Windows 8: RunDLL - Problem beim Starten von C:\Program Files (86x)\Home Tab\TBUpdater.dll Hallo,
nach Neustart meines Laptops erscheint immer oben genannte Fehlermeldung + "Das angegebene Modul wurde nicht gefunden."
Folgende Logs habe ich nach der Anleitung erstellt:
GMER: Code:
GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-10-25 11:46:34
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000042 ST500LM012_HN-M500MBB rev.2AR10001 465,76GB
Running: yd0vezhw.exe; Driver: C:\Users\svea\AppData\Local\Temp\pxloypod.sys
---- User code sections - GMER 2.1 ----
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1040] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fefcb91532 4 bytes [B9, FC, FE, 07]
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1040] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fefcb9153a 4 bytes [B9, FC, FE, 07]
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1040] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fefcb9165a 4 bytes [B9, FC, FE, 07]
.text C:\Windows\system32\nvvsvc.exe[1052] C:\Windows\system32\MSIMG32.dll!GradientFill + 690 000007fefcb91532 4 bytes [B9, FC, FE, 07]
.text C:\Windows\system32\nvvsvc.exe[1052] C:\Windows\system32\MSIMG32.dll!GradientFill + 698 000007fefcb9153a 4 bytes [B9, FC, FE, 07]
.text C:\Windows\system32\nvvsvc.exe[1052] C:\Windows\system32\MSIMG32.dll!TransparentBlt + 246 000007fefcb9165a 4 bytes [B9, FC, FE, 07]
.text C:\Windows\system32\nvvsvc.exe[1052] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007ff029d177a 4 bytes [9D, 02, FF, 07]
.text C:\Windows\system32\nvvsvc.exe[1052] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007ff029d1782 4 bytes [9D, 02, FF, 07]
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3820] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fefcb91532 4 bytes [B9, FC, FE, 07]
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3820] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fefcb9153a 4 bytes [B9, FC, FE, 07]
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3820] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fefcb9165a 4 bytes [B9, FC, FE, 07]
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[3684] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fefcb91532 4 bytes [B9, FC, FE, 07]
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[3684] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fefcb9153a 4 bytes [B9, FC, FE, 07]
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[3684] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fefcb9165a 4 bytes [B9, FC, FE, 07]
.text C:\Windows\system32\igfxpers.exe[4220] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007ff029d177a 4 bytes [9D, 02, FF, 07]
.text C:\Windows\system32\igfxpers.exe[4220] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007ff029d1782 4 bytes [9D, 02, FF, 07]
---- Threads - GMER 2.1 ----
Thread C:\Windows\system32\csrss.exe [700:724] fffff960009b15e8
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ---- FRST.txt Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-10-2013
Ran by svea (administrator) on SVELIPC on 25-10-2013 11:53:41
Running from C:\Users\svea\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Check Point Software Technologies LTD) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\Polar\Daemon\polard.exe
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
() C:\Program Files (x86)\Polar\WebSync\WebSync.exe
(Dropbox, Inc.) C:\Users\svea\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Windows\system32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Check Point Software Technologies LTD) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [ACMON] - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-08-24] (ASUS)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013-09-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [3417984 2012-08-28] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [ZoneAlarm] - C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [73832 2013-08-12] (Check Point Software Technologies LTD)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll [247144 2012-10-08] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll [202600 2012-10-08] (NVIDIA Corporation)
Startup: C:\Users\svea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\svea\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1381096800000.000009&tguid=66920-6787-1381157894639-EED21BB34F02A323FB30E3885B788FB7&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1381096800000.000009&tguid=66920-6787-1381157894639-EED21BB34F02A323FB30E3885B788FB7&q={searchTerms}
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1381157894639&tguid=66920-6787-1381157894639-EED21BB34F02A323FB30E3885B788FB7&q={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Browser Guard - {02a0d829-4393-46fc-a37e-126263035883} - C:\Program Files (x86)\Browser Guard\browserguard.dll (Browser Guard)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Free PDF Perfect - {EFC2B9BE-AB2B-47F1-A47D-9EB28E58C917} - C:\Program Files (x86)\Freemium\Free PDF Perfect\ieagent64.dll (soft Xpansion)
Toolbar: HKLM-x32 - Free PDF Perfect - {EFC2B9BE-AB2B-47F1-A47D-9EB28E58C917} - C:\Program Files (x86)\Freemium\Free PDF Perfect\ieagent32.dll (soft Xpansion)
Toolbar: HKCU - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\svea\AppData\Roaming\Mozilla\Firefox\Profiles\0ase3jf9.default
FF NewTab: about:home
FF SearchEngineOrder.1: Web Search
FF Homepage: about:home
FF Keyword.URL: hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=4.4&ts=1381096800000.000009&tguid=66920-6787-1381157894639-EED21BB34F02A323FB30E3885B788FB7&st=chrome&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin-x32: @checkpoint.com/FFApi - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @soft-xpansion/npsxpdf - C:\Program Files (x86)\Common Files\Freemium\np-sxpdf.dll (soft-Xpansion)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\svea\AppData\Roaming\Mozilla\Firefox\Profiles\0ase3jf9.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKLM-x32\...\Thunderbird\Extensions: [{B45418F9-6406-4828-9D1A-35313FB1E2D6}] - C:\ProgramData\Freemium\Free PDF Perfect\Data\fftb
FF Extension: Free PDF Perfect - C:\ProgramData\Freemium\Free PDF Perfect\Data\fftb
==================== Services (Whitelisted) =================
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
S3 COMSysApp; C:\Windows\SysWow64\dllhost.exe [8704 2012-07-26] (Microsoft Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 msiserver; C:\Windows\SysWow64\msiexec.exe [62976 2012-07-26] (Microsoft Corporation)
R2 Polar Daemon; C:\Program Files (x86)\Polar\Daemon\polard.exe [419536 2012-12-12] ()
S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234096 2013-10-07] (soft Xpansion)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2445304 2013-08-12] (Check Point Software Technologies LTD)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 WSearch; C:\Windows\SysWow64\SearchIndexer.exe [670208 2013-04-08] (Microsoft Corporation)
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [54160 2013-06-18] (Check Point Software Technologies, Ltd.)
==================== Drivers (Whitelisted) ====================
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [61824 2012-10-31] (ASUS Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [458584 2013-08-04] (Kaspersky Lab ZAO)
R1 kl2; C:\Windows\system32\DRIVERS\kl2.sys [11864 2012-01-09] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2013-02-21] (Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [612696 2013-08-04] (Kaspersky Lab)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R1 Vsdatant; C:\Windows\System32\drivers\vsdatant.sys [451096 2013-06-13] (Check Point Software Technologies LTD)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [89944 2013-08-04] (Kaspersky Lab)
U0 msahci;
U3 pxloypod; \??\C:\Users\svea\AppData\Local\Temp\pxloypod.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-25 11:46 - 2013-10-25 11:46 - 00003381 _____ C:\Users\svea\Desktop\gmer.log
2013-10-25 11:36 - 2013-10-25 11:36 - 551929597 _____ C:\Windows\MEMORY.DMP
2013-10-25 11:36 - 2013-10-25 11:36 - 00307048 _____ C:\Windows\Minidump\102513-25421-01.dmp
2013-10-25 11:36 - 2013-10-25 11:36 - 00000000 ____D C:\Windows\Minidump
2013-10-25 11:31 - 2013-10-25 11:31 - 00377856 _____ C:\Users\svea\Downloads\yd0vezhw.exe
2013-10-25 11:30 - 2013-10-25 11:30 - 00027942 _____ C:\Users\svea\Downloads\Addition.txt
2013-10-25 11:29 - 2013-10-25 11:29 - 01955412 _____ (Farbar) C:\Users\svea\Downloads\FRST64.exe
2013-10-25 11:29 - 2013-10-25 11:29 - 00000000 ____D C:\FRST
2013-10-25 10:27 - 2013-10-25 10:27 - 00012576 _____ C:\Windows\PFRO.log
2013-10-25 10:23 - 2013-10-25 10:42 - 00000000 ____D C:\Program Files\CCleaner
2013-10-25 10:23 - 2013-10-25 10:23 - 00002770 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-10-25 10:23 - 2013-10-25 10:23 - 00000824 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-10-25 10:22 - 2013-10-25 10:22 - 04379048 _____ (Piriform Ltd) C:\Users\svea\Downloads\ccsetup407.exe
2013-10-24 17:35 - 2013-10-24 17:35 - 00000569 ____H C:\Windows\SysWOW64\BTImages.dat
2013-10-24 08:46 - 2013-10-24 08:46 - 00004857 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-24 08:46 - 2013-10-24 08:46 - 00000000 ____D C:\ProgramData\Oracle
2013-10-24 08:46 - 2013-10-08 07:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-24 08:46 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-24 08:46 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-24 08:46 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-24 08:44 - 2013-10-24 08:44 - 00001111 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-10-24 08:44 - 2013-10-24 08:44 - 00000000 ____D C:\Users\svea\AppData\Roaming\Malwarebytes
2013-10-24 08:44 - 2013-10-24 08:44 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-24 08:44 - 2013-10-24 08:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-24 08:44 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-10-24 08:43 - 2013-10-24 08:43 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\svea\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-24 08:14 - 2013-08-04 00:02 - 00612696 _____ (Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2013-10-24 08:14 - 2013-08-04 00:02 - 00458584 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2013-10-24 08:14 - 2013-08-04 00:02 - 00089944 _____ (Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2013-10-24 08:04 - 2013-10-24 08:04 - 02474400 _____ (Check Point Software Technologies LTD) C:\Users\svea\Downloads\zaSetupWeb_110_780_000.exe
2013-10-21 06:47 - 2013-10-21 06:47 - 00002021 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2013-10-14 21:50 - 2013-10-14 21:50 - 05466953 _____ C:\Users\svea\Documents\Adam.psd
2013-10-14 06:35 - 2013-10-14 06:36 - 03028656 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-13 09:16 - 2013-10-13 09:16 - 02515254 _____ C:\Users\svea\Documents\Sylvie.psd
2013-10-13 09:08 - 2013-10-13 09:08 - 00015770 _____ C:\Users\svea\Downloads\imgres2.htm
2013-10-13 09:07 - 2013-10-13 09:07 - 00015722 _____ C:\Users\svea\Downloads\imgres.htm
2013-10-13 00:26 - 2013-08-10 07:21 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2013-10-13 00:26 - 2013-08-10 07:21 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncInfo.dll
2013-10-13 00:26 - 2013-08-10 05:58 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2013-10-13 00:26 - 2013-08-03 08:40 - 01374208 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2013-10-13 00:26 - 2013-08-03 08:40 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2013-10-13 00:26 - 2013-08-03 08:40 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2013-10-13 00:26 - 2013-08-03 07:14 - 00399360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2013-10-13 00:26 - 2013-08-03 07:13 - 01245696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2013-10-13 00:26 - 2013-08-03 07:13 - 00437248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2013-10-13 00:26 - 2013-08-02 08:28 - 19758080 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-10-13 00:26 - 2013-08-02 08:28 - 10116608 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2013-10-13 00:26 - 2013-08-02 08:28 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-10-13 00:26 - 2013-08-02 08:26 - 02304512 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-10-13 00:26 - 2013-08-02 07:08 - 17561088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-10-13 00:26 - 2013-08-02 07:08 - 08858112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-10-13 00:26 - 2013-08-02 07:08 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-10-13 00:26 - 2013-08-02 07:06 - 02035712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-10-13 00:26 - 2013-08-01 12:41 - 02233688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-13 00:26 - 2013-07-31 01:30 - 00386923 _____ C:\Windows\system32\ApnDatabase.xml
2013-10-13 00:26 - 2013-07-25 01:10 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2013-10-13 00:26 - 2013-07-25 01:06 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll
2013-10-13 00:26 - 2013-04-10 01:17 - 01125888 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2013-10-13 00:26 - 2013-04-10 00:29 - 00893952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2013-10-11 13:37 - 2013-10-25 11:39 - 00000000 ___RD C:\Users\svea\Dropbox
2013-10-11 13:37 - 2013-10-11 13:37 - 00001002 _____ C:\Users\svea\Desktop\Dropbox.lnk
2013-10-11 13:34 - 2013-10-11 13:34 - 00000000 ____D C:\Users\svea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-10-11 13:33 - 2013-10-25 11:39 - 00000000 ____D C:\Users\svea\AppData\Roaming\Dropbox
2013-10-11 13:32 - 2013-10-11 13:32 - 35289176 _____ (Dropbox, Inc.) C:\Users\svea\Downloads\Dropbox 2.4.2.exe
2013-10-11 06:35 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-11 06:35 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-11 06:35 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-11 06:35 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-11 06:35 - 2013-09-23 00:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-11 06:35 - 2013-09-23 00:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-11 06:35 - 2013-09-23 00:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-11 06:35 - 2013-09-23 00:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-11 06:35 - 2013-09-23 00:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-11 06:35 - 2013-09-23 00:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-11 06:35 - 2013-09-23 00:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-11 06:35 - 2013-07-06 02:15 - 00652288 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-11 06:35 - 2013-07-04 04:13 - 00541696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-11 06:35 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-10-11 06:35 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2013-10-11 06:35 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-11 06:35 - 2013-05-14 11:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-11 06:35 - 2013-04-29 00:28 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-10-11 06:35 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-11 06:35 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-11 06:35 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-11 06:35 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-11 06:35 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-11 06:35 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-11 06:35 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-10-11 06:35 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-11 06:35 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-11 06:34 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-11 06:34 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-11 06:34 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-11 06:34 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-11 06:34 - 2013-09-23 00:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-11 06:34 - 2013-09-23 00:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-11 06:34 - 2013-08-23 07:11 - 04040192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-11 06:34 - 2013-07-20 00:13 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-11 06:34 - 2013-07-20 00:13 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-11 06:34 - 2013-07-06 00:02 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-11 06:34 - 2013-07-06 00:01 - 00210560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-11 06:34 - 2013-07-02 03:41 - 00447320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2013-10-11 06:34 - 2013-07-02 03:41 - 00337752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2013-10-11 06:34 - 2013-07-02 03:41 - 00213336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2013-10-11 06:34 - 2013-07-02 00:14 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys
2013-10-11 06:34 - 2013-07-01 03:42 - 00623448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-11 06:34 - 2013-07-01 03:42 - 00498008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-11 06:34 - 2013-07-01 03:42 - 00079192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-11 06:34 - 2013-07-01 03:42 - 00021848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-11 06:34 - 2013-06-29 05:08 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-11 06:34 - 2013-06-29 05:07 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-11 06:34 - 2013-06-29 05:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-11 06:34 - 2013-06-29 05:06 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-11 06:34 - 2013-06-22 07:45 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-11 06:34 - 2013-06-22 07:45 - 00054488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2013-10-11 06:34 - 2013-05-27 01:17 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-11 06:34 - 2013-05-27 00:59 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-11 06:34 - 2013-05-25 05:15 - 00362496 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-11 06:34 - 2013-05-25 04:32 - 00300032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-09 18:31 - 2013-10-10 10:40 - 00000000 ____D C:\Users\svea\Documents\International Office
2013-10-09 15:11 - 2013-10-09 15:10 - 00284324 _____ C:\Users\svea\Downloads\POSTIDENT
2013-10-08 13:33 - 2013-10-17 21:51 - 00000000 ____D C:\Users\svea\Documents\Polikum
2013-10-07 19:09 - 2013-10-07 19:09 - 00354173 _____ C:\Users\svea\Downloads\346801.zip
2013-10-07 18:22 - 2013-10-10 01:45 - 00000000 ____D C:\Users\svea\Documents\Jobboerse
2013-10-07 17:07 - 2013-10-07 17:07 - 00002164 _____ C:\Users\svea\Desktop\Free PDF Perfect.lnk
2013-10-07 17:05 - 2013-10-07 17:05 - 00010464 _____ C:\Windows\SysWOW64\sx_p2d.tlb
2013-10-07 17:05 - 2013-10-07 17:05 - 00000000 ____D C:\ProgramData\Freemium
2013-10-07 17:05 - 2013-10-07 17:05 - 00000000 ____D C:\Program Files (x86)\Freemium
2013-10-07 17:04 - 2013-10-07 17:04 - 00000000 ____D C:\Users\svea\Downloads\freepdf
2013-10-07 17:04 - 2013-10-07 17:04 - 00000000 ____D C:\Program Files (x86)\Covus Freemium
2013-10-07 17:03 - 2013-10-07 17:04 - 00000000 ____D C:\ProgramData\Package Cache
2013-10-07 17:03 - 2013-10-07 17:03 - 00000000 ____D C:\Program Files (x86)\Browser Guard
2013-10-07 17:02 - 2013-10-07 17:02 - 00000000 ____D C:\SoloApp
2013-10-07 16:59 - 2013-10-07 16:59 - 00000000 ____D C:\Windows\System32\Tasks\ProtectedSearch
2013-10-07 16:59 - 2013-10-07 16:59 - 00000000 ____D C:\Windows\System32\Tasks\Browser Updater
2013-10-07 16:58 - 2013-10-24 16:10 - 00000000 ____D C:\Users\svea\AppData\Roaming\SimplyTech
2013-10-07 16:58 - 2013-10-24 16:10 - 00000000 ____D C:\Users\svea\AppData\Roaming\HomeTab
2013-10-07 16:58 - 2013-08-13 08:38 - 00032328 _____ C:\Windows\Launcher.exe
2013-10-07 16:55 - 2013-10-07 16:56 - 00000000 ____D C:\Users\svea\AppData\Local\DownloadGuide
2013-10-07 16:55 - 2013-10-07 16:54 - 00444400 _____ C:\Users\svea\Downloads\DLG_free-pdf-perfect_chip_de-DE10(1).exe
2013-10-07 16:54 - 2013-10-07 16:54 - 00444400 _____ C:\Users\svea\Downloads\DLG_free-pdf-perfect_chip_de-DE10.exe
2013-10-02 07:58 - 2013-10-02 07:58 - 00001068 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-10-01 10:12 - 2013-10-07 16:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-25 20:40 - 2013-08-07 07:15 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
==================== One Month Modified Files and Folders =======
2013-10-25 11:46 - 2013-10-25 11:46 - 00003381 _____ C:\Users\svea\Desktop\gmer.log
2013-10-25 11:43 - 2012-11-12 22:26 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-629225742-1312079339-1213930533-1002
2013-10-25 11:39 - 2013-10-11 13:37 - 00000000 ___RD C:\Users\svea\Dropbox
2013-10-25 11:39 - 2013-10-11 13:33 - 00000000 ____D C:\Users\svea\AppData\Roaming\Dropbox
2013-10-25 11:39 - 2012-11-12 22:21 - 00000450 _____ C:\Users\svea\AppData\Roaming\sp_data.sys
2013-10-25 11:36 - 2013-10-25 11:36 - 551929597 _____ C:\Windows\MEMORY.DMP
2013-10-25 11:36 - 2013-10-25 11:36 - 00307048 _____ C:\Windows\Minidump\102513-25421-01.dmp
2013-10-25 11:36 - 2013-10-25 11:36 - 00000000 ____D C:\Windows\Minidump
2013-10-25 11:36 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-25 11:35 - 2012-10-20 01:09 - 01551500 _____ C:\Windows\WindowsUpdate.log
2013-10-25 11:33 - 2012-11-14 16:45 - 00000000 ____D C:\Users\svea\Documents\Outlook-Dateien
2013-10-25 11:31 - 2013-10-25 11:31 - 00377856 _____ C:\Users\svea\Downloads\yd0vezhw.exe
2013-10-25 11:30 - 2013-10-25 11:30 - 00027942 _____ C:\Users\svea\Downloads\Addition.txt
2013-10-25 11:29 - 2013-10-25 11:29 - 01955412 _____ (Farbar) C:\Users\svea\Downloads\FRST64.exe
2013-10-25 11:29 - 2013-10-25 11:29 - 00000000 ____D C:\FRST
2013-10-25 11:03 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-10-25 10:42 - 2013-10-25 10:23 - 00000000 ____D C:\Program Files\CCleaner
2013-10-25 10:42 - 2012-11-12 22:19 - 00000000 ____D C:\Users\svea\AppData\Local\ASUS
2013-10-25 10:42 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\registration
2013-10-25 10:27 - 2013-10-25 10:27 - 00012576 _____ C:\Windows\PFRO.log
2013-10-25 10:24 - 2012-08-03 00:24 - 00000000 ____D C:\Windows\Panther
2013-10-25 10:23 - 2013-10-25 10:23 - 00002770 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-10-25 10:23 - 2013-10-25 10:23 - 00000824 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-10-25 10:22 - 2013-10-25 10:22 - 04379048 _____ (Piriform Ltd) C:\Users\svea\Downloads\ccsetup407.exe
2013-10-25 10:21 - 2012-08-03 01:02 - 00753134 _____ C:\Windows\system32\perfh007.dat
2013-10-25 10:21 - 2012-08-03 01:02 - 00155826 _____ C:\Windows\system32\perfc007.dat
2013-10-25 10:21 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-25 07:30 - 2012-11-12 22:37 - 00003544 _____ C:\Windows\System32\Tasks\ASUS Touchpad Launcher (x64)
2013-10-25 07:30 - 2012-10-20 01:06 - 00003114 _____ C:\Windows\System32\Tasks\ASUS Live Update
2013-10-24 17:35 - 2013-10-24 17:35 - 00000569 ____H C:\Windows\SysWOW64\BTImages.dat
2013-10-24 16:10 - 2013-10-07 16:58 - 00000000 ____D C:\Users\svea\AppData\Roaming\SimplyTech
2013-10-24 16:10 - 2013-10-07 16:58 - 00000000 ____D C:\Users\svea\AppData\Roaming\HomeTab
2013-10-24 08:46 - 2013-10-24 08:46 - 00004857 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-24 08:46 - 2013-10-24 08:46 - 00000000 ____D C:\ProgramData\Oracle
2013-10-24 08:46 - 2013-08-08 07:38 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-24 08:44 - 2013-10-24 08:44 - 00001111 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-10-24 08:44 - 2013-10-24 08:44 - 00000000 ____D C:\Users\svea\AppData\Roaming\Malwarebytes
2013-10-24 08:44 - 2013-10-24 08:44 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-24 08:44 - 2013-10-24 08:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-24 08:43 - 2013-10-24 08:43 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\svea\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-24 08:14 - 2012-11-17 13:09 - 00417570 _____ C:\Windows\system32\Drivers\vsconfig.xml
2013-10-24 08:14 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2013-10-24 08:12 - 2012-11-17 13:09 - 00000762 _____ C:\Users\Public\Desktop\ZoneAlarm Security.lnk
2013-10-24 08:04 - 2013-10-24 08:04 - 02474400 _____ (Check Point Software Technologies LTD) C:\Users\svea\Downloads\zaSetupWeb_110_780_000.exe
2013-10-21 06:47 - 2013-10-21 06:47 - 00002021 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2013-10-17 21:51 - 2013-10-08 13:33 - 00000000 ____D C:\Users\svea\Documents\Polikum
2013-10-15 14:14 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-10-15 07:23 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-10-14 21:50 - 2013-10-14 21:50 - 05466953 _____ C:\Users\svea\Documents\Adam.psd
2013-10-14 06:40 - 2012-11-12 22:20 - 00000000 ___RD C:\Users\svea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-14 06:40 - 2012-11-12 22:20 - 00000000 ___RD C:\Users\svea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-14 06:36 - 2013-10-14 06:35 - 03028656 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-14 06:34 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-10-14 06:33 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2013-10-13 09:16 - 2013-10-13 09:16 - 02515254 _____ C:\Users\svea\Documents\Sylvie.psd
2013-10-13 09:10 - 2013-06-10 20:54 - 00000000 ____D C:\Users\svea\AppData\Local\Adobe
2013-10-13 09:08 - 2013-10-13 09:08 - 00015770 _____ C:\Users\svea\Downloads\imgres2.htm
2013-10-13 09:07 - 2013-10-13 09:07 - 00015722 _____ C:\Users\svea\Downloads\imgres.htm
2013-10-11 13:37 - 2013-10-11 13:37 - 00001002 _____ C:\Users\svea\Desktop\Dropbox.lnk
2013-10-11 13:37 - 2012-11-12 22:19 - 00000000 ____D C:\Users\svea
2013-10-11 13:34 - 2013-10-11 13:34 - 00000000 ____D C:\Users\svea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-10-11 13:32 - 2013-10-11 13:32 - 35289176 _____ (Dropbox, Inc.) C:\Users\svea\Downloads\Dropbox 2.4.2.exe
2013-10-11 07:07 - 2013-09-06 13:29 - 00000000 ____D C:\Windows\system32\MRT
2013-10-11 07:05 - 2012-12-16 23:29 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-10 10:40 - 2013-10-09 18:31 - 00000000 ____D C:\Users\svea\Documents\International Office
2013-10-10 01:45 - 2013-10-07 18:22 - 00000000 ____D C:\Users\svea\Documents\Jobboerse
2013-10-09 15:10 - 2013-10-09 15:11 - 00284324 _____ C:\Users\svea\Downloads\POSTIDENT
2013-10-08 07:50 - 2013-10-24 08:46 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-08 07:46 - 2013-10-24 08:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-08 07:46 - 2013-10-24 08:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-08 07:46 - 2013-10-24 08:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-07 19:09 - 2013-10-07 19:09 - 00354173 _____ C:\Users\svea\Downloads\346801.zip
2013-10-07 18:12 - 2012-08-17 02:52 - 00000000 ____D C:\ProgramData\Adobe
2013-10-07 18:10 - 2012-11-12 22:20 - 00000000 ____D C:\Users\svea\AppData\Roaming\Adobe
2013-10-07 17:17 - 2012-11-14 16:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-07 17:07 - 2013-10-07 17:07 - 00002164 _____ C:\Users\svea\Desktop\Free PDF Perfect.lnk
2013-10-07 17:05 - 2013-10-07 17:05 - 00010464 _____ C:\Windows\SysWOW64\sx_p2d.tlb
2013-10-07 17:05 - 2013-10-07 17:05 - 00000000 ____D C:\ProgramData\Freemium
2013-10-07 17:05 - 2013-10-07 17:05 - 00000000 ____D C:\Program Files (x86)\Freemium
2013-10-07 17:04 - 2013-10-07 17:04 - 00000000 ____D C:\Users\svea\Downloads\freepdf
2013-10-07 17:04 - 2013-10-07 17:04 - 00000000 ____D C:\Program Files (x86)\Covus Freemium
2013-10-07 17:04 - 2013-10-07 17:03 - 00000000 ____D C:\ProgramData\Package Cache
2013-10-07 17:03 - 2013-10-07 17:03 - 00000000 ____D C:\Program Files (x86)\Browser Guard
2013-10-07 17:02 - 2013-10-07 17:02 - 00000000 ____D C:\SoloApp
2013-10-07 16:59 - 2013-10-07 16:59 - 00000000 ____D C:\Windows\System32\Tasks\ProtectedSearch
2013-10-07 16:59 - 2013-10-07 16:59 - 00000000 ____D C:\Windows\System32\Tasks\Browser Updater
2013-10-07 16:58 - 2013-10-01 10:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-07 16:56 - 2013-10-07 16:55 - 00000000 ____D C:\Users\svea\AppData\Local\DownloadGuide
2013-10-07 16:54 - 2013-10-07 16:55 - 00444400 _____ C:\Users\svea\Downloads\DLG_free-pdf-perfect_chip_de-DE10(1).exe
2013-10-07 16:54 - 2013-10-07 16:54 - 00444400 _____ C:\Users\svea\Downloads\DLG_free-pdf-perfect_chip_de-DE10.exe
2013-10-02 07:58 - 2013-10-02 07:58 - 00001068 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-10-02 07:58 - 2012-12-02 00:50 - 00000000 ____D C:\Users\svea\AppData\Roaming\vlc
2013-10-02 03:38 - 2012-12-19 17:18 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-02 03:38 - 2012-12-19 17:18 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-01 15:08 - 2012-11-14 16:32 - 00000000 ____D C:\Users\svea\AppData\Local\Mozilla
Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-10-20 07:29
==================== End Of Log ============================ Addition.txt Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-10-2013
Ran by svea at 2013-10-25 11:30:30
Running from C:\Users\svea\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: ZoneAlarm Antivirus (Enabled - Up to date) {DE038A5B-9EDD-18A9-2361-FF7D98D43730}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ZoneAlarm Anti-Spyware (Enabled - Up to date) {65626BBF-B8E7-1727-19D1-C40FE3537D8D}
FW: ZoneAlarm Firewall (Enabled) {E6380B7E-D4B2-19F1-083E-56486607704B}
==================== Installed Programs ======================
Adobe AIR (x32 Version: 1.1.0.5790)
Adobe Anchor Service CS4 (x32 Version: 2.0)
Adobe Anchor Service x64 CS4 (Version: 2.0)
Adobe Bridge CS4 (x32 Version: 3)
Adobe CMaps CS4 (x32 Version: 2.0)
Adobe CMaps x64 CS4 (Version: 2.0)
Adobe Color - Photoshop Specific CS4 (x32 Version: 2.0)
Adobe Color EU Extra Settings CS4 (x32 Version: 2.0)
Adobe Color JA Extra Settings CS4 (x32 Version: 2.0)
Adobe Color NA Recommended Settings CS4 (x32 Version: 2.0)
Adobe Color Video Profiles CS CS4 (x32 Version: 2.0)
Adobe CSI CS4 (x32 Version: 1)
Adobe CSI CS4 x64 (Version: 1)
Adobe Default Language CS4 (x32 Version: 2.0)
Adobe Device Central CS4 (x32 Version: 2)
Adobe Drive CS4 (x32 Version: 1)
Adobe Drive CS4 x64 (Version: 1)
Adobe ExtendScript Toolkit CS4 (x32 Version: 3.0.0)
Adobe Extension Manager CS4 (x32 Version: 2.0)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.202)
Adobe Fonts All (x32 Version: 2.0)
Adobe Fonts All x64 (Version: 2.0)
Adobe Linguistics CS4 (x32 Version: 4.0.0)
Adobe Linguistics CS4 x64 (Version: 4.0.0)
Adobe Media Player (x32 Version: 0.0.0)
Adobe Media Player (x32 Version: 1.1)
Adobe Output Module (x32 Version: 2.0)
Adobe PDF Library Files CS4 (x32 Version: 9.0)
Adobe PDF Library Files x64 CS4 (Version: 9.0)
Adobe Photoshop CS4 (64 Bit) (Version: 11.0)
Adobe Photoshop CS4 (x32 Version: 11.0)
Adobe Photoshop CS4 Support (x32 Version: 11.0)
Adobe Reader X (10.1.8) MUI (x32 Version: 10.1.8)
Adobe Search for Help (x32 Version: 1.0)
Adobe Service Manager Extension (x32 Version: 1.0)
Adobe Setup (x32 Version: 2.0)
Adobe Type Support CS4 (x32 Version: 9.0)
Adobe Type Support x64 CS4 (Version: 9.0)
Adobe Update Manager CS4 (x32 Version: 6.0.0)
Adobe WinSoft Linguistics Plugin (x32 Version: 1.1)
Adobe WinSoft Linguistics Plugin x64 (Version: 1.1)
Adobe XMP Panels CS4 (x32 Version: 2.0)
AdobeColorCommonSetCMYK (x32 Version: 2.0)
AdobeColorCommonSetRGB (x32 Version: 2.0)
ASUS Instant Connect (x32 Version: 1.2.8)
ASUS InstantOn (x32 Version: 3.0.2)
ASUS LifeFrame3 (x32 Version: 3.1.5)
ASUS Live Update (x32 Version: 3.1.8)
ASUS Power4Gear Hybrid (Version: 2.0.4)
ASUS Smart Gesture (x32 Version: 1.0.35)
ASUS Splendid Video Enhancement Technology (x32 Version: 1.03.0004)
ASUS Tutor (x32 Version: 1.0.7)
ASUS USB Charger Plus (x32 Version: 2.1.4)
ASUS WebStorage Sync Agent (x32 Version: 1.1.9.120)
ASUSDVD (x32 Version: 10.0.4126.52)
AsusVibe2.0 (x32 Version: 2.0.10.168)
ATK Package (x32 Version: 1.0.0022)
Browser Guard (x32)
CCleaner (Version: 4.07)
Connect (x32 Version: 1.0.0.1)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Dropbox (HKCU Version: 2.4.2)
Free Pdf Perfect Prereq (x32 Version: 1.0.0.0)
Freemium Free PDF Perfect (x32 Version: 1.0)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2828)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
kuler (x32 Version: 2.0)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mozilla Firefox 24.0 (x86 de) (x32 Version: 24.0)
Mozilla Maintenance Service (x32 Version: 24.0)
NVIDIA Grafiktreiber 305.46 (Version: 305.46)
NVIDIA Install Application (Version: 2.1002.82.513)
NVIDIA Optimus 1.10.8 (Version: 1.10.8)
NVIDIA PhysX (x32 Version: 9.12.0613)
NVIDIA PhysX System Software 9.12.0613 (Version: 9.12.0613)
NVIDIA Systemsteuerung 305.46 (Version: 305.46)
NVIDIA Update 1.10.8 (Version: 1.10.8)
NVIDIA Update Components (Version: 1.10.8)
PDF Settings CS4 (x32 Version: 9.0)
Photoshop Camera Raw (x32 Version: 5.0)
Photoshop Camera Raw_x64 (Version: 5.0)
Polar Daemon (x32 Version: 2.2.20000)
Polar WebSync (x32 Version: 2.8.10006)
Qualcomm Atheros Client Installation Program (x32 Version: 10.0)
Realtek Ethernet Controller Driver (x32 Version: 8.3.730.2012)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6657)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.8400.30136)
Shared C Run-time for x64 (Version: 10.0.0)
Suite Shared Configuration CS4 (x32 Version: 1.0)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
VLC media player 2.0.8 (x32 Version: 2.0.8)
Windows-Treiberpaket - ASUS (ATP) Mouse (10/29/2012 1.0.0.148) (Version: 10/29/2012 1.0.0.148)
WinFlash (x32 Version: 2.41.1)
ZoneAlarm Antivirus (x32 Version: 11.0.780.000)
ZoneAlarm Firewall (x32 Version: 11.0.780.000)
ZoneAlarm Free Antivirus + Firewall (x32 Version: 11.0.780.000)
ZoneAlarm LTD Toolbar
ZoneAlarm Security (x32 Version: 11.0.780.000)
==================== Restore Points =========================
07-10-2013 15:02:33 Free Pdf Perfect Prereq
11-10-2013 04:59:51 Windows Update
20-10-2013 07:58:26 Geplanter Prüfpunkt
24-10-2013 06:45:33 Installed Java 7 Update 45
25-10-2013 08:30:28 Wiederherstellungsvorgang
==================== Hosts content: ==========================
2012-07-26 07:26 - 2013-07-10 15:08 - 00001306 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
==================== Scheduled Tasks (whitelisted) =============
Task: {20100591-8B12-4F0C-877C-4C57354A154C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-22] (Piriform Ltd)
Task: {218E27C3-169D-43B5-8AC2-BAD3D5C8D5F8} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {48CB715D-25C9-460B-9BD6-D5646B3D9004} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {5E10AC40-32CE-46F9-ACB7-1049CED78CF7} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {6ADE4060-62A2-406D-8029-9D3D67AE2884} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2012-09-20] (Microsoft Corporation)
Task: {95E15C63-9F25-4575-8A23-0BD2D3B87927} - System32\Tasks\Browser Updater\Browser Updater => Rundll32.exe "C:\Program Files (x86)\HomeTab\TBUpdater.dll",TBCheckForUpdate
Task: {AB4AA4BE-68F3-4432-9BCD-BEC0286DCE42} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-07-25] (ASUSTeK Computer Inc.)
Task: {AE417CB8-F5C1-43E1-8DAF-E98291A7A27C} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-08-06] (ASUS)
Task: {B55BF41B-F2A4-4EBB-B23E-076A9F2DFC40} - System32\Tasks\ProtectedSearch\Protected Search => C:\Program Files (x86)\HomeTab\ProtectedSearch.exe
Task: {D428DAC1-2F8F-477E-8892-3ED5EC23213E} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-07-24] (ASUSTek Computer Inc.)
Task: {DE1DA0BA-C64D-4474-8ECD-4E5DEFE4E507} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2012-10-31] (AsusTek)
==================== Loaded Modules (whitelisted) =============
2012-08-24 18:26 - 2012-08-24 18:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2011-03-17 01:07 - 2011-03-17 01:07 - 04297568 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2012-09-07 09:48 - 2012-08-16 10:52 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll
2012-12-12 15:20 - 2012-12-12 15:20 - 03483856 _____ () C:\Program Files (x86)\Polar\Daemon\libpolar.dll
2012-08-24 18:17 - 2012-08-24 18:17 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2013-02-26 16:59 - 2013-02-26 16:59 - 00110648 _____ () C:\Program Files (x86)\Polar\WebSync\PTransform.dll
2013-02-26 16:59 - 2013-02-26 16:59 - 03722296 _____ () C:\Program Files (x86)\Polar\WebSync\libpolar.dll
2010-02-10 16:06 - 2010-02-10 16:06 - 00334848 _____ () C:\Program Files (x86)\Polar\WebSync\QtXml4.dll
2010-02-10 16:22 - 2010-02-10 16:22 - 07971840 _____ () C:\Program Files (x86)\Polar\WebSync\QtGui4.dll
2010-02-10 16:07 - 2010-02-10 16:07 - 00929280 _____ () C:\Program Files (x86)\Polar\WebSync\QtNetwork4.dll
2011-01-14 16:01 - 2011-01-14 16:01 - 02142720 _____ () C:\Program Files (x86)\Polar\WebSync\QtCore4.dll
2010-02-10 18:45 - 2010-02-10 18:45 - 00025600 _____ () C:\Program Files (x86)\Polar\WebSync\imageformats\qgif4.dll
2010-02-10 18:45 - 2010-02-10 18:45 - 00119808 _____ () C:\Program Files (x86)\Polar\WebSync\imageformats\qjpeg4.dll
2013-03-13 22:48 - 2013-03-13 22:48 - 24978944 _____ () C:\Users\svea\AppData\Roaming\Dropbox\bin\libcef.dll
2013-10-01 10:12 - 2013-10-01 10:12 - 03279768 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2012-10-20 00:57 - 2012-06-25 04:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2011-03-17 01:11 - 2011-03-17 01:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2010-12-21 02:15 - 2010-12-21 02:15 - 01041248 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/25/2013 10:43:49 AM) (Source: System Restore) (User: )
Description: Unbekannter Fehler bei der Systemwiederherstellung: (Installed Java 7 Update 45). Zusätzliche Informationen: 0x80070005.
Error: (10/25/2013 10:35:27 AM) (Source: System Restore) (User: )
Description: Unbekannter Fehler bei der Systemwiederherstellung: (Installed Java 7 Update 45). Zusätzliche Informationen: 0x80070005.
Error: (10/24/2013 08:13:05 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: vsmon.exe, Version: 11.0.0.504, Zeitstempel: 0x5153566d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.2.9200.16451, Zeitstempel: 0x50988950
Ausnahmecode: 0xa3410004
Fehleroffset: 0x00014b32
ID des fehlerhaften Prozesses: 0xfb4
Startzeit der fehlerhaften Anwendung: 0xvsmon.exe0
Pfad der fehlerhaften Anwendung: vsmon.exe1
Pfad des fehlerhaften Moduls: vsmon.exe2
Berichtskennung: vsmon.exe3
Vollständiger Name des fehlerhaften Pakets: vsmon.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vsmon.exe5
Error: (10/24/2013 08:13:02 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: vsmon.exe, Version: 11.0.0.504, Zeitstempel: 0x5153566d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.2.9200.16451, Zeitstempel: 0x50988950
Ausnahmecode: 0xa3410004
Fehleroffset: 0x00014b32
ID des fehlerhaften Prozesses: 0x848
Startzeit der fehlerhaften Anwendung: 0xvsmon.exe0
Pfad der fehlerhaften Anwendung: vsmon.exe1
Pfad des fehlerhaften Moduls: vsmon.exe2
Berichtskennung: vsmon.exe3
Vollständiger Name des fehlerhaften Pakets: vsmon.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vsmon.exe5
Error: (10/24/2013 08:13:00 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: vsmon.exe, Version: 11.0.0.504, Zeitstempel: 0x5153566d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.2.9200.16451, Zeitstempel: 0x50988950
Ausnahmecode: 0xa3410004
Fehleroffset: 0x00014b32
ID des fehlerhaften Prozesses: 0x10c
Startzeit der fehlerhaften Anwendung: 0xvsmon.exe0
Pfad der fehlerhaften Anwendung: vsmon.exe1
Pfad des fehlerhaften Moduls: vsmon.exe2
Berichtskennung: vsmon.exe3
Vollständiger Name des fehlerhaften Pakets: vsmon.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vsmon.exe5
Error: (10/24/2013 08:12:57 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: vsmon.exe, Version: 11.0.0.504, Zeitstempel: 0x5153566d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.2.9200.16451, Zeitstempel: 0x50988950
Ausnahmecode: 0xa3410004
Fehleroffset: 0x00014b32
ID des fehlerhaften Prozesses: 0xaa4
Startzeit der fehlerhaften Anwendung: 0xvsmon.exe0
Pfad der fehlerhaften Anwendung: vsmon.exe1
Pfad des fehlerhaften Moduls: vsmon.exe2
Berichtskennung: vsmon.exe3
Vollständiger Name des fehlerhaften Pakets: vsmon.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vsmon.exe5
Error: (10/24/2013 08:12:52 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: vsmon.exe, Version: 11.0.0.504, Zeitstempel: 0x5153566d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.2.9200.16451, Zeitstempel: 0x50988950
Ausnahmecode: 0xa3410004
Fehleroffset: 0x00014b32
ID des fehlerhaften Prozesses: 0x1848
Startzeit der fehlerhaften Anwendung: 0xvsmon.exe0
Pfad der fehlerhaften Anwendung: vsmon.exe1
Pfad des fehlerhaften Moduls: vsmon.exe2
Berichtskennung: vsmon.exe3
Vollständiger Name des fehlerhaften Pakets: vsmon.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vsmon.exe5
Error: (10/24/2013 08:12:44 AM) (Source: Microsoft-Windows-RestartManager) (User: SveliPC)
Description: Die Anwendung oder der Dienst "ZoneAlarm" konnte nicht heruntergefahren werden.
Error: (10/24/2013 07:20:20 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
Error: (10/23/2013 11:30:23 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: nvvsvc.exe, Version: 8.17.13.697, Zeitstempel: 0x506b416b
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0xdd4
Startzeit der fehlerhaften Anwendung: 0xnvvsvc.exe0
Pfad der fehlerhaften Anwendung: nvvsvc.exe1
Pfad des fehlerhaften Moduls: nvvsvc.exe2
Berichtskennung: nvvsvc.exe3
Vollständiger Name des fehlerhaften Pakets: nvvsvc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: nvvsvc.exe5
System errors:
=============
Error: (10/25/2013 10:28:25 AM) (Source: DCOM) (User: SveliPC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}SveliPCsveaS-1-5-21-629225742-1312079339-1213930533-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (10/25/2013 10:28:24 AM) (Source: DCOM) (User: SveliPC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}SveliPCsveaS-1-5-21-629225742-1312079339-1213930533-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (10/25/2013 10:28:24 AM) (Source: DCOM) (User: SveliPC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}SveliPCsveaS-1-5-21-629225742-1312079339-1213930533-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (10/25/2013 10:28:24 AM) (Source: DCOM) (User: SveliPC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}SveliPCsveaS-1-5-21-629225742-1312079339-1213930533-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (10/25/2013 10:28:23 AM) (Source: DCOM) (User: SveliPC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}SveliPCsveaS-1-5-21-629225742-1312079339-1213930533-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (10/24/2013 08:14:27 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "TrueVector Internet Monitor" wurde mit dem folgenden dienstspezifischen Fehler beendet:
%%0
Error: (10/24/2013 08:13:58 AM) (Source: Service Control Manager) (User: )
Description: Dienst "TrueVector Internet Monitor" wurde unerwartet beendet. Dies ist bereits 23 Mal passiert.
Error: (10/24/2013 08:13:54 AM) (Source: Service Control Manager) (User: )
Description: Dienst "TrueVector Internet Monitor" wurde unerwartet beendet. Dies ist bereits 22 Mal passiert.
Error: (10/24/2013 08:13:51 AM) (Source: Service Control Manager) (User: )
Description: Dienst "TrueVector Internet Monitor" wurde unerwartet beendet. Dies ist bereits 21 Mal passiert.
Error: (10/24/2013 08:13:47 AM) (Source: Service Control Manager) (User: )
Description: Dienst "TrueVector Internet Monitor" wurde unerwartet beendet. Dies ist bereits 20 Mal passiert.
Microsoft Office Sessions:
=========================
Error: (10/25/2013 10:43:49 AM) (Source: System Restore)(User: )
Description: Installed Java 7 Update 450x80070005
Error: (10/25/2013 10:35:27 AM) (Source: System Restore)(User: )
Description: Installed Java 7 Update 450x80070005
Error: (10/24/2013 08:13:05 AM) (Source: Application Error)(User: )
Description: vsmon.exe11.0.0.5045153566dKERNELBASE.dll6.2.9200.1645150988950a341000400014b32fb401ced08019a7d4efC:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exeC:\Windows\SYSTEM32\KERNELBASE.dll57f41ec1-3c73-11e3-bea5-3085a9f2ac8c
Error: (10/24/2013 08:13:02 AM) (Source: Application Error)(User: )
Description: vsmon.exe11.0.0.5045153566dKERNELBASE.dll6.2.9200.1645150988950a341000400014b3284801ced08017ff6cc8C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exeC:\Windows\SYSTEM32\KERNELBASE.dll564bb6f8-3c73-11e3-bea5-3085a9f2ac8c
Error: (10/24/2013 08:13:00 AM) (Source: Application Error)(User: )
Description: vsmon.exe11.0.0.5045153566dKERNELBASE.dll6.2.9200.1645150988950a341000400014b3210c01ced08016570558C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exeC:\Windows\SYSTEM32\KERNELBASE.dll54a34f44-3c73-11e3-bea5-3085a9f2ac8c
Error: (10/24/2013 08:12:57 AM) (Source: Application Error)(User: )
Description: vsmon.exe11.0.0.5045153566dKERNELBASE.dll6.2.9200.1645150988950a341000400014b32aa401ced08014ae9dc0C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exeC:\Windows\SYSTEM32\KERNELBASE.dll52fae788-3c73-11e3-bea5-3085a9f2ac8c
Error: (10/24/2013 08:12:52 AM) (Source: Application Error)(User: )
Description: vsmon.exe11.0.0.5045153566dKERNELBASE.dll6.2.9200.1645150988950a341000400014b32184801ced08010899a4bC:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exeC:\Windows\SYSTEM32\KERNELBASE.dll505f4d03-3c73-11e3-bea5-3085a9f2ac8c
Error: (10/24/2013 08:12:44 AM) (Source: Microsoft-Windows-RestartManager)(User: SveliPC)
Description: 1C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exeZoneAlarm0211765600
Error: (10/24/2013 07:20:20 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005
Error: (10/23/2013 11:30:23 PM) (Source: Application Error)(User: )
Description: nvvsvc.exe8.17.13.697506b416bunknown0.0.0.000000000c00000050000000000000000dd401ced0370f5798daC:\Windows\system32\nvvsvc.exeunknown52822bfd-3c2a-11e3-bea4-3085a9f2ac8c
CodeIntegrity Errors:
===================================
Date: 2013-10-24 07:02:25.438
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-10-24 07:02:09.080
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-10-23 06:53:57.275
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-10-22 22:01:20.400
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\WOW64\Plugins\ISWSHEX.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
Date: 2013-10-22 21:51:47.597
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\WOW64\Plugins\ISWSHEX.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
Date: 2013-10-22 21:51:38.464
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\WOW64\Plugins\ISWSHEX.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
Date: 2013-10-22 21:51:29.328
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\WOW64\Plugins\ISWSHEX.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
Date: 2013-10-22 21:25:20.303
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\WOW64\Plugins\ISWSHEX.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
Date: 2013-10-22 21:25:11.172
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\WOW64\Plugins\ISWSHEX.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
Date: 2013-10-22 21:25:02.045
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\WOW64\Plugins\ISWSHEX.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
==================== Memory info ===========================
Percentage of memory in use: 28%
Total physical RAM: 8069.53 MB
Available physical RAM: 5781.73 MB
Total Pagefile: 9285.53 MB
Available Pagefile: 7026.68 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:136.46 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:258.45 GB) (Free:255.3 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: B2973CD1)
Partition: GPT Partition Type
==================== End Of Log ============================ Vielen Dank im Voraus - ich hoffe, man kann mir da helfen.
Neneh |