Merapi19 | 18.01.2014 15:26 | okay durchgeführt
hier die datein Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-01-2014 03
Ran by Tribull at 2014-01-18 15:24:02
Running from D:\
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Kaspersky Anti-Virus (Disabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Anti-Virus (Disabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
"Nero SoundTrax Help (x32 Version: 4.0.11.0 - Nero AG) Hidden
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader X (10.1.8) - Deutsch (x32 Version: 10.1.8 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
dm-Fotowelt (x32 Version: 5.1.2 - CEWE COLOR AG u Co. OHG)
DolbyFiles (x32 Version: 2.0 - Nero AG) Hidden
EPSON Attach To Email (x32 Version: 1.01.0000 - SEIKO EPSON)
EPSON Attach To Email (x32 Version: 1.01.0000 - SEIKO EPSON) Hidden
EPSON Easy Photo Print (x32 Version: 1.2.1.0 - )
EPSON File Manager (x32 Version: 1.1.0.0 - )
EPSON Scan Assistant (x32 Version: 1.10.00 - )
EPSON Web-To-Page (x32 Version: - )
EPSON-Drucker-Software (Version: - )
EPSON-Drucker-Software (x32 Version: - )
Firebird SQL Server - MAGIX Edition (x32 Version: 2.1.23.0 - MAGIX AG)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Kaspersky Anti-Virus (x32 Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Logitech Vid (x32 Version: 1.10.1009 - Logitech Inc.)
Logitech Webcam Software (Version: 12.10.1113 - Logitech Inc.)
MAGIX Foto Manager 8 6.0.1.457 (D) (x32 Version: 6.0.1.457 - MAGIX AG)
MAGIX Fotobuch 3.6 (x32 Version: 3.6 - MAGIX AG)
MAGIX Online Druck Service 3.4.3.0 (D) (x32 Version: 3.4.3.0 - MAGIX AG)
MAGIX Screenshare 4.3.6.1987 (D) (x32 Version: 4.3.6.1987 - MAGIX AG)
MAGIX Video easy 1.0.0.24 (D) (x32 Version: 1.0.0.24 - MAGIX AG)
McAfee Security Scan Plus (Version: 3.8.130.10 - McAfee, Inc.)
Menu Templates - Starter Kit (x32 Version: 9.0.4.0 - Nero AG) Hidden
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Movie Templates - Starter Kit (x32 Version: 9.0.4.0 - Nero AG) Hidden
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSXML 4.0 SP2 (KB927978) (x32 Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 (x32 Version: - Nero AG)
Nero BurningROM (x32 Version: 9.0.0.0 - Nero AG) Hidden
Nero BurnRights (x32 Version: 2.99.6.100 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero CoverDesigner (x32 Version: 4.0.3.100 - Nero AG) Hidden
Nero CoverDesigner Help (x32 Version: 4.0.0.0 - Nero AG) Hidden
Nero Disc Copy Gadget (x32 Version: 1.53.0.0 - Nero AG) Hidden
Nero Disc Copy Gadget Help (x32 Version: 2.0.0.0 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 4.99.5.105 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 3.99.5.105 - Nero AG) Hidden
Nero Express (x32 Version: 9.0.0.0 - Nero AG) Hidden
Nero InfoTool (x32 Version: 5.99.5.105 - Nero AG) Hidden
Nero Installer (x32 Version: 2.0.0.1 - Nero AG) Hidden
Nero Live (x32 Version: 1.0.160.0 - Nero AG) Hidden
Nero Live Help (x32 Version: 1.0.160.0 - Nero AG) Hidden
Nero PhotoSnap (x32 Version: 1.53.2.0 - Nero AG) Hidden
Nero PhotoSnap Help (x32 Version: 1.53.2.0 - Nero AG) Hidden
Nero Recode (x32 Version: 3.53.0.0 - Nero AG) Hidden
Nero Recode Help (x32 Version: 3.53.0.0 - Nero AG) Hidden
Nero Rescue Agent (x32 Version: 1.99.0.1 - Nero AG) Hidden
Nero RescueAgent Help (x32 Version: 1.99.0.1 - Nero AG) Hidden
Nero ShowTime (x32 Version: 4.99.0.0 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.0.6.100 - Nero AG) Hidden
Nero StartSmart Help (x32 Version: 9.0.0.0 - Nero AG) Hidden
Nero Vision (x32 Version: 6.0.0.100 - Nero AG) Hidden
Nero Vision (x32 Version: 6.0.3.100 - Nero AG) Hidden
Nero WaveEditor (x32 Version: 5.0.10.0 - Nero AG) Hidden
Nero WaveEditor Help (x32 Version: 5.0.10.0 - Nero AG) Hidden
NeroBurningROM (x32 Version: 9.0.6.100 - Nero AG) Hidden
NeroExpress (x32 Version: 9.0.6.100 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
NVIDIA 3D Vision Controller-Treiber 320.49 (Version: 320.49 - NVIDIA Corporation)
NVIDIA Drivers (Version: - )
NVIDIA GeForce Experience 1.5 (Version: 1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 320.49 (Version: 320.49 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.124.810 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0604 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.0604 (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Systemsteuerung 320.49 (Version: 320.49 - NVIDIA Corporation) Hidden
NVIDIA Update 4.11.9 (Version: 4.11.9 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 4.11.9 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5591 - Realtek Semiconductor Corp.)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
SoundTrax (x32 Version: 4.0.11.0 - Nero AG) Hidden
TomTom HOME 2.7.3.1894 (x32 Version: 2.7.3.1894 - TomTom)
TomTom HOME Visual Studio Merge Modules (x32 Version: 1.0.2 - TomTom International B.V.)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
==================== Restore Points =========================
17-11-2013 08:43:43 Geplanter Prüfpunkt
18-11-2013 16:42:34 Geplanter Prüfpunkt
19-11-2013 08:21:18 Windows Update
19-11-2013 21:29:56 Geplanter Prüfpunkt
20-11-2013 10:20:18 Geplanter Prüfpunkt
21-11-2013 08:13:05 Geplanter Prüfpunkt
22-11-2013 09:11:50 Geplanter Prüfpunkt
24-11-2013 18:16:05 Geplanter Prüfpunkt
26-11-2013 16:31:23 Windows Update
27-11-2013 16:31:43 Geplanter Prüfpunkt
29-11-2013 18:19:06 Geplanter Prüfpunkt
04-12-2013 17:35:39 Windows Update
06-12-2013 08:49:46 Geplanter Prüfpunkt
07-12-2013 06:57:58 Geplanter Prüfpunkt
08-12-2013 12:21:53 Geplanter Prüfpunkt
10-12-2013 06:46:36 Geplanter Prüfpunkt
10-12-2013 08:14:05 Windows Update
10-12-2013 21:47:05 Geplanter Prüfpunkt
11-12-2013 21:52:38 Geplanter Prüfpunkt
12-12-2013 19:57:42 Windows Update
13-12-2013 15:15:35 Geplanter Prüfpunkt
14-12-2013 07:41:10 Geplanter Prüfpunkt
14-12-2013 20:10:49 Geplanter Prüfpunkt
15-12-2013 11:52:49 Geplanter Prüfpunkt
18-12-2013 04:37:29 Windows Update
20-12-2013 11:15:10 Geplanter Prüfpunkt
22-12-2013 06:57:08 Geplanter Prüfpunkt
23-12-2013 09:37:17 Geplanter Prüfpunkt
24-12-2013 09:51:47 Windows Update
27-12-2013 15:00:28 Geplanter Prüfpunkt
27-12-2013 18:55:11 Windows Update
27-12-2013 18:56:42 Windows Update
28-12-2013 18:01:33 Geplanter Prüfpunkt
29-12-2013 13:40:18 Geplanter Prüfpunkt
31-12-2013 09:32:18 Windows Update
01-01-2014 09:11:01 Geplanter Prüfpunkt
02-01-2014 09:58:52 Geplanter Prüfpunkt
03-01-2014 11:19:42 Geplanter Prüfpunkt
04-01-2014 10:35:39 Geplanter Prüfpunkt
07-01-2014 13:16:50 Windows Update
==================== Hosts content: ==========================
2006-11-02 13:34 - 2006-09-18 22:37 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {0AEAFAF6-F116-4A60-AFB4-C8B755A6E975} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {192DDA2D-5815-47B8-983F-65744FEEC03A} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {254095AE-FB97-48EA-94A5-D8BF2AB79714} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {4E946E6C-49EC-4FD9-8F58-EB5AF1752C5D} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries
Task: {7AEC8EFC-9DB6-45F8-A10B-A73BF80155E6} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {7C638E5B-ECE5-4424-A7E5-2C913CA682E9} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {C4C4BF96-5E5F-40FA-B9F8-23C6501DE311} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-18] (Adobe Systems Incorporated)
Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2013-05-08 13:52 - 2013-05-08 13:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\kpcengine.2.3.dll
2013-06-17 11:35 - 2013-06-17 11:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\dblite.dll
2009-07-16 14:34 - 2009-07-16 14:34 - 02140944 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\QtCore4.dll
2009-07-16 14:34 - 2009-07-16 14:34 - 07704336 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\QtGui4.dll
2009-07-16 14:34 - 2009-07-16 14:34 - 00968976 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\QtNetwork4.dll
2009-07-16 14:34 - 2009-07-16 14:34 - 00475408 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\QtOpenGL4.dll
2009-07-16 14:35 - 2009-07-16 14:35 - 00363792 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\QtXml4.dll
2009-07-16 14:34 - 2009-07-16 14:34 - 00199952 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\QtSql4.dll
2009-07-16 14:35 - 2009-07-16 14:35 - 00027408 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\SDL.dll
2009-07-16 14:35 - 2009-07-16 14:35 - 11311888 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\QtWebKit4.dll
2009-07-16 14:34 - 2009-07-16 14:34 - 00291600 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\phonon4.dll
2009-07-16 14:36 - 2009-07-16 14:36 - 00028944 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\plugins\imageformats\qgif4.dll
2009-07-16 14:36 - 2009-07-16 14:36 - 00035088 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\plugins\imageformats\qico4.dll
2009-07-16 14:36 - 2009-07-16 14:36 - 00138000 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\plugins\imageformats\qjpeg4.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/18/2014 03:04:04 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Error: (01/18/2014 03:04:04 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
Error: (01/18/2014 02:28:53 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung svchost.exe, Version 6.0.6001.18000, Zeitstempel 0x47918b89, fehlerhaftes Modul mshtml.dll, Version 9.0.8112.16526, Zeitstempel 0x528558ea, Ausnahmecode 0xc00002b4, Fehleroffset 0x00415248,
Prozess-ID 0xca8, Anwendungsstartzeit svchost.exe0.
Error: (01/18/2014 02:28:50 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung Explorer.EXE, Version 6.0.6002.18005, Zeitstempel 0x49e02a1e, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18881, Zeitstempel 0x51da3d16, Ausnahmecode 0xc0000005, Fehleroffset 0x00000000000180b0,
Prozess-ID 0x6e4, Anwendungsstartzeit Explorer.EXE0.
Error: (01/18/2014 02:14:57 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung Explorer.EXE, Version 6.0.6002.18005, Zeitstempel 0x49e02a1e, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18881, Zeitstempel 0x51da3d16, Ausnahmecode 0xc0000005, Fehleroffset 0x00000000000180b0,
Prozess-ID 0xc34, Anwendungsstartzeit Explorer.EXE0.
Error: (01/18/2014 01:18:36 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Error: (01/18/2014 01:18:36 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Error: (01/18/2014 01:18:36 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
Error: (01/18/2014 01:18:36 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
Error: (01/18/2014 00:37:27 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
System errors:
=============
Error: (01/18/2014 02:53:37 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
Error: (01/18/2014 02:32:48 PM) (Source: DCOM) (User: )
Description: 1084MDM{0C0A3666-30C9-11D0-8F20-00805F2CD064}
Error: (01/18/2014 02:31:56 PM) (Source: Service Control Manager) (User: )
Description: AFD
DfsC
KLIF
KLIM6
klpd
kltdi
kneps
NetBIOS
netbt
nsiproxy
PSched
RasAcd
rdbss
Smb
spldr
tdx
Wanarpv6
Error: (01/18/2014 02:31:56 PM) (Source: Service Control Manager) (User: )
Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068
Error: (01/18/2014 02:31:56 PM) (Source: Service Control Manager) (User: )
Description: NLA (Network Location Awareness)Netzwerkspeicher-Schnittstellendienst%%1068
Error: (01/18/2014 02:31:56 PM) (Source: Service Control Manager) (User: )
Description: IP-HilfsdienstNetzwerkspeicher-Schnittstellendienst%%1068
Error: (01/18/2014 02:31:56 PM) (Source: Service Control Manager) (User: )
Description: WebClientWebDav Client Redirector Driver%%1068
Error: (01/18/2014 02:31:56 PM) (Source: Service Control Manager) (User: )
Description: SMB 2.0 MiniRedirectorSMB MiniRedirector Wrapper and Engine%%1068
Error: (01/18/2014 02:31:56 PM) (Source: Service Control Manager) (User: )
Description: SMB 1.x MiniRedirectorSMB MiniRedirector Wrapper and Engine%%1068
Error: (01/18/2014 02:31:56 PM) (Source: Service Control Manager) (User: )
Description: SMB MiniRedirector Wrapper and EngineRedirected Buffering Sub Sysytem%%31
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-01-18 15:23:38.265
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\kneps.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-18 15:23:38.200
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\kneps.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-18 15:23:38.140
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\kneps.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-18 15:23:38.079
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\kneps.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-18 15:23:37.987
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\kltdi.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-18 15:23:37.927
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\kltdi.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-18 15:23:37.856
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\kltdi.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-18 15:23:37.792
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\kltdi.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-18 15:23:37.697
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\klpd.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-18 15:23:37.637
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\klpd.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 46%
Total physical RAM: 3070.45 MB
Available physical RAM: 1656.58 MB
Total Pagefile: 6359.06 MB
Available Pagefile: 4298.61 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:596.17 GB) (Free:410.63 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Removable) (Total:14.58 GB) (Free:14.46 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 596 GB) (Disk ID: D2D8309B)
Partition 1: (Active) - (Size=596 GB) - (Type=07 NTFS)
========================================================
Disk: 5 (Size: 15 GB) (Disk ID: 6E652072)
No partition Table on disk 5.
==================== End Of Log ============================
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-01-2014 03
Ran by Tribull (administrator) on TRIBULL-PC on 18-01-2014 15:22:33
Running from D:\
Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Realtek Semiconductor) C:\Windows\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
() C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) \\?\C:\Windows\system32\wbem\WMIADAP.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RAVCpl64.exe [6150656 2008-03-26] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Windows\Skytel.exe [1826816 2007-11-20] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
HKLM\...\Run: [EPSON Stylus Photo R240 Series] - C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIAHE.EXE [98304 2005-04-25] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM-x32\...\Run: [zzzHPSETUP] - H:\Setup.exe \RESET
HKLM-x32\...\Run: [LogitechQuickCamRibbon] - C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKCU\...\Run: [Logitech Vid] - C:\Program Files (x86)\Logitech\Logitech Vid\vid.exe [5458704 2009-07-16] (Logitech Inc.)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [138240 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [TomTomHOME.exe] - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [247144 2009-11-13] (TomTom)
HKCU\...\Winlogon: [Shell] explorer.exe, <==== ATTENTION
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x92C2307DC7FFCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files (x86)\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files (x86)\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Tribull\AppData\Roaming\Mozilla\Firefox\Profiles\l91brfze.default
FF SearchEngineOrder.3: Bing
FF Homepage: hxxp://de.msn.com/?pc=UP97&ocid=UP97DHP
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Tribull\AppData\Roaming\Mozilla\Firefox\Profiles\l91brfze.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-11-26]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com [2013-09-09]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2013-09-09]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com [2013-09-09]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
==================== Services (Whitelisted) =================
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe [214512 2013-10-03] (Kaspersky Lab ZAO)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
==================== Drivers (Whitelisted) ====================
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [7717984 2013-10-03] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [620640 2013-10-03] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-03] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-03] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-03] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178784 2013-06-06] (Kaspersky Lab ZAO)
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
R0 nvrd64; C:\Windows\System32\DRIVERS\nvrd64.sys [164384 2007-12-08] (NVIDIA Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [112224 2013-06-08] (Kaspersky Lab ZAO)
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-18 15:23 - 2014-01-18 15:18 - 02076160 _____ (Farbar) C:\Users\Tribull\Desktop\FRST64.exe
2014-01-18 15:22 - 2014-01-18 15:22 - 00000000 ____D C:\FRST
2014-01-18 14:32 - 2014-01-18 14:32 - 00000000 ____D C:\Users\Tribull\AppData\Roaming\Malwarebytes
2014-01-18 14:32 - 2014-01-18 14:32 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-18 14:20 - 2014-01-18 15:00 - 00000000 ____D C:\Users\Tribull\AppData\Roaming\Nico Mak Computing
2014-01-18 14:11 - 2014-01-18 14:13 - 00000000 ____D C:\AdwCleaner
2014-01-03 10:39 - 2014-01-03 10:39 - 00135168 _____ C:\Users\Tribull\Downloads\video_720p(1).exe
2014-01-01 20:44 - 2014-01-01 20:45 - 09971712 _____ C:\Users\Tribull\Downloads\lostbetsgames_com_chunk_4.mpeg
2013-12-29 22:21 - 2013-12-29 22:21 - 00436896 _____ C:\Users\Tribull\Downloads\Virgin_Hymen_Sex_Video_Free_Plumpers_Porn_Tube_Videos_Blog_Melayu_805.exe
2013-12-23 11:54 - 2013-12-23 11:54 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-12-23 11:22 - 2013-12-23 11:22 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-12-23 11:22 - 2013-12-23 11:22 - 00000000 ____D C:\ProgramData\McAfee
2013-12-23 11:21 - 2013-12-23 11:24 - 00000000 ____D C:\ProgramData\Adobe
2013-12-23 11:21 - 2013-12-23 11:21 - 00001922 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2013-12-23 11:21 - 2013-12-23 11:21 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-12-20 13:20 - 2013-12-20 13:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== One Month Modified Files and Folders =======
2014-01-18 15:23 - 2009-04-11 16:41 - 01129956 _____ C:\Windows\WindowsUpdate.log
2014-01-18 15:22 - 2014-01-18 15:22 - 00000000 ____D C:\FRST
2014-01-18 15:18 - 2014-01-18 15:23 - 02076160 _____ (Farbar) C:\Users\Tribull\Desktop\FRST64.exe
2014-01-18 15:03 - 2013-09-09 11:48 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2014-01-18 15:03 - 2008-01-21 04:26 - 00061796 _____ C:\Windows\PFRO.log
2014-01-18 15:03 - 2006-11-02 16:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-18 15:03 - 2006-11-02 16:22 - 00003760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-18 15:03 - 2006-11-02 16:22 - 00003760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-18 15:02 - 2006-11-02 16:42 - 00032582 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-18 15:00 - 2014-01-18 14:20 - 00000000 ____D C:\Users\Tribull\AppData\Roaming\Nico Mak Computing
2014-01-18 14:59 - 2009-04-11 23:28 - 01559202 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-18 14:59 - 2009-04-11 23:27 - 00671138 _____ C:\Windows\system32\perfh007.dat
2014-01-18 14:59 - 2009-04-11 23:27 - 00144368 _____ C:\Windows\system32\perfc007.dat
2014-01-18 14:55 - 2013-09-09 11:53 - 00000680 _____ C:\Users\Tribull\AppData\Local\d3d9caps.dat
2014-01-18 14:32 - 2014-01-18 14:32 - 00000000 ____D C:\Users\Tribull\AppData\Roaming\Malwarebytes
2014-01-18 14:32 - 2014-01-18 14:32 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-18 14:13 - 2014-01-18 14:11 - 00000000 ____D C:\AdwCleaner
2014-01-18 12:30 - 2006-11-02 16:27 - 00117542 _____ C:\Windows\setupact.log
2014-01-07 17:57 - 2013-09-11 08:47 - 00000000 _____ C:\Windows\system32\Drivers\lvuvc.hs
2014-01-07 17:41 - 2013-09-11 07:50 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-07 17:21 - 2013-09-10 17:37 - 00000000 ____D C:\Users\Tribull\AppData\Roaming\Skype
2014-01-03 10:39 - 2014-01-03 10:39 - 00135168 _____ C:\Users\Tribull\Downloads\video_720p(1).exe
2014-01-01 20:45 - 2014-01-01 20:44 - 09971712 _____ C:\Users\Tribull\Downloads\lostbetsgames_com_chunk_4.mpeg
2013-12-29 22:21 - 2013-12-29 22:21 - 00436896 _____ C:\Users\Tribull\Downloads\Virgin_Hymen_Sex_Video_Free_Plumpers_Porn_Tube_Videos_Blog_Melayu_805.exe
2013-12-27 19:58 - 2013-09-09 12:45 - 00000000 ____D C:\Windows\system32\MRT
2013-12-27 19:57 - 2006-11-02 13:35 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-12-23 11:54 - 2013-12-23 11:54 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-12-23 11:24 - 2013-12-23 11:21 - 00000000 ____D C:\ProgramData\Adobe
2013-12-23 11:23 - 2013-09-11 07:52 - 00000000 ____D C:\Users\Tribull\AppData\Roaming\Adobe
2013-12-23 11:23 - 2013-09-11 07:47 - 00000000 ____D C:\Users\Tribull\AppData\Local\Adobe
2013-12-23 11:22 - 2013-12-23 11:22 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-12-23 11:22 - 2013-12-23 11:22 - 00000000 ____D C:\ProgramData\McAfee
2013-12-23 11:21 - 2013-12-23 11:21 - 00001922 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2013-12-23 11:21 - 2013-12-23 11:21 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-12-22 12:06 - 2013-11-24 21:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-20 15:09 - 2013-09-11 09:48 - 00000000 ____D C:\Users\Tribull\AppData\Roaming\MAGIX
2013-12-20 15:05 - 2013-11-05 18:12 - 00000000 ____D C:\Users\Tribull\restore
2013-12-20 15:05 - 2013-09-19 09:21 - 00000000 ____D C:\DATEIEN 2013
2013-12-20 15:05 - 2013-09-10 08:59 - 00000000 ____D C:\Meine Dateien
2013-12-20 15:05 - 2013-09-10 08:44 - 00000000 ____D C:\IDE
2013-12-20 15:05 - 2013-09-06 14:56 - 00000000 ____D C:\Users\Tribull
2013-12-20 15:00 - 2013-11-05 18:09 - 00000000 ____D C:\ProgramData\tmp
2013-12-20 13:20 - 2013-12-20 13:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-18 15:00
==================== End Of Log ============================ --- --- --- |