So, alle 3 Schritte ausgeführt:
AdwCleaner Logfile: Code:
# AdwCleaner v3.006 - Bericht erstellt am 04/10/2013 um 14:15:26
# Updated 01/10/2013 von Xplode
# Betriebssystem : Windows 8 (64 bits)
# Benutzername : User - IDEA-PC
# Gestartet von : C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZK1460WQ\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
Dienst Gelöscht : desksvc
Dienst Gelöscht : VideoDownloadConverter_4zService
Dienst Gelöscht : WsysSvc
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\eSafe
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365
Ordner Gelöscht : C:\Program Files (x86)\Desk 365
[!] Ordner Gelöscht : C:\Program Files (x86)\optimizer pro
Ordner Gelöscht : C:\Program Files (x86)\VideoDownloadConverter_4z
Ordner Gelöscht : C:\Program Files (x86)\Common Files\337
Ordner Gelöscht : C:\Users\User\AppData\Local\Temp\Desk365
Ordner Gelöscht : C:\Users\User\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\User\AppData\LocalLow\Softonic
Ordner Gelöscht : C:\Users\User\AppData\LocalLow\VideoDownloadConverter_4z
Ordner Gelöscht : C:\Users\User\AppData\Roaming\Desk 365
Ordner Gelöscht : C:\Users\User\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\User\AppData\Roaming\optimizer pro
Ordner Gelöscht : C:\Users\User\Documents\optimizer pro
Ordner Gelöscht : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf
Datei Gelöscht : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\lollipop.lnk
Datei Gelöscht : C:\Users\User\Desktop\Optimizer Pro.lnk
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Desk 365]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Optimizer Pro]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.DynamicBarButton
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.DynamicBarButton.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.MultipleButton
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.MultipleButton.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.Radio
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.Radio.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ScriptButton
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ScriptButton.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncher
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncher.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.UrlAlertButton
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.UrlAlertButton.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.XMLSessionPlugin
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.XMLSessionPlugin.1
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [VideoDownloadConverter Search Scope Monitor]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [VideoDownloadConverter_4z Browser Plugin Loader]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2A1260C1-2964-453F-B0BA-FA429472EB5F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{33119133-0854-469D-807A-171568457991}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{363D5C92-10DC-4287-93E5-1832EECC48EC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3B41BE90-F731-4137-AFF3-2CA951E7F0D9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4128C64D-F0DD-4811-9405-D22294E8151F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66292684-B2C2-4C7C-B3D2-BF446E30744C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{69407823-3494-4400-8D49-612549E8F4EE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6BFF4BCB-7A73-45A7-AC4C-389A34E1D1EF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{71144427-1368-4D18-8DC9-2AE3CC4C4F83}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8FCA5302-6D6D-4645-BF99-D43CF76CE474}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{99E1F6FD-2E94-4CF6-8344-1BA63CD3BD9B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C547C6C2-561B-4169-A2A5-20BA771CA93B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DD385519-22E7-4BE2-8A8D-35C66DF4858E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{ED345812-2722-4DCA-9976-D01832DB44EE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2D3826A1-F3E8-45D6-94B5-C26D8EC0073B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{3EE17DD1-E28B-4AED-A3B2-9C29CB2C19D6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{886F93AD-3CBB-4424-8442-A7340243540F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{AA289DBC-59B6-40A5-AC7D-C90DF850289C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{CA723163-6FAD-43D4-8B93-0D8C52BD9974}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{F1F328EB-F5A5-432B-A54C-05F3EF5B0BD8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{FB0E8A09-F08C-44CF-9E15-97ADAC016248}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{FE8DBB09-C3D3-4477-80CB-D38914B94BB8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C547C6C2-561B-4169-A2A5-20BA771CA93B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C547C6C2-561B-4169-A2A5-20BA771CA93B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C547C6C2-561B-4169-A2A5-20BA771CA93B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{71144427-1368-4D18-8DC9-2AE3CC4C4F83}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{99E1F6FD-2E94-4CF6-8344-1BA63CD3BD9B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ED345812-2722-4DCA-9976-D01832DB44EE}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{93A3111F-4F74-4ED8-895E-D9708497629E}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}
Schlüssel Gelöscht : HKCU\Software\InstalledThirdPartyPrograms
Schlüssel Gelöscht : HKCU\Software\lollipop
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\Software\Desksvc
Schlüssel Gelöscht : HKLM\Software\eSafeSecControl
Schlüssel Gelöscht : HKLM\Software\V9
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Desk 365
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WSysControl
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DomaIQ
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledThirdPartyPrograms
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16688
*************************
AdwCleaner[R0].txt - [11938 octets] - [04/10/2013 14:11:16]
AdwCleaner[S0].txt - [11544 octets] - [04/10/2013 14:15:26]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11605 octets] ########## --- --- --- Zitat:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.3 (09.27.2013:1)
OS: Windows 8 x64
Ran by User on 04.10.2013 at 14:25:03,09
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0341FADF-30F9-4FC6-92F0-E7369D6FCA14}
~~~ Files
~~~ Folders
Failed to delete: [Folder] "C:\Program Files (x86)\video download converter"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04.10.2013 at 14:30:04,14
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by User (administrator) on IDEA-PC on 04-10-2013 14:32:07
Running from C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2SIZRS8Q
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\WLANExt.exe
(Broadcom Corporation.) C:\WINDOWS\system32\BtwRSupportService.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\McAfee\AppStats\MfeASUM.exe
(McAfee, Inc.) C:\WINDOWS\system32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Akamai Technologies, Inc.) C:\Users\User\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\User\AppData\Local\Akamai\netsession_win.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Vimicro) C:\Program Files (x86)\USB Camera2\VM332STI.EXE
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(McAfee, Inc.) c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [HotKeysCmds] - C:\WINDOWS\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [887968 2012-06-14] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2864016 2012-08-08] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Energy Management] - C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17080376 2013-03-14] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] - C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191544 2013-03-14] (Lenovo(beijing) Limited)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-27] (NVIDIA Corporation)
HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [VideoDownloadConverter Home Page Guard 64 bit] - "C:\PROGRA~2\VIDEOD~2\bar\1.bin\AppIntegrator64.exe"
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\User\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [LiveSupport] - "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
HKLM-x32\...\Run: [Dolby Advanced Audio v2] - C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2012-07-25] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [332BigDog] - C:\Program Files (x86)\USB Camera2\VM332STI.EXE [548864 2012-03-20] (Vimicro)
HKLM-x32\...\Run: [YouCam Mirage] - C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] - C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] - C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-18] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-08-06] (McAfee, Inc.)
HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-08-06] (McAfee, Inc.)
HKU\Default\...\RunOnce: [Lenovo.ShowBand] - C:\Program Files\Lenovo\SimpleTap DeskBand\ShowBand.exe [52584 2013-03-14] (Lenovo)
HKU\Default User\...\RunOnce: [Lenovo.ShowBand] - C:\Program Files\Lenovo\SimpleTap DeskBand\ShowBand.exe [52584 2013-03-14] (Lenovo)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
SearchScopes: HKLM - DefaultScope {34C2D553-07CE-4218-9C3E-992181BE0535} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKLM - {34C2D553-07CE-4218-9C3E-992181BE0535} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKLM-x32 - {34C2D553-07CE-4218-9C3E-992181BE0535} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKCU - DefaultScope {34C2D553-07CE-4218-9C3E-992181BE0535} URL =
SearchScopes: HKCU - {34C2D553-07CE-4218-9C3E-992181BE0535} URL =
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - VideoDownloadConverter - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx
==================== Services (Whitelisted) =================
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252600 2012-08-26] (Broadcom Corporation.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [953720 2012-08-26] (Broadcom Corporation.)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-08-22] (Freemake)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178048 2013-08-06] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 MfeASUM; C:\Program Files\McAfee\AppStats\MfeASUM.exe [335216 2013-09-19] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1017016 2013-08-05] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [182752 2013-08-07] (McAfee, Inc.)
R2 MOBKbackup; C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe [231224 2010-04-13] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14984480 2013-07-27] (NVIDIA Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
S2 70e6ca8c; "c:\progra~2\optimi~1\OptProCrash.exe" [x]
==================== Drivers (Whitelisted) ====================
S3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [164152 2012-08-26] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [6824520 2012-07-10] (Broadcom Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-08-07] (McAfee, Inc.)
R1 MfeASKM; C:\Program Files\McAfee\AppStats\MfeASKM.sys [31408 2013-09-19] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [776168 2013-08-07] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [377040 2013-07-09] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [95984 2013-07-09] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.)
R1 MOBKFilter; C:\Windows\System32\DRIVERS\MOBK.sys [66040 2010-04-13] (Mozy, Inc.)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39712 2013-05-14] (NVIDIA Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
S3 cpuz135; \??\C:\Users\User\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-04 14:31 - 2013-10-04 14:31 - 00000000 ____D C:\FRST
2013-10-04 14:30 - 2013-10-04 14:30 - 00000838 _____ C:\Users\User\Desktop\JRT.txt
2013-10-04 14:25 - 2013-10-04 14:25 - 00000000 ____D C:\WINDOWS\ERUNT
2013-10-04 14:19 - 2013-10-04 14:19 - 00281248 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-10-04 14:10 - 2013-10-04 14:16 - 00000000 ____D C:\AdwCleaner
2013-10-04 13:08 - 2013-10-04 13:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-04 13:06 - 2013-10-04 13:43 - 00000000 ____D C:\Users\User\Desktop\mbar
2013-10-04 13:06 - 2013-10-04 13:06 - 12907592 _____ (Malwarebytes Corp.) C:\Users\User\Downloads\mbar-1.07.0.1005.exe
2013-10-04 10:44 - 2013-10-04 10:49 - 00000000 ____D C:\Users\User\AppData\Roaming\PhotoScape
2013-10-04 10:44 - 2013-10-04 10:44 - 00001042 _____ C:\Users\User\Desktop\PhotoScape.lnk
2013-10-04 10:43 - 2013-10-04 10:44 - 00000000 ____D C:\Program Files (x86)\PhotoScape
2013-10-04 09:55 - 2013-10-04 10:39 - 712803290 ____H C:\Users\User\Documents\OfficeProfessionalPlus_x86_de-de.img.part
2013-10-04 09:55 - 2013-10-04 09:55 - 00000000 ____D C:\Users\User\AppData\Local\Akamai
2013-09-19 11:44 - 2012-05-28 10:28 - 00197264 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys
2013-09-19 11:17 - 2013-08-21 06:11 - 19246592 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-09-19 11:17 - 2013-08-21 06:11 - 15404544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-09-19 11:17 - 2013-08-21 06:11 - 03959296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-09-19 11:17 - 2013-08-21 06:11 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-09-19 11:17 - 2013-08-21 06:11 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-09-19 11:17 - 2013-08-21 04:05 - 14332928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-09-19 11:17 - 2013-08-21 04:05 - 02876928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-09-19 11:16 - 2013-08-21 06:12 - 02241024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-09-19 11:16 - 2013-08-21 06:12 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-09-19 11:16 - 2013-08-21 06:11 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2013-09-19 11:16 - 2013-08-21 06:11 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2013-09-19 11:16 - 2013-08-21 06:11 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2013-09-19 11:16 - 2013-08-21 06:11 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2013-09-19 11:16 - 2013-08-21 06:11 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2013-09-19 11:16 - 2013-08-21 06:11 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2013-09-19 11:16 - 2013-08-21 06:11 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2013-09-19 11:16 - 2013-08-21 06:11 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2013-09-19 11:16 - 2013-08-21 04:34 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2013-09-19 11:16 - 2013-08-21 04:06 - 01767936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-09-19 11:16 - 2013-08-21 04:06 - 01141248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-09-19 11:16 - 2013-08-21 04:06 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2013-09-19 11:16 - 2013-08-21 04:05 - 13761024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-09-19 11:16 - 2013-08-21 04:05 - 02048000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-09-19 11:16 - 2013-08-21 04:05 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2013-09-19 11:16 - 2013-08-21 04:05 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2013-09-19 11:16 - 2013-08-21 04:05 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2013-09-19 11:16 - 2013-08-21 04:05 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2013-09-19 11:16 - 2013-08-21 04:05 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2013-09-19 11:16 - 2013-08-21 04:05 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2013-09-19 11:16 - 2013-08-21 03:43 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2013-09-19 11:16 - 2013-08-21 01:52 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2013-09-19 11:16 - 2013-08-03 06:30 - 04038144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
==================== One Month Modified Files and Folders =======
2013-10-04 14:31 - 2013-10-04 14:31 - 00000000 ____D C:\FRST
2013-10-04 14:31 - 2013-03-15 08:30 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-280655662-3975377983-2544707256-1002
2013-10-04 14:30 - 2013-10-04 14:30 - 00000838 _____ C:\Users\User\Desktop\JRT.txt
2013-10-04 14:25 - 2013-10-04 14:25 - 00000000 ____D C:\WINDOWS\ERUNT
2013-10-04 14:24 - 2013-03-31 21:25 - 00001855 _____ C:\Users\Public\Desktop\McAfee Internet Security.lnk
2013-10-04 14:19 - 2013-10-04 14:19 - 00281248 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-10-04 14:19 - 2013-03-31 21:24 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-10-04 14:19 - 2012-07-26 09:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-10-04 14:18 - 2012-07-26 07:26 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2013-10-04 14:16 - 2013-10-04 14:10 - 00000000 ____D C:\AdwCleaner
2013-10-04 14:15 - 2013-03-14 17:06 - 01948297 _____ C:\WINDOWS\WindowsUpdate.log
2013-10-04 14:01 - 2013-03-15 08:23 - 00000000 ____D C:\Users\User\AppData\Local\Packages
2013-10-04 14:01 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2013-10-04 14:00 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\sru
2013-10-04 13:43 - 2013-10-04 13:06 - 00000000 ____D C:\Users\User\Desktop\mbar
2013-10-04 13:25 - 2012-07-26 07:26 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2013-10-04 13:22 - 2013-03-31 21:24 - 00000000 ____D C:\Program Files\Common Files\McAfee
2013-10-04 13:22 - 2013-03-31 21:10 - 00000000 ____D C:\ProgramData\McAfee
2013-10-04 13:20 - 2012-08-01 17:51 - 00018758 _____ C:\WINDOWS\PFRO.log
2013-10-04 13:20 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\Speech
2013-10-04 13:08 - 2013-10-04 13:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-04 13:06 - 2013-10-04 13:06 - 12907592 _____ (Malwarebytes Corp.) C:\Users\User\Downloads\mbar-1.07.0.1005.exe
2013-10-04 13:05 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\rescache
2013-10-04 12:38 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\NDF
2013-10-04 11:56 - 2013-03-14 17:03 - 00000000 ____D C:\Program Files (x86)\Amazon
2013-10-04 11:56 - 2013-03-14 16:31 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-04 10:49 - 2013-10-04 10:44 - 00000000 ____D C:\Users\User\AppData\Roaming\PhotoScape
2013-10-04 10:44 - 2013-10-04 10:44 - 00001042 _____ C:\Users\User\Desktop\PhotoScape.lnk
2013-10-04 10:44 - 2013-10-04 10:43 - 00000000 ____D C:\Program Files (x86)\PhotoScape
2013-10-04 10:39 - 2013-10-04 09:55 - 712803290 ____H C:\Users\User\Documents\OfficeProfessionalPlus_x86_de-de.img.part
2013-10-04 10:28 - 2013-03-15 01:19 - 00753134 _____ C:\WINDOWS\system32\perfh007.dat
2013-10-04 10:28 - 2013-03-15 01:19 - 00155826 _____ C:\WINDOWS\system32\perfc007.dat
2013-10-04 10:28 - 2012-07-26 09:28 - 01745416 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-10-04 09:55 - 2013-10-04 09:55 - 00000000 ____D C:\Users\User\AppData\Local\Akamai
2013-10-04 09:42 - 2012-07-26 09:21 - 00035334 _____ C:\WINDOWS\setupact.log
2013-10-04 09:13 - 2013-07-29 21:13 - 00000000 ____D C:\Users\User\Documents\Neuer Ordner
2013-09-19 11:43 - 2012-07-26 10:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2013-09-05 22:09 - 2012-07-26 10:14 - 00694232 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2013-09-05 22:09 - 2012-07-26 10:14 - 00078296 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\FreemakeVideoConverter_4.0.3.4.exe
C:\Users\User\AppData\Local\Temp\LiveSupport_setup.exe
C:\Users\User\AppData\Local\Temp\LiveSupport_update.exe
C:\Users\User\AppData\Local\Temp\photoscape-de.exe
C:\Users\User\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-10-04 09:42
==================== End Of Log ============================ --- --- --- Zitat:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2013
Ran by User at 2013-10-04 14:32:46
Running from C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2SIZRS8Q
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: McAfee Anti-Virus und Anti-Spyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Disabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Disabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
==================== Installed Programs ======================
Akamai NetSession Interface (HKCU)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 2.1.0.7)
Benutzerhandbuch (x32 Version: 1.0.0.9)
Conexant HD Audio (Version: 8.54.44.50)
DMUninstaller (x32)
Dolby Advanced Audio v2 (x32 Version: 7.2.8000.16)
Energy Management (x32 Version: 8.0.2.4)
Freemake Video Converter Version 4.0.3 (x32 Version: 4.0.3)
Intel AppUp(SM) center (x32 Version: 3.6.1.33057.10)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2828)
Intel(R) Rapid Storage Technology (x32 Version: 11.5.4.1001)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
Lenovo Bluetooth with Enhanced Data Rate Software (Version: 12.0.0.1901)
Lenovo EasyCamera (x32 Version: 1.12.824.1)
Lenovo OneKey Recovery (Version: 8.0.0.0710)
Lenovo OneKey Recovery (x32 Version: 8.0.0.0710)
Lenovo pointing device (Version: 11.4.3.3)
Lenovo PowerDVD10 (x32 Version: 10.0.4310.52)
Lenovo Solution Center (Version: 2.0.020.00)
Lenovo YouCam (x32 Version: 4.1.3127)
Lenovo_Wireless_Driver (x32 Version: 6.30.5926)
McAfee Internet Security (x32 Version: 12.8.750)
McAfee Online Backup (Version: 1.16.4.0)
McAfee Online Backup (x32)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
NVIDIA GeForce Experience 1.6 (Version: 1.6)
NVIDIA Grafiktreiber 320.18 (Version: 320.18)
NVIDIA Install Application (Version: 2.1002.131.854)
NVIDIA Optimus 7.2.17 (Version: 7.2.17)
NVIDIA PhysX (x32 Version: 9.12.1031)
NVIDIA PhysX-Systemsoftware 9.12.1031 (Version: 9.12.1031)
NVIDIA Systemsteuerung 320.18 (Version: 320.18)
NVIDIA Update 7.2.17 (Version: 7.2.17)
NVIDIA Update Components (Version: 7.2.17)
NVIDIA Virtual Audio 1.2.1 (Version: 1.2.1)
PhotoScape (x32)
Power2Go (x32 Version: 5.6.0.9109)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.8400.39030)
Shared C Run-time for x64 (Version: 10.0.0)
SHIELD Streaming (Version: 1.05.19)
UserGuide (x32 Version: 1.0.0.9)
VideoDownloadConverter Firefox Toolbar (x32)
VideoDownloadConverter Internet Explorer Toolbar (x32)
Windows Mobile-Gerätecenter (Version: 6.1.6965.0)
Windows-Treiberpaket - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1) (Version: 06/15/2012 8.1.0.1)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (Version: 06/19/2012 10.13.29.733)
Xilisoft AVI to DVD Converter (x32 Version: 7.1.3.20121219)
==================== Restore Points =========================
23-08-2013 10:00:53 Windows Update
04-10-2013 06:45:20 Windows Update
==================== Hosts content: ==========================
2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {313F8BE1-0354-40E7-AAE8-18A3FCD143F3} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {550E5CAA-F618-4BF5-BFB4-899891579277} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\lsc.exe [2013-03-14] ()
Task: {606A688D-CB2E-461B-8DA2-E631EB5B60A7} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2013-03-14] (Lenovo)
Task: {82668FF8-A522-41A9-A378-D2100252A2B4} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2013-03-14] ()
Task: {9F9DCA5B-5033-443D-B5C6-69467FBB0FCE} - System32\Tasks\Lenovo\LSC\RebootCountTask => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2013-03-14] ()
Task: {BC87F73F-C37C-4B5E-B523-632C48659F8C} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2013-03-14] ()
Task: {BEE80BE6-0135-4F6C-9903-2513726F86CF} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe
Task: {E76F9D9E-488E-43CD-8BD7-ABC1BEDAF7B6} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\WINDOWS\System32\lpksetup.exe [2012-09-20] (Microsoft Corporation)
==================== Loaded Modules (whitelisted) =============
2012-08-14 10:56 - 2012-08-03 18:34 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-26 16:48 - 2012-08-26 16:48 - 00044408 _____ () C:\Program Files\Lenovo\Bluetooth Software\BtwLeAPI.dll
2013-03-14 17:04 - 2012-07-12 14:59 - 00891392 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll
2013-03-14 17:04 - 2012-07-12 14:59 - 02281984 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll
2013-03-14 17:04 - 2012-07-12 14:59 - 00016896 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
2013-03-14 17:04 - 2012-07-12 14:59 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
2013-03-14 17:04 - 2012-07-12 14:59 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
2013-03-14 17:04 - 2012-07-12 14:59 - 00339456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll
2013-03-14 17:04 - 2012-07-12 14:59 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
2013-03-14 17:04 - 2012-07-12 14:59 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
2013-03-14 17:04 - 2012-07-12 14:59 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
2013-03-14 17:04 - 2012-07-12 14:59 - 00446976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll
2013-03-14 17:04 - 2012-07-12 14:59 - 00019456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
2013-03-14 17:04 - 2012-07-12 14:59 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll
2013-03-14 16:31 - 2012-06-25 11:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-03-14 16:37 - 2012-07-31 18:02 - 00004096 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
==================== Faulty Device Manager Devices =============
Name: Broadcom Bluetooth 4.0 USB
Description: Broadcom Bluetooth 4.0 USB
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Broadcom
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/04/2013 02:22:20 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {6f35e0e6-6b64-48bc-b8dc-b9d552ad947d}
Error: (10/04/2013 02:20:17 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: CxAudMsg64.exe, Version: 1.6.0.0, Zeitstempel: 0x4fd1c0c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16579, Zeitstempel: 0x51637f77
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ebd59
ID des fehlerhaften Prozesses: 0x7e8
Startzeit der fehlerhaften Anwendung: 0xCxAudMsg64.exe0
Pfad der fehlerhaften Anwendung: CxAudMsg64.exe1
Pfad des fehlerhaften Moduls: CxAudMsg64.exe2
Berichtskennung: CxAudMsg64.exe3
Vollständiger Name des fehlerhaften Pakets: CxAudMsg64.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CxAudMsg64.exe5
Error: (10/04/2013 02:20:03 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcUnregistering VAD endpoint [0]
Error: (10/04/2013 02:20:00 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcNvVAD endpoint registered successfully [0]
Error: (10/04/2013 02:01:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: idea-PC)
Description: Die App „Microsoft.BingSports_8wekyb3d8bbwe!AppexSports“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.
Error: (10/04/2013 01:24:21 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {8dbe9d43-68ad-4220-8ce5-b0a9b2343dd3}
Error: (10/04/2013 01:22:20 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: CxAudMsg64.exe, Version: 1.6.0.0, Zeitstempel: 0x4fd1c0c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16579, Zeitstempel: 0x51637f77
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ebd59
ID des fehlerhaften Prozesses: 0x7f4
Startzeit der fehlerhaften Anwendung: 0xCxAudMsg64.exe0
Pfad der fehlerhaften Anwendung: CxAudMsg64.exe1
Pfad des fehlerhaften Moduls: CxAudMsg64.exe2
Berichtskennung: CxAudMsg64.exe3
Vollständiger Name des fehlerhaften Pakets: CxAudMsg64.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CxAudMsg64.exe5
Error: (10/04/2013 01:22:19 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcUnregistering VAD endpoint [0]
Error: (10/04/2013 01:22:15 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcNvVAD endpoint registered successfully [0]
Error: (10/04/2013 08:45:36 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service McAfee Network Agent since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
System errors:
=============
Error: (10/04/2013 02:20:21 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Conexant Audio Message Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/04/2013 02:20:16 PM) (Source: DCOM) (User: idea-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}idea-PCUserS-1-5-21-280655662-3975377983-2544707256-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (10/04/2013 02:20:15 PM) (Source: DCOM) (User: idea-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}idea-PCUserS-1-5-21-280655662-3975377983-2544707256-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (10/04/2013 02:20:14 PM) (Source: DCOM) (User: idea-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}idea-PCUserS-1-5-21-280655662-3975377983-2544707256-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (10/04/2013 02:20:14 PM) (Source: DCOM) (User: idea-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}idea-PCUserS-1-5-21-280655662-3975377983-2544707256-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (10/04/2013 02:20:06 PM) (Source: bowser) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "EASYBOX" zum Namen "IDEA-PC" auf Transport "NetBT_Tcpip_{B02B9169-114A-4342-8E5A-2377EFD187B3}". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.
Error: (10/04/2013 01:34:48 PM) (Source: mbamchameleon) (User: )
Description: \Device\HarddiskVolume5\PROGRA~1\MCAFEE\VIRUSS~1\MCVSMAP.EXE
Error: (10/04/2013 01:34:48 PM) (Source: mbamchameleon) (User: )
Description: \??\c:\PROGRA~1\mcafee\VIRUSS~1\mcvsmap.exe
Error: (10/04/2013 01:30:08 PM) (Source: mbamchameleon) (User: )
Description: \Device\HarddiskVolume5\PROGRA~1\MCAFEE\VIRUSS~1\MCVSMAP.EXE
Error: (10/04/2013 01:30:08 PM) (Source: mbamchameleon) (User: )
Description: \??\c:\PROGRA~1\mcafee\VIRUSS~1\mcvsmap.exe
Microsoft Office Sessions:
=========================
Error: (10/04/2013 02:22:20 PM) (Source: VSS)(User: )
Description: 0x80070005, Zugriff verweigert
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {6f35e0e6-6b64-48bc-b8dc-b9d552ad947d}
Error: (10/04/2013 02:20:17 PM) (Source: Application Error)(User: )
Description: CxAudMsg64.exe1.6.0.04fd1c0c1ntdll.dll6.2.9200.1657951637f77c000037400000000000ebd597e801cec0fc046b5f11C:\WINDOWS\system32\CxAudMsg64.exeC:\WINDOWS\SY STEM32\ntdll.dll53b701e7-2cef-11e3-be80-b888e38be74f
Error: (10/04/2013 02:20:03 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcUnregistering VAD endpoint [0]
Error: (10/04/2013 02:20:00 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcNvVAD endpoint registered successfully [0]
Error: (10/04/2013 02:01:01 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: idea-PC)
Description: Microsoft.BingSports_8wekyb3d8bbwe!AppexSports
Error: (10/04/2013 01:24:21 PM) (Source: VSS)(User: )
Description: 0x80070005, Zugriff verweigert
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {8dbe9d43-68ad-4220-8ce5-b0a9b2343dd3}
Error: (10/04/2013 01:22:20 PM) (Source: Application Error)(User: )
Description: CxAudMsg64.exe1.6.0.04fd1c0c1ntdll.dll6.2.9200.1657951637f77c000037400000000000ebd597f401cec0f3f4b41728C:\WINDOWS\system32\CxAudMsg64.exeC:\WINDOWS\SY STEM32\ntdll.dll3b4f3043-2ce7-11e3-be7f-b888e38be74f
Error: (10/04/2013 01:22:19 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcUnregistering VAD endpoint [0]
Error: (10/04/2013 01:22:15 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcNvVAD endpoint registered successfully [0]
Error: (10/04/2013 08:45:36 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service McAfee Network Agent since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
==================== Memory info ===========================
Percentage of memory in use: 21%
Total physical RAM: 8055.77 MB
Available physical RAM: 6360.05 MB
Total Pagefile: 9271.77 MB
Available Pagefile: 7535.76 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:418.43 GB) (Free:367.74 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.83 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 7C1ED018)
Partition: GPT Partition Type
==================== End Of Log ============================
| |