Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
windows vista bluescreen 0x0000008E

windows vista bluescreen 0x0000008E


Plagegeister aller Art und deren Bekämpfung: windows vista bluescreen 0x0000008E

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 11.10.2014, 18:27   #1
187Kiril
 
windows vista bluescreen 0x0000008E - Standard

windows vista bluescreen 0x0000008E


Hallo Trojaner Board

Ich habe ein Problem mit meinem PC. Nachdem der Computer hochgefahren ist, kommt ein bluescreen.

0x0000008E

mgf, kiril

Code:
ATTFilter
defogger_didable by jpshortstuff (23.02.10.1)
Log created at 19:35 on 11/10/2014 (Kirill)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...

-=E.O.F=-

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-10-2014
Ran by Rainer Heinloth (ATTENTION: The logged in user is not administrator) on HEINLOTH-PC on 11-10-2014 20:08:19
Running from C:\Users\Rainer Heinloth\Downloads
Loaded Profiles: Kirill & Rainer Heinloth (Available profiles: Heinloth & Kirill & Rainer Heinloth & KIRI)
Platform: Microsoft® Windows Vista™ Home Premium  (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 7
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1006264 2007-06-19] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4390912 2007-02-15] (Realtek Semiconductor)
HKLM\...\Run: [SMSERIAL] => C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [630784 2006-11-22] (Motorola Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [857648 2007-02-15] (Synaptics, Inc.)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM\...\Run: [TVBroadcast] => C:\Program Files\Sceneo\Bonavista\Services\ODSBC\ODSBCApp.exe [790016 2007-05-08] (ODSoft multimedia)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [151552 2006-11-15] (Intel Corporation)
HKLM\...\Run: [BullGuard] => C:\Program Files\BullGuard Software\BullGuard\bullguard.exe [308552 2007-10-28] (BullGuard Software)
HKLM\...\Run: [LaunchAp] => C:\Program Files\Launch Manager\LaunchAp.exe [32768 2005-07-25] ()
HKLM\...\Run: [HotkeyApp] => C:\Program Files\Launch Manager\HotkeyApp.exe [192512 2006-12-14] (Wistron)
HKLM\...\Run: [CtrlVol] => "C:\Program Files\Launch Manager\CtrlVol.exe"
HKLM\...\Run: [LMgrOSD] => C:\Program Files\Launch Manager\OSD.exe [180224 2006-12-26] (Wistron Corp.)
HKLM\...\Run: [Wbutton] => C:\Program Files\Launch Manager\Wbutton.exe [86016 2006-11-09] ()
HKLM\...\Run: [UVS10 Preload] => C:\Program Files\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe [36864 2006-08-10] (Ulead Systems, Inc.)
HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [220160 2007-07-16] (Google)
HKLM\...\Run: [toolbar_eula_launcher] => C:\Program Files\GoogleEULA\EULALauncher.exe [16896 2007-02-09] ( )
HKLM\...\Run: [WinampAgent] => "C:\Program Files\Winamp\winampa.exe"
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1144104 2010-06-03] ()
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [281768 2011-04-21] (Avira GmbH)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\RunOnce: [*WerKernelReporting] => C:\Windows\SYSTEM32\WerFault.exe [216064 2006-11-02] (Microsoft Corporation)
HKU\S-1-5-21-909979215-2612829583-2891170152-1006\...\Run: [Google Update] => C:\Users\Rainer Heinloth\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-08-06] (Google Inc.)
HKU\S-1-5-21-909979215-2612829583-2891170152-1006\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-02-10] (Google Inc.)
HKU\S-1-5-21-909979215-2612829583-2891170152-1006\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125440 2006-11-02] (Microsoft Corporation)
AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [146432 2007-07-16] (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Philips SA011 Gere-Manager.lnk
ShortcutTarget: Philips SA011 Gere-Manager.lnk -> C:\Program Files\Philips\GoGear SA011 Device Manager\main.exe (KeenHigh Tech.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
URLSearchHook: HKLM - Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
URLSearchHook: HKLM - MAX DE Atube Toolbar - {6844d7d2-99a7-4bb2-84b6-e1b865860cc4} - C:\Program Files\MAX_DE_Atube\tbMAX_.dll (Conduit Ltd.)
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2189224
SearchScopes: HKLM - {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2189224
SearchScopes: HKCU - {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Winamp Toolbar Loader -> {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} -> C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
BHO: MAX DE Atube Toolbar -> {6844d7d2-99a7-4bb2-84b6-e1b865860cc4} -> C:\Program Files\MAX_DE_Atube\tbMAX_.dll (Conduit Ltd.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: No Name -> {7E853D72-626A-48EC-A868-BA8D5E23E045} ->  No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
Toolbar: HKLM - MAX DE Atube Toolbar - {6844d7d2-99a7-4bb2-84b6-e1b865860cc4} - C:\Program Files\MAX_DE_Atube\tbMAX_.dll (Conduit Ltd.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Winamp Toolbar - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
Toolbar: HKCU - MAX DE Atube Toolbar - {6844D7D2-99A7-4BB2-84B6-E1B865860CC4} - C:\Program Files\MAX_DE_Atube\tbMAX_.dll (Conduit Ltd.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1183949065925
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Rainer Heinloth\AppData\Roaming\Mozilla\Firefox\Profiles\0g5owe91.default
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Rainer Heinloth\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Rainer Heinloth\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Rainer Heinloth\AppData\Roaming\Mozilla\Firefox\Profiles\0g5owe91.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2011-08-06]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} [2010-03-05]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2011-06-11]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} [2012-02-06]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-11]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Rainer Heinloth\AppData\Local\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Rainer Heinloth\AppData\Local\Google\Chrome\Application\37.0.2062.124\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Rainer Heinloth\AppData\Local\Google\Chrome\Application\37.0.2062.124\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U30) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Profile: C:\Users\Rainer Heinloth\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Rainer Heinloth\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-06]
CHR Extension: (YouTube) - C:\Users\Rainer Heinloth\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-16]
CHR Extension: (Google-Suche) - C:\Users\Rainer Heinloth\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-16]
CHR Extension: (Google Wallet) - C:\Users\Rainer Heinloth\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Google Mail) - C:\Users\Rainer Heinloth\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-16]
CHR StartMenuInternet: Google Chrome - C:\Users\Kirill\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [136360 2011-04-21] (Avira GmbH)
S2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [269480 2011-08-13] (Avira GmbH)
S2 BackupStack; C:\Program Files\JustCloud\BackupStack.exe [38440 2013-08-29] (Just Develop It) <==== ATTENTION
S2 BGLiveSvc; C:\Program Files\BullGuard Software\BullGuard\BullGuardUpdate.exe [718152 2007-10-28] (BullGuard Software)
S2 BgMainSvc; C:\Program Files\BullGuard Software\BullGuard\BsMain.dll [83272 2007-10-28] (BullGuard, Ltd.)
S2 BsFileScan; C:\Program Files\BullGuard Software\BullGuard\BsFileScan.dll [107848 2007-10-28] (BullGuard Ltd.)
S2 BsMailProxy; C:\Program Files\BullGuard Software\BullGuard\BsMailProxy.dll [58696 2007-09-07] (BullGuard Ltd.)
S3 FirebirdServerMAGIXInstance; C:\Program Files\ALDI Sued Foto Service\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®) [File not signed]
S2 GnabService; c:\program files\common files\gnab\service\servicecontroller.exe [36864 2007-04-13] (Empolis GmbH) [File not signed]
S3 GoogleDesktopManager; C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe [69120 2007-07-16] (Google) [File not signed]
S2 IAANTMON; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [81920 2006-11-15] (Intel Corporation) [File not signed]
S2 iphlpsvc; C:\Windows\System32\svchost.exe [22016 2006-11-02] (Microsoft Corporation)
S2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2006-10-19] (Hewlett-Packard Company) [File not signed]
R2 lmhosts; C:\Windows\system32\svchost.exe [22016 2006-11-02] (Microsoft Corporation)
S3 NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2006-12-05] (Nero AG) [File not signed]
R2 NlaSvc; C:\Windows\System32\svchost.exe [22016 2006-11-02] (Microsoft Corporation)
S3 NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [262144 2006-12-23] (Nero AG) [File not signed]
R2 nsi; C:\Windows\system32\svchost.exe [22016 2006-11-02] (Microsoft Corporation)
S2 srvcPVR; C:\Program Files\Sceneo\Bonavista\Services\PVR\PVRService.exe [1600512 2007-05-04] (Buhl Data Service GmbH) [File not signed]
S2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-09-28] (Ulead Systems, Inc.) [File not signed]
S3 usnjsvc; C:\Program Files\MSN Messenger\usnsvc.exe [97136 2007-01-19] (Microsoft Corporation)
S3 WisLMSvc; C:\Program Files\Launch Manager\WisLMSvc.exe [118784 2006-11-17] (Wistron Corp.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [66616 2011-08-13] (Avira GmbH)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [138192 2011-08-13] (Avira GmbH)
S2 BdFileSpy; C:\Windows\system32\drivers\BdFileSpy.sys [50896 2007-10-28] (BullGuard Ltd.)
S3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd5.sys [45568 2006-11-02] (VIA Technologies, Inc.              )
S1 Hotkey; C:\Windows\system32\Drivers\Hotkey.sys [9867 2003-04-28] () [File not signed]
R3 Iviaspi; C:\Windows\System32\drivers\iviaspi.sys [16024 2006-11-22] (InterVideo, Inc.)
S3 Reconn; C:\Program Files\BullGuard Software\BullGuard\reconn.sys [16984 2007-04-18] (BullGuard Ltd.)
R3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [277504 2007-07-05] (Realtek Semiconductor Corporation                           )
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1729152 2007-02-07] ()
S1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2009-10-08] (Avira GmbH)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S1 mailKmd; No ImagePath
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-11 20:08 - 2014-10-11 20:08 - 00019151 _____ () C:\Users\Rainer Heinloth\Downloads\FRST.txt
2014-10-11 20:06 - 2014-10-11 20:08 - 00000000 ____D () C:\FRST
2014-10-11 20:06 - 2014-10-11 20:06 - 01101312 _____ (Farbar) C:\Users\Rainer Heinloth\Downloads\FRST.exe
2014-10-11 19:59 - 2014-10-11 19:59 - 00050477 _____ () C:\Users\Rainer Heinloth\Downloads\Defogger.exe
2014-10-11 19:57 - 2014-10-11 19:57 - 00000000 ____D () C:\Users\Rainer Heinloth\AppData\Local\Macromedia
2014-10-11 19:09 - 2014-10-11 19:09 - 00000000 ____D () C:\Users\Rainer Heinloth\AppData\Roaming\Avira
2014-09-26 19:13 - 2014-09-26 19:13 - 00000000 ____H () C:\Users\Rainer Heinloth\AppData\Local\BITB03B.tmp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-11 20:03 - 2007-09-10 21:18 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-10-11 20:03 - 2007-09-06 23:42 - 00000000 ____D () C:\Users\Kirill
2014-10-11 19:48 - 2011-11-07 02:30 - 00000000 ____D () C:\Windows\Minidump
2014-10-11 19:48 - 2011-11-07 02:29 - 210164177 _____ () C:\Windows\MEMORY.DMP
2014-10-11 19:45 - 2012-05-28 01:20 - 00000326 _____ () C:\Windows\Tasks\SpeedUpMyPC.job
2014-10-11 19:45 - 2011-08-06 01:50 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-11 19:45 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-11 19:45 - 2006-11-02 14:47 - 00003456 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-11 19:45 - 2006-11-02 14:47 - 00003456 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-11 19:44 - 2007-09-06 08:43 - 01661300 _____ () C:\Windows\WindowsUpdate.log
2014-10-11 19:34 - 2006-11-02 12:33 - 01488910 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-11 19:22 - 2013-03-04 02:41 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-11 13:55 - 2006-11-02 15:01 - 00032538 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-11 13:53 - 2007-06-20 14:13 - 00035666 _____ () C:\Windows\PFRO.log
2014-10-11 13:45 - 2007-09-07 00:53 - 00000438 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{EE5CD73B-8BA4-4428-B139-B400A14D8ED5}.job
2014-10-11 13:45 - 2007-09-06 23:45 - 00000420 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{93969C8D-9BE0-497A-A734-02AF5E559884}.job
2014-10-11 13:45 - 2007-09-06 10:35 - 00000424 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{D74DDEC7-869F-4E73-B308-7308EC1C5C20}.job
2014-10-11 13:42 - 2011-08-06 01:50 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-11 13:34 - 2011-08-06 14:50 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-909979215-2612829583-2891170152-1007UA.job
2014-10-11 13:16 - 2011-08-06 03:13 - 00001160 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-909979215-2612829583-2891170152-1006UA.job
2014-10-11 13:16 - 2011-08-06 03:13 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-909979215-2612829583-2891170152-1006Core.job
2014-10-09 16:57 - 2010-03-02 13:22 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-909979215-2612829583-2891170152-1005UA.job
2014-09-28 07:19 - 2011-08-06 03:21 - 00002088 _____ () C:\Users\Rainer Heinloth\Desktop\Google Chrome.lnk
2014-09-21 16:07 - 2006-11-02 14:52 - 00066234 _____ () C:\Windows\setupact.log
2014-09-21 14:34 - 2011-08-06 14:50 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-909979215-2612829583-2891170152-1007Core.job
2014-09-15 09:06 - 2009-10-02 23:38 - 00231568 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-11 19:22 - 2013-03-04 02:41 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-11 19:22 - 2013-03-04 02:41 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\Rainer Heinloth\AppData\Local\Temp\AskSLib.dll
C:\Users\Rainer Heinloth\AppData\Local\Temp\install_reader10_de_mssa_aih (1).exe
C:\Users\Rainer Heinloth\AppData\Local\Temp\install_reader10_de_mssa_aih (3).exe
C:\Users\Rainer Heinloth\AppData\Local\Temp\install_reader10_de_mssa_aih (4).exe
C:\Users\Rainer Heinloth\AppData\Local\Temp\install_reader10_de_mssa_aih (4)_1.exe
C:\Users\Rainer Heinloth\AppData\Local\Temp\{01085C74-35EF-4227-9CB6-991316831028}-GoogleEarth-Win-Plugin-7.0.3.8542.exe
C:\Users\Rainer Heinloth\AppData\Local\Temp\{2FE463F9-DEA3-4B42-B124-7C002228D098}-GoogleEarth-Win-Plugin-7.1.2.2041.exe
C:\Users\Rainer Heinloth\AppData\Local\Temp\{98858F96-D60E-475D-BBAC-090E93BEE7AE}-GoogleEarth-Win-Plugin-6.2.2.6613.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================
--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-10-2014
Ran by Rainer Heinloth at 2014-10-11 20:09:07
Running from C:\Users\Rainer Heinloth\Downloads
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Flash Player 9 ActiveX (HKLM\...\ShockwaveFlash) (Version: 9 - Adobe Systems)
Adobe Reader X (10.1.3) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.3 - Adobe Systems Incorporated)
ALDI Foto Manager Free Sued 3.4.0.466 (D) (HKLM\...\ALDI Foto Manager Free Sued D) (Version: 3.4.0.466 - MAGIX AG)
ALDI Fotobuch Druck Service (HKLM\...\ALDI Fotobuch Druck Service_is1) (Version:  - )
ALDI Online Druck Service (Sued) (HKLM\...\ALDI Online Druck Service (Sued)) (Version:  - )
ALDI Sued Foto Service 1.10.1.67 (D) (HKLM\...\ALDI Sued Foto Service D) (Version: 1.10.1.67 - MAGIX AG)
aTube Catcher (HKLM\...\aTube Catcher) (Version: 2.9.4134 - DsNET Corp)
aTube Catcher 1.0 (HKLM\...\{C69405BB-27AF-4940-B3DA-04910B4DFD23}_is1) (Version:  - DsNET Corp)
Avira AntiVir Personal - Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 10.2.0.2100 - Avira GmbH)
BullGuard 7.0 for Vista (HKLM\...\BullGuard) (Version: 7.0 for Vista - BullGuard Software)
Command & Conquer Alarmstufe Rot 2 (HKLM\...\Red Alert 2) (Version:  - )
Command & Conquer(TM) Generäle (HKLM\...\InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}) (Version: 0.50.0000 - Electronic Arts)
Command & Conquer(TM) Generäle (Version: 0.50.0000 - Electronic Arts) Hidden
Die Sims Das volle Leben (HKLM\...\{2727FBEF-3155-11D4-8F73-0050DA0F6297}) (Version:  - )
DivX-Setup (HKLM\...\DivX Setup.divx.com) (Version: 1.0.2.22 - DivX, Inc. )
eBay Icon (HKLM\...\eBay Icon) (Version: 1.0 - AD ON Multimedia Advertising GmbH)
eBay.de - Skype 3.0 (HKLM\...\Skype_is1) (Version: 3.0 - Skype Technologies S.A.)
Firebird SQL Server - MAGIX Edition 2.0.0.1 (D) (HKLM\...\Firebird SQL Server D) (Version: 2.0.0.1 - MAGIX AG)
FM Screen Capture Codec (Remove Only) (HKLM\...\FMCODEC) (Version:  - )
GoGear SA011 Device Manager (HKLM\...\{4898E382-6F35-4191-B3A4-F0AF384BE214}) (Version: 0.1 - Philips)
GoGear SA011 Device Manager (Version: 0.1 - Philips) Hidden
Google Chrome (HKCU\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Desktop (HKLM\...\Google Desktop) (Version: - - Google)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
Hollywood - Directors Cut (HKLM\...\{9E5A2F17-5F82-40EB-B688-6FC9B93430D2}) (Version: 1.00.0000 - Purplehills)
ICQ6 (HKLM\...\{60DE4033-9503-48D1-A483-7846BD217CA9}) (Version: 6.00.0000 - ICQ)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - )
Intel(R) Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - )
InterVideo MediaOne Gallery (HKLM\...\{34F0D55F-C386-4195-9A5B-961D3F6ACD46}) (Version:  - )
InterVideo WinDVD 8 (HKLM\...\InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0-B6.195 - InterVideo Inc.)
InterVideo WinDVD 8 (Version: 8.0-B6.195 - InterVideo Inc.) Hidden
Java Auto Updater (Version: 2.0.6.1 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 2 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160020}) (Version: 1.6.0.20 - Sun Microsystems, Inc.)
Java(TM) 6 Update 30 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216018FF}) (Version: 6.0.300 - Sun Microsystems, Inc.)
JDownloader (HKLM\...\JDownloader) (Version: 0.89 - AppWork UG (haftungsbeschränkt))
JustCloud  (HKLM\...\JustCloud) (Version:  - JustCloud)
Launch Manager V1.3.9 (HKLM\...\{D0846526-66DD-4DC9-A02C-98F9A2806812}) (Version: 1.3.9 - Wistron Corp.)
LetsTrade Komponenten (HKLM\...\LetsTrade) (Version:  - )
LightScribe  1.4.124.1 (Version: 1.4.124.1 - hxxp://www.lightscribe.com) Hidden
LimeWire 4.14.8 (HKLM\...\LimeWire) (Version: 4.14.8 - Lime Wire, LLC)
Lottozahlengenerator 4.1  (HKLM\...\Lottozahlengenerator) (Version: 4.1 - Rüdiger Droste)
Malwarebytes' Anti-Malware Version 1.51.1.1800 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.51.1.1800 - Malwarebytes Corporation)
Max Payne 2 (HKLM\...\{EFE1AB94-5466-4B6E-BE31-FF4C115FD25D}) (Version: 1.01.102 - )
MAX_DE_Atube Toolbar (HKLM\...\MAX_DE_Atube Toolbar) (Version:  - )
MEDION Fotos auf CD Sued 6.0.2.0 (D) (HKLM\...\MEDION Fotos auf CD Sued D) (Version: 6.0.2.0 - MAGIX AG)
MEDIONbox (HKLM\...\{27FDF949-69CE-435A-8372-339F72336AC5}) (Version: 1.09.0000.00050 - Medion)
Mein Geld Professional (HKLM\...\{08E4F3CE-A34E-4667-8DE9-147249FAE468}) (Version: 8.00.0007 - Buhl Data Service GmbH)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB953297) (HKLM\...\M953297) (Version:  - )
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Works (HKLM\...\{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}) (Version: 08.05.0822 - Microsoft Corporation)
Microsoft XML Parser (Version: 8.0.7820.0 - Microsoft Corporation) Hidden
Microsoft XML Parser (Version: 8.20.8730.4 - Microsoft Corporation) Hidden
Motorola SM56 Data Fax Modem (HKLM\...\SMSERIAL) (Version:  - )
Mozilla Firefox 5.0.1 (x86 de) (HKLM\...\Mozilla Firefox 5.0.1 (x86 de)) (Version: 5.0.1 - Mozilla)
MSXML 4.0 SP2 (KB925672) (HKLM\...\{A9CF9052-F4A0-475D-A00F-A8388C62DD63}) (Version: 4.20.9839.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Essentials (HKLM\...\{63B75E16-F290-4FCD-AF67-A9134CD01031}) (Version: 7.02.5182 - Nero AG)
Network Play System (Patching) (HKLM\...\Network Play System (Patching)) (Version:  - )
Norton Security Scan (HKLM\...\NSS) (Version: 2.7.3.34 - Symantec Corporation)
OpenAL (HKLM\...\OpenAL) (Version:  - )
Operation Flashpoint uninstall (HKLM\...\Operation Flashpoint) (Version:  - )
PokerStars (HKLM\...\PokerStars) (Version:  - PokerStars)
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5374 - Realtek Semiconductor Corp.)
REALTEK RTL8187B Wireless LAN Driver (HKLM\...\{895722FE-25FE-4854-95AC-B0C42F9DBEDA}) (Version: Package:1.00.0006 Driver:6.1095.705.2007 - REALTEK Semiconductor Corp.)
Ruhm und Reichtum (HKLM\...\Ruhm und Reichtum) (Version:  - )
Sceneo AbsolutTV (HKLM\...\{4C73B683-B15D-4B94-AC7A-520B70C4FFE9}) (Version:  - )
ShotOnline (HKLM\...\ShotOnline) (Version: 1.0 - OnNet)
Skype™ 4.2 (HKLM\...\{D103C4BA-F905-437A-8049-DB24763BBE36}) (Version: 4.2.155 - Skype Technologies S.A.)
Suyin Live Camera (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 1.0.0.3 - Suyin OPTO)
SUYIN webcam (HKLM\...\{AA047D7C-5E7C-4878-B75C-77589151B563}) (Version: 1.0.1 - SUYIN)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 9.1.17.0 - Synaptics)
TomTom HOME 2.7.3.1894 (HKLM\...\TomTom HOME) (Version: 2.7.3.1894 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
TVsweeper (HKLM\...\{CCC8E84E-AB61-4EC0-890D-8B553915B3AD}) (Version: 3.0.2 - Sonavis)
Ulead PhotoImpact 12 (HKLM\...\{11AFE21E-B193-430D-B57A-DFF7815BB962}) (Version: 12.0 - Ulead System)
Ulead VideoStudio SE DVD (HKLM\...\{8F8D9297-FDD2-405A-97E7-E52C7B2F97B3}) (Version: 10.0 - Ulead Systems)
Uniblue SpeedUpMyPC (HKLM\...\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1) (Version: 5.2.1.7 - Uniblue Systems Ltd) <==== ATTENTION
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Office 2007 (KB932080) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{EDC9CA29-6BC1-471C-828C-7A36109005D7}) (Version:  - )
Update for Office 2007 (KB933688) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{F6E692F1-63C2-4760-94C6-C689DCD053F1}) (Version:  - )
Update for Office 2007 (KB934391) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{B3091818-7C56-4C45-BE7D-CA23027A5EA5}) (Version:  - )
Update for Office 2007 (KB934393) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{92FBAD46-E7F6-49FA-89B5-C39FC5BFAD15}) (Version:  - )
Update for Office System 2007 Setup (KB929722) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{D8E9BEBD-655F-467D-8176-CA9959C140A3}) (Version:  - )
Update for Word 2007 (KB934173) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C6A89125-5473-45E3-B413-ED8186437475}) (Version:  - )
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0 - DivX, Inc) Hidden
Winamp Remote (HKLM\...\Orb) (Version: 2.2008.0508.1530 - Orb Networks)
Winamp Toolbar for Firefox (HKLM\...\Winamp Toolbar for Firefox) (Version: 5.5.1.1 - AOL LLC) <==== ATTENTION
Winamp Toolbar for Internet Explorer (HKLM\...\Winamp Toolbar) (Version: 5.1.28.2 - AOL LLC) <==== ATTENTION
Windows Live Messenger (HKLM\...\{279DB581-239C-4E13-97F8-0F48E40BE75C}) (Version: 8.1.0178.00 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

Could not list Restore Points. Check "winmgmt" service or repair WMI.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)


(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-909979215-2612829583-2891170152-1005Core.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-909979215-2612829583-2891170152-1005UA.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-909979215-2612829583-2891170152-1006Core.job => C:\Users\Rainer Heinloth\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-909979215-2612829583-2891170152-1006UA.job => C:\Users\Rainer Heinloth\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-909979215-2612829583-2891170152-1007Core.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-909979215-2612829583-2891170152-1007UA.job => ?
Task: C:\Windows\Tasks\Norton Security Scan for Kirill.job => ?
Task: C:\Windows\Tasks\SpeedUpMyPC.job => ? <==== ATTENTION
Task: C:\Windows\Tasks\User_Feed_Synchronization-{93969C8D-9BE0-497A-A734-02AF5E559884}.job => ?
Task: C:\Windows\Tasks\User_Feed_Synchronization-{D74DDEC7-869F-4E73-B308-7308EC1C5C20}.job => ?
Task: C:\Windows\Tasks\User_Feed_Synchronization-{EE5CD73B-8BA4-4428-B139-B400A14D8ED5}.job => ?

==================== Loaded Modules (whitelisted) =============

2011-08-06 01:45 - 2011-07-08 09:31 - 01850328 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-909979215-2612829583-2891170152-500 - Administrator - Disabled)
ASPNET (S-1-5-21-909979215-2612829583-2891170152-1002 - Limited - Enabled)
Gast (S-1-5-21-909979215-2612829583-2891170152-501 - Limited - Enabled)
Heinloth (S-1-5-21-909979215-2612829583-2891170152-1003 - Administrator - Enabled) => C:\Users\Heinloth
KIRI (S-1-5-21-909979215-2612829583-2891170152-1007 - Limited - Enabled) => C:\Users\KIRI
Kirill (S-1-5-21-909979215-2612829583-2891170152-1005 - Administrator - Enabled) => C:\Users\Kirill
Rainer Heinloth (S-1-5-21-909979215-2612829583-2891170152-1006 - Limited - Enabled) => C:\Users\Rainer Heinloth

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/11/2014 07:49:55 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\vista_gdr\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (10/06/2014 05:48:50 PM) (Source: WerSvc) (EventID: 5007) (User: )
Description: Die Zieldatei für die Windows-Feedbackplattform (eine DLL-Datei, die eine Liste der auf diesem Computer aufgetretenen Probleme enthält, für deren Diagnose das Sammeln zusätzlicher Daten erforderlich ist) konnte nicht analysiert werden. Fehlercode 8014FFF9.

Error: (10/05/2014 07:13:39 PM) (Source: WerSvc) (EventID: 5007) (User: )
Description: Die Zieldatei für die Windows-Feedbackplattform (eine DLL-Datei, die eine Liste der auf diesem Computer aufgetretenen Probleme enthält, für deren Diagnose das Sammeln zusätzlicher Daten erforderlich ist) konnte nicht analysiert werden. Fehlercode 8014FFF9.

Error: (10/03/2014 06:45:09 PM) (Source: WerSvc) (EventID: 5007) (User: )
Description: Die Zieldatei für die Windows-Feedbackplattform (eine DLL-Datei, die eine Liste der auf diesem Computer aufgetretenen Probleme enthält, für deren Diagnose das Sammeln zusätzlicher Daten erforderlich ist) konnte nicht analysiert werden. Fehlercode 8014FFF9.

Error: (10/02/2014 08:59:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm DivXUpdate.exe, Version 1.0.1.10 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 38c
Anfangszeit: 01cfde66ba4210a0
Zeitpunkt der Beendigung: 0

Error: (10/02/2014 08:30:02 PM) (Source: WerSvc) (EventID: 5007) (User: )
Description: Die Zieldatei für die Windows-Feedbackplattform (eine DLL-Datei, die eine Liste der auf diesem Computer aufgetretenen Probleme enthält, für deren Diagnose das Sammeln zusätzlicher Daten erforderlich ist) konnte nicht analysiert werden. Fehlercode 8014FFF9.

Error: (09/29/2014 09:27:44 PM) (Source: WerSvc) (EventID: 5007) (User: )
Description: Die Zieldatei für die Windows-Feedbackplattform (eine DLL-Datei, die eine Liste der auf diesem Computer aufgetretenen Probleme enthält, für deren Diagnose das Sammeln zusätzlicher Daten erforderlich ist) konnte nicht analysiert werden. Fehlercode 8014FFF9.

Error: (09/27/2014 01:28:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung DivXUpdate.exe, Version 1.0.1.10, Zeitstempel 0x4c06fc6d, fehlerhaftes Modul MSVCP80.dll, Version 8.0.50727.4053, Zeitstempel 0x4a594cd0, Ausnahmecode 0xc0000005, Fehleroffset 0x000100b5,
Prozess-ID 0x100c, Anwendungsstartzeit DivXUpdate.exe0.

Error: (09/27/2014 01:06:31 PM) (Source: WerSvc) (EventID: 5007) (User: )
Description: Die Zieldatei für die Windows-Feedbackplattform (eine DLL-Datei, die eine Liste der auf diesem Computer aufgetretenen Probleme enthält, für deren Diagnose das Sammeln zusätzlicher Daten erforderlich ist) konnte nicht analysiert werden. Fehlercode 8014FFF9.

Error: (09/26/2014 07:13:20 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "NetGroupGetUsers()". hr = 0x800708b2.


Vorgang:
   Generator wird initialisiert

Kontext:
   Generatorklassen-ID: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
   Generatorname: MSSearch Service Writer


System errors:
=============
Error: (10/11/2014 08:08:45 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084wuauserv{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (10/11/2014 08:04:42 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B68-F52A-11D8-B9A5-505054503030}

Error: (10/11/2014 07:50:04 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (10/11/2014 07:49:57 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (10/11/2014 07:49:55 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (10/11/2014 07:49:45 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (10/11/2014 07:46:53 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: mailKmd

Error: (10/11/2014 07:44:06 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084wuauserv{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (10/11/2014 07:30:12 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (10/11/2014 07:30:11 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-10-11 19:45:24.637
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-11 19:20:53.292
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-11 19:16:18.297
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-11 19:07:33.979
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-11 13:09:25.261
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-10 19:59:58.107
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-09 19:44:37.788
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-09 19:32:15.637
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-09 17:39:44.935
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-09 16:42:09.668
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Genuine Intel(R) CPU T2130 @ 1.86GHz
Percentage of memory in use: 28%
Total physical RAM: 2037.56 MB
Available physical RAM: 1461.26 MB
Total Pagefile: 4308.36 MB
Available Pagefile: 3895.92 MB
Total Virtual: 2047.88 MB
Available Virtual: 1922.65 MB

==================== Drives ================================

Drive c: (BOOT) (Fixed) (Total:119 GB) (Free:42.18 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVER) (Fixed) (Total:30.04 GB) (Free:20.56 GB) FAT32

==================== MBR & Partition Table ==================

==================== End Of Log ============================
Geändert von 187Kiril (11.10.2014 um 19:26 Uhr)

 

Themen zu windows vista bluescreen 0x0000008E
0x0000008e, alternate, association, avgntflt.sys, bluescreen, bluescreen 0x0000008e, computer, device driver, farbar, hochgefahren, local\temp, nicht gefunden, office 2007, plug-in, problem, pup.optional.astromenda, pup.optional.astromenda.a, pup.optional.conduit, pup.optional.conduit.a, pup.optional.icqtoolbar.a, pup.optional.installcore, pup.optional.installcore.a, pup.optional.justcloud.a, pup.optional.mypcbackup.a, pup.optional.opencandy, rogue.link, start menu, trojaner, uleadburninghelper, uniblue speedupmypc entfernen, vista, winamp toolbar for firefox entfernen, windows, windows vista


« Registrierungsdatenbank, was davon sind wirkliche viren? | Chrome lädt Seiten extrem langsam »


Ähnliche Themen: windows vista bluescreen 0x0000008E


  1. Windows Vista: Probleme beim Einloggen, Bluescreen und Absturz
    Log-Analyse und Auswertung - 02.11.2014 (13)
  2. Schadsoftware auf Windows Vista verursacht Bluescreen ?
    Log-Analyse und Auswertung - 07.10.2014 (64)
  3. Windows Vista - "Bluescreen beim Booten - komme nicht weiter"
    Log-Analyse und Auswertung - 29.08.2014 (15)
  4. Bluescreen windows vista
    Alles rund um Windows - 05.10.2013 (2)
  5. Windows Vista 32-bit, Standbild, Bluescreen ... JAVA/Dldr.Obfshlp.QQ
    Log-Analyse und Auswertung - 22.08.2013 (4)
  6. Bluescreen/ Windows Vista
    Alles rund um Windows - 18.08.2013 (2)
  7. AVIRA Scan nach VISTA Absturz mit Windows Bluescreen
    Log-Analyse und Auswertung - 23.05.2013 (1)
  8. Windows vista 32, nach virussuche bluescreen
    Plagegeister aller Art und deren Bekämpfung - 11.01.2012 (45)
  9. Bluescreen bei Windows Vista
    Alles rund um Windows - 23.11.2011 (1)
  10. rotkit, bluescreen windows vista hängt
    Plagegeister aller Art und deren Bekämpfung - 21.01.2011 (1)
  11. bluescreen unter windows vista und windows 7
    Alles rund um Windows - 08.02.2010 (3)
  12. Bluescreen beim Öffnen von Dateien durch Fehler 0x0000008E
    Log-Analyse und Auswertung - 05.02.2010 (8)
  13. Stop: 0x0000008E
    Alles rund um Windows - 03.08.2009 (0)
  14. Blue screen 0x0000008E
    Plagegeister aller Art und deren Bekämpfung - 15.04.2009 (2)
  15. Bluescreen unter Windows Vista nach Anmeldung
    Mülltonne - 13.12.2008 (0)
  16. Bluescreen bei Vista 32
    Mülltonne - 29.02.2008 (0)
  17. STOP: 0x0000008E ??????
    Alles rund um Windows - 07.08.2006 (17)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema windows vista bluescreen 0x0000008E - Hallo Trojaner Board Ich habe ein Problem mit meinem PC. Nachdem der Computer hochgefahren ist, kommt ein bluescreen. 0x0000008E mgf, kiril Code: Alles auswählen Aufklappen ATTFilter defogger_didable by jpshortstuff (23.02.10.1) - windows vista bluescreen 0x0000008E...
Archiv
Du betrachtest: windows vista bluescreen 0x0000008E auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132