Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Meldung bei Start RegSev32 Binäre Datei (https://www.trojaner-board.de/156388-meldung-start-regsev32-binaere-datei.html)

wolfgang73 13.07.2014 08:34
Meldung bei Start RegSev32 Binäre Datei
 
Hallo,

Ich habe folgendes Problem mit dem Laptop meiner Freundin:

Beim Start öffnet sich seit einigen Tagen die Fehlermeldung RegSev32,dass eine binäre Datei nicht gefunden ,bzw. geöffnet werden konnte(was hier schon mal gepostet wurde)

Wir hatten Avira(Free) installiert und den Scanner aktiviert,es gab 2 Funde,die in quarantäne verschoben wurden.Gestern nun,wollten wir Avira öffnen,was aber nicht ging mit einer Meldung,daß es keine Rechte gibt.Auch das Deinstallieren ging nicht.

Ich hab den Rechner dann im abgesicherten Modus gestartet,Avira deinstalliert und Norton installiert und gleich Scanner aktiviert.Es gab 58 Funde,die behoben wurden.

Es scheint wieder alles in Ordnung zu sein,bis auf die Fehlermeldung RegSev32 beim Starten

Was könnte das sein?Leider kenne ich mich auch zu wenig aus.Ist es doch ein Virus?Bitte um HIlfe

M-K-D-B 13.07.2014 09:32
:hallo:


Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo.
    Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!


Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Danke für deine Mitarbeit!





Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


wolfgang73 13.07.2014 10:12
FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-07-2014
Ran by Asus (administrator) on ASUS-PC on 13-07-2014 11:02:19
Running from C:\Users\Asus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H1EVMLKQ
Platform: Windows 7 Professional (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS CopyProtect\ASPG.exe
() C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.4.0.13\nav.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe
(ASUS) C:\Windows\AsScrPro.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.4.0.13\nav.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(syncables, LLC) C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe
(Boingo Wireless, Inc.) C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(asus) C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingApp.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingBar.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\bingsurrogate.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\bingsurrogate.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\bingsurrogate.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\bingsurrogate.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10d.exe
(Farbar) C:\Users\Asus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H1EVMLKQ\FRST64[1].exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-06-10] (ELAN Microelectronic Corp.)
HKLM\...\Run: [ASUS WebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [1754448 2010-03-16] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-19] ()
HKLM\...\Run: [Setwallpaper] => c:\programdata\SetWallpaper.cmd
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [Boingo Wi-Fi] => C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk [2429 2010-11-23] ()
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [7350912 2010-02-05] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-05-04] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [StopDefragment] => Install\StopDefragment.exe
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-23] ()
HKLM Group Policy restriction on software: C:\Program Files (x86)\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Trend Micro <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Trend Micro <====== ATTENTION
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4245655172-4191476922-2018439796-1000\...\Run: [Syncables] => C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe [370480 2010-07-19] (syncables, LLC)
HKU\S-1-5-21-4245655172-4191476922-2018439796-1000\...\Run: [OnyefObkag] => regsvr32.exe "
ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll (eCareme Technologies, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=IDSSNAV&chn=retail&geo=DE&ver=2014&locale=de_DE&gct=sb&qsrc=2869
BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.0.43\coIEPlg.dll (Symantec Corporation)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\21.4.0.13\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\coIEPlg.dll (Symantec Corporation)
BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO-x32: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.0.43\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - Norton Identity Safe Toolbar - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.0.43\coIEPlg.dll (Symantec Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @TrendMicro.com/FFExtension - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll No File
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.3.0.12\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.3.0.12\IPSFF [2014-07-12]
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.0.43\coFFPlgn
FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.0.43\coFFPlgn [2014-07-13]

Chrome:
=======
CHR HomePage: hxxp://www.google.com/ig/redirectdomain?brand=ASUT&bmod=ASUT
CHR StartupUrls: "hxxp://www.google.com/ig/redirectdomain?brand=ASUT&bmod=ASUT"
CHR Extension: (Docs) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-07]
CHR Extension: (Google Drive) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-07]
CHR Extension: (YouTube) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-07]
CHR Extension: (Google-Suche) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-07]
CHR Extension: (Google Wallet) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-15]
CHR Extension: (Google Mail) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-07]
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\Exts\Chrome.crx [2014-07-12]

==================== Services (Whitelisted) =================

R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-10-01] (Intel Corporation) [File not signed]
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\21.4.0.13\NAV.exe [262968 2014-06-27] (Symantec Corporation)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe [130104 2014-03-11] (Symantec Corporation)
R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-10-01] (Intel Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

R0 assd; C:\Windows\System32\Drivers\assd.sys [27264 2010-04-28] (ASUS Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.3.0.12\Definitions\BASHDefs\20140703.001\BHDrvx64.sys [1530160 2014-07-03] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1504000.00D\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE07000.02B\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-07-11] (Symantec Corporation)
U3 EraserUtilDrv11313; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11313.sys [142128 2014-07-11] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.3.0.12\Definitions\IPSDefs\20140711.001\IDSvia64.sys [525016 2014-07-11] (Symantec Corporation)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 NAVENG; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.3.0.12\Definitions\VirusDefs\20140712.002\ENG64.SYS [126040 2014-07-11] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.3.0.12\Definitions\VirusDefs\20140712.002\EX64.SYS [2099288 2014-07-11] (Symantec Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] ()
R3 SRTSP; C:\Windows\System32\Drivers\NAVx64\1504000.00D\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1504000.00D\SRTSPX64.SYS [36952 2013-10-30] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAVx64\1504000.00D\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1504000.00D\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-07-12] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1504000.00D\Ironx64.SYS [264280 2013-10-30] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1504000.00D\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
U2 TMAgent;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-13 11:01 - 2014-07-13 11:02 - 00000000 ____D () C:\FRST
2014-07-13 10:07 - 2014-07-13 10:07 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-07-13 10:07 - 2014-07-13 10:07 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-07-13 10:07 - 2014-07-13 10:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-13 10:07 - 2014-07-13 10:07 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-12 23:08 - 2014-07-12 23:08 - 00000000 ____D () C:\Windows\System32\Tasks\Norton AntiVirus
2014-07-12 21:40 - 2014-07-13 08:52 - 00000000 ____D () C:\Windows\system32\Drivers\NSTx64
2014-07-12 21:40 - 2014-07-12 23:06 - 00003218 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-07-12 21:40 - 2014-07-12 21:40 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Identity Safe
2014-07-12 21:40 - 2014-07-12 21:40 - 00000000 ____D () C:\Program Files (x86)\Norton Identity Safe
2014-07-12 21:39 - 2014-07-12 23:06 - 00002399 _____ () C:\Users\Public\Desktop\Norton AntiVirus.lnk
2014-07-12 21:39 - 2014-07-12 21:39 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2014-07-12 21:39 - 2014-07-12 21:39 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2014-07-12 21:39 - 2014-07-12 21:39 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-07-12 21:38 - 2014-07-12 23:06 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus
2014-07-12 21:38 - 2014-07-12 23:06 - 00000000 ____D () C:\Windows\system32\Drivers\NAVx64
2014-07-12 21:38 - 2014-07-12 21:41 - 00000000 ____D () C:\ProgramData\Norton
2014-07-12 21:38 - 2014-07-12 21:38 - 00000000 ____D () C:\Program Files (x86)\Norton AntiVirus
2014-07-12 21:22 - 2014-07-12 21:23 - 115016720 _____ (Trend Micro Inc.) C:\Users\Public\Desktop\Trend_Micro.exe
2014-07-12 21:08 - 2014-07-12 21:08 - 00003124 _____ () C:\Windows\System32\Tasks\{91146E80-C973-4E09-906C-0F9CD407BFA0}
2014-07-10 17:01 - 2014-07-10 17:02 - 00000000 ____D () C:\ProgramData\OnyefObkag
2014-07-09 11:13 - 2014-07-09 11:13 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-09 06:32 - 2014-07-01 03:56 - 00516096 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-09 06:32 - 2014-07-01 03:50 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-04 08:49 - 2014-07-04 08:49 - 00000000 ___HD () C:\Windows\AxInstSV
2014-06-29 10:28 - 2014-03-31 09:35 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-06-29 09:31 - 2014-07-13 09:03 - 00000418 __RSH () C:\ProgramData\ntuser.pol

==================== One Month Modified Files and Folders =======

2014-07-13 11:02 - 2014-07-13 11:01 - 00000000 ____D () C:\FRST
2014-07-13 10:57 - 2010-11-23 10:49 - 01335274 _____ () C:\Windows\WindowsUpdate.log
2014-07-13 10:42 - 2010-11-23 11:05 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-13 10:28 - 2009-08-04 14:00 - 00364934 _____ () C:\Windows\system32\perfh00D.dat
2014-07-13 10:28 - 2009-08-04 14:00 - 00072846 _____ () C:\Windows\system32\perfc00D.dat
2014-07-13 10:28 - 2009-08-04 13:54 - 00563182 _____ () C:\Windows\system32\perfh008.dat
2014-07-13 10:28 - 2009-08-04 13:54 - 00093188 _____ () C:\Windows\system32\perfc008.dat
2014-07-13 10:28 - 2009-08-04 13:48 - 00690754 _____ () C:\Windows\system32\prfh0816.dat
2014-07-13 10:28 - 2009-08-04 13:48 - 00137504 _____ () C:\Windows\system32\prfc0816.dat
2014-07-13 10:28 - 2009-08-04 13:41 - 00396732 _____ () C:\Windows\system32\prfh0404.dat
2014-07-13 10:28 - 2009-08-04 13:41 - 00110140 _____ () C:\Windows\system32\prfc0404.dat
2014-07-13 10:28 - 2009-08-04 13:34 - 00702604 _____ () C:\Windows\system32\perfh013.dat
2014-07-13 10:28 - 2009-08-04 13:34 - 00136692 _____ () C:\Windows\system32\perfc013.dat
2014-07-13 10:28 - 2009-08-04 13:28 - 00700520 _____ () C:\Windows\system32\perfh010.dat
2014-07-13 10:28 - 2009-08-04 13:28 - 00130896 _____ () C:\Windows\system32\perfc010.dat
2014-07-13 10:28 - 2009-08-04 13:22 - 00705842 _____ () C:\Windows\system32\perfh00C.dat
2014-07-13 10:28 - 2009-08-04 13:22 - 00133892 _____ () C:\Windows\system32\perfc00C.dat
2014-07-13 10:28 - 2009-08-04 13:16 - 00704866 _____ () C:\Windows\system32\perfh00A.dat
2014-07-13 10:28 - 2009-08-04 13:16 - 00140814 _____ () C:\Windows\system32\perfc00A.dat
2014-07-13 10:28 - 2009-08-04 13:10 - 00665578 _____ () C:\Windows\system32\perfh007.dat
2014-07-13 10:28 - 2009-08-04 13:10 - 00133758 _____ () C:\Windows\system32\perfc007.dat
2014-07-13 10:28 - 2009-07-14 07:13 - 07302728 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-13 10:09 - 2009-07-29 08:52 - 00000000 ____D () C:\Windows\Panther
2014-07-13 10:07 - 2014-07-13 10:07 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-07-13 10:07 - 2014-07-13 10:07 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-07-13 10:07 - 2014-07-13 10:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-13 10:07 - 2014-07-13 10:07 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-13 09:12 - 2009-07-14 06:45 - 00010032 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-13 09:12 - 2009-07-14 06:45 - 00010032 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-13 09:03 - 2014-06-29 09:31 - 00000418 __RSH () C:\ProgramData\ntuser.pol
2014-07-13 09:02 - 2010-11-23 11:05 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-13 09:02 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-13 08:52 - 2014-07-12 21:40 - 00000000 ____D () C:\Windows\system32\Drivers\NSTx64
2014-07-12 23:08 - 2014-07-12 23:08 - 00000000 ____D () C:\Windows\System32\Tasks\Norton AntiVirus
2014-07-12 23:06 - 2014-07-12 21:40 - 00003218 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-07-12 23:06 - 2014-07-12 21:39 - 00002399 _____ () C:\Users\Public\Desktop\Norton AntiVirus.lnk
2014-07-12 23:06 - 2014-07-12 21:38 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus
2014-07-12 23:06 - 2014-07-12 21:38 - 00000000 ____D () C:\Windows\system32\Drivers\NAVx64
2014-07-12 22:51 - 2010-11-23 11:29 - 00001149 _____ () C:\Windows\system32\ServiceFilter.ini
2014-07-12 21:41 - 2014-07-12 21:38 - 00000000 ____D () C:\ProgramData\Norton
2014-07-12 21:40 - 2014-07-12 21:40 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Identity Safe
2014-07-12 21:40 - 2014-07-12 21:40 - 00000000 ____D () C:\Program Files (x86)\Norton Identity Safe
2014-07-12 21:39 - 2014-07-12 21:39 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2014-07-12 21:39 - 2014-07-12 21:39 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2014-07-12 21:39 - 2014-07-12 21:39 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-07-12 21:38 - 2014-07-12 21:38 - 00000000 ____D () C:\Program Files (x86)\Norton AntiVirus
2014-07-12 21:38 - 2010-11-23 11:10 - 00000000 ____D () C:\ProgramData\Trend Micro
2014-07-12 21:37 - 2014-05-29 11:39 - 00000000 ____D () C:\Users\Asus\AppData\Local\Trend Micro
2014-07-12 21:23 - 2014-07-12 21:22 - 115016720 _____ (Trend Micro Inc.) C:\Users\Public\Desktop\Trend_Micro.exe
2014-07-12 21:08 - 2014-07-12 21:08 - 00003124 _____ () C:\Windows\System32\Tasks\{91146E80-C973-4E09-906C-0F9CD407BFA0}
2014-07-10 17:02 - 2014-07-10 17:01 - 00000000 ____D () C:\ProgramData\OnyefObkag
2014-07-09 11:13 - 2014-07-09 11:13 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-09 11:13 - 2014-05-11 19:09 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-09 11:11 - 2014-05-11 19:09 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-04 08:49 - 2014-07-04 08:49 - 00000000 ___HD () C:\Windows\AxInstSV
2014-07-01 03:56 - 2014-07-09 06:32 - 00516096 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-01 03:50 - 2014-07-09 06:32 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-29 11:21 - 2010-11-23 11:29 - 00001840 _____ () C:\Windows\system32\AutoRunFilter.ini
2014-06-29 09:31 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-06-18 18:37 - 2010-11-23 11:05 - 00004120 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-18 18:37 - 2010-11-23 11:05 - 00003868 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-18 07:26 - 2009-07-14 07:08 - 00032638 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-17 17:54 - 2014-05-03 15:05 - 00000000 ____D () C:\Users\Asus\AppData\Local\Adobe
2014-06-14 17:43 - 2014-05-05 07:48 - 00002177 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2009-07-29 07:52

==================== End Of Log ============================
--- --- ---

--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-07-2014
Ran by Asus at 2014-07-13 11:03:18
Running from C:\Users\Asus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H1EVMLKQ
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton AntiVirus (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton AntiVirus (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.9 - ASUS)
ASUS AP Bank (HKLM-x32\...\ASUS AP Bank_is1) (Version: 1.0.0.0 - ASUSTEK)
ASUS CopyProtect (HKLM-x32\...\{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}) (Version: 1.0.0015 - ASUS)
ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.0.8 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.21 - ASUS)
ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS MultiFrame (HKLM-x32\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0021 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}) (Version: 1.1.37 - ASUS)
ASUS Secure Delete (HKLM\...\{761C6783-D3BC-48AB-8E7C-61CE918A8436}) (Version: 1.00.0006 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0008 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.20 - asus)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 2.0.46.1429 - eCareme Technologies, Inc.)
Asus_PSeries_Screensaver (HKLM-x32\...\Asus_PSeries_Screensaver) (Version: 1.0.0001 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0004 - ASUS)
Bing Bar (HKLM-x32\...\{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}) (Version: 7.1.391.0 - Microsoft Corporation)
Boingo Wi-Fi (HKLM-x32\...\{B653A2EC-D816-4498-A4FD-651047AB9DC9}) (Version: 1.7.0048 - Boingo Wireless, Inc.)
Bookworm Deluxe (HKLM-x32\...\Bookworm Deluxe) (Version:  - Oberon Media Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.111.0.63 - Conexant)
ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.9 - ASUS)
Cooking Dash (HKLM-x32\...\Cooking Dash) (Version:  - Oberon Media Inc.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1908 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.1.3602c - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.6.1508 - CyberLink Corp.)
CyberLink PowerRecover (Version: 5.6.1508 - CyberLink Corp.) Hidden
ETDWare PS/2-x64 7.0.5.16_WHQL (HKLM\...\Elantech) (Version: 7.0.5.16 - ELAN Microelectronics Corp.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.5 - ASUS)
Game Park Console (HKLM-x32\...\{E71E60C1-533E-45A5-8D80-E475E88D2B17}_is1) (Version: 6.2.1.1 - Oberon Media, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version:  - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Governor of Poker (HKLM-x32\...\Governor of Poker) (Version:  - Oberon Media Inc.)
Hotel Dash Suite Success (HKLM-x32\...\Hotel Dash Suite Success) (Version:  - Oberon Media Inc.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2125 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Jewel Quest 3 (HKLM-x32\...\Jewel Quest 3) (Version:  - Oberon Media Inc.)
JMicron Ethernet Adapter NDIS Driver (HKLM-x32\...\{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}) (Version: 6.0.27.6 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.33.2 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Luxor 3 (HKLM-x32\...\Luxor 3) (Version:  - Oberon Media Inc.)
Mahjongg dimensions (HKLM-x32\...\Mahjongg dimensions) (Version:  - Oberon Media Inc.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Norton AntiVirus (HKLM-x32\...\NAV) (Version: 21.4.0.13 - Symantec Corporation)
Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.7.0.43 - Symantec Corporation)
Plants vs Zombies (HKLM-x32\...\Plants vs Zombies) (Version:  - Oberon Media Inc.)
SceneSwitch (HKLM-x32\...\{5172E572-C175-4F80-A6D5-5CB45826AD61}) (Version: 1.0.6 - ASUS)
syncables desktop SE (HKLM-x32\...\{341697D8-9923-445E-B42A-529E5A99CB7A}) (Version: 5.5.746.11492 - syncables)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
USB 2.0 VGA UVC WebCam (HKLM\...\USB 2.0 VGA UVC WebCam) (Version:  - )
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.5.600 - Broadcom Corporation)
Windows Driver Package - Broadcom (BTHUSB) Bluetooth  (02/25/2010 6.2.0.9419) (HKLM\...\85CE3A3657FAE5FD305B143E90E6FC89BA53001C) (Version: 02/25/2010 6.2.0.9419 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (01/19/2010 6.2.0.1417) (HKLM\...\7341A1B43E7FE58942EB1E820A17C18305DFBCE6) (Version: 01/19/2010 6.2.0.1417 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (07/29/2009 6.1.7100.0) (HKLM\...\2AA10AB519DC7432D599A0E860206A7DDCC27764) (Version: 07/29/2009 6.1.7100.0 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Anmelde-Assistent (HKLM-x32\...\{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}) (Version: 5.000.818.6 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 14.0.8052.1208 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8051.1204 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{8C1E2925-14F8-45AA-B999-1E2A74BF5607}) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.30.3 - ASUS)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.19 - ASUS)
World of Goo (HKLM-x32\...\World of Goo) (Version:  - Oberon Media Inc.)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {126B2DF9-8B8D-4E1E-86AE-EB1351E19CE7} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK)
Task: {16C74AC0-13B5-406E-9B86-A3C308798351} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe [2010-09-30] (asus)
Task: {66FDB530-224C-4105-A4FF-094DD7DE9A22} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-07-31] (ASUS)
Task: {683D3A6E-676D-4D5E-9047-CDAC9D34FA94} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-05-28] (ATK)
Task: {71A96C08-C02F-44C6-8066-79A66665A76C} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton AntiVirus\Engine\21.4.0.13\WSCStub.exe [2014-06-27] (Symantec Corporation)
Task: {78A599BF-6600-49B4-99E7-38EA1F78FC74} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-23] (Google Inc.)
Task: {A1F2F025-0591-4485-BE75-9ABAE89E8787} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {CD63C0E8-737B-4D2E-BB88-4B74E24C050F} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files (x86)\Norton AntiVirus\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {D6A20064-EA74-4748-AAC7-B6EEB7FCDEFB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {E295255E-074A-4CBA-B3C6-DA72F3F95DFF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-23] (Google Inc.)
Task: {E32FCB7E-6BF6-4D7A-AF99-F3EAF0FC5AA7} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {EF71A1BF-ED06-4C8A-BCB1-F4EC5A27F8F1} - System32\Tasks\ASPG => C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe [2009-06-29] (ASUS)
Task: {F6A83782-C22D-4CA4-99CA-7C62AA0DFCC0} - System32\Tasks\ASUS Secure Delete => C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe [2010-05-12] ()
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-03-16 03:48 - 2010-03-16 03:48 - 00148816 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\EcaremeDLL.dll
2010-11-23 11:06 - 2010-11-23 11:06 - 00030032 _____ () C:\Windows\assembly\GAC_MSIL\SqliteShared\1.0.3726.20828__0d0f4b69e50e559b\SqliteShared.dll
2010-11-23 11:06 - 2010-11-23 11:06 - 00931840 _____ () C:\Windows\assembly\GAC_64\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll
2008-10-01 09:02 - 2008-10-01 09:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2010-01-11 20:27 - 2010-01-11 20:27 - 00017920 _____ () C:\Program Files\P4G\DevMng.dll
2010-05-06 04:22 - 2010-05-06 04:22 - 00108544 _____ () C:\Program Files\P4G\OvrClk.dll
2010-11-23 11:30 - 2007-11-30 21:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
2010-05-12 03:35 - 2010-05-12 03:35 - 00489392 _____ () C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe
2010-03-16 03:48 - 2010-03-16 03:48 - 01754448 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
2010-09-23 16:53 - 2010-09-23 16:53 - 01601536 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
2009-11-03 00:20 - 2009-11-03 00:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-03 00:23 - 2009-11-03 00:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2010-09-30 15:13 - 2010-09-30 15:13 - 00041472 _____ () C:\Program Files (x86)\ASUS\ControlDeck\HelpFunc.dll
2010-09-30 15:13 - 2010-09-30 15:13 - 00071680 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Brightness.dll
2010-09-30 15:14 - 2010-09-30 15:14 - 00076288 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Volume.dll
2010-09-30 15:13 - 2010-09-30 15:13 - 00186880 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Resolution.dll
2014-05-09 18:32 - 2012-02-01 16:15 - 01042432 _____ () C:\Users\Asus\AppData\Local\Microsoft\BingBar\Apps\Translator_f5cbd3ef4c144434b17913278004e270\7.2.229\Blingext.dll

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/13/2014 09:01:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7600.17267, Zeitstempel: 0x51317269
Name des fehlerhaften Moduls: Flash10d.ocx, Version: 10.0.42.34, Zeitstempel: 0x4ae7baed
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0015843d
ID des fehlerhaften Prozesses: 0xc24
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3

Error: (07/13/2014 09:00:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7600.17267, Zeitstempel: 0x51317269
Name des fehlerhaften Moduls: Flash10d.ocx, Version: 10.0.42.34, Zeitstempel: 0x4ae7baed
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0015843d
ID des fehlerhaften Prozesses: 0x620
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3

Error: (07/12/2014 08:17:35 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Fehler = 0x80070422).

Error: (07/11/2014 11:13:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7600.17267, Zeitstempel: 0x51317269
Name des fehlerhaften Moduls: Flash10d.ocx, Version: 10.0.42.34, Zeitstempel: 0x4ae7baed
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0015843d
ID des fehlerhaften Prozesses: 0x24c0
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3

Error: (07/11/2014 11:03:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7600.17267, Zeitstempel: 0x51317269
Name des fehlerhaften Moduls: mshtml.dll, Version: 8.0.7600.17267, Zeitstempel: 0x5131882e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001bcf6e
ID des fehlerhaften Prozesses: 0x118c
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3

Error: (07/11/2014 07:31:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7600.17267, Zeitstempel: 0x51317269
Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7600.16624, Zeitstempel: 0x4c297c56
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00095b51
ID des fehlerhaften Prozesses: 0x1a28
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3

Error: (07/11/2014 07:31:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7600.17267, Zeitstempel: 0x51317269
Name des fehlerhaften Moduls: Flash10d.ocx, Version: 10.0.42.34, Zeitstempel: 0x4ae7baed
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0015843d
ID des fehlerhaften Prozesses: 0x1a28
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3

Error: (07/09/2014 05:51:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iexplore.exe, Version 8.0.7600.17267 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: fd8

Startzeit: 01cf9b8bc834326c

Endzeit: 265

Anwendungspfad: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Berichts-ID: e267d2a1-0780-11e4-a204-74f06dbd22ad

Error: (07/09/2014 11:13:01 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\servicing\TrustedInstaller.exe; Beschreibung = Windows Modules Installer; Fehler = 0x80070422).

Error: (07/09/2014 11:11:21 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Fehler = 0x80070422).


System errors:
=============
Error: (07/13/2014 10:26:59 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (07/13/2014 10:26:59 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (07/13/2014 10:26:58 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (07/13/2014 10:26:57 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (07/13/2014 09:03:53 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005

Error: (07/13/2014 09:00:53 AM) (Source: DCOM) (EventID: 10016) (User: Asus-PC)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Asus-PCAsusS-1-5-21-4245655172-4191476922-2018439796-1000LocalHost (unter Verwendung von LRPC)

Error: (07/13/2014 09:00:45 AM) (Source: DCOM) (EventID: 10016) (User: Asus-PC)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Asus-PCAsusS-1-5-21-4245655172-4191476922-2018439796-1000LocalHost (unter Verwendung von LRPC)

Error: (07/12/2014 09:15:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (07/12/2014 09:15:01 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (07/12/2014 09:15:01 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068


Microsoft Office Sessions:
=========================
Error: (07/13/2014 09:01:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe8.0.7600.1726751317269Flash10d.ocx10.0.42.344ae7baedc00000050015843dc2401cf9e682b75b56eC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWow64\Macromed\Flash\Flash10d.ocx71b8eec3-0a5b-11e4-8ad9-74f06dbd22ad

Error: (07/13/2014 09:00:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe8.0.7600.1726751317269Flash10d.ocx10.0.42.344ae7baedc00000050015843d62001cf9e648c3a0e65C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWow64\Macromed\Flash\Flash10d.ocx6b031646-0a5b-11e4-8ad9-74f06dbd22ad

Error: (07/12/2014 08:17:35 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x80070422

Error: (07/11/2014 11:13:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe8.0.7600.1726751317269Flash10d.ocx10.0.42.344ae7baedc00000050015843d24c001cf9d4cdbb60c13C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWow64\Macromed\Flash\Flash10d.ocx2b2ff846-0940-11e4-a2ca-74f06dbd22ad

Error: (07/11/2014 11:03:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe8.0.7600.1726751317269mshtml.dll8.0.7600.172675131882ec0000005001bcf6e118c01cf9d3c54d2424dC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtml.dllbf9cad69-093e-11e4-a2ca-74f06dbd22ad

Error: (07/11/2014 07:31:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe8.0.7600.1726751317269ole32.dll6.1.7600.166244c297c56c000000500095b511a2801cf9cc9408a2a03C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\syswow64\ole32.dll94a39b68-08bc-11e4-9b7e-74f06dbd22ad

Error: (07/11/2014 07:31:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe8.0.7600.1726751317269Flash10d.ocx10.0.42.344ae7baedc00000050015843d1a2801cf9cc9408a2a03C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWow64\Macromed\Flash\Flash10d.ocx921e28cd-08bc-11e4-9b7e-74f06dbd22ad

Error: (07/09/2014 05:51:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe8.0.7600.17267fd801cf9b8bc834326c265C:\Program Files (x86)\Internet Explorer\iexplore.exee267d2a1-0780-11e4-a204-74f06dbd22ad

Error: (07/09/2014 11:13:01 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\servicing\TrustedInstaller.exeWindows Modules Installer0x80070422

Error: (07/09/2014 11:11:21 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x80070422


==================== Memory info ===========================

Percentage of memory in use: 77%
Total physical RAM: 1900.3 MB
Available physical RAM: 434.46 MB
Total Pagefile: 3800.59 MB
Available Pagefile: 1874.27 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:276.6 GB) (Free:241.61 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: E0C5913D)
Partition 1: (Not Active) - (Size=21 GB) - (Type=1C)
Partition 2: (Active) - (Size=277 GB) - (Type=07 NTFS)

==================== End Of Log ============================

M-K-D-B 13.07.2014 10:12
Zitat:
Running from C:\Users\Asus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H1EVMLKQ
Bitt alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind.
Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen.



FRST auf dem Desktop abspeichern und von dort starten:


  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.

wolfgang73 13.07.2014 10:13
Hallo Matthias,

Ich hoffe ich hab alles richtig gemacht und kannst was damit anfangen

Danke für deine Hilfe

M-K-D-B 13.07.2014 10:20
Zitat:
Zitat von wolfgang73 (Beitrag 1329402)
Hallo Matthias,

Ich hoffe ich hab alles richtig gemacht und kannst was damit anfangen

Danke für deine Hilfe
Bitte meinen letzten Beitrag lesen. :)

wolfgang73 13.07.2014 10:27
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-07-2014
Ran by Asus at 2014-07-13 11:23:48
Running from C:\Users\Asus\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton AntiVirus (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton AntiVirus (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.9 - ASUS)
ASUS AP Bank (HKLM-x32\...\ASUS AP Bank_is1) (Version: 1.0.0.0 - ASUSTEK)
ASUS CopyProtect (HKLM-x32\...\{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}) (Version: 1.0.0015 - ASUS)
ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.0.8 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.21 - ASUS)
ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS MultiFrame (HKLM-x32\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0021 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}) (Version: 1.1.37 - ASUS)
ASUS Secure Delete (HKLM\...\{761C6783-D3BC-48AB-8E7C-61CE918A8436}) (Version: 1.00.0006 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0008 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.20 - asus)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 2.0.46.1429 - eCareme Technologies, Inc.)
Asus_PSeries_Screensaver (HKLM-x32\...\Asus_PSeries_Screensaver) (Version: 1.0.0001 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0004 - ASUS)
Bing Bar (HKLM-x32\...\{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}) (Version: 7.1.391.0 - Microsoft Corporation)
Boingo Wi-Fi (HKLM-x32\...\{B653A2EC-D816-4498-A4FD-651047AB9DC9}) (Version: 1.7.0048 - Boingo Wireless, Inc.)
Bookworm Deluxe (HKLM-x32\...\Bookworm Deluxe) (Version:  - Oberon Media Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.111.0.63 - Conexant)
ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.9 - ASUS)
Cooking Dash (HKLM-x32\...\Cooking Dash) (Version:  - Oberon Media Inc.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1908 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.1.3602c - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.6.1508 - CyberLink Corp.)
CyberLink PowerRecover (Version: 5.6.1508 - CyberLink Corp.) Hidden
ETDWare PS/2-x64 7.0.5.16_WHQL (HKLM\...\Elantech) (Version: 7.0.5.16 - ELAN Microelectronics Corp.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.5 - ASUS)
Game Park Console (HKLM-x32\...\{E71E60C1-533E-45A5-8D80-E475E88D2B17}_is1) (Version: 6.2.1.1 - Oberon Media, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version:  - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Governor of Poker (HKLM-x32\...\Governor of Poker) (Version:  - Oberon Media Inc.)
Hotel Dash Suite Success (HKLM-x32\...\Hotel Dash Suite Success) (Version:  - Oberon Media Inc.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2125 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Jewel Quest 3 (HKLM-x32\...\Jewel Quest 3) (Version:  - Oberon Media Inc.)
JMicron Ethernet Adapter NDIS Driver (HKLM-x32\...\{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}) (Version: 6.0.27.6 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.33.2 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Luxor 3 (HKLM-x32\...\Luxor 3) (Version:  - Oberon Media Inc.)
Mahjongg dimensions (HKLM-x32\...\Mahjongg dimensions) (Version:  - Oberon Media Inc.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Norton AntiVirus (HKLM-x32\...\NAV) (Version: 21.4.0.13 - Symantec Corporation)
Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.7.0.43 - Symantec Corporation)
Plants vs Zombies (HKLM-x32\...\Plants vs Zombies) (Version:  - Oberon Media Inc.)
SceneSwitch (HKLM-x32\...\{5172E572-C175-4F80-A6D5-5CB45826AD61}) (Version: 1.0.6 - ASUS)
syncables desktop SE (HKLM-x32\...\{341697D8-9923-445E-B42A-529E5A99CB7A}) (Version: 5.5.746.11492 - syncables)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
USB 2.0 VGA UVC WebCam (HKLM\...\USB 2.0 VGA UVC WebCam) (Version:  - )
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.5.600 - Broadcom Corporation)
Windows Driver Package - Broadcom (BTHUSB) Bluetooth  (02/25/2010 6.2.0.9419) (HKLM\...\85CE3A3657FAE5FD305B143E90E6FC89BA53001C) (Version: 02/25/2010 6.2.0.9419 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (01/19/2010 6.2.0.1417) (HKLM\...\7341A1B43E7FE58942EB1E820A17C18305DFBCE6) (Version: 01/19/2010 6.2.0.1417 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (07/29/2009 6.1.7100.0) (HKLM\...\2AA10AB519DC7432D599A0E860206A7DDCC27764) (Version: 07/29/2009 6.1.7100.0 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Anmelde-Assistent (HKLM-x32\...\{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}) (Version: 5.000.818.6 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 14.0.8052.1208 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8051.1204 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{8C1E2925-14F8-45AA-B999-1E2A74BF5607}) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.30.3 - ASUS)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.19 - ASUS)
World of Goo (HKLM-x32\...\World of Goo) (Version:  - Oberon Media Inc.)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {126B2DF9-8B8D-4E1E-86AE-EB1351E19CE7} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK)
Task: {16C74AC0-13B5-406E-9B86-A3C308798351} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe [2010-09-30] (asus)
Task: {66FDB530-224C-4105-A4FF-094DD7DE9A22} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-07-31] (ASUS)
Task: {683D3A6E-676D-4D5E-9047-CDAC9D34FA94} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-05-28] (ATK)
Task: {71A96C08-C02F-44C6-8066-79A66665A76C} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton AntiVirus\Engine\21.4.0.13\WSCStub.exe [2014-06-27] (Symantec Corporation)
Task: {78A599BF-6600-49B4-99E7-38EA1F78FC74} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-23] (Google Inc.)
Task: {A1F2F025-0591-4485-BE75-9ABAE89E8787} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {CD63C0E8-737B-4D2E-BB88-4B74E24C050F} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files (x86)\Norton AntiVirus\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {D6A20064-EA74-4748-AAC7-B6EEB7FCDEFB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {E295255E-074A-4CBA-B3C6-DA72F3F95DFF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-23] (Google Inc.)
Task: {E32FCB7E-6BF6-4D7A-AF99-F3EAF0FC5AA7} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {EF71A1BF-ED06-4C8A-BCB1-F4EC5A27F8F1} - System32\Tasks\ASPG => C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe [2009-06-29] (ASUS)
Task: {F6A83782-C22D-4CA4-99CA-7C62AA0DFCC0} - System32\Tasks\ASUS Secure Delete => C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe [2010-05-12] ()
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-03-16 03:48 - 2010-03-16 03:48 - 00148816 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\EcaremeDLL.dll
2010-11-23 11:06 - 2010-11-23 11:06 - 00030032 _____ () C:\Windows\assembly\GAC_MSIL\SqliteShared\1.0.3726.20828__0d0f4b69e50e559b\SqliteShared.dll
2010-11-23 11:06 - 2010-11-23 11:06 - 00931840 _____ () C:\Windows\assembly\GAC_64\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll
2008-10-01 09:02 - 2008-10-01 09:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2010-01-11 20:27 - 2010-01-11 20:27 - 00017920 _____ () C:\Program Files\P4G\DevMng.dll
2010-05-06 04:22 - 2010-05-06 04:22 - 00108544 _____ () C:\Program Files\P4G\OvrClk.dll
2010-11-23 11:30 - 2007-11-30 21:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
2010-05-12 03:35 - 2010-05-12 03:35 - 00489392 _____ () C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe
2010-03-16 03:48 - 2010-03-16 03:48 - 01754448 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
2010-09-23 16:53 - 2010-09-23 16:53 - 01601536 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
2009-11-03 00:20 - 2009-11-03 00:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-03 00:23 - 2009-11-03 00:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2010-09-30 15:13 - 2010-09-30 15:13 - 00041472 _____ () C:\Program Files (x86)\ASUS\ControlDeck\HelpFunc.dll
2010-09-30 15:13 - 2010-09-30 15:13 - 00071680 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Brightness.dll
2010-09-30 15:14 - 2010-09-30 15:14 - 00076288 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Volume.dll
2010-09-30 15:13 - 2010-09-30 15:13 - 00186880 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Resolution.dll
2014-05-09 18:32 - 2012-02-01 16:15 - 01042432 _____ () C:\Users\Asus\AppData\Local\Microsoft\BingBar\Apps\Translator_f5cbd3ef4c144434b17913278004e270\7.2.229\Blingext.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/13/2014 11:14:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7600.17267, Zeitstempel: 0x51317269
Name des fehlerhaften Moduls: Flash10d.ocx, Version: 10.0.42.34, Zeitstempel: 0x4ae7baed
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0015843d
ID des fehlerhaften Prozesses: 0x1f88
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3

Error: (07/13/2014 09:01:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7600.17267, Zeitstempel: 0x51317269
Name des fehlerhaften Moduls: Flash10d.ocx, Version: 10.0.42.34, Zeitstempel: 0x4ae7baed
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0015843d
ID des fehlerhaften Prozesses: 0xc24
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3

Error: (07/13/2014 09:00:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7600.17267, Zeitstempel: 0x51317269
Name des fehlerhaften Moduls: Flash10d.ocx, Version: 10.0.42.34, Zeitstempel: 0x4ae7baed
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0015843d
ID des fehlerhaften Prozesses: 0x620
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3

Error: (07/12/2014 08:17:35 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Fehler = 0x80070422).

Error: (07/11/2014 11:13:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7600.17267, Zeitstempel: 0x51317269
Name des fehlerhaften Moduls: Flash10d.ocx, Version: 10.0.42.34, Zeitstempel: 0x4ae7baed
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0015843d
ID des fehlerhaften Prozesses: 0x24c0
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3

Error: (07/11/2014 11:03:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7600.17267, Zeitstempel: 0x51317269
Name des fehlerhaften Moduls: mshtml.dll, Version: 8.0.7600.17267, Zeitstempel: 0x5131882e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001bcf6e
ID des fehlerhaften Prozesses: 0x118c
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3

Error: (07/11/2014 07:31:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7600.17267, Zeitstempel: 0x51317269
Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7600.16624, Zeitstempel: 0x4c297c56
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00095b51
ID des fehlerhaften Prozesses: 0x1a28
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3

Error: (07/11/2014 07:31:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7600.17267, Zeitstempel: 0x51317269
Name des fehlerhaften Moduls: Flash10d.ocx, Version: 10.0.42.34, Zeitstempel: 0x4ae7baed
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0015843d
ID des fehlerhaften Prozesses: 0x1a28
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3

Error: (07/09/2014 05:51:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iexplore.exe, Version 8.0.7600.17267 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: fd8

Startzeit: 01cf9b8bc834326c

Endzeit: 265

Anwendungspfad: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Berichts-ID: e267d2a1-0780-11e4-a204-74f06dbd22ad

Error: (07/09/2014 11:13:01 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\servicing\TrustedInstaller.exe; Beschreibung = Windows Modules Installer; Fehler = 0x80070422).


System errors:
=============
Error: (07/13/2014 10:26:59 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (07/13/2014 10:26:59 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (07/13/2014 10:26:58 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (07/13/2014 10:26:57 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (07/13/2014 09:03:53 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005

Error: (07/13/2014 09:00:53 AM) (Source: DCOM) (EventID: 10016) (User: Asus-PC)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Asus-PCAsusS-1-5-21-4245655172-4191476922-2018439796-1000LocalHost (unter Verwendung von LRPC)

Error: (07/13/2014 09:00:45 AM) (Source: DCOM) (EventID: 10016) (User: Asus-PC)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Asus-PCAsusS-1-5-21-4245655172-4191476922-2018439796-1000LocalHost (unter Verwendung von LRPC)

Error: (07/12/2014 09:15:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (07/12/2014 09:15:01 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (07/12/2014 09:15:01 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068


Microsoft Office Sessions:
=========================
Error: (07/13/2014 11:14:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe8.0.7600.1726751317269Flash10d.ocx10.0.42.344ae7baedc00000050015843d1f8801cf9e771c48f727C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWow64\Macromed\Flash\Flash10d.ocx1ebee75d-0a6e-11e4-b47d-74f06dbd22ad

Error: (07/13/2014 09:01:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe8.0.7600.1726751317269Flash10d.ocx10.0.42.344ae7baedc00000050015843dc2401cf9e682b75b56eC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWow64\Macromed\Flash\Flash10d.ocx71b8eec3-0a5b-11e4-8ad9-74f06dbd22ad

Error: (07/13/2014 09:00:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe8.0.7600.1726751317269Flash10d.ocx10.0.42.344ae7baedc00000050015843d62001cf9e648c3a0e65C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWow64\Macromed\Flash\Flash10d.ocx6b031646-0a5b-11e4-8ad9-74f06dbd22ad

Error: (07/12/2014 08:17:35 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x80070422

Error: (07/11/2014 11:13:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe8.0.7600.1726751317269Flash10d.ocx10.0.42.344ae7baedc00000050015843d24c001cf9d4cdbb60c13C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWow64\Macromed\Flash\Flash10d.ocx2b2ff846-0940-11e4-a2ca-74f06dbd22ad

Error: (07/11/2014 11:03:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe8.0.7600.1726751317269mshtml.dll8.0.7600.172675131882ec0000005001bcf6e118c01cf9d3c54d2424dC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtml.dllbf9cad69-093e-11e4-a2ca-74f06dbd22ad

Error: (07/11/2014 07:31:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe8.0.7600.1726751317269ole32.dll6.1.7600.166244c297c56c000000500095b511a2801cf9cc9408a2a03C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\syswow64\ole32.dll94a39b68-08bc-11e4-9b7e-74f06dbd22ad

Error: (07/11/2014 07:31:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe8.0.7600.1726751317269Flash10d.ocx10.0.42.344ae7baedc00000050015843d1a2801cf9cc9408a2a03C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWow64\Macromed\Flash\Flash10d.ocx921e28cd-08bc-11e4-9b7e-74f06dbd22ad

Error: (07/09/2014 05:51:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe8.0.7600.17267fd801cf9b8bc834326c265C:\Program Files (x86)\Internet Explorer\iexplore.exee267d2a1-0780-11e4-a204-74f06dbd22ad

Error: (07/09/2014 11:13:01 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\servicing\TrustedInstaller.exeWindows Modules Installer0x80070422


==================== Memory info ===========================

Percentage of memory in use: 76%
Total physical RAM: 1900.3 MB
Available physical RAM: 452.84 MB
Total Pagefile: 3800.59 MB
Available Pagefile: 1927.13 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:276.6 GB) (Free:241.59 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: E0C5913D)
Partition 1: (Not Active) - (Size=21 GB) - (Type=1C)
Partition 2: (Active) - (Size=277 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Hat sich überschnitten

Hoffe nun alles richtig gemacht zu haben

M-K-D-B 13.07.2014 10:30
Die neue FRST.txt fehlt noch. :)

wolfgang73 13.07.2014 10:35

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-07-2014
Ran by Asus (administrator) on ASUS-PC on 13-07-2014 11:33:01
Running from C:\Users\Asus\Desktop
Platform: Windows 7 Professional (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS CopyProtect\ASPG.exe
() C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.4.0.13\nav.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe
(ASUS) C:\Windows\AsScrPro.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.4.0.13\nav.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(syncables, LLC) C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe
(Boingo Wireless, Inc.) C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(asus) C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingApp.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingBar.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10d.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\bingsurrogate.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\bingsurrogate.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\bingsurrogate.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\bingsurrogate.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-06-10] (ELAN Microelectronic Corp.)
HKLM\...\Run: [ASUS WebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [1754448 2010-03-16] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-19] ()
HKLM\...\Run: [Setwallpaper] => c:\programdata\SetWallpaper.cmd
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [Boingo Wi-Fi] => C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk [2429 2010-11-23] ()
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [7350912 2010-02-05] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-05-04] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [StopDefragment] => Install\StopDefragment.exe
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-23] ()
HKLM Group Policy restriction on software: C:\Program Files (x86)\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Trend Micro <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Trend Micro <====== ATTENTION
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4245655172-4191476922-2018439796-1000\...\Run: [Syncables] => C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe [370480 2010-07-19] (syncables, LLC)
HKU\S-1-5-21-4245655172-4191476922-2018439796-1000\...\Run: [OnyefObkag] => regsvr32.exe "
ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll (eCareme Technologies, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=IDSSNAV&chn=retail&geo=DE&ver=2014&locale=de_DE&gct=sb&qsrc=2869
BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.0.43\coIEPlg.dll (Symantec Corporation)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\21.4.0.13\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\coIEPlg.dll (Symantec Corporation)
BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO-x32: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.0.43\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - Norton Identity Safe Toolbar - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.0.43\coIEPlg.dll (Symantec Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @TrendMicro.com/FFExtension - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll No File
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.3.0.12\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.3.0.12\IPSFF [2014-07-12]
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.0.43\coFFPlgn
FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.0.43\coFFPlgn [2014-07-13]

Chrome:
=======
CHR HomePage: hxxp://www.google.com/ig/redirectdomain?brand=ASUT&bmod=ASUT
CHR StartupUrls: "hxxp://www.google.com/ig/redirectdomain?brand=ASUT&bmod=ASUT"
CHR Extension: (Docs) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-07]
CHR Extension: (Google Drive) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-07]
CHR Extension: (YouTube) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-07]
CHR Extension: (Google-Suche) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-07]
CHR Extension: (Google Wallet) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-15]
CHR Extension: (Google Mail) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-07]
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\Exts\Chrome.crx [2014-07-12]

==================== Services (Whitelisted) =================

R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-10-01] (Intel Corporation) [File not signed]
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\21.4.0.13\NAV.exe [262968 2014-06-27] (Symantec Corporation)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe [130104 2014-03-11] (Symantec Corporation)
R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-10-01] (Intel Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

R0 assd; C:\Windows\System32\Drivers\assd.sys [27264 2010-04-28] (ASUS Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.3.0.12\Definitions\BASHDefs\20140703.001\BHDrvx64.sys [1530160 2014-07-03] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1504000.00D\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE07000.02B\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-07-11] (Symantec Corporation)
U3 EraserUtilDrv11313; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11313.sys [142128 2014-07-11] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.3.0.12\Definitions\IPSDefs\20140711.001\IDSvia64.sys [525016 2014-07-11] (Symantec Corporation)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 NAVENG; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.3.0.12\Definitions\VirusDefs\20140712.002\ENG64.SYS [126040 2014-07-11] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.3.0.12\Definitions\VirusDefs\20140712.002\EX64.SYS [2099288 2014-07-11] (Symantec Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] ()
R3 SRTSP; C:\Windows\System32\Drivers\NAVx64\1504000.00D\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1504000.00D\SRTSPX64.SYS [36952 2013-10-30] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAVx64\1504000.00D\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1504000.00D\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-07-12] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1504000.00D\Ironx64.SYS [264280 2013-10-30] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1504000.00D\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
U2 TMAgent;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-13 11:23 - 2014-07-13 11:33 - 00017380 _____ () C:\Users\Asus\Desktop\FRST.txt
2014-07-13 11:23 - 2014-07-13 11:24 - 00027689 _____ () C:\Users\Asus\Desktop\Addition.txt
2014-07-13 11:22 - 2014-07-13 11:22 - 02086912 _____ (Farbar) C:\Users\Asus\Desktop\FRST64.exe
2014-07-13 11:01 - 2014-07-13 11:33 - 00000000 ____D () C:\FRST
2014-07-13 10:07 - 2014-07-13 10:07 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-07-13 10:07 - 2014-07-13 10:07 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-07-13 10:07 - 2014-07-13 10:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-13 10:07 - 2014-07-13 10:07 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-12 23:08 - 2014-07-12 23:08 - 00000000 ____D () C:\Windows\System32\Tasks\Norton AntiVirus
2014-07-12 21:40 - 2014-07-13 08:52 - 00000000 ____D () C:\Windows\system32\Drivers\NSTx64
2014-07-12 21:40 - 2014-07-12 23:06 - 00003218 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-07-12 21:40 - 2014-07-12 21:40 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Identity Safe
2014-07-12 21:40 - 2014-07-12 21:40 - 00000000 ____D () C:\Program Files (x86)\Norton Identity Safe
2014-07-12 21:39 - 2014-07-12 23:06 - 00002399 _____ () C:\Users\Public\Desktop\Norton AntiVirus.lnk
2014-07-12 21:39 - 2014-07-12 21:39 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2014-07-12 21:39 - 2014-07-12 21:39 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2014-07-12 21:39 - 2014-07-12 21:39 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-07-12 21:38 - 2014-07-12 23:06 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus
2014-07-12 21:38 - 2014-07-12 23:06 - 00000000 ____D () C:\Windows\system32\Drivers\NAVx64
2014-07-12 21:38 - 2014-07-12 21:41 - 00000000 ____D () C:\ProgramData\Norton
2014-07-12 21:38 - 2014-07-12 21:38 - 00000000 ____D () C:\Program Files (x86)\Norton AntiVirus
2014-07-12 21:22 - 2014-07-12 21:23 - 115016720 _____ (Trend Micro Inc.) C:\Users\Public\Desktop\Trend_Micro.exe
2014-07-12 21:08 - 2014-07-12 21:08 - 00003124 _____ () C:\Windows\System32\Tasks\{91146E80-C973-4E09-906C-0F9CD407BFA0}
2014-07-10 17:01 - 2014-07-10 17:02 - 00000000 ____D () C:\ProgramData\OnyefObkag
2014-07-09 11:13 - 2014-07-09 11:13 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-09 06:32 - 2014-07-01 03:56 - 00516096 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-09 06:32 - 2014-07-01 03:50 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-04 08:49 - 2014-07-04 08:49 - 00000000 ___HD () C:\Windows\AxInstSV
2014-06-29 10:28 - 2014-03-31 09:35 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-06-29 09:31 - 2014-07-13 09:03 - 00000418 __RSH () C:\ProgramData\ntuser.pol

==================== One Month Modified Files and Folders =======

2014-07-13 11:33 - 2014-07-13 11:23 - 00017380 _____ () C:\Users\Asus\Desktop\FRST.txt
2014-07-13 11:33 - 2014-07-13 11:01 - 00000000 ____D () C:\FRST
2014-07-13 11:24 - 2014-07-13 11:23 - 00027689 _____ () C:\Users\Asus\Desktop\Addition.txt
2014-07-13 11:22 - 2014-07-13 11:22 - 02086912 _____ (Farbar) C:\Users\Asus\Desktop\FRST64.exe
2014-07-13 10:57 - 2010-11-23 10:49 - 01335274 _____ () C:\Windows\WindowsUpdate.log
2014-07-13 10:42 - 2010-11-23 11:05 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-13 10:28 - 2009-08-04 14:00 - 00364934 _____ () C:\Windows\system32\perfh00D.dat
2014-07-13 10:28 - 2009-08-04 14:00 - 00072846 _____ () C:\Windows\system32\perfc00D.dat
2014-07-13 10:28 - 2009-08-04 13:54 - 00563182 _____ () C:\Windows\system32\perfh008.dat
2014-07-13 10:28 - 2009-08-04 13:54 - 00093188 _____ () C:\Windows\system32\perfc008.dat
2014-07-13 10:28 - 2009-08-04 13:48 - 00690754 _____ () C:\Windows\system32\prfh0816.dat
2014-07-13 10:28 - 2009-08-04 13:48 - 00137504 _____ () C:\Windows\system32\prfc0816.dat
2014-07-13 10:28 - 2009-08-04 13:41 - 00396732 _____ () C:\Windows\system32\prfh0404.dat
2014-07-13 10:28 - 2009-08-04 13:41 - 00110140 _____ () C:\Windows\system32\prfc0404.dat
2014-07-13 10:28 - 2009-08-04 13:34 - 00702604 _____ () C:\Windows\system32\perfh013.dat
2014-07-13 10:28 - 2009-08-04 13:34 - 00136692 _____ () C:\Windows\system32\perfc013.dat
2014-07-13 10:28 - 2009-08-04 13:28 - 00700520 _____ () C:\Windows\system32\perfh010.dat
2014-07-13 10:28 - 2009-08-04 13:28 - 00130896 _____ () C:\Windows\system32\perfc010.dat
2014-07-13 10:28 - 2009-08-04 13:22 - 00705842 _____ () C:\Windows\system32\perfh00C.dat
2014-07-13 10:28 - 2009-08-04 13:22 - 00133892 _____ () C:\Windows\system32\perfc00C.dat
2014-07-13 10:28 - 2009-08-04 13:16 - 00704866 _____ () C:\Windows\system32\perfh00A.dat
2014-07-13 10:28 - 2009-08-04 13:16 - 00140814 _____ () C:\Windows\system32\perfc00A.dat
2014-07-13 10:28 - 2009-08-04 13:10 - 00665578 _____ () C:\Windows\system32\perfh007.dat
2014-07-13 10:28 - 2009-08-04 13:10 - 00133758 _____ () C:\Windows\system32\perfc007.dat
2014-07-13 10:28 - 2009-07-14 07:13 - 07302728 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-13 10:09 - 2009-07-29 08:52 - 00000000 ____D () C:\Windows\Panther
2014-07-13 10:07 - 2014-07-13 10:07 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-07-13 10:07 - 2014-07-13 10:07 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-07-13 10:07 - 2014-07-13 10:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-13 10:07 - 2014-07-13 10:07 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-13 09:12 - 2009-07-14 06:45 - 00010032 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-13 09:12 - 2009-07-14 06:45 - 00010032 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-13 09:03 - 2014-06-29 09:31 - 00000418 __RSH () C:\ProgramData\ntuser.pol
2014-07-13 09:02 - 2010-11-23 11:05 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-13 09:02 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-13 08:52 - 2014-07-12 21:40 - 00000000 ____D () C:\Windows\system32\Drivers\NSTx64
2014-07-12 23:08 - 2014-07-12 23:08 - 00000000 ____D () C:\Windows\System32\Tasks\Norton AntiVirus
2014-07-12 23:06 - 2014-07-12 21:40 - 00003218 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-07-12 23:06 - 2014-07-12 21:39 - 00002399 _____ () C:\Users\Public\Desktop\Norton AntiVirus.lnk
2014-07-12 23:06 - 2014-07-12 21:38 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus
2014-07-12 23:06 - 2014-07-12 21:38 - 00000000 ____D () C:\Windows\system32\Drivers\NAVx64
2014-07-12 22:51 - 2010-11-23 11:29 - 00001149 _____ () C:\Windows\system32\ServiceFilter.ini
2014-07-12 21:41 - 2014-07-12 21:38 - 00000000 ____D () C:\ProgramData\Norton
2014-07-12 21:40 - 2014-07-12 21:40 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Identity Safe
2014-07-12 21:40 - 2014-07-12 21:40 - 00000000 ____D () C:\Program Files (x86)\Norton Identity Safe
2014-07-12 21:39 - 2014-07-12 21:39 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2014-07-12 21:39 - 2014-07-12 21:39 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2014-07-12 21:39 - 2014-07-12 21:39 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-07-12 21:38 - 2014-07-12 21:38 - 00000000 ____D () C:\Program Files (x86)\Norton AntiVirus
2014-07-12 21:38 - 2010-11-23 11:10 - 00000000 ____D () C:\ProgramData\Trend Micro
2014-07-12 21:37 - 2014-05-29 11:39 - 00000000 ____D () C:\Users\Asus\AppData\Local\Trend Micro
2014-07-12 21:23 - 2014-07-12 21:22 - 115016720 _____ (Trend Micro Inc.) C:\Users\Public\Desktop\Trend_Micro.exe
2014-07-12 21:08 - 2014-07-12 21:08 - 00003124 _____ () C:\Windows\System32\Tasks\{91146E80-C973-4E09-906C-0F9CD407BFA0}
2014-07-10 17:02 - 2014-07-10 17:01 - 00000000 ____D () C:\ProgramData\OnyefObkag
2014-07-09 11:13 - 2014-07-09 11:13 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-09 11:13 - 2014-05-11 19:09 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-09 11:11 - 2014-05-11 19:09 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-04 08:49 - 2014-07-04 08:49 - 00000000 ___HD () C:\Windows\AxInstSV
2014-07-01 03:56 - 2014-07-09 06:32 - 00516096 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-01 03:50 - 2014-07-09 06:32 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-29 11:21 - 2010-11-23 11:29 - 00001840 _____ () C:\Windows\system32\AutoRunFilter.ini
2014-06-29 09:31 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-06-18 18:37 - 2010-11-23 11:05 - 00004120 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-18 18:37 - 2010-11-23 11:05 - 00003868 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-18 07:26 - 2009-07-14 07:08 - 00032638 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-17 17:54 - 2014-05-03 15:05 - 00000000 ____D () C:\Users\Asus\AppData\Local\Adobe
2014-06-14 17:43 - 2014-05-05 07:48 - 00002177 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2009-07-29 07:52

==================== End Of Log ============================
--- --- ---

M-K-D-B 13.07.2014 10:38
Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
start
HKLM Group Policy restriction on software: C:\Program Files (x86)\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Trend Micro <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Trend Micro <====== ATTENTION
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Schritt 2
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von FRST,
  • die Logdatei von ComboFix.

wolfgang73 13.07.2014 10:53
Wie speichere ich fixlist.txt?

Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-07-2014
Ran by Asus at 2014-07-13 11:52:15 Run:1
Running from C:\Users\Asus\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
HKLM Group Policy restriction on software: C:\Program Files (x86)\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Trend Micro <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Trend Micro <====== ATTENTION
end

*****************

HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.

==== End of Fixlog ====

M-K-D-B 13.07.2014 11:02
gut gemacht. Fehlt noch ComboFix.txt

wolfgang73 13.07.2014 11:04
ich möchte aber ungern norton deaktivieren

Ich kenne mich zu weing aus

M-K-D-B 13.07.2014 11:17
Zitat:
Zitat von wolfgang73 (Beitrag 1329426)
ich möchte aber ungern norton deaktivieren
Warum? Denkst du, dass du dann ungeschützt bist? Deine Sorgen sind unbegründet. Norton konnte dich auch vor der Infektion nicht bewahren... so dolle ist Norton sowieso nicht.



Zitat:
Zitat von wolfgang73 (Beitrag 1329426)
Ich kenne mich zu weing aus
Daher posten wir hier genaue Anleitungen, die leicht zu befolgen sind. :)


Norton deaktiveren, ComboFix ausführen. :dankeschoen:

wolfgang73 13.07.2014 11:22
Gibt es denn Hinweise auf eine Infektion?

Meine Freundin ist sehr skeptisch gerade wenn ich Norton deaktiviere
Bitte nicht falsch verstehen,ich weiß ihr wollt helfen


Alle Zeitangaben in WEZ +1. Es ist jetzt 03:59 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131