000000 ____D () C:\Users\T\AppData\Local\Macromedia 2015-01-25 19:04 - 2015-01-25 19:04 - 18126512 _____ (Adobe Systems Incorporated) C:\Users\T\Downloads\install_flash_player_16_plugin.exe 2015-01-25 19:04 - 2015-01-25 19:04 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-01-25 19:04 - 2015-01-25 19:04 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-01-23 05:20 - 2015-01-23 05:34 - 00000000 ____D () C:\Program Files (x86)\Google 2015-01-23 05:19 - 2015-01-23 05:19 - 00880784 _____ (Google Inc.) C:\Users\T\Downloads\ChromeSetup.exe 2015-01-21 07:20 - 2015-01-23 06:50 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\T\Desktop\tdsskiller.exe 2015-01-14 16:04 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-01-14 16:04 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-01-14 16:04 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-01-14 16:04 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-01-14 16:04 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-01-14 16:04 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-01-14 16:04 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-01-14 15:21 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll 2015-01-14 15:21 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2015-01-14 15:21 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe 2015-01-14 15:21 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll 2015-01-14 15:21 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll 2015-01-14 15:21 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-25 20:36 - 2014-09-10 16:08 - 00000000 ____D () C:\FRST 2015-01-25 19:52 - 2014-06-17 00:40 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware 2015-01-25 19:26 - 2014-05-28 19:40 - 01985517 _____ () C:\Windows\WindowsUpdate.log 2015-01-25 17:58 - 2014-05-29 02:05 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-01-25 11:39 - 2009-07-14 05:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-01-25 11:39 - 2009-07-14 05:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-01-25 11:36 - 2011-04-12 08:43 - 00699092 _____ () C:\Windows\system32\perfh007.dat 2015-01-25 11:36 - 2011-04-12 08:43 - 00149232 _____ () C:\Windows\system32\perfc007.dat 2015-01-25 11:36 - 2009-07-14 06:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-01-25 11:32 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-01-25 11:32 - 2009-07-14 05:51 - 00043088 _____ () C:\Windows\setupact.log 2015-01-23 13:27 - 2010-11-21 04:47 - 00007636 _____ () C:\Windows\PFRO.log 2015-01-19 23:57 - 2014-07-16 23:12 - 00000000 ____D () C:\Users\T\Documents\ManiaPlanet 2015-01-19 23:05 - 2014-05-29 00:36 - 00000000 ____D () C:\ProgramData\ManiaPlanet 2015-01-14 16:06 - 2014-05-28 20:42 - 01592032 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2015-01-14 16:05 - 2014-05-28 20:20 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-01-14 16:05 - 2014-05-28 20:20 - 00000000 ____D () C:\Windows\system32\MRT 2015-01-06 04:36 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2015-01-02 16:08 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT Some content of TEMP: ==================== C:\Users\T\AppData\Local\Temp\nv3DVStreaming.dll C:\Users\T\AppData\Local\Temp\nvSCPAPI.dll C:\Users\T\AppData\Local\Temp\nvStereoApiI.dll C:\Users\T\AppData\Local\Temp\nvStInst.exe C:\Users\T\AppData\Local\Temp\procexp64.exe C:\Users\T\AppData\Local\Temp\Quarantine.exe C:\Users\T\AppData\Local\Temp\sqlite3.dll C:\Users\T\AppData\Local\Temp\swt-win32-3349.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-01-24 00:29 ==================== End Of Log ============================ --- --- --- --- --- --- Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2015 01 Ran by T at 2015-01-25 20:36:28 Running from C:\Users\T\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Emsisoft Anti-Malware (Enabled - Up to date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Emsisoft Anti-Malware (Enabled - Up to date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) Emsisoft Anti-Malware (HKLM-x32\...\{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1) (Version: 8.1 - Emsisoft GmbH) Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games ) League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden LibreOffice 4.2.4.2 (HKLM-x32\...\{6B4977CB-5B9F-4B24-8310-3BA527A8AF22}) (Version: 4.2.4.2 - The Document Foundation) Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla) Mozilla Firefox 35.0 (x86 de) (HKU\S-1-5-21-3416555695-689590634-2451952551-1000\...\Mozilla Firefox 35.0 (x86 de)) (Version: 35.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) NVIDIA Grafiktreiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) Path of Exile (HKLM-x32\...\Steam App 238960) (Version: - Grinding Gear Games) Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH) TERA (HKLM-x32\...\{0FCDA0F8-F3E5-402E-B9B6-13CB2B01182B}) (Version: 1.6 - En Masse Entertainment) TrackMania² Stadium (HKLM-x32\...\Steam App 232910) (Version: - Nadeo) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN) WildStar (HKLM-x32\...\WildStar) (Version: - NCSOFT) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 02-01-2015 16:12:23 Windows Update 06-01-2015 20:59:54 Windows Update 13-01-2015 17:44:37 Windows Update 14-01-2015 16:04:53 Windows Update 15-01-2015 03:18:08 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 15-01-2015 03:18:20 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 20-01-2015 22:02:48 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) ==================== Loaded Modules (whitelisted) ============= 2014-05-28 22:52 - 2014-05-20 02:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-02-28 10:14 - 2014-02-28 10:14 - 00173568 _____ () F:\Program Files(x86)\TeamSpeak 3 Client\quazip.dll 2014-02-27 15:51 - 2014-02-27 15:51 - 01080832 _____ () F:\Program Files(x86)\TeamSpeak 3 Client\platforms\qwindows.dll 2014-02-27 15:51 - 2014-02-27 15:51 - 00833024 _____ () F:\Program Files(x86)\TeamSpeak 3 Client\sqldrivers\qsqlite.dll 2014-06-20 08:48 - 2014-08-06 10:11 - 00102344 _____ () F:\Program Files(x86)\TeamSpeak 3 Client\soundbackends\directsound_win64.dll 2014-06-20 08:49 - 2014-08-06 10:11 - 00108488 _____ () F:\Program Files(x86)\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll 2014-02-27 15:51 - 2014-02-27 15:51 - 00030208 _____ () F:\Program Files(x86)\TeamSpeak 3 Client\imageformats\qgif.dll 2014-02-27 15:51 - 2014-02-27 15:51 - 00233984 _____ () F:\Program Files(x86)\TeamSpeak 3 Client\imageformats\qjpeg.dll 2014-06-20 08:54 - 2014-08-06 10:11 - 00563656 _____ () F:\Program Files(x86)\TeamSpeak 3 Client\plugins\clientquery_plugin.dll 2014-06-20 08:55 - 2014-08-06 10:11 - 00579016 _____ () F:\Program Files(x86)\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll 2014-02-27 15:51 - 2014-02-27 15:51 - 00159232 _____ () F:\Program Files(x86)\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll 2015-01-14 03:51 - 2015-01-14 03:51 - 03925104 _____ () F:\Program Files(x86)\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== Administrator (S-1-5-21-3416555695-689590634-2451952551-500 - Administrator - Disabled) Gast (S-1-5-21-3416555695-689590634-2451952551-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3416555695-689590634-2451952551-1002 - Limited - Enabled) T (S-1-5-21-3416555695-689590634-2451952551-1000 - Administrator - Enabled) => C:\Users\T ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (01/25/2015 11:34:32 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/24/2015 04:52:37 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/24/2015 04:56:05 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/23/2015 01:29:48 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/22/2015 11:52:12 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/22/2015 00:20:44 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/21/2015 09:11:39 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/20/2015 00:45:43 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/19/2015 06:35:42 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/18/2015 06:28:31 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (01/24/2015 03:55:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (01/24/2015 03:55:39 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht. Error: (01/20/2015 02:05:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (01/20/2015 02:05:17 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht. Error: (11/20/2014 02:17:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (11/20/2014 02:17:03 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht. Error: (11/13/2014 03:51:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (11/13/2014 03:51:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht. Error: (11/03/2014 09:28:40 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 03.11.2014 um 09:26:03 unerwartet heruntergefahren. Error: (10/23/2014 01:04:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Microsoft Office Sessions: ========================= Error: (01/25/2015 11:34:32 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/24/2015 04:52:37 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/24/2015 04:56:05 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/23/2015 01:29:48 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/22/2015 11:52:12 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/22/2015 00:20:44 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/21/2015 09:11:39 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/20/2015 00:45:43 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/19/2015 06:35:42 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/18/2015 06:28:31 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz Percentage of memory in use: 24% Total physical RAM: 8152.05 MB Available physical RAM: 6125.03 MB Total Pagefile: 16302.29 MB Available Pagefile: 14052.23 MB Total Virtual: 8192 MB Available Virtual: 8191.84 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:111.57 GB) (Free:70.86 GB) NTFS Drive f: (HDD) (Fixed) (Total:1863.01 GB) (Free:1732.99 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 7E9DF4B4) Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 111.8 GB) (Disk ID: 7E9DF4A3) Partition: GPT Partition Type. ==================== End Of Log ============================ Danke für die Hilfe ![]() Edit: Screenie vom Prozess mittels Processexplorer
__________________ Beste Grüße, Kuhlambo12 ![]() Geändert von kuhlambo12 (26.01.2015 um 11:24 Uhr) |
Themen zu dllhost.exe poppt alle 10-20 Sekunden auf |
.dll, adware, blinkt, browser, cpu, defender, dllhost.exe, explorer, firefox, flash player, home, homepage, kaspersky, mozilla, neustart, problem, registry, scan, security, sekunden, services.exe, software, svchost.exe, teamspeak, temp, windows |