Vista Home Premium 32: Eingefrorener Bildschirm und unkontrolliertes, spontanes Runterfahren

Taipan8 · 15.05.2014, 06:50

Hallo,

seit einigen Tagen ist sporadisch immer mal wieder der Bildschirm "eingefroren" - auf Maus und Tastaturbefehle erfolgt keine Reaktion. Teilweise sind auch Pulldownmenüs noch geöffnet. Manchmal fährt der Rechner nach kurzer Zeit selbständig runter und bootet gleich wieder mit dem Windows-Hinweis auf Probleme beim Runterfahren. In anderen Situationen muss ich den PC manuell per Schalter "killen".

Seit gestern mittag bekomme ich von meinen IP-Kameras keine E-Mails mehr. Beim Test im Kameramenü wird ein Serverfehler gemeldet. Die Kameras sind auch mit dem eigenen IP-Scannertool von Instar nicht mehr zu sehen. Der Zugriff über Browser und eingene SW erfolgt aber problemlos.

Malwarebytes läuft an, bleibt aber nach einiger Zeit hängen, sodass ich den Rechner wieder manuell über den Ein-/Ausschalter "killen" muss.

Vielen Dank im Voraus für die Unterstützung.

MfG
Ralf

schrauber · 15.05.2014, 09:17

Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Taipan8 · 15.05.2014, 17:17

Code:

ATTFilter

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 06:49 on 15/05/2014 (Ralf)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:14-05-2014
Ran by Ralf (administrator) on AKOYA on 15-05-2014 06:49:42
Running from K:\Ralf\Desktop
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(REINER SCT) C:\Windows\System32\cjpcsc.exe
() C:\Program Files\CPUCooL\CooLSRV.exe
(T-Systems International GmbH) C:\Program Files\T-Online\Dialerschutz-Software\DFInject.exe
() C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
(Sanford, L.P.) C:\Program Files\DYMO\DYMO Label Software\DymoPnpService.exe
(Empolis GmbH) C:\Program Files\Common Files\Gnab\Service\ServiceController.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Empolis GmbH) C:\Program Files\Medion\MEDIONbox\Program\GCS.exe
(Deutsche Telekom AG) C:\Program Files\Telekom\Mediencenter\DTAG.Mediencenter.BackgroundService.exe
(Memeo) C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
(Symantec Corporation) C:\Program Files\Norton 360\Engine\21.2.0.38\n360.exe
(Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Nitro PDF Software) C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe
() C:\Program Files\Generic\Network Printer Wizard\NPWService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(Nuance Communications, Inc.) C:\Program Files\Nuance\eCopy PDF Pro Office\PDFProFiltSrv.exe
(Sony Corporation) C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Entriq, Inc.) C:\Program Files\maxdome\DCBin\DCService.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\QualityManager.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Buhl Data Service GmbH) C:\Program Files\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
() C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe
(X10) C:\Program Files\Common Files\X10\Common\X10nets.exe
(Apple Inc.) C:\AirPrint\airprint.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\issm.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
() C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
(Symantec Corporation) C:\Program Files\Norton 360\Engine\21.2.0.38\n360.exe
() C:\Program Files\Hardcopy\hcdll2_ex_Win32.exe
(ODSoft multimedia) C:\Program Files\Sceneo\AbsolutTV\Services\ODSBC\ODSBCApp.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel Corporation) C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(T-Systems International GmbH) C:\Program Files\T-Online\Dialerschutz-Software\Defender.exe
(Cyberlink Corp.) C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe
(CyberLink Corp.) C:\Program Files\HomeCinema\PlayMovie\PMVService.exe
(CyberLink Corp.) C:\Program Files\HomeCinema\TV Enhance\TVEService.exe
(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
(cyberlink) C:\Program Files\CyberLink\Shared Files\brs.exe
(Sony Corporation) C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Canon Electronics Inc.) C:\Program Files\Canon Electronics\DRC125\TouchDR.exe
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Nuance Communications, Inc.) C:\Program Files\Nuance\eCopy PDF Pro Office\PdfPro7Hook.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\Syncios\SynciosDeviceService.exe
(Elaborate Bytes AG) C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files\Medion AG\NSU\NSU.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
() C:\Users\Ralf\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(FreeDownloadManager.ORG) C:\Program Files\Free Download Manager\fdm.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(Deutsche Telekom AG) C:\Users\Ralf\AppData\Roaming\Telekom\MediencenterSync\Mediencenter.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
(Memeo Inc.) C:\Program Files\Memeo\AutoBackup\MemeoUpdater.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8100\Bin\HPNetworkCommunicatorCom.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [TVBroadcast] => C:\Program Files\Sceneo\AbsolutTV\SERVICES\ODSBC\ODSBCApp.exe [797696 2007-08-08] (ODSoft multimedia)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4702208 2007-08-17] (Realtek Semiconductor)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2007-10-09] (Intel Corporation)
HKLM\...\Run: [NMSSupport] => C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe [439512 2007-06-27] (Intel Corporation)
HKLM\...\Run: [CCUTRAYICON] => C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe [215256 2007-06-27] (Intel(R) Corporation)
HKLM\...\Run: [toolbar_eula_launcher] => C:\Program Files\GoogleEULA\EULALauncher.exe [16896 2007-02-09] ( )
HKLM\...\Run: [Logitech Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [76304 2008-02-29] (Logitech, Inc.)
HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdc.exe [563080 2007-01-24] (Microsoft Corporation)
HKLM\...\Run: [T-Home Dialerschutz-Software] => C:\Program Files\T-Online\Dialerschutz-Software\Defender.exe [1411720 2010-03-29] (T-Systems International GmbH)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [76304 2008-02-29] (Logitech, Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM\...\Run: [RemoteControl] => C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe [87336 2008-07-21] (Cyberlink Corp.)
HKLM\...\Run: [LanguageShortcut] => C:\Program Files\HomeCinema\PowerDVD\Language\Language.exe [62760 2008-05-14] ()
HKLM\...\Run: [PlayMovie] => C:\Program Files\HomeCinema\PlayMovie\PMVService.exe [172032 2007-09-07] (CyberLink Corp.)
HKLM\...\Run: [TVEService] => C:\Program Files\HomeCinema\TV Enhance\TVEService.exe [155648 2007-10-19] (CyberLink Corp.)
HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [220160 2007-11-30] (Google)
HKLM\...\Run: [BDRegion] => C:\Program Files\Cyberlink\Shared Files\brs.exe [75048 2009-03-18] (cyberlink)
HKLM\...\Run: [Memeo Instant Backup] => C:\Program Files\Memeo\AutoBackup\MemeoLauncher2.exe [136416 2011-09-28] (Memeo Inc.)
HKLM\...\Run: [LexwareInfoService] => C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe [339312 2010-09-15] (Haufe-Lexware GmbH & Co. KG)
HKLM\...\Run: [PMBVolumeWatcher] => C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724536 2012-04-22] (Sony Corporation)
HKLM\...\Run: [CANON DR-C125 SVC] => C:\Windows\system32\DRDCSVC.DLL [110592 2011-07-12] (Canon Electronics)
HKLM\...\Run: [DR-C125 CaptureOnTouch] => C:\Program Files\Canon Electronics\DRC125\TouchDR.exe [942080 2011-10-17] (Canon Electronics Inc.)
HKLM\...\Run: [SSBkgdUpdate] => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [OpwareSE4] => C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [79136 2007-11-13] (Nuance Communications, Inc.)
HKLM\...\Run: [PaperPort PTD] => C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [29984 2009-03-02] (Nuance Communications, Inc.)
HKLM\...\Run: [IndexSearch] => C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [46368 2009-03-02] (Nuance Communications, Inc.)
HKLM\...\Run: [PPort11reminder] => C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2008-11-03] (Nuance Communications, Inc.)
HKLM\...\Run: [PDFHook] => C:\Program Files\Nuance\eCopy PDF Pro Office\pdfpro7hook.exe [1766688 2011-03-17] (Nuance Communications, Inc.)
HKLM\...\Run: [PDF7 Registry Controller] => C:\Program Files\Nuance\eCopy PDF Pro Office\RegistryController.exe [138528 2011-03-17] (Nuance Communications, Inc.)
HKLM\...\Run: [PdfProInboxMonitor] => C:\Program Files\Nuance\eCopy PDF Pro Office\InboxMonitor.exe [114176 2011-03-17] ()
HKLM\...\Run: [InboxMonitor] => C:\Program Files\Nuance\eCopy PDF Pro Office\InboxMonitor.exe [114176 2011-03-17] ()
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Syncios device service] => C:\Program Files\Syncios\SynciosDeviceService.exe [723456 2013-11-15] ()
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2007-08-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [VirtualCloneDrive] => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\ssmmgr.exe [606208 2009-10-13] ()
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [DLSService] => "C:\Program Files\DYMO\DYMO Label Software\DLSService.exe"
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKU\S-1-5-21-1931517720-1549907669-1186193416-1003\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1931517720-1549907669-1186193416-1004\...\Run: [NSU] => C:\Program Files\Medion AG\NSU\NSU.exe [1789440 2011-10-20] ()
HKU\S-1-5-21-1931517720-1549907669-1186193416-1004\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-1931517720-1549907669-1186193416-1004\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-02-20] (Google Inc.)
HKU\S-1-5-21-1931517720-1549907669-1186193416-1004\...\Run: [ISUSPM] =>  -scheduler
HKU\S-1-5-21-1931517720-1549907669-1186193416-1004\...\Run: [Amazon Cloud Player] => C:\Users\Ralf\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3168576 2014-03-07] ()
HKU\S-1-5-21-1931517720-1549907669-1186193416-1004\...\Run: [Free Download Manager] => C:\Program Files\Free Download Manager\fdm.exe [6950400 2013-10-25] (FreeDownloadManager.ORG)
HKU\S-1-5-21-1931517720-1549907669-1186193416-1004\...\Run: [DymoQuickPrint] => C:\Program Files\DYMO\DYMO Label Software\DymoQuickPrint.exe [1825360 2011-01-28] (Sanford, L.P.)
AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [146432 2007-11-30] (Google)
AppInit_DLLs:  C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [146432 2007-11-30] (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk
ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
Startup: C:\Users\Ralf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Ralf\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Ralf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mediencenter.lnk
ShortcutTarget: Mediencenter.lnk -> C:\Users\Ralf\AppData\Roaming\Telekom\MediencenterSync\Mediencenter.exe (Deutsche Telekom AG)
Startup: C:\Users\Ralf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8100 (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet Pro 8100 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet Pro 8100\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - Backup.Old.DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
SearchScopes: HKCU - Backup.Old.DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files\Nuance\eCopy PDF Pro Office\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\21.2.0.38\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab
DPF: {680285A8-96D3-43DA-9D3D-51DD987D0B77} hxxp://www.nero.com/doc/NeroVersionCheckerControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {A4150320-98EC-4DB6-9BFB-EBF4B6FBEB16} hxxp://192.168.2.62:92/codebase/DVM_IPCam2.ocx
DPF: {A796D216-2DE1-4EA8-BABB-FE6E7C959098} hxxp://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab
DPF: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_12-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://tonline.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
DPF: {DF6504AC-3EFE-4287-B259-FB299B069C95} https://img.web.de/v/mail/activex/fa_os_mms/upload_1141.cab
Handler: fluxhttp\0x00000007 - {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Program Files\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax (ACE GmbH)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Generic\Network Printer Wizard\NPWprint.dll [151552] (Elite Silicon Technology Inc.)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Ralf\AppData\Roaming\Mozilla\Firefox\Profiles\b85l1wqd.default
FF Homepage: hxxp://www.t-online.de/
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @dymo.com/DymoLabelFramework - C:\Program Files\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll ( Sanford L.P.)
FF Plugin: @fluxdvd.com/NPWMDRMWrapper - C:\Program Files\Videoload Manager\NPWMDRMWrapper.dll ( )
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nitropdf.com/NitroPDF - C:\Program Files\Nitro PDF\Reader 2\npnitromozilla.dll ( )
FF Plugin: @protectdisc.com/NPMPDRM - C:\Program Files\Common Files\mpDRM\NPMPDRM.dll ( )
FF Plugin: @real.com/nppl3260;version=6.0.11.2768 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.2.2826 - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1578 - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: ZEON/PDF,version=2.0 - C:\Program Files\Nuance\eCopy PDF Pro Office\bin\nppdf.dll (Zeon Corporation)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Ralf\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101727.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Ralf\AppData\Roaming\Mozilla\Firefox\Profiles\b85l1wqd.default\searchplugins\youtube.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\Ralf\AppData\Roaming\Mozilla\Firefox\Profiles\b85l1wqd.default\Extensions\ich@maltegoetz.de [2013-12-12]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Ralf\AppData\Roaming\Mozilla\Firefox\Profiles\b85l1wqd.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-05-01]
FF Extension: DownloadHelper - C:\Users\Ralf\AppData\Roaming\Mozilla\Firefox\Profiles\b85l1wqd.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-26]
FF Extension: CSHelper - C:\Users\Ralf\AppData\Roaming\Mozilla\Firefox\Profiles\b85l1wqd.default\Extensions\{d91a2be6-3b56-4dfb-97f5-5e48fe3ed473} [2012-02-20]
FF Extension: SearchYa NewTab - C:\Users\Ralf\AppData\Roaming\Mozilla\Firefox\Profiles\b85l1wqd.default\Extensions\{5ebdca98-43b3-45bb-87e0-716029fb42ab}.xpi [2013-11-09]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Ralf\AppData\Roaming\Mozilla\Firefox\Profiles\b85l1wqd.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-20]
FF Extension: Adblock Plus - C:\Users\Ralf\AppData\Roaming\Mozilla\Firefox\Profiles\b85l1wqd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-07-01]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF Extension: Freemake Video Converter Plugin - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ []
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\coFFPlgn\ []
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\IPSFF [2014-05-08]
FF HKCU\...\Thunderbird\Extensions: [{0E810812-F4BB-4309-942A-755587587A5E}] - C:\Program Files\BullGuard Software\BullGuard\antispam\tbspamfilter

========================== Services (Whitelisted) =================

R2 AirPrint; C:\AirPrint\airprint.exe [234784 2012-06-16] (Apple Inc.)
R2 AlertService; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [223448 2007-06-27] (Intel(R) Corporation)
R2 cjpcsc; C:\Windows\system32\cjpcsc.exe [654640 2009-04-15] (REINER SCT)
R2 CPUCooLServer; C:\Program Files\CPUCooL\CooLSrv.exe [743936 2011-12-01] ()
R2 DFSVC; C:\Program Files\T-Online\Dialerschutz-Software\DFInject.exe [288768 2009-10-21] (T-Systems International GmbH)
S3 DHTRACE; C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe [39640 2007-06-27] (Intel(R) Corporation)
R2 DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [208896 2007-02-12] ()
R2 DymoPnpService; C:\Program Files\DYMO\DYMO Label Software\DymoPnpService.exe [32336 2011-01-28] (Sanford, L.P.)
S3 FirebirdServerMAGIXInstance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®)
R2 GnabService; c:\program files\common files\gnab\service\servicecontroller.exe [36864 2007-04-13] (Empolis GmbH)
S3 GoogleDesktopManager; C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe [69120 2007-11-30] (Google)
R2 ISSM; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [59096 2007-06-27] (Intel(R) Corporation)
S3 LBTServ; C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe [121360 2008-05-02] (Logitech, Inc.)
S2 M1 Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [268504 2007-06-27] ()
R2 MCLServiceATL; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [157912 2007-06-27] (Intel(R) Corporation)
R2 MCSWASVR; C:\Program Files\Telekom\Mediencenter\DTAG.Mediencenter.BackgroundService.exe [12800 2011-11-23] (Deutsche Telekom AG)
R2 MemeoBackgroundService; C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe [25824 2011-09-28] (Memeo)
R2 N360; C:\Program Files\Norton 360\Engine\21.2.0.38\N360.exe [265040 2014-03-12] (Symantec Corporation)
R2 NitroReaderDriverReadSpool2; C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe [196904 2011-12-20] (Nitro PDF Software)
R2 NMSCore; C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe [317656 2007-06-27] (Intel(R) Corporation)
R2 NPWService; C:\Program Files\Generic\Network Printer Wizard\NPWService.exe [462848 2008-09-17] ()
U2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 PDFProFiltSrv; C:\Program Files\Nuance\eCopy PDF Pro Office\PDFProFiltSrv.exe [134432 2011-03-17] (Nuance Communications, Inc.)
R2 PMBDeviceInfoProvider; C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474168 2012-04-22] (Sony Corporation)
R2 Prosieben; C:\Program Files\maxdome\DCBin\DCService.exe [77032 2009-05-01] (Entriq, Inc.)
R2 QualityManager; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe [272600 2007-06-27] (Intel(R) Corporation)
R2 Remote UI Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [446680 2007-06-27] (Intel(R) Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2007-01-09] ()
R2 srvcPVR; C:\Program Files\Sceneo\AbsolutTV\Services\PVR\PVRService.exe [1681408 2007-08-16] (Buhl Data Service GmbH)
R2 TVECapSvc; C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe [290909 2007-10-19] ()
R2 TVESched; C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe [114779 2007-10-19] ()
S3 UPnPService; C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [544768 2006-12-14] (Magix AG)
R2 x10nets; C:\Program Files\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10)

==================== Drivers (Whitelisted) ====================

R3 3xHybrid; C:\Windows\System32\DRIVERS\3xHybrid.sys [1006816 2009-09-24] (NXP Semiconductors Germany GmbH)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [120616 2014-02-13] (SlySoft, Inc.)
R1 BHDrvx86; C:\Program Files\Norton 360\NortonData\21.0.1.3\Definitions\BASHDefs\20140409.001\BHDrvx86.sys [1098968 2014-04-09] (Symantec Corporation)
R1 bizVSerial; C:\Windows\System32\drivers\bizVSerialNT.sys [14949 2007-05-31] (franson.biz)
R1 ccSet_N360; C:\Windows\system32\drivers\N360\1502000.026\ccSetx86.sys [127064 2014-02-25] (Symantec Corporation)
S3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [23040 2008-02-17] (REINER SCT)
S3 DectEnum; C:\Windows\System32\Drivers\DectEnum.sys [8448 2005-03-01] (Siemens AG)
R3 DFSYS; C:\Program Files\T-Online\Dialerschutz-Software\DFSYS.SYS [14624 2009-10-15] (T-Systems International GmbH)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2014-05-05] (Symantec Corporation)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [30616 2013-03-04] (Elaborate Bytes AG)
S3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd5.sys [45568 2006-11-02] (VIA Technologies, Inc.              )
S3 GigasetGenericUSB; C:\Windows\System32\DRIVERS\GigasetGenericUSB.sys [44032 2009-02-20] (Siemens Home and Office Communication Devices GmbH & Co. KG)
S3 Gigusb; C:\Windows\System32\Drivers\Gigusb.sys [53632 2005-03-01] (Siemens AG)
R0 hotcore3; C:\Windows\System32\drivers\hotcore3.sys [38448 2007-04-24] (Paragon Software Group)
S3 HRCMPA; C:\Windows\System32\DRIVERS\hrcmpa.sys [263751 2004-09-08] (SIEMENS AG)
R1 IDSVix86; C:\Program Files\Norton 360\NortonData\21.0.1.3\Definitions\IPSDefs\20140514.001\IDSvix86.sys [395992 2014-05-06] (Symantec Corporation)
R3 IntelDH; C:\Windows\System32\Drivers\IntelDH.sys [5632 2007-10-15] (Intel Corporation)
S3 IUAPIWDM; C:\Windows\System32\DRIVERS\IUAPIWDM.sys [50759 2004-09-08] (SIEMENS AG)
R3 MirayVirtualDisk; C:\Windows\System32\DRIVERS\mvd.sys [168016 2013-05-12] (Miray)
R3 NAVENG; C:\Program Files\Norton 360\NortonData\21.0.1.3\Definitions\VirusDefs\20140514.008\NAVENG.SYS [93272 2014-05-07] (Symantec Corporation)
R3 NAVEX15; C:\Program Files\Norton 360\NortonData\21.0.1.3\Definitions\VirusDefs\20140514.008\NAVEX15.SYS [1612376 2014-05-07] (Symantec Corporation)
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [554496 2007-09-21] (Ralink Technology Corp.)
R2 nmsunidr; C:\Windows\System32\DRIVERS\nmsunidr.sys [5376 2007-02-18] (Gteko Ltd.)
R2 npf; C:\Windows\System32\drivers\npf.sys [34064 2009-02-08] (CACE Technologies)
S3 siellif; C:\Windows\System32\Drivers\siellif.sys [113408 2005-03-01] (Siemens AG)
R3 SipIMNDI; C:\Windows\System32\DRIVERS\SipIMNDI.sys [24352 2009-10-15] (T-Systems International GmbH)
R3 SRTSP; C:\Windows\System32\Drivers\N360\1502000.026\SRTSP.SYS [664280 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360\1502000.026\SRTSPX.SYS [32344 2013-07-31] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360\1502000.026\SYMDS.SYS [367704 2013-08-01] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360\1502000.026\SYMEFA.SYS [936152 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142936 2014-05-07] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360\1502000.026\Ironx86.SYS [206936 2013-07-31] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\N360\1502000.026\SYMTDIV.SYS [384728 2014-02-18] (Symantec Corporation)
S3 teamviewervpn; C:\Windows\System32\DRIVERS\teamviewervpn.sys [25088 2011-11-11] (TeamViewer GmbH)
S3 TSHWMDTCP; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys [14552 2007-06-27] ()
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13976 2006-11-17] (X10 Wireless Technology, Inc.)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files\HomeCinema\PlayMovie\000.fcl [41456 2007-10-11] (Cyberlink Corp.)
R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B}; C:\Program Files\HomeCinema\PowerDVD\000.fcl [87536 2009-03-18] (CyberLink Corp.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 catchme; \??\C:\Users\Ralf\AppData\Local\Temp\catchme.sys [X]
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x32.sys [X]
S3 dsltestSp5; System32\Drivers\dsltestSp5.sys [X]
S3 EST_BusEnum; system32\DRIVERS\GenBus.sys [X]
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [43904 2009-02-18] (Microsoft Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-15 06:49 - 2014-05-15 06:49 - 00000000 ____D () C:\FRST
2014-05-15 06:49 - 2014-05-15 06:49 - 00000000 _____ () C:\Users\Ralf\defogger_reenable
2014-05-15 06:13 - 2014-05-15 06:14 - 00000000 ____D () C:\Users\Ralf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
2014-05-15 03:27 - 2014-05-15 03:27 - 00000020 ___SH () C:\Users\TEMP\ntuser.ini
2014-05-15 03:27 - 2014-05-15 03:27 - 00000000 _SHDL () C:\Users\TEMP\Startmenü
2014-05-15 03:27 - 2014-05-15 03:27 - 00000000 _SHDL () C:\Users\TEMP\Netzwerkumgebung
2014-05-15 03:27 - 2014-05-15 03:27 - 00000000 _SHDL () C:\Users\TEMP\Druckumgebung
2014-05-15 03:27 - 2014-05-15 03:27 - 00000000 _SHDL () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-15 03:27 - 2014-05-15 03:27 - 00000000 _SHDL () C:\Users\TEMP\AppData\Local\Verlauf
2014-05-15 03:27 - 2013-11-08 22:47 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-15 03:27 - 2013-11-08 22:47 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-15 03:27 - 2008-09-10 19:21 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Microsoft Help
2014-05-15 03:04 - 2014-05-15 03:04 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-15 03:02 - 2014-05-06 01:32 - 12347392 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-15 03:02 - 2014-05-06 01:14 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-15 03:02 - 2014-05-06 01:14 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 21:25 - 2014-05-14 21:25 - 00135216 _____ () C:\Windows\Minidump\Mini051414-01.dmp
2014-05-14 19:39 - 2014-05-14 19:39 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2014-05-14 18:36 - 2014-03-25 15:26 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-13 00:13 - 2014-05-13 00:14 - 00159416 _____ () C:\Windows\Minidump\Mini051314-01.dmp
2014-05-11 18:08 - 2014-05-11 18:08 - 00159416 _____ () C:\Windows\Minidump\Mini051114-01.dmp
2014-05-10 10:07 - 2014-05-10 10:07 - 00159096 _____ () C:\Windows\Minidump\Mini051014-01.dmp
2014-05-10 00:38 - 2014-05-10 00:38 - 00001668 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-05-10 00:38 - 2014-05-10 00:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-10 00:37 - 2014-05-10 00:38 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-05-10 00:37 - 2014-05-10 00:38 - 00000000 ____D () C:\Program Files\iTunes
2014-05-10 00:37 - 2014-05-10 00:37 - 00000000 ____D () C:\Program Files\iPod
2014-05-10 00:26 - 2014-05-10 00:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-05-10 00:26 - 2014-05-10 00:26 - 00000000 ____D () C:\Program Files\QuickTime
2014-05-09 22:44 - 2014-05-09 22:44 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-07 21:11 - 2014-05-08 09:01 - 00002063 _____ () C:\Users\Public\Desktop\Norton 360.lnk
2014-05-07 21:11 - 2014-05-07 21:11 - 00142936 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT.SYS
2014-05-07 21:11 - 2014-05-07 21:11 - 00008194 _____ () C:\Windows\system32\Drivers\SYMEVENT.CAT
2014-05-07 21:10 - 2014-05-08 09:03 - 00000000 ____D () C:\Windows\system32\Drivers\N360
2014-05-07 21:10 - 2014-05-08 09:01 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2014-05-07 21:10 - 2014-05-07 21:10 - 00000000 ____D () C:\Program Files\Norton 360
2014-05-06 08:29 - 2014-05-06 08:29 - 00000000 ____D () C:\ProgramData\PCSettings
2014-05-06 08:23 - 2014-05-06 10:06 - 00000000 ____D () C:\Users\Ralf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2014-05-06 08:23 - 2014-05-06 08:23 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2014-05-04 14:00 - 2014-05-04 14:00 - 00000000 ____D () C:\Users\Ralf\dwhelper
2014-04-23 10:00 - 2014-04-23 10:00 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_LMouFilt_01005.Wdf
2014-04-23 10:00 - 2014-04-23 10:00 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_LHidFilt_01005.Wdf
2014-04-20 00:44 - 2014-04-20 00:44 - 00000000 ____D () C:\Users\Ralf\AppData\Roaming\Colasoft MAC Scanner
2014-04-20 00:44 - 2014-04-20 00:44 - 00000000 ____D () C:\Program Files\Common Files\Colasoft Shared
2014-04-20 00:43 - 2014-04-20 00:49 - 00000000 ____D () C:\Program Files\Colasoft MAC Scanner 2.2 Free
2014-04-19 20:20 - 2014-04-19 20:20 - 00000000 ____D () C:\Users\Ralf\AppData\Roaming\Overlook
2014-04-19 20:18 - 2014-04-19 20:18 - 00000000 ____D () C:\ProgramData\Overlook
2014-04-19 20:18 - 2014-04-19 20:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Overlook Fing
2014-04-19 20:18 - 2014-04-19 20:18 - 00000000 ____D () C:\Program Files\WinPcap
2014-04-19 20:18 - 2014-04-19 20:18 - 00000000 ____D () C:\Program Files\Overlook Fing 2.2
2014-04-19 10:54 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-19 10:53 - 2014-04-14 20:13 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-04-19 10:53 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-19 10:53 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-19 10:52 - 2014-04-19 10:53 - 00004241 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log
2014-04-18 21:00 - 2014-03-08 01:20 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-18 21:00 - 2014-03-08 01:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-18 21:00 - 2014-03-08 01:03 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-18 21:00 - 2014-03-08 01:02 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-18 21:00 - 2014-03-08 01:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-18 21:00 - 2014-03-08 01:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-18 21:00 - 2014-03-08 00:59 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-18 21:00 - 2014-03-08 00:57 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-18 21:00 - 2014-03-08 00:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-18 21:00 - 2014-03-08 00:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-18 21:00 - 2014-03-08 00:54 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-18 21:00 - 2014-03-08 00:53 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-18 21:00 - 2014-03-08 00:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-18 14:47 - 2014-02-06 03:56 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

==================== One Month Modified Files and Folders =======

2014-05-15 06:49 - 2014-05-15 06:49 - 00000000 ____D () C:\FRST
2014-05-15 06:49 - 2014-05-15 06:49 - 00000000 _____ () C:\Users\Ralf\defogger_reenable
2014-05-15 06:49 - 2007-11-30 11:17 - 00000000 ____D () C:\Users\Ralf
2014-05-15 06:43 - 2010-02-20 15:13 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-15 06:38 - 2012-04-06 00:01 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-15 06:15 - 2011-09-17 20:44 - 00000000 ___RD () C:\Users\Ralf\Dropbox
2014-05-15 06:15 - 2011-09-17 20:36 - 00000000 ____D () C:\Users\Ralf\AppData\Roaming\Dropbox
2014-05-15 06:15 - 2007-11-30 11:07 - 01528783 _____ () C:\Windows\WindowsUpdate.log
2014-05-15 06:14 - 2014-05-15 06:13 - 00000000 ____D () C:\Users\Ralf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
2014-05-15 06:13 - 2010-02-20 15:13 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-15 05:27 - 2006-11-02 14:47 - 00003296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-15 05:27 - 2006-11-02 14:47 - 00003296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-15 03:34 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-05-15 03:33 - 2006-11-02 12:33 - 01594468 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-15 03:29 - 2013-11-09 20:16 - 00000430 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-05-15 03:27 - 2014-05-15 03:27 - 00000020 ___SH () C:\Users\TEMP\ntuser.ini
2014-05-15 03:27 - 2014-05-15 03:27 - 00000000 _SHDL () C:\Users\TEMP\Startmenü
2014-05-15 03:27 - 2014-05-15 03:27 - 00000000 _SHDL () C:\Users\TEMP\Netzwerkumgebung
2014-05-15 03:27 - 2014-05-15 03:27 - 00000000 _SHDL () C:\Users\TEMP\Druckumgebung
2014-05-15 03:27 - 2014-05-15 03:27 - 00000000 _SHDL () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-15 03:27 - 2014-05-15 03:27 - 00000000 _SHDL () C:\Users\TEMP\AppData\Local\Verlauf
2014-05-15 03:27 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-15 03:26 - 2007-10-10 13:56 - 02513136 _____ () C:\Windows\PFRO.log
2014-05-15 03:25 - 2008-07-07 19:08 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-05-15 03:25 - 2006-11-02 15:01 - 00032578 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-15 03:09 - 2013-08-15 03:09 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-15 03:04 - 2014-05-15 03:04 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-15 03:04 - 2007-10-10 12:37 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-15 03:04 - 2006-11-02 12:24 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-05-15 00:00 - 2009-02-15 17:38 - 00000368 _____ () C:\Windows\Tasks\NeroLiveEpgUpdate-Akoya_Ralf.job
2014-05-14 21:25 - 2014-05-14 21:25 - 00135216 _____ () C:\Windows\Minidump\Mini051414-01.dmp
2014-05-14 21:25 - 2012-07-20 16:59 - 356191060 _____ () C:\Windows\MEMORY.DMP
2014-05-14 21:25 - 2012-07-20 16:59 - 00000000 ____D () C:\Windows\Minidump
2014-05-14 21:02 - 2013-12-01 16:34 - 00000000 ____D () C:\Users\Ralf\AppData\Roaming\FileZilla
2014-05-14 20:07 - 2011-06-15 11:38 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-14 19:39 - 2014-05-14 19:39 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2014-05-14 19:39 - 2012-04-06 00:01 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-05-14 19:39 - 2011-05-22 17:18 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-05-13 00:14 - 2014-05-13 00:13 - 00159416 _____ () C:\Windows\Minidump\Mini051314-01.dmp
2014-05-11 18:08 - 2014-05-11 18:08 - 00159416 _____ () C:\Windows\Minidump\Mini051114-01.dmp
2014-05-11 18:08 - 2012-04-25 22:48 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-11 16:47 - 2012-03-24 12:36 - 00000000 ____D () C:\Users\Ralf\AppData\Local\CrashDumps
2014-05-11 15:00 - 2014-01-07 19:23 - 00000000 ____D () C:\Users\Ralf\AppData\Roaming\Free Download Manager
2014-05-10 10:15 - 2012-12-29 19:04 - 00000180 _____ () C:\Windows\setscan.ini
2014-05-10 10:07 - 2014-05-10 10:07 - 00159096 _____ () C:\Windows\Minidump\Mini051014-01.dmp
2014-05-10 00:38 - 2014-05-10 00:38 - 00001668 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-05-10 00:38 - 2014-05-10 00:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-10 00:38 - 2014-05-10 00:37 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-05-10 00:38 - 2014-05-10 00:37 - 00000000 ____D () C:\Program Files\iTunes
2014-05-10 00:37 - 2014-05-10 00:37 - 00000000 ____D () C:\Program Files\iPod
2014-05-10 00:37 - 2011-12-20 00:27 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-05-10 00:29 - 2007-10-15 17:13 - 00000000 ____D () C:\ProgramData\Apple
2014-05-10 00:26 - 2014-05-10 00:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-05-10 00:26 - 2014-05-10 00:26 - 00000000 ____D () C:\Program Files\QuickTime
2014-05-09 22:44 - 2014-05-09 22:44 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-09 17:33 - 2012-02-20 21:37 - 00004416 _____ () C:\Users\Ralf\AppData\Roaming\CamStudio.cfg
2014-05-09 17:33 - 2012-02-20 21:37 - 00000408 _____ () C:\Users\Ralf\AppData\Roaming\CamShapes.ini
2014-05-09 17:33 - 2012-02-20 21:37 - 00000408 _____ () C:\Users\Ralf\AppData\Roaming\CamLayout.ini
2014-05-09 17:33 - 2012-02-20 21:37 - 00000117 _____ () C:\Users\Ralf\AppData\Roaming\Camdata.ini
2014-05-09 14:59 - 2012-01-22 11:33 - 00000000 ____D () C:\Users\Ralf\AppData\Roaming\Nitro PDF
2014-05-08 22:56 - 2012-02-20 00:46 - 00000000 ____D () C:\Users\Ralf\AppData\Roaming\vlc
2014-05-08 19:16 - 2013-02-22 21:20 - 00000000 ____D () C:\Users\Ralf\AppData\Local\Apps\2.0
2014-05-08 13:38 - 2006-11-02 14:37 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-05-08 09:03 - 2014-05-07 21:10 - 00000000 ____D () C:\Windows\system32\Drivers\N360
2014-05-08 09:01 - 2014-05-07 21:11 - 00002063 _____ () C:\Users\Public\Desktop\Norton 360.lnk
2014-05-08 09:01 - 2014-05-07 21:10 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2014-05-08 08:38 - 2009-09-24 19:58 - 00000000 ____D () C:\Users\Ralf\AppData\Roaming\Mozilla
2014-05-07 21:55 - 2007-09-27 11:20 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-05-07 21:13 - 2009-12-16 04:06 - 00000000 ____D () C:\ProgramData\Norton
2014-05-07 21:11 - 2014-05-07 21:11 - 00142936 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT.SYS
2014-05-07 21:11 - 2014-05-07 21:11 - 00008194 _____ () C:\Windows\system32\Drivers\SYMEVENT.CAT
2014-05-07 21:11 - 2008-05-20 21:30 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-05-07 21:10 - 2014-05-07 21:10 - 00000000 ____D () C:\Program Files\Norton 360
2014-05-07 20:32 - 2008-05-20 21:36 - 00000000 ____D () C:\Program Files\Norton Internet Security
2014-05-06 10:06 - 2014-05-06 08:23 - 00000000 ____D () C:\Users\Ralf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2014-05-06 08:35 - 2008-05-20 21:30 - 00000000 ____D () C:\ProgramData\Symantec
2014-05-06 08:29 - 2014-05-06 08:29 - 00000000 ____D () C:\ProgramData\PCSettings
2014-05-06 08:23 - 2014-05-06 08:23 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2014-05-06 01:32 - 2014-05-15 03:02 - 12347392 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 01:14 - 2014-05-15 03:02 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 01:14 - 2014-05-15 03:02 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-04 14:00 - 2014-05-04 14:00 - 00000000 ____D () C:\Users\Ralf\dwhelper
2014-04-30 18:55 - 2006-11-02 14:47 - 00494360 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-29 17:48 - 2007-11-30 14:34 - 00000000 ____D () C:\Users\Ralf\AppData\Local\Adobe
2014-04-29 09:15 - 2013-10-27 12:33 - 00000000 ____D () C:\Users\Ralf\AppData\Local\WEB.DE Application {sync-000021}
2014-04-28 13:19 - 2007-11-30 11:17 - 00163992 _____ () C:\Users\Ralf\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-23 19:52 - 2014-01-04 20:30 - 00000863 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-04-23 10:00 - 2014-04-23 10:00 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_LMouFilt_01005.Wdf
2014-04-23 10:00 - 2014-04-23 10:00 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_LHidFilt_01005.Wdf
2014-04-23 10:00 - 2006-11-02 14:52 - 00190306 _____ () C:\Windows\setupact.log
2014-04-22 21:45 - 2013-08-22 17:02 - 00000000 ____D () C:\INSTAR_Rec
2014-04-21 23:30 - 2007-12-02 17:52 - 00148992 _____ () C:\Users\Ralf\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-20 00:49 - 2014-04-20 00:43 - 00000000 ____D () C:\Program Files\Colasoft MAC Scanner 2.2 Free
2014-04-20 00:44 - 2014-04-20 00:44 - 00000000 ____D () C:\Users\Ralf\AppData\Roaming\Colasoft MAC Scanner
2014-04-20 00:44 - 2014-04-20 00:44 - 00000000 ____D () C:\Program Files\Common Files\Colasoft Shared
2014-04-19 22:45 - 2010-05-28 21:16 - 00011792 _____ () C:\Users\Ralf\AppData\Roaming\SmarThruOptions.xml
2014-04-19 20:20 - 2014-04-19 20:20 - 00000000 ____D () C:\Users\Ralf\AppData\Roaming\Overlook
2014-04-19 20:18 - 2014-04-19 20:18 - 00000000 ____D () C:\ProgramData\Overlook
2014-04-19 20:18 - 2014-04-19 20:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Overlook Fing
2014-04-19 20:18 - 2014-04-19 20:18 - 00000000 ____D () C:\Program Files\WinPcap
2014-04-19 20:18 - 2014-04-19 20:18 - 00000000 ____D () C:\Program Files\Overlook Fing 2.2
2014-04-19 15:39 - 2014-03-05 15:34 - 00000000 ____D () C:\Users\Ralf\AppData\Local\NVIDIA
2014-04-19 10:53 - 2014-04-19 10:52 - 00004241 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log
2014-04-19 10:53 - 2007-12-27 17:56 - 00000000 ____D () C:\Program Files\Java
2014-04-18 16:47 - 2013-11-27 17:02 - 00000000 ____D () C:\Users\Ralf\AppData\Local\Amazon Cloud Player

Files to move or delete:
====================
C:\Users\Ralf\AppData\Roaming\CamLayout.ini
C:\Users\Ralf\AppData\Roaming\CamShapes.ini
C:\ProgramData\NortonProtectionMemo.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-15 03:36

==================== End Of Log ============================

--- --- ---

--- --- ---

FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version:14-05-2014
Ran by Ralf at 2014-05-15 06:50:55
Running from K:\Ralf\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton 360 Online (Disabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton 360 Online (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
FW: Norton 360 Online (Disabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

 Overlook Fing (HKLM\...\Overlook Fing 2.2) (Version: 2.2 - Overlook)
 Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
"Nero SoundTrax Help (Version: 4.0.15.0 - Nero AG) Hidden
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Photoshop 5.0 Limited Edition (HKLM\...\Adobe Photoshop 5.0 Limited Edition) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Reader X (10.1.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.)
Advertising Center (Version: 0.0.0.1 - Nero AG) Hidden
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.4.0.26 - Amazon Services LLC)
Amazon MP3-Downloader 1.0.17 (HKLM\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
AnyDVD (HKLM\...\AnyDVD) (Version: 7.4.3.0 - SlySoft)
Apple Application Support (HKLM\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audible Download Manager (HKLM\...\AudibleDownloadManager) (Version: 6.6.0.15 - Audible, Inc.)
Auslogics DiskDefrag (HKLM\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.3.1.0 - Auslogics Labs Pty Ltd)
Avery Wizard 3.1 (HKLM\...\{4D87149D-A160-4958-AAD2-51994F140AED}) (Version: 3.1.10 - Avery)
AviSynth 2.5 (HKLM\...\AviSynth) (Version:  - )
Bewerbungsfoto-/Passbild-Generator v3.5a (HKLM\...\Passbild-Generator_is1) (Version:  - )
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Canon Camera Window DC_DV 6 for ZoomBrowser EX (HKLM\...\CameraWindowDVC6) (Version: 6.4.0.9 - )
Canon Camera Window MC 6 for ZoomBrowser EX (HKLM\...\CameraWindowMC) (Version: 6.3.0.8 - )
Canon driver for DR-C125 (HKLM\...\{C416C3E5-B8C4-4876-9705-10CD3104FE61}) (Version: 1.0.4309 - Canon Electronics inc.)
Canon G.726 WMP-Decoder (HKLM\...\Canon G.726 WMP-Decoder) (Version: 1.1.0.4 - )
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM\...\CANON iMAGE GATEWAY Task) (Version: 1.3.1.5 - )
Canon Internet Library for ZoomBrowser EX (HKLM\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.5.1.4 - )
Canon MovieEdit Task for ZoomBrowser EX (HKLM\...\MovieEditTask) (Version: 2.4.0.14 - )
Canon RAW Image Task for ZoomBrowser EX (HKLM\...\RAW Image Task) (Version: 2.6.0.13 - )
Canon RemoteCapture Task for ZoomBrowser EX (HKLM\...\RemoteCaptureTask) (Version: 1.7.0.8 - )
Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 5.8.0.74 - )
CaptureOnTouch Evernote Plugin (HKLM\...\{CE27CA2B-7663-4F6B-8E61-A455390AC71F}) (Version: 1.2.11005 - Canon Electronics Inc.)
CaptureOnTouch Google Docs(TM) Plugin (HKLM\...\{5B264EE1-5639-4647-A53F-7D946304A950}) (Version: 1.1.4311 - Canon Electronics Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.06 - Piriform)
CDDRV_Installer (Version: 4.60 - Logitech) Hidden
CloneDVD2 (HKLM\...\CloneDVD2) (Version: 2.9.3.0 - Elaborate Bytes)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
ConvertHelper 2.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version:  - DownloadHelper)
cyberJack Base Components (HKLM\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 6.8.0 - REINER SCT)
CyberLink PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.3.5105.0 - CyberLink Corp.)
DDBAC (HKLM\...\{DEF597FA-FE10-4DF1-B937-251EDA491E22}) (Version: 5.3.1 - DataDesign)
DDBAC (HKLM\...\{E33FC8F2-F11F-473C-8F9C-4F0B80031F75}) (Version: 04.02.0000 - windata GmbH & Co.KG)
Deutsche Post E-Porto (HKLM\...\{5CCF8330-F742-411A-8A04-719806D168B5}) (Version: 2.3.0 - Deutsche Post AG)
DirSync  2.95 (HKLM\...\DirSync) (Version:  - Stephen Kalisch)
DolbyFiles (Version: 2.0 - Nero AG) Hidden
DR-C125 CaptureOnTouch (HKLM\...\{C67FF523-F257-4A3F-AE4D-08671E727A0E}) (Version: 2.3.111.1014 - Canon Electronics Inc.)
DR-C125 UserManual (HKLM\...\{E3171A4D-FC3B-48CE-87A8-8C1BE9953E5F}) (Version: 1.04.0000 - Canon Electronics Inc.)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
Duden Home (HKLM\...\{288A423E-D6CA-47C3-B480-D1203EB08948}) (Version: 10.0.0 - Bibliographisches Institut GmbH)
DYMO Label v.8 (HKLM\...\DYMO Label v.8) (Version: 8.3.0.1242 - Sanford, L.P.)
eCopy PDF Pro Office (HKLM\...\{5AB961A4-8811-4931-9874-4625C6E5838F}) (Version: 7.10.3290 - Nuance Communications, Inc)
EPSON TWAIN 5 (HKLM\...\{254BEB3E-1085-4D66-9CDC-0152C0DC2E93}) (Version: 5.71.0000 - SEIKO EPSON Corp.)
Evernote v. 4.6 (HKLM\...\{A23AADDA-3DBF-11E2-A6F2-984BE15F174E}) (Version: 4.6.0.7670 - Evernote Corp.)
FileZilla Client 3.8.0 (HKLM\...\FileZilla Client) (Version: 3.8.0 - Tim Kosse)
Firebird SQL Server - MAGIX Edition (HKLM\...\Firebird SQL Server D) (Version: 2.0.1.8 - MAGIX AG)
FormatFactory 2.90 (HKLM\...\FormatFactory) (Version: 2.90 - Free Time)
Free Download Manager 3.9.3 (HKLM\...\Free Download Manager_is1) (Version:  - FreeDownloadManager.ORG)
Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
FreeCommander 2009.02b (HKLM\...\FreeCommander_is1) (Version: 2009.02 - Marek Jasinski)
Freemake Video Converter Version 3.0.2 (HKLM\...\Freemake Video Converter_is1) (Version: 3.0.2 - Ellora Assets Corporation)
funScreenScraping Client Version (HKLM\...\{32148D5D-909F-4A7B-93EE-5C16B71F4A8C}) (Version: 1.0.173 - fun communications GmbH)
funScreenScraping Microsoft Systemdateien (HKLM\...\{AC849092-6F19-4395-8860-BC3B82CAFE51}) (Version: 1.0.6 - fun communications GmbH)
Gigaset QuickSync (HKLM\...\{31a52f2e-32e8-4c8f-9d99-6fd0c37c99ef}) (Version: 7.2.0844.6 - Gigaset Communications GmbH)
Google Desktop (HKLM\...\Google Desktop) (Version: - - Google)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden
Hardcopy (HKLM\...\Hardcopy) (Version: 2014.01.27 - www.hardcopy.de)
HD Tune 2.55 (HKLM\...\HD Tune_is1) (Version:  - EFD Software)
HDClone 4.2 Standard Edition (HKLM\...\HDClone.Standard.4.2.7.1031-{3F4C9295-FC5E-482D-A640-2F7A436D1DB3}) (Version: 4.2 - Miray Software AG)
HP FWUpdateEDO2 (HKLM\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8100 - Grundlegende Software für das Gerät (HKLM\...\{778511E7-621D-4CEE-AF1E-93432132C706}) (Version: 28.0.1321.0 - Hewlett-Packard Co.)
HP Officejet Pro 8100 Hilfe (HKLM\...\{73DB9F06-C125-4A1C-A982-5801338EBE84}) (Version: 28.0.0 - Hewlett Packard)
HP Update (HKLM\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
HPV Solo 2010 (HKLM\...\{256B9D9E-9706-4E6D-814B-CD54237D7FA2}) (Version: 10.8.0 - Viewer Central, Inc.)
ImagXpress (Version: 7.0.74.0 - Nero AG) Hidden
Inkscape 0.48.4 (HKLM\...\Inkscape) (Version: 0.48.4 - )
inSSIDer 2.0 (HKLM\...\{A12EA295-32EA-42BB-8442-2C2BE852D4AA}) (Version: 2.0.7 - MetaGeek)
INSTAR Camera Tool (HKLM\...\{630473B5-3AA9-4477-B6DD-F9EA5BEEDD42}) (Version: 2.0.1.0 - INSTAR)
InstarVision 1.3 (HKLM\...\InstarVision_is1) (Version: 1.3 - INSTAR)
Intel(R) Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - )
Intel(R) PRO Network Connections 12.2.41.0 (HKLM\...\PROSetDX) (Version: 12.2.41.0 - Intel)
Intel(R) PRO Network Connections 12.2.41.0 (Version: 12.2.41.0 - Intel) Hidden
Intel(R) PRO Network Connections Drivers (HKLM\...\PROSet) (Version:  - )
Intel® Viiv™ Software (HKLM\...\Intel(R) Configuration Center) (Version: 1.7.512.0 - Intel Corporation)
Intel® Viiv™ Software (Version: 1.7.512.0 - Intel Corporation) Hidden
IPCamClient (HKLM\...\{B1534528-3E4B-4630-A06D-8115917A2B92}) (Version: 1.0.0.10 - )
iTunes (HKLM\...\{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}) (Version: 11.1.5.5 - Apple Inc.)
J2SE Runtime Environment 5.0 Update 12 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0150120}) (Version: 1.5.0.120 - Sun Microsystems, Inc.)
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 20 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216020F0}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Java(TM) 6 Update 21 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216021FF}) (Version: 6.0.210 - Oracle)
Java(TM) 6 Update 6 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160060}) (Version: 1.6.0.60 - Sun Microsystems, Inc.)
Java(TM) 6 Update 7 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160070}) (Version: 1.6.0.70 - Sun Microsystems, Inc.)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
KhalInstallWrapper (Version: 4.60.122 - Logitech) Hidden
Letstrade (HKLM\...\{E0091C29-DEE8-4B24-BF65-8C35B5940D77}) (Version: 1.00.0000 - Buhl Data Service)
Lexware Info Service (HKLM\...\{15B2BC56-D179-4450-84B9-7A8D7F4CE1B9}) (Version: 2.70.00.0081 - Haufe-Lexware GmbH & Co.KG)
Lexware online banking (HKLM\...\{C908A5AC-4F61-4B9A-8A51-48B5696C53B1}) (Version: 12.00.00.0043 - Haufe-Lexware GmbH & Co.KG)
Lexware online banking 4.90 (Version: 4.90 - Lexware) Hidden
Logitech SetPoint (HKLM\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.60 - Logitech)
Logitech Updater (HKLM\...\{53735ECE-E461-4FD0-B742-23A352436D3A}) (Version: 1.70 - Ihr Firmenname)
MAGIX MP3 Maker 12 8.2.1.238 (D) (HKLM\...\MAGIX MP3 Maker 12 D) (Version: 8.2.1.238 - MAGIX AG)
MAGIX Online Druck Service 2.3.2.0 (D) (HKLM\...\MAGIX Online Druck Service D) (Version: 2.3.2.0 - MAGIX AG)
MakeDisc (HKLM\...\{B145EC69-66F5-11D8-9D75-000129760D75}) (Version: 3.0.2203 - CyberLink Corp.)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
maxdome Download Manager 4.1.300.78 (HKLM\...\{E948B551-08DB-4163-8995-8C43B03D1B19}) (Version: 4.1.30078 - Prosieben)
MCE Software Encoder 1.1 (HKLM\...\{7655E113-C306-11D9-A373-0050BAE317E1}) (Version: 1.1.0.1918 - CyberLink Corporation)
MediaShow (HKLM\...\{D5A9B7C0-8751-11D8-9D75-000129760D75}) (Version: 3.0.4325 - CyberLink Corporation)
Mediencenter 3.8.9799.6 (HKCU\...\Mediencenter) (Version: 3.8.9799.6 - Deutsche Telekom AG)
Mediencenter Assistent (HKLM\...\Mediencenter Software) (Version: 2.7.0.1451 - Telekom)
MEDIONbox (HKLM\...\{27FDF949-69CE-435A-8372-339F72336AC5}) (Version: 1.09.0000.00050 - Medion)
Memeo Instant Backup (HKLM\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7943 - Memeo Inc.)
Menu Templates - Starter Kit (Version: 9.0.4.0 - Nero AG) Hidden
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Movie Templates - Starter Kit (Version: 9.0.4.0 - Nero AG) Hidden
Mozilla Firefox 29.0.1 (x86 de) (HKLM\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSXML 4.0 SP2 (KB925672) (HKLM\...\{A9CF9052-F4A0-475D-A00F-A8388C62DD63}) (Version: 4.20.9839.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NAVIGON Fresh 1.4.9 (HKLM\...\NAVIGON Fresh) (Version: 1.4.9 - NAVIGON)
NAVIGON Fresh BETA 2.6.0 (HKLM\...\NAVIGON Fresh BETA) (Version: 2.6.0 - NAVIGON)
Nero 9 (HKLM\...\{c0ff42f0-d4a2-4122-aa8c-42d14552b756}) (Version:  - Nero AG)
Nero Burning ROM Help (Version: 9.2.2.100 - Nero AG) Hidden
Nero BurnRights (Version: 2.99.6.100 - Nero AG) Hidden
Nero ControlCenter (Version: 0.0.0.1 - Nero AG) Hidden
Nero ControlCenter (Version: 9.0.0.1 - Nero AG) Hidden
Nero CoverDesigner (Version: 4.2.4.100 - Nero AG) Hidden
Nero CoverDesigner Help (Version: 4.2.2.100 - Nero AG) Hidden
Nero Disc Copy Gadget (Version: 2.2.7.0 - Nero AG) Hidden
Nero Disc Copy Gadget Help (Version: 2.2.7.0 - Nero AG) Hidden
Nero DiscSpeed (Version: 4.99.5.105 - Nero AG) Hidden
Nero DriveSpeed (Version: 3.99.5.105 - Nero AG) Hidden
Nero Express Help (Version: 9.2.2.100 - Nero AG) Hidden
Nero InfoTool (Version: 5.99.5.105 - Nero AG) Hidden
Nero Installer (Version: 2.0.0.1 - Nero AG) Hidden
Nero Live (Version: 1.2.4.0 - Nero AG) Hidden
Nero Live Help (Version: 1.0.162.0 - Nero AG) Hidden
Nero PhotoSnap (Version: 1.53.2.0 - Nero AG) Hidden
Nero PhotoSnap Help (Version: 1.53.2.0 - Nero AG) Hidden
Nero Recode (Version: 3.53.0.0 - Nero AG) Hidden
Nero Recode Help (Version: 3.53.0.0 - Nero AG) Hidden
Nero Rescue Agent (Version: 1.99.0.1 - Nero AG) Hidden
Nero RescueAgent Help (Version: 1.99.0.1 - Nero AG) Hidden
Nero ShowTime (Version: 4.99.0.0 - Nero AG) Hidden
Nero StartSmart (Version: 9.2.7.100 - Nero AG) Hidden
Nero StartSmart Help (Version: 9.2.4.100 - Nero AG) Hidden
Nero Vision (Version: 0.0.0.2 - Nero AG) Hidden
Nero Vision (Version: 6.2.6.100 - Nero AG) Hidden
Nero WaveEditor (Version: 5.2.5.0 - Nero AG) Hidden
Nero WaveEditor Help (Version: 5.0.15.0 - Nero AG) Hidden
NeroBurningROM (Version: 9.2.6.100 - Nero AG) Hidden
NeroExpress (Version: 9.2.6.100 - Nero AG) Hidden
NeroLiveGadget (Version: 1.0.8.100 - Nero AG) Hidden
NeroLiveGadget Help (Version: 1.0.6.100 - Nero AG) Hidden
neroxml (Version: 1.0.0 - Nero AG) Hidden
Network Printer Wizard (HKLM\...\InstallShield_{12F3BB85-62FB-476D-AAB9-9AB94AF864D4}) (Version: 1.0.0.6 - Generic)
Network Printer Wizard (Version: 1.0.0.6 - Generic) Hidden
Nitro PDF Reader 2 (HKLM\...\{AA14583F-BD72-4F05-A445-3D7EC7BB8052}) (Version: 2.1.1.3 - Nitro PDF Software)
Norton 360 (HKLM\...\N360) (Version: 21.2.0.38 - Symantec Corporation)
Norton Security Scan (Symantec Corporation) (HKLM\...\NSSSetup.{D16D8A48-65A4-4B19-8A02-DC9A40FB80C4}) (Version: 2.0.0 - Symantec Corporation)
Norton Security Scan (Version: 2.0.0 - Symantec Corporation) Hidden
NPS - Nolte Collection / Horizont Edition 4.0.30 (NP) (HKLM\...\{49CF420F-CF5D-470B-B8C7-FAD8E80E285F}) (Version: 4.00.0030 - Nolte Möbel Germersheim)
NSU (HKLM\...\{323F7AD9-1F4D-49E1-973B-80E1B6F1623A}) (Version: 1.00.1000 - Medion AG)
NVIDIA 3D Vision Controller-Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 334.89 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.11.9745 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 334.89 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Systemsteuerung 334.89 (Version: 334.89 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
ocxinstall (HKLM\...\{1A2606DD-5E86-4ADA-954B-D98012A174E0}) (Version: 1.0.0.32 - apexis)
OnlineFotoservice (HKLM\...\OnlineFotoservice) (Version:  - )
PaperPort Image Printer (HKLM\...\{2BC2781A-F7F6-452E-95EB-018A522F1B2C}) (Version: 1.00.0000 - Nuance Communications, Inc.)
PaperPort SharePoint Link (HKLM\...\{8D09F3C8-C890-4118-B3CC-697BE7FA0421}) (Version: 12.000.0001 - Nuance Communications, Inc.)
Paragon Partition Manager 8.5 Personal (HKLM\...\{49CC1A6A-3A1A-4EE7-913F-8106B51B59D1}) (Version:  - )
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
PhotoNow! 1.0 (HKLM\...\{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 3.0.4310 - CyberLink Corporation)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PixiePack Codec Pack (HKLM\...\{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}) (Version: 1.1.1200.0 - None)
Play Movie (HKLM\...\{A450831D-25F6-4F42-9662-D000B25E0D82}) (Version: BD+HD 1.5.3307.0 - CyberLink Corp.)
PlayMemories Home (HKLM\...\{E03CD71A-F595-49DF-9ADC-0CFC93B1B211}) (Version: 6.3.00.04221 - Sony Corporation)
PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.2209a - CyberLink Corp.)
PowerDirector (Version: 6.5.2209a - CyberLink Corp.) Hidden
PowerProducer (HKLM\...\{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version:  - )
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
Quicken 2008 - ServicePack 2 (HKLM\...\{1B7DD202-20F6-489F-B7CD-42B9AB2002A0}) (Version: 15.05.0711 - Lexware GmbH & Co KG)
Quicken 2008 (Version: 15.00.00.00 - Lexware) Hidden
Quicken 2012 (HKLM\...\{2FC7CE3A-23E5-41E8-975B-AA0236D649FD}) (Version: 19.36.00.0165 - Haufe-Lexware GmbH & Co.KG)
Quicken Deluxe 2008 (HKLM\...\InstallShield_{15411A8C-34CC-41BB-A48C-52E3C052F20F}) (Version: 15.00.00.00 - Lexware)
Quicken Import Export Server 2008 (HKLM\...\{4CE9FE44-077C-46F9-A8EC-4557D2D86790}) (Version: 15.0.1.1 - Lexware GmbH & Co KG)
Quicken Import Export Server 2012 (HKLM\...\{7FC74607-ED6E-49C3-87FA-56B50A2EE158}) (Version: 19.30.00.0134 - Haufe-Lexware GmbH & Co.KG)
QuickImmobilie 2013 - Hotfix 1 (HKLM\...\{E81F9653-892E-43E0-8273-CCA68F351F17}) (Version: 13.01 - Haufe-Lexware Real Estate AG)
QuickImmobilie 2013 (HKLM\...\{52175683-38AC-4275-A5CD-9CF09E5E16EF}) (Version: 13.0.0 - Haufe-Lexware Real Estate AG)
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Radiotracker (HKLM\...\{A8BB05BC-2C4A-4178-A819-64B8F5392960}) (Version: 6.2.13700.0 - RapidSolution Software AG)
Readiris Pro 10 (HKLM\...\{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}) (Version:  - )
RealPlayer (HKLM\...\RealPlayer 6.0) (Version:  - RealNetworks)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5470 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.44 - Piriform)
Rossmann Fotoservice (HKLM\...\Rossmann Fotoservice_is1) (Version:  - )
Samsung CLX-3170 Series (HKLM\...\Samsung CLX-3170 Series) (Version:  - Samsung Electronics CO.,LTD)
ScanSoft OmniPage SE 4 (HKLM\...\{C95BE4FF-D112-4358-82AF-25197C6A6399}) (Version: 15.2.0020 - Nuance Communications, Inc.)
ScanSoft PaperPort 11 (HKLM\...\{EA820D43-3E3F-4B16-BAA2-DCAB0D4E7F1A}) (Version: 11.2.0000 - Nuance Communications, Inc.)
Scansoft PDF Professional (Version:  - ) Hidden
Sceneo AbsolutTV (HKLM\...\{4C73B683-B15D-4B94-AC7A-520B70C4FFE9}) (Version:  - )
SD Formatter (HKLM\...\{3F9FB449-93DB-4C47-BB5B-7334C4D1736E}) (Version: 2.9.5 - SDA)
Servicepack Datumsaktualisierung (Version: 1.00.00.0005 - Haufe-Lexware) Hidden
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmarThru 4 (HKLM\...\{90F1943D-EA4A-4460-B59F-30023F3BA69A}) (Version:  - )
SmarThru PC Fax (HKLM\...\SmarThru PC Fax) (Version:  - )
SMPlayer 0.7.0 (HKLM\...\SMPlayer) (Version: 0.7.0 - Ricardo Villalba)
SoundTrax (Version: 4.2.5.0 - Nero AG) Hidden
StreamTransport version: 1.0.2.2171 (HKLM\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Syncios Version 3.0.1 (HKLM\...\{068A5D84-8419-4BDE-9689-FE65F412EFBB}_is1) (Version: 3.0.1 - Anvsoft, Inc.)
TeamViewer 8 (HKLM\...\TeamViewer 8) (Version: 8.0.20935 - TeamViewer)
Text-To-Speech-Runtime (HKLM\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
T-Home Dialerschutz-Software (HKLM\...\{E8C5BD56-F5D8-41D3-8A71-273468FE256A}) (Version:  - )
TreeSize Free V2.4 (HKLM\...\TreeSize Free_is1) (Version: 2.4 - JAM Software)
TV Enhance (HKLM\...\{E4C891D6-6844-41B8-86E8-633CACCC644F}) (Version: 1.0.4619 - CyberLink Corp.)
TVsweeper (HKLM\...\{8025AF82-272B-4CBE-9820-392BFA46E7F6}) (Version: 3.0.5 - Sonavis)
Ulead PhotoImpact 12 (HKLM\...\{11AFE21E-B193-430D-B57A-DFF7815BB962}) (Version: 12.0 - Ulead System)
Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version:  - )
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VCRedistSetup (Version: 1.0.0 - Nero AG) Hidden
Videoload Manager 2.0.2220 (HKLM\...\Videoload Manager) (Version: 2.0.2220 - T-Online)
VirtualCloneDrive (HKLM\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WEB.DE Online-Speicher 1.6.2862.0 (HKCU\...\WEB.DE Application {sync-000021}) (Version: 1.6.2862.0 - 1&1 Mail & Media GmbH)
Wertpapieranalyse 2008 (HKLM\...\{C9CDE360-1077-43B1-BD83-842CE8A14034}) (Version: 1.00.0000 - Lexware)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Mobile-Gerätecenter (HKLM\...\{1F2A5DF9-40E1-4644-ADBD-D80F347BA6C8}) (Version: 6.0.6783.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter: Treiberupdate (HKLM\...\{CB8CA439-DA83-419C-A4CF-5A0A50025144}) (Version: 6.0.6783.0 - Microsoft Corporation)
winpcap-overlook 4.02 (HKLM\...\winpcap-overlook) (Version:  - )
WinRAR 4.00 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
X10 Hardware(TM) (HKLM\...\X10Hardware) (Version:  - )
ZDFmediathek Version 2.1.6 (HKLM\...\ZDFmediathek_is1) (Version:  - ZDF)

==================== Restore Points  =========================

10-05-2014 11:25:24 Geplanter Prüfpunkt
11-05-2014 19:12:11 Geplanter Prüfpunkt
12-05-2014 22:00:58 Geplanter Prüfpunkt
13-05-2014 22:00:55 Geplanter Prüfpunkt
15-05-2014 00:01:28 Geplanter Prüfpunkt
15-05-2014 01:00:32 Windows Update

==================== Hosts content: ==========================

2006-11-02 12:23 - 2013-11-09 19:15 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {045913E0-0D88-4E88-B14C-7F44CDB30F98} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-20] (Google Inc.)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {3A5CB8E8-15A3-4CFA-BEC6-B9B97B7DE4BA} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files\Norton 360\Engine\21.2.0.38\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {3CD9570C-105D-4BBE-858E-26620DF30DCB} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Ralf => C:\Program Files\Windows Calendar\wincal.exe [2009-04-11] (Microsoft Corporation)
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {454516B5-18D1-4BBC-A990-6A347DE07BD5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-20] (Google Inc.)
Task: {4C63B5CB-730D-4D8B-89A6-CFB922D96CA6} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {55B87CE8-4B5E-45E3-863A-4E9B275BE164} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files\Norton 360\Engine\21.2.0.38\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {64090134-083B-439F-A294-A6B3A47F4484} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {6E9494BB-1DC7-44CE-99E8-C2C28F280995} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton 360\Engine\21.2.0.38\WSCStub.exe [2014-03-12] (Symantec Corporation)
Task: {7B7781F9-F443-4560-9CEF-BA60B0AAE1F3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-09-19] (Piriform Ltd)
Task: {7B9C349F-4811-43A0-9139-A64DC3B09DB6} - System32\Tasks\NeroLiveEpgUpdate-Akoya_Ralf => C:\Program Files\Nero\Nero 9\Nero Live\NeroLive.exe [2008-10-27] (Nero AG)
Task: {84DC2DB2-5AF9-4684-9099-8B5BBBB227CC} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {999F0C1C-C8BB-4674-9590-16D5DC291517} - System32\Tasks\hcdll2_ex_Win32 => C:\Program Files\Hardcopy\hcdll2_ex_Win32.exe [2013-07-17] ()
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\NeroLiveEpgUpdate-Akoya_Ralf.job => C:\Program Files\Nero\Nero 9\Nero Live\NeroLive.exe

==================== Loaded Modules (whitelisted) =============

2010-05-28 21:15 - 2009-05-08 11:48 - 00094208 _____ () C:\Windows\System32\SamFaxPort.dll
2010-05-28 21:10 - 2007-08-14 03:01 - 00022723 _____ () C:\Windows\System32\sst1cl3.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2009-09-30 22:33 - 2007-05-31 08:38 - 00167936 ____N () C:\Windows\system32\SerialXP.dll
2011-12-01 18:11 - 2011-12-01 18:11 - 00743936 _____ () C:\Program Files\CPUCooL\CooLSrv.exe
2007-02-12 11:46 - 2007-02-12 11:46 - 00208896 _____ () C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
2013-07-13 03:27 - 2013-07-13 03:27 - 03391488 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_1ad752bd\mscorlib.dll
2013-07-13 03:26 - 2013-07-13 03:26 - 01966080 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_3f403984\system.dll
2013-07-13 03:26 - 2013-07-13 03:26 - 03035136 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_6a95c472\system.windows.forms.dll
2013-07-13 03:26 - 2013-07-13 03:26 - 02088960 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_35998bcd\system.xml.dll
2007-10-15 16:38 - 2007-04-13 18:14 - 00006656 _____ () c:\program files\medion\medionbox\program\structconverter.dll
2009-06-08 21:13 - 2009-04-11 08:28 - 00368640 _____ () C:\Windows\system32\msjetoledb40.dll
2008-09-17 14:43 - 2008-09-17 14:43 - 00462848 _____ () C:\Program Files\Generic\Network Printer Wizard\NPWService.exe
2008-09-17 14:42 - 2008-09-17 14:42 - 00225280 _____ () C:\Program Files\Generic\Network Printer Wizard\NPWpsm.dll
2008-09-17 14:42 - 2008-09-17 14:42 - 00086016 _____ () C:\Program Files\Generic\Network Printer Wizard\NPWlog.dll
2008-09-17 14:42 - 2008-09-17 14:42 - 00290816 _____ () C:\Program Files\Generic\Network Printer Wizard\NPWdcp.dll
2008-09-17 14:42 - 2008-09-17 14:42 - 00122880 _____ () C:\Program Files\Generic\Network Printer Wizard\NPWuntp.dll
2009-05-01 17:58 - 2009-05-01 17:58 - 01057512 _____ () C:\Program Files\maxdome\DCBin\PocoFoundation.dll
2009-05-01 17:58 - 2009-05-01 17:58 - 00627944 _____ () C:\Program Files\maxdome\DCBin\PocoNet.dll
2009-05-01 17:58 - 2009-05-01 17:58 - 00514352 _____ () C:\Program Files\maxdome\DCBin\sqlite3.dll
2009-05-01 17:58 - 2009-05-01 17:58 - 00517352 _____ () C:\Program Files\maxdome\DCBin\PocoXML.dll
2007-10-22 14:01 - 2007-01-09 10:25 - 00272024 _____ () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2007-10-22 13:49 - 2007-05-16 22:48 - 00421955 _____ () C:\Program Files\Sceneo\AbsolutTV\Services\PVR\tvtvRemote.dll
2007-10-22 14:03 - 2007-10-19 17:42 - 00290909 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe
2007-10-22 14:03 - 2007-10-19 17:42 - 00094208 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\CLSchRecordMonitor.dll
2007-10-22 14:03 - 2007-10-19 17:42 - 00245858 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\CLCapEngine.dll
2007-10-22 14:03 - 2007-10-19 17:42 - 00032768 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\CLCapSvcps.dll
2007-10-22 14:03 - 2007-10-19 17:42 - 00114779 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe
2007-10-22 14:03 - 2007-10-19 17:42 - 00114780 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\CLSchMgr.dll
2007-10-22 14:03 - 2007-10-19 17:42 - 00339968 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\CLTinyDB.dll
2014-02-06 14:51 - 2012-07-05 15:56 - 00052800 _____ () C:\Program Files\Hardcopy\hardcopy_05.dll
2014-02-06 14:51 - 2013-07-17 17:03 - 00037880 _____ () C:\Program Files\Hardcopy\hcdll2_ex_Win32.exe
2011-04-23 22:55 - 2011-03-02 12:40 - 00140288 _____ () C:\Program Files\WinRAR\rarext.dll
2013-11-14 12:25 - 2013-11-15 18:44 - 00723456 _____ () C:\Program Files\Syncios\SynciosDeviceService.exe
2013-11-14 12:25 - 2013-11-15 18:44 - 00377344 _____ () C:\Program Files\Syncios\DuiLib.dll
2013-11-14 12:25 - 2013-03-01 11:30 - 00059904 _____ () C:\Program Files\Syncios\zlib.dll
2013-11-14 12:25 - 2013-03-01 11:30 - 00526848 _____ () C:\Program Files\Syncios\sqlite3.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00237384 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxslt.dll
2010-05-28 21:11 - 2009-10-13 12:41 - 00606208 _____ () C:\Windows\Samsung\PanelMgr\SSMMgr.exe
2011-12-24 13:14 - 2011-10-20 23:22 - 01789440 _____ () C:\Program Files\Medion AG\NSU\NSU.exe
2011-12-24 13:14 - 2011-07-01 12:46 - 00806912 _____ () C:\Program Files\Medion AG\NSU\LIBEAY32.dll
2013-11-27 17:02 - 2014-03-07 22:39 - 03168576 _____ () C:\Users\Ralf\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2014-01-07 19:22 - 2013-10-04 15:38 - 03560960 _____ () C:\Program Files\Free Download Manager\fdmbtsupp.dll
2011-12-13 21:41 - 2011-12-13 21:41 - 00006144 _____ () C:\Users\Ralf\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.5.gadget\CoreTempReader.dll
2011-12-13 21:41 - 2011-12-13 21:41 - 00008704 _____ () C:\Users\Ralf\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.5.gadget\GetCoreTempInfoNET.dll
2011-12-13 21:41 - 2011-12-13 21:41 - 00007680 _____ () C:\Users\Ralf\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.5.gadget\SystemInfo.dll
2014-05-09 22:44 - 2014-05-09 22:44 - 03839088 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-05-13 10:39 - 2014-05-13 10:39 - 00283648 _____ () C:\ProgramData\Free Download Manager\Firefox\Extensions\1.6.0.7\components\vmsfdmff22.dll
2014-01-07 19:22 - 2013-10-04 15:15 - 00106496 _____ () C:\Program Files\Free Download Manager\fdmumsp.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:0574215C
AlternateDataStreams: C:\ProgramData\TEMP:7311BB85
AlternateDataStreams: C:\ProgramData\TEMP:7631EA83
AlternateDataStreams: C:\ProgramData\TEMP:D95ACC7D

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: 802.11 n/g/b Wireless LAN USB Adapter
Description: 802.11 n/g/b Wireless LAN USB Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: AzureWave Technologies, Inc.
Service: netr28u
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Flash HS-CF
Description: Flash HS-CF
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic 
Service: WUDFRd
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: Flash HS-MS/SD
Description: Flash HS-MS/SD
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic 
Service: WUDFRd
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: Flash HS-SM
Description: Flash HS-SM
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic 
Service: WUDFRd
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/15/2014 03:27:39 AM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.SetupChannel()
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.RuntimeMethodHandle.InvokeConstructor(Object[] args, SignatureStruct signature, RuntimeTypeHandle declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Activator.CreateInstance(Type type, BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.DoConfiguration(String filename, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (05/15/2014 03:01:55 AM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.

Kontext:  Anwendung, SystemIndex Katalog

Error: (05/15/2014 03:01:55 AM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: Die Leistungsüberwachung kann für den Gatherer-Dienst nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.

Error: (05/15/2014 03:00:33 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539.


Vorgang:
   OnIdentify-Ereignis
   Generatordaten werden gesammelt

Kontext:
   Ausführungskontext: Shadow Copy Optimization Writer
   Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Generatorname: Shadow Copy Optimization Writer
   Generatorinstanz-ID: {23762b90-16f9-4f5b-b5b1-aff3dc4c9c55}

Error: (05/15/2014 02:01:29 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539.


Vorgang:
   OnIdentify-Ereignis
   Generatordaten werden gesammelt

Kontext:
   Ausführungskontext: Shadow Copy Optimization Writer
   Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Generatorname: Shadow Copy Optimization Writer
   Generatorinstanz-ID: {35b4a822-189d-4186-a36c-d5123989bf21}

Error: (05/14/2014 10:13:16 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\TEMP\FAVORITES\TIPPS FÜRS SURFEN\FREIZEIT\PARTNER FÜR´S LEBEN - ZEIT ZUM FLIRTEN.URL> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (05/14/2014 10:13:16 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\TEMP\FAVORITES\TIPPS FÜRS SURFEN\FREIZEIT\NATURPARK STERNBERGER SEENLAND.URL> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (05/14/2014 10:13:16 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\TEMP\FAVORITES\TIPPS FÜRS SURFEN\FREIZEIT\MÄRKLIN EISENBAHN.URL> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (05/14/2014 10:13:16 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\TEMP\FAVORITES\TIPPS FÜRS SURFEN\FREIZEIT\LEGO - LEGOLAND GERMANY.URL> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (05/14/2014 10:13:16 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\TEMP\FAVORITES\TIPPS FÜRS SURFEN\FREIZEIT\KERNIE'S FAMILIENPARK.URL> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)


System errors:
=============
Error: (05/15/2014 03:29:13 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt

Error: (05/15/2014 03:28:08 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Intel(R) Viiv(TM) Media Server%%2147549183

Error: (05/15/2014 03:28:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: DgiVecp%%20

Error: (05/15/2014 03:24:52 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {D6E6C8DD-D0C9-4EAA-9FD5-941F69B34405}

Error: (05/15/2014 03:24:25 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (05/15/2014 03:04:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Windows Search%%1053

Error: (05/15/2014 03:04:37 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Windows Search

Error: (05/15/2014 03:02:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Windows Search%%1053

Error: (05/15/2014 03:02:33 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Windows Search

Error: (05/15/2014 03:01:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Windows Search%%1053


Microsoft Office Sessions:
=========================
Error: (03/03/2014 02:07:05 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 18, Application Name: Picture Manager, Application Version: 12.0.6606.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 77 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (02/26/2014 10:44:16 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 18, Application Name: Picture Manager, Application Version: 12.0.6606.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 45 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (02/26/2014 10:43:15 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 18, Application Name: Picture Manager, Application Version: 12.0.6606.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 62 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (02/26/2014 04:00:40 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 18, Application Name: Picture Manager, Application Version: 12.0.6606.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 27 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (01/26/2014 03:30:26 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 18, Application Name: Picture Manager, Application Version: 12.0.6606.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 98 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (01/23/2014 07:21:48 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 18, Application Name: Picture Manager, Application Version: 12.0.6606.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 10 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (01/22/2014 09:06:10 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 18, Application Name: Picture Manager, Application Version: 12.0.6606.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 57 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (01/22/2014 04:31:07 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 18, Application Name: Picture Manager, Application Version: 12.0.6606.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 88 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (01/10/2014 05:47:39 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 18, Application Name: Picture Manager, Application Version: 12.0.6606.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 195 seconds with 180 seconds of active time.  This session ended with a crash.

Error: (01/10/2014 02:09:39 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 18, Application Name: Picture Manager, Application Version: 12.0.6606.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 72 seconds with 60 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-05-15 06:50:48.984
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-15 06:50:48.740
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-15 06:50:48.495
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-15 06:50:48.245
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-15 06:50:47.998
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-15 06:50:47.751
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-15 06:50:47.502
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-15 06:50:47.252
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-15 06:50:47.003
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-15 06:50:46.757
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 67%
Total physical RAM: 3325.45 MB
Available physical RAM: 1072.57 MB
Total Pagefile: 6865.88 MB
Available Pagefile: 4594.02 MB
Total Virtual: 2047.88 MB
Available Virtual: 1913.33 MB

==================== Drives ================================

Drive c: (BOOT) (Fixed) (Total:445.76 GB) (Free:249.37 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVER) (Fixed) (Total:19.99 GB) (Free:6.31 GB) FAT32
Drive j: () (Fixed) (Total:1.88 GB) (Free:1.37 GB) FAT
Drive k: (Daten) (Fixed) (Total:589.02 GB) (Free:234.67 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 2BAB359D)
Partition 1: (Active) - (Size=446 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=20 GB) - (Type=OF Extended)

========================================================
Disk: 1 (Size: 596 GB) (Disk ID: B749BCF6)
Partition 1: (Not Active) - (Size=7 GB) - (Type=27)
Partition 2: (Active) - (Size=589 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (Size: 2 GB) (Disk ID: 04DD5721)
Partition 1: (Active) - (Size=2 GB) - (Type=06)

==================== End Of Log ============================

--- --- ---

GMER-Log fehlt noch (Größe wird übrschritten). Wie kann ich denn weitere Posts erstellen?

schrauber · 16.05.2014, 11:32

Wie oft kommt der Fehler vor? Malware seh ich keine.

Taipan8 · 16.05.2014, 13:54

Mittlerweile kommt der Fehler täglich - teilweise sogar mehrmals - vor. Ich hatte bereits vor einigen Tagen versucht Malwarebytes laufen zu lassen. Es kam immer vor Beendigung zum Einfrieren des Bildschirms oder direkt zum Absturz mit neuem Booten. Es wurden auch keine Logfiles geschrieben (zumindest waren keine in dem Verzeichnis, wo die anderen abgelegt werden zu finden.
Während des Laufs von GMER kam einige Male eine Meldung irgendetwas mit mit "Rootkit". Das Logfile kann wegen Überschreitung der Zeichenanzahl (148566 Zeichen) nicht posten. Kann ich das File teilen? Kannst du mir bitte noch kurz mitteilen, wie ich mehrere Postings als eine Antwort erstellen kann? Vielen Dank.

schrauber · 17.05.2014, 13:38

Boote mal mit F8, als wenn Du in den Safe Mode willst, in der Auswahl wähle Automatischen Neustart bei Systemfehler deaktivieren.

Beim nächsten Mal sollte ein Bluescreen kommen, den Inhalt davon brauche ich.

Taipan8 · 18.05.2014, 15:15

Hallo Schrauber,

ich habe deine Anweisung befolgt und den automatischen Neustart bei Systemfehler deaktiviert. Danach gab es gestern und heute bis gerade eben keinen Absturz mehr.

Als es jetzt zu Problemen kam, hatte ich keinen Bluescreen sondern der Bildschirm war schwarz und nicht mehr zur Anzeige zu bewegen - weder mit Tatstatur noch mit der Maus. Habe dann per Schalter ausgeschaltet, was auch ohne die sonstige Verzögerung klappte.

Beim erneuten Starten kam dann der übliche Heinweis: "Windows wird nach unerwartetem Herunterfahren wieder ausgeführt. Windows kann online nach einer Lösung suchen."

Hier die angezeigten Problemdetails:

Problemsignatur:
Problemereignisname: BlueScreen
Betriebsystemversion: 6.0.6002.2.2.0.768.3
Gebietsschema-ID: 1031

Zusatzinformationen zum Problem:
BCCode: 50
BCP1: 9A272000
BCP2: 00000001
BCP3: 916108F8
BCP4: 00000000
OS Version: 6_0_6002
Service Pack: 2_0
Product: 768_1

Dateien, die bei der Beschreibung des Problems hilfreich sind:
C:\Windows\Minidump\Mini051814-01.dmp
C:\Users\Ralf\AppData\Local\temp\WER-217668-0.sysdata.xml
C:\Users\Ralf\AppData\Local\temp\WER6141.tmp.version.txt

Lesen Sie unsere Datenschutzrichtlinie:
hxxp://go.microsoft.com/fwlink/?linkid=50163&clcid=0x0407

Kannst du damit etwas anfangen?

Gruß
Taipan8

schrauber · 19.05.2014, 09:49

BlueScreenView - Download - Filepony
Das laden und installieren, dann den aktuellen Dump öffnen:

Zitat:

C:\Windows\Minidump\Mini051814-01.dmp

und den Output hier posten.

Taipan8 · 19.05.2014, 10:07

Code:

ATTFilter

Mini051914-01.dmp
19.05.2014 08:23:52
PAGE_FAULT_IN_NONPAGED_AREA
0x00000050
0x9a0ac000
0x00000001
0x902128f8
0x00000000
nvlddmkm.sys
nvlddmkm.sys+733fe8
NVIDIA Windows Kernel Mode Driver, Version 334.89
NVIDIA Windows Kernel Mode Driver, Version 334.89
NVIDIA Corporation
9.18.13.3489
32-bit
ntkrnlpa.exe+98292
ntkrnlpa.exe+4dde4
nvlddmkm.sys+58f8
nvlddmkm.sys+7901c9

C:\Windows\Minidump\Mini051914-01.dmp
2
15
6002
159.272
19.05.2014 08:26:45

Gruß
Taipan8

schrauber · 20.05.2014, 08:57

Treiber der Graka mal erneuern.

Taipan8 · 21.05.2014, 22:14

Vielen Dank für den Tipp. Treiber habe ich aktualisiert, trotzdem weitere Abstürze mit Hinweis auf GraKa. Ist da evtl. eine neue fällig?

Hier nochmal das Ergebnis des letzten Bluescreens:

Code:

ATTFilter

Mini052114-01.dmp
21.05.2014 20:45:42
PAGE_FAULT_IN_NONPAGED_AREA
0x00000050
0xa4ddc000
0x00000001
0x91a118f8
0x00000000
nvlddmkm.sys
nvlddmkm.sys+76d988
NVIDIA Windows Kernel Mode Driver, Version 335.23
NVIDIA Windows Kernel Mode Driver, Version 335.23
NVIDIA Corporation
9.18.13.3523
32-bit
ntkrnlpa.exe+98292
ntkrnlpa.exe+4dde4
nvlddmkm.sys+58f8
nvlddmkm.sys+7ca1c9

C:\Windows\Minidump\Mini052114-01.dmp
2
15
6002
159.256
21.05.2014 21:34:44

Gruß
Taipan8

schrauber · 22.05.2014, 13:39

Instalier mal aus Spass nen älteren Treiber.

Taipan8 · 19.06.2014, 19:27

Hallo Schrauber,

sorry, habe mich lange nicht gemeldet - war im Urlaub.
Der Einsatz eines älteren Treibers brachte auf Dauer auch keinen Erfolg.

Inzwischen habe ich mir ein neues NB zugelegt. Somit ist das Problem zwar nicht erledigt, für mich aber nicht mehr relevant.

Vielen Dank für deine Hilfe.

MfG

schrauber · 20.06.2014, 18:54

ok

16.05.2014, 11:32	#4
schrauber /// the machine /// TB-Ausbilder	Vista Home Premium 32: Eingefrorener Bildschirm und unkontrolliertes, spontanes Runterfahren Wie oft kommt der Fehler vor? Malware seh ich keine. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

20.05.2014, 08:57	#10
schrauber /// the machine /// TB-Ausbilder	Vista Home Premium 32: Eingefrorener Bildschirm und unkontrolliertes, spontanes Runterfahren Treiber der Graka mal erneuern. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

22.05.2014, 13:39	#12
schrauber /// the machine /// TB-Ausbilder	Vista Home Premium 32: Eingefrorener Bildschirm und unkontrolliertes, spontanes Runterfahren Instalier mal aus Spass nen älteren Treiber. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

20.06.2014, 18:54	#14
schrauber /// the machine /// TB-Ausbilder	Vista Home Premium 32: Eingefrorener Bildschirm und unkontrolliertes, spontanes Runterfahren ok __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Vista Home Premium 32: Eingefrorener Bildschirm und unkontrolliertes, spontanes Runterfahren

Log-Analyse und Auswertung: Vista Home Premium 32: Eingefrorener Bildschirm und unkontrolliertes, spontanes Runterfahren