carnivore | 06.02.2014 13:22 | Danke für die schnelle Antwort. Da sind die beiden Dateien.
Ansonsten hatte ich nie Virenfunde und kenne mich schon ein bisschen aus :-)
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-02-2014
Ran by mm_2 (administrator) on SILVERCUBE on 06-02-2014 12:11:30
Running from C:\Users\mm_2\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Akamai Technologies, Inc.) C:\Users\mm_2\AppData\Local\Akamai\netsession_win.exe
(www.goldgingko.com) C:\Program Files (x86)\MonitorSwitch\MonitorSwitch.exe
(Akamai Technologies, Inc.) C:\Users\mm_2\AppData\Local\Akamai\netsession_win.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(www.goldgingko.com) C:\Program Files (x86)\MonitorSwitch\MonitorServer.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmplayer.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-unity-helper.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\x64\vmware-vmx.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vprintproxy.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE
() C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Reader.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM-x32\...\Run: [RUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [115048 2011-09-20] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-933823029-926714216-257506141-1003\...\Run: [Visual Subst] - C:\Program Files (x86)\Visual Subst\VSubst.exe [139672 2008-02-02] (NTWind Software)
HKU\S-1-5-21-933823029-926714216-257506141-1003\...\Run: [Akamai NetSession Interface] - C:\Users\mm_2\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-933823029-926714216-257506141-1003\...\Run: [MonitorSwitch] - C:\Program Files (x86)\MonitorSwitch\MonitorSwitch.exe [696320 2011-07-06] (www.goldgingko.com)
HKU\S-1-5-21-933823029-926714216-257506141-1003\...\MountPoints2: {cb86ca25-3c85-11e3-a0a5-0009dd507ae3} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-933823029-926714216-257506141-1003\...\MountPoints2: {f172f95a-9ac9-11e2-965f-0009dd507ae3} - G:\HTC_Sync_Manager_PC.exe
Startup: C:\Users\mm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\mm_2\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x47A7B3A5B4D4CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.69.1
FireFox:
========
FF ProfilePath: C:\Users\mm_2\AppData\Roaming\Mozilla\Firefox\Profiles\7lmld2lq.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @vmware.com/vmrc,version=5.5.0.00000 - C:\Program Files (x86)\Common Files\VMware\VMware Remote Console Plug-in 5.5\Firefox\np-vmware-vmrc.dll (VMware, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\mm_2\AppData\Roaming\mozilla\plugins\npatgpc.dll (Cisco WebEx LLC)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Live HTTP Headers - C:\Users\mm_2\AppData\Roaming\Mozilla\Firefox\Profiles\7lmld2lq.default\Extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} [2013-10-12]
FF Extension: DownloadHelper - C:\Users\mm_2\AppData\Roaming\Mozilla\Firefox\Profiles\7lmld2lq.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-08-26]
FF Extension: SoundCloud Downloader - Technowise - C:\Users\mm_2\AppData\Roaming\Mozilla\Firefox\Profiles\7lmld2lq.default\Extensions\{c8d3bc80-0810-4d21-a2c2-be5f2b2832ac}.xpi [2013-09-17]
FF Extension: Adblock Plus - C:\Users\mm_2\AppData\Roaming\Mozilla\Firefox\Profiles\7lmld2lq.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-10-08]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-11-25]
FF HKLM-x32\...\Thunderbird\Extensions: [te_7.0@nokia.com] - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0 [2012-01-01]
Chrome:
=======
CHR HomePage: hxxp://home.intranet.eon-energie.com/
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U11) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Extension: (Google Docs) - C:\Users\mm_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-01-26]
CHR Extension: (Google Drive) - C:\Users\mm_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-26]
CHR Extension: (YouTube) - C:\Users\mm_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-26]
CHR Extension: (SoundCloud Downloader - Technowise) - C:\Users\mm_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdbkpkilkooakdpmknhgjlepdnjgnadc [2013-02-02]
CHR Extension: (Adblock Plus) - C:\Users\mm_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-01-26]
CHR Extension: (Google-Suche) - C:\Users\mm_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-26]
CHR Extension: (FVD Video Downloader) - C:\Users\mm_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2013-05-02]
CHR Extension: (Google Wallet) - C:\Users\mm_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-11]
CHR Extension: (Google Mail) - C:\Users\mm_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-26]
CHR Extension: (AVG PrivacyFix) - C:\Users\mm_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmejhjjecaldkllonlokhkglbdbkdcni [2013-02-02]
==================== Services (Whitelisted) =================
S3 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-01] (Akamai Technologies, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-19] (Avira Operations GmbH & Co. KG)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-09-02] (Nero AG)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S3 TFTPServer; C:\Program Files\OpenTFTPServer\OpenTFTPServerMT.exe [86161 2013-11-18] ()
==================== Drivers (Whitelisted) ====================
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-19] (Avira Operations GmbH & Co. KG)
S3 AX88179; C:\Windows\System32\DRIVERS\ax88179_178a.sys [58368 2013-05-24] (ASIX Electronics Corp.)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (CSR, plc)
S3 DIRECTIO; C:\Program Files\Passmark PerformanceTest\DirectIo64.sys [25704 2012-08-13] ()
R3 E100B; C:\Windows\System32\DRIVERS\efe5b32e.sys [192256 2009-06-10] (Intel Corporation)
R3 mos24ser_QUADPORT; C:\Windows\System32\DRIVERS\mos24ser_QUADPORT.sys [277760 2012-10-03] (ASIX Electronics Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 RD9700; C:\Windows\System32\DRIVERS\RD9700.sys [21504 2012-01-04] (Corechip Semiconductor, Inc. Co Ltd.)
S3 RTL85n64; C:\Windows\System32\DRIVERS\RTL85n64.sys [2061856 2010-03-23] (Realtek Semiconductor Corporation )
R3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [114568 2013-02-08] (Renesas Electronics Corporation)
R3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [221184 2012-05-10] (Renesas Electronics Corporation)
R3 TotRec8; C:\Windows\system32\drivers\TotRec8.sys [125640 2013-10-16] (High Criteria inc.)
S3 USB_Ethernet_Adaptor; C:\Windows\System32\DRIVERS\USB_Ethernet_Adaptor.sys [21504 2013-01-08] (Corechip Semiconductor, Inc. Co Ltd.)
R2 VMparport; C:\Windows\system32\drivers\VMparport.sys [31824 2013-10-18] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-06 12:11 - 2014-02-06 12:12 - 00018736 _____ () C:\Users\mm_2\Desktop\FRST.txt
2014-02-06 12:11 - 2014-02-06 12:11 - 00000000 ____D () C:\FRST
2014-02-06 12:10 - 2014-02-06 12:10 - 02082304 _____ (Farbar) C:\Users\mm_2\Desktop\FRST64.exe
2014-02-04 19:43 - 2014-02-04 22:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-02-04 11:58 - 2014-02-04 11:58 - 01488659 _____ () C:\Users\mm_2\Downloads\Art.-Nr.35005
2014-02-04 00:18 - 2009-07-14 02:41 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\rsatclient.dll
2014-01-31 20:14 - 2014-01-31 20:14 - 01659552 _____ (Skype Technologies S.A.) C:\Users\mm_2\Desktop\SkypeSetup.exe
2014-01-30 15:27 - 2014-01-30 15:29 - 00000000 ____D () C:\Users\mm_2\AppData\Roaming\TotalRecorder
2014-01-29 15:32 - 2014-01-29 15:32 - 00000000 ____D () C:\Program Files (x86)\HighCriteria
2014-01-29 15:32 - 2013-10-16 11:07 - 00125640 _____ (High Criteria inc.) C:\Windows\system32\Drivers\TotRec8.sys
2014-01-28 19:05 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-28 19:04 - 2014-01-28 19:04 - 00005402 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-28 19:04 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-28 19:04 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-28 19:04 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-27 17:33 - 2014-01-27 17:33 - 00000000 ___SD () C:\Users\mm_2\Documents\Eigene Datenquellen
2014-01-27 01:11 - 2014-01-27 01:11 - 00015638 _____ () C:\Users\mm_2\AppData\Local\recently-used.xbel
2014-01-25 00:45 - 2014-02-06 00:49 - 00000048 _____ () C:\Users\mm_2\Documents\pwsafe.plk
2014-01-24 20:54 - 2014-01-24 20:54 - 01069512 _____ (Solid State Networks) C:\Users\mm_2\Downloads\install_flashplayer12x32au_mssa_aaa_aih.exe
2014-01-24 14:56 - 2014-01-30 00:30 - 00000000 ____D () C:\Users\mm_2\Documents\!Silja
2014-01-23 17:46 - 2014-01-23 17:46 - 00000046 _____ () C:\Users\mm_2\Desktop\notes.txt
2014-01-22 23:14 - 2014-01-22 23:22 - 00000000 ____D () C:\Users\mm_2\AppData\Roaming\TeamViewer
2014-01-20 19:21 - 2014-01-20 19:23 - 00000000 ____D () C:\Users\mm_2\!frank
2014-01-20 18:59 - 2014-01-20 21:27 - 00000000 ____D () C:\Users\mm_2\Documents\Turbo Lister Backup
2014-01-20 18:39 - 2014-01-20 18:39 - 00002099 _____ () C:\Users\Public\Desktop\eBay Turbo Lister 2.lnk
2014-01-20 18:39 - 2014-01-20 18:39 - 00000401 _____ () C:\InstallHelper.log
2014-01-20 18:39 - 2014-01-20 18:39 - 00000000 ____D () C:\ProgramData\eBay
2014-01-20 18:39 - 2014-01-20 18:39 - 00000000 ____D () C:\Program Files (x86)\eBay
2014-01-20 18:33 - 2014-01-20 18:35 - 29894512 _____ () C:\Users\mm_2\Desktop\setupDE.exe
2014-01-17 15:28 - 2014-01-17 15:30 - 90396104 _____ (The GIMP Team ) C:\Users\mm_2\Downloads\gimp-2.8.10-setup.exe
2014-01-15 11:36 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 11:36 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 11:36 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 11:36 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 11:36 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 11:36 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 11:36 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 11:36 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 11:36 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-13 19:03 - 2014-01-17 19:33 - 00000000 ____D () C:\Users\mm_2\Documents\!dietmar
2014-01-07 21:53 - 2014-01-07 21:54 - 151385877 _____ () C:\Users\mm_2\Downloads\the-malta-tapes-vol-1.zip
==================== One Month Modified Files and Folders =======
2014-02-06 12:12 - 2014-02-06 12:11 - 00018736 _____ () C:\Users\mm_2\Desktop\FRST.txt
2014-02-06 12:11 - 2014-02-06 12:11 - 00000000 ____D () C:\FRST
2014-02-06 12:10 - 2014-02-06 12:10 - 02082304 _____ (Farbar) C:\Users\mm_2\Desktop\FRST64.exe
2014-02-06 12:02 - 2011-10-08 16:34 - 00000000 ____D () C:\Users\mm_2\AppData\Roaming\Skype
2014-02-06 12:01 - 2013-01-26 01:17 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-06 11:48 - 2013-11-26 22:44 - 00000000 ____D () C:\ProgramData\VMware
2014-02-06 11:24 - 2012-06-26 07:44 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-06 11:21 - 2012-12-09 19:31 - 00000000 ____D () C:\Users\mm_2\AppData\Roaming\avidemux
2014-02-06 11:01 - 2013-01-26 01:17 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-06 10:50 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-02-06 10:47 - 2013-11-26 23:06 - 00000000 ____D () C:\Users\mm_2\AppData\Roaming\VMware
2014-02-06 10:47 - 2013-11-26 22:45 - 00000000 ____D () C:\Users\mm_2\AppData\Local\VMware
2014-02-06 10:47 - 2011-08-07 17:11 - 01290745 _____ () C:\Windows\WindowsUpdate.log
2014-02-06 10:43 - 2013-06-03 15:03 - 00000000 ____D () C:\Users\mm_2\AppData\Local\HTC MediaHub
2014-02-06 10:43 - 2009-07-14 05:45 - 00014800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-06 10:43 - 2009-07-14 05:45 - 00014800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-06 10:35 - 2012-12-22 14:50 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2014-02-06 10:35 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-06 10:35 - 2009-07-14 05:51 - 00132651 _____ () C:\Windows\setupact.log
2014-02-06 00:49 - 2014-01-25 00:45 - 00000048 _____ () C:\Users\mm_2\Documents\pwsafe.plk
2014-02-05 20:15 - 2013-01-11 11:30 - 00000000 ____D () C:\Users\mm_2\AppData\Local\PasswordSafe
2014-02-05 19:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-05 16:18 - 2013-09-23 12:45 - 00000000 ____D () C:\Users\mm_2\AppData\Roaming\vlc
2014-02-05 15:24 - 2012-06-26 07:44 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-05 15:24 - 2012-05-25 13:14 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 15:24 - 2011-09-02 20:56 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-05 14:33 - 2013-10-03 17:24 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{10DE1020-3648-4298-B0F6-8FD8466F95C5}
2014-02-05 10:47 - 2012-05-11 07:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-04 22:03 - 2014-02-04 19:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-02-04 11:58 - 2014-02-04 11:58 - 01488659 _____ () C:\Users\mm_2\Downloads\Art.-Nr.35005
2014-02-04 00:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-02-04 00:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-02-04 00:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-02-03 18:22 - 2011-10-08 13:51 - 00000000 ____D () C:\Users\mm_2
2014-02-03 18:07 - 2009-07-14 18:58 - 00711830 _____ () C:\Windows\system32\perfh007.dat
2014-02-03 18:07 - 2009-07-14 18:58 - 00155892 _____ () C:\Windows\system32\perfc007.dat
2014-02-03 18:07 - 2009-07-14 06:13 - 01656314 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-03 13:47 - 2013-02-17 16:02 - 00000617 _____ () C:\Windows\SysWOW64\AVCMMS.ini
2014-02-03 13:43 - 2013-06-08 02:47 - 00000000 ____D () C:\Users\mm_2\Documents\Job 2011
2014-01-31 20:14 - 2014-01-31 20:14 - 01659552 _____ (Skype Technologies S.A.) C:\Users\mm_2\Desktop\SkypeSetup.exe
2014-01-30 15:29 - 2014-01-30 15:27 - 00000000 ____D () C:\Users\mm_2\AppData\Roaming\TotalRecorder
2014-01-30 14:23 - 2013-11-26 23:49 - 00000000 ____D () C:\Users\mm_2\Documents\Virtual Machines
2014-01-30 14:22 - 2013-11-28 13:29 - 00000000 ____D () C:\Users\mm_2\AppData\Roaming\Azureus
2014-01-30 14:21 - 2010-01-14 17:15 - 00000000 ____D () C:\uninst
2014-01-30 00:30 - 2014-01-24 14:56 - 00000000 ____D () C:\Users\mm_2\Documents\!Silja
2014-01-29 15:32 - 2014-01-29 15:32 - 00000000 ____D () C:\Program Files (x86)\HighCriteria
2014-01-28 19:05 - 2013-10-18 14:59 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-28 19:04 - 2014-01-28 19:04 - 00005402 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-28 19:04 - 2013-02-15 22:37 - 00000000 ____D () C:\Program Files (x86)\Java
2014-01-27 17:33 - 2014-01-27 17:33 - 00000000 ___SD () C:\Users\mm_2\Documents\Eigene Datenquellen
2014-01-27 01:11 - 2014-01-27 01:11 - 00015638 _____ () C:\Users\mm_2\AppData\Local\recently-used.xbel
2014-01-26 20:14 - 2013-05-04 11:19 - 00000000 ____D () C:\Users\mm_2\.gimp-2.8
2014-01-25 13:39 - 2013-08-31 16:56 - 00000000 ____D () C:\Users\mm_2\Documents\whatsapp complete backup (databases, media)
2014-01-24 22:34 - 2013-01-03 22:09 - 00000000 ____D () C:\Users\mm_2\Documents\Dokumente
2014-01-24 20:54 - 2014-01-24 20:54 - 01069512 _____ (Solid State Networks) C:\Users\mm_2\Downloads\install_flashplayer12x32au_mssa_aaa_aih.exe
2014-01-23 11:51 - 2013-11-02 17:53 - 00026552 _____ () C:\Users\mm_2\Documents\pwsafe.psafe3
2014-01-23 11:49 - 2013-11-02 17:53 - 00026584 _____ () C:\Users\mm_2\Documents\pwsafe_009.ibak
2014-01-23 11:44 - 2013-11-02 17:53 - 00026536 _____ () C:\Users\mm_2\Documents\pwsafe_008.ibak
2014-01-22 23:22 - 2014-01-22 23:14 - 00000000 ____D () C:\Users\mm_2\AppData\Roaming\TeamViewer
2014-01-22 00:53 - 2013-11-02 17:53 - 00026504 _____ () C:\Users\mm_2\Documents\pwsafe_007.ibak
2014-01-21 22:54 - 2013-10-02 15:00 - 00000000 ____D () C:\ProgramData\Visual CertExam Suite
2014-01-21 22:46 - 2013-10-02 15:09 - 00000000 ____D () C:\Users\mm_2\Documents\Job - Material für Schulungen, Zertifizierungen, Exams
2014-01-20 21:27 - 2014-01-20 18:59 - 00000000 ____D () C:\Users\mm_2\Documents\Turbo Lister Backup
2014-01-20 19:23 - 2014-01-20 19:21 - 00000000 ____D () C:\Users\mm_2\!frank
2014-01-20 18:39 - 2014-01-20 18:39 - 00002099 _____ () C:\Users\Public\Desktop\eBay Turbo Lister 2.lnk
2014-01-20 18:39 - 2014-01-20 18:39 - 00000401 _____ () C:\InstallHelper.log
2014-01-20 18:39 - 2014-01-20 18:39 - 00000000 ____D () C:\ProgramData\eBay
2014-01-20 18:39 - 2014-01-20 18:39 - 00000000 ____D () C:\Program Files (x86)\eBay
2014-01-20 18:35 - 2014-01-20 18:33 - 29894512 _____ () C:\Users\mm_2\Desktop\setupDE.exe
2014-01-20 14:44 - 2013-02-15 13:34 - 00000000 ____D () C:\Users\mm_2\AppData\Roaming\Notepad++
2014-01-19 08:33 - 2011-08-07 17:48 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-17 19:33 - 2014-01-13 19:03 - 00000000 ____D () C:\Users\mm_2\Documents\!dietmar
2014-01-17 15:30 - 2014-01-17 15:28 - 90396104 _____ (The GIMP Team ) C:\Users\mm_2\Downloads\gimp-2.8.10-setup.exe
2014-01-15 23:36 - 2014-01-15 23:36 - 00000000 ____D () C:\Users\mm_2\Documents\Phillip Boa Zeugs
2014-01-15 22:16 - 2009-07-14 05:45 - 00385520 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-15 18:50 - 2009-07-14 03:34 - 00000499 _____ () C:\Windows\win.ini
2014-01-15 18:49 - 2013-08-07 22:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-15 18:44 - 2011-08-07 18:37 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-10 12:40 - 2012-12-02 14:32 - 00000000 ____D () C:\Program Files (x86)\Office-n-PDF2
2014-01-07 21:54 - 2014-01-07 21:53 - 151385877 _____ () C:\Users\mm_2\Downloads\the-malta-tapes-vol-1.zip
Files to move or delete:
====================
C:\Users\mm_2\inettimesync.bat
C:\Users\mm_2\inettimesync2.bat
Some content of TEMP:
====================
C:\Users\hb\AppData\Local\Temp\avgnt.exe
C:\Users\mm\AppData\Local\Temp\NEventMessages.dll
C:\Users\mm\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\mm_2\AppData\Local\Temp\1_Offer_4.exe
C:\Users\mm_2\AppData\Local\Temp\AskSLib.dll
C:\Users\mm_2\AppData\Local\Temp\avgnt.exe
C:\Users\mm_2\AppData\Local\Temp\BackupSetup.exe
C:\Users\mm_2\AppData\Local\Temp\burn4free-setup-silent-6.0.exe
C:\Users\mm_2\AppData\Local\Temp\Checkupdate.exe
C:\Users\mm_2\AppData\Local\Temp\DownloadManager.exe
C:\Users\mm_2\AppData\Local\Temp\dp.exe
C:\Users\mm_2\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\mm_2\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe
C:\Users\mm_2\AppData\Local\Temp\gcapi_dll.dll
C:\Users\mm_2\AppData\Local\Temp\gtapi_signed.dll
C:\Users\mm_2\AppData\Local\Temp\h2o.exe
C:\Users\mm_2\AppData\Local\Temp\i4jdel0.exe
C:\Users\mm_2\AppData\Local\Temp\incredibar_installer.exe
C:\Users\mm_2\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\mm_2\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\mm_2\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\mm_2\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\mm_2\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\mm_2\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\mm_2\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\mm_2\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\mm_2\AppData\Local\Temp\KJQDRRHN.exe
C:\Users\mm_2\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\mm_2\AppData\Local\Temp\npp.6.5.1.Installer.exe
C:\Users\mm_2\AppData\Local\Temp\npp.6.5.2.Installer.exe
C:\Users\mm_2\AppData\Local\Temp\npp.6.5.Installer.exe
C:\Users\mm_2\AppData\Local\Temp\procexp64.exe
C:\Users\mm_2\AppData\Local\Temp\SkypeSetup.exe
C:\Users\mm_2\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\mm_2\AppData\Local\Temp\vcredist_x64.exe
C:\Users\mm_2\AppData\Local\Temp\vlc-2.0.5-win32.exe
C:\Users\mm_2\AppData\Local\Temp\vlc-2.1.1-win64.exe
C:\Users\mm_2\AppData\Local\Temp\vlc-2.1.2-win64.exe
C:\Users\mm_2\AppData\Local\Temp\xmlUpdater.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-29 12:47
==================== End Of Log ============================ --- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-02-2014
Ran by mm_2 at 2014-02-06 12:13:00
Running from C:\Users\mm_2\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AV: Avira Desktop (Disabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Disabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
9710_7840_QUADPORT_MSUninst (Version: - )
Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKCU Version: - Akamai Technologies, Inc)
Akamai NetSession Interface Service (x32 Version: - )
An Office-n-PDF senden (novaPDF OEM 7.7 printer) (Version: - Softland)
Ashampoo Snap 6 v.6.0.9 (x32 Version: 6.0.9 - Ashampoo GmbH & Co. KG)
ASUSUpdate (x32 Version: 7.18.03 - ASUSTeK Computer Inc.)
Audacity 2.0.2 (x32 Version: 2.0.2 - Audacity Team)
Audiograbber 1.83 SE (x32 Version: 1.83 SE - Audiograbber)
Audiograbber MP3-Plugin (x32 Version: 1.0 - AG)
AudioShell 1.3.5 (x32 Version: 1.3.5 - Softpointer Inc)
AV176U (x32 Version: 1.00.0000 - Avision)
Avidemux 2.6 (32-bit) (x32 Version: 2.6.4.8696 - )
Avidemux 2.6 (x32 Version: 2.6.0.8179 - )
Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)
AX88179_AX88178A Windows 7 Drivers (x32 Version: 2.0.3.0 - ASIX Electronics Corporation)
AX88179_AX88178A Windows 7 Drivers (x32 Version: 2.0.3.0 - ASIX Electronics Corporation) Hidden
Burn4Free DVD Burning 6.0.0.0 (x32 Version: - Ikysasoft s.r.l. uninominale)
Button Manager 2 (x32 Version: - )
Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DHTML Editing Component (x32 Version: 6.02.0001 - Microsoft Corporation)
eMule (x32 Version: - )
Foxit Reader (x32 Version: 6.0.4.719 - Foxit Corporation)
FreeFileSync 5.22 (x32 Version: 5.22 - Zenju)
GIMP 2.8.4 (Version: 2.8.4 - The GIMP Team)
GitHub (HKCU Version: 1.2.6.4 - GitHub, Inc.)
Google Chrome (x32 Version: 32.0.1700.107 - Google Inc.)
Google Drive (x32 Version: 1.13.5782.599 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Grand Fantasia (x32 Version: - )
Heroes of Might and Magic® III (x32 Version: - )
HTC Driver Installer (x32 Version: 4.8.0.002 - HTC Corporation)
HTC Sync Manager (x32 Version: 2.3.32.0 - HTC)
HyperCam 3 (x32 Version: 3.6.1311.20 - Solveig Multimedia)
Icewind Dale (x32 Version: - )
Inkscape 0.48.3.1 (x32 Version: 0.48.3.1 - )
IPTInstaller (x32 Version: 4.0.8 - HTC)
IrfanView (remove only) (x32 Version: 4.32 - Irfan Skiljan)
Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 13 (x32 Version: 1.7.0.130 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MAGIX Audio Cleaning Lab 17 deluxe Download-Version (x32 Version: 17.0.0.1 - MAGIX AG)
MAGIX Audio Cleaning Lab 17 deluxe Download-Version (x32 Version: 17.0.0.1 - MAGIX AG) Hidden
MetaTrader 5 (Version: 5.00 - MetaQuotes Software Corp.)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 DEU Language Pack (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 DEU Language Pack (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (x32 Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visio Viewer 2013 (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (x32 Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (Version: - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (Version: 2.0.50728 - Microsoft Corporation) Hidden
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden
MonitorSwitch V1.0.7 (x32 Version: - www.goldgingko.com)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 24.3.0 - Mozilla)
Mozilla Thunderbird 24.3.0 (x86 de) (x32 Version: 24.3.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
MyPhoneExplorer (x32 Version: 1.8.5 - F.J. Wechselberger)
MySpeed ActiveX v3.8.4 (x32 Version: 3.08.0252 - Enounce Incorporated)
Neophyte (x32 Version: - )
Nmap 6.40 (x32 Version: - )
Nokia Connectivity Cable Driver (x32 Version: 7.1.48.0 - Nokia)
Nokia Suite (x32 Version: 3.2.100.0 - Nokia)
Nokia Suite (x32 Version: 3.2.100.0 - Nokia) Hidden
Notepad++ (x32 Version: 6.5.2 - Notepad++ Team)
Office-n-PDF 2 (x32 Version: 2 - JBSoftware)
OpenOffice 4.0.1 (x32 Version: 4.01.9714 - Apache Software Foundation)
OpenTFTPServer (x32 Version: - )
Pass4sure Questions and Answers for Blue Coat BCCPP Demo (x32 Version: 4.0.12928 - Pass4sure)
Password Safe (x32 Version: - )
PC Connectivity Solution (x32 Version: 11.5.13.0 - Nokia)
PDF Architect (x32 Version: 1.1.83.9982 - pdfforge GmbH)
PDF Split And Merge Basic (Version: 2.2.2 - Andrea Vacondio)
PDFCreator (x32 Version: 1.7.1 - pdfforge)
PerformanceTest v8.0 (Version: 8.0.1026.0 - Passmark Software)
Pidgin (x32 Version: 2.10.0 - )
PuTTY version 0.63 (x32 Version: 0.63 - Simon Tatham)
Rage of Mages 2 (x32 Version: - )
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 3.0.20.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 3.0.20.0 - Renesas Electronics Corporation) Hidden
Shockwave (x32 Version: - )
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
StreamTransport version: 1.1.0.1 (x32 Version: - )
Tag&Rename 3.7.5 beta 1 (x32 Version: 3.7.5 beta 1 - Softpointer Inc)
tools-linux (x32 Version: 9.6.1.1379776 - VMware, Inc.) Hidden
tools-windows (x32 Version: 9.6.1.1379776 - VMware, Inc.) Hidden
Total Commander (Remove or Repair) (x32 Version: 7.57a - Ghisler Software GmbH)
Total Commander 64-bit (Remove or Repair) (Version: 8.01 - Ghisler Software GmbH)
Total Recorder 8.5 Standard Edition (x32 Version: - )
TrueCrypt (x32 Version: 7.1a - TrueCrypt Foundation)
Turbo Lister 2 (x32 Version: 2.00.0000 - eBay Inc.)
UltraEdit-32 Uninstall (x32 Version: - )
Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4.5 (KB2805221) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4.5 (KB2805226) (x32 Version: 1 - Microsoft Corporation)
Visual CertExam Suite (x32 Version: - Avanset)
Visual Subst (x32 Version: 1.0.6 - NTWind Software)
VLC media player 2.1.2 (Version: 2.1.2 - VideoLAN)
VMware Player (Version: 6.0.1 - VMware, Inc.) Hidden
VMware Player (x32 Version: 6.0.1 - VMware, Inc)
VMware vSphere Client 5.5 (x32 Version: 5.5.0.3165 - VMware, Inc.)
Vuze (x32 Version: 5.2.0.0 - Azureus Software, Inc.)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0 - Nokia)
winLAME 2010 beta 2 (x32 Version: 1.0.2010.2 - Michael Fink)
WinPcap 4.1.3 (x32 Version: 4.1.0.2980 - Riverbed Technology, Inc.)
Wireshark 1.10.3 (64-bit) (x32 Version: 1.10.3 - The Wireshark developer community, hxxp://www.wireshark.org)
Yahoo! Messenger (x32 Version: - Yahoo! Inc.)
==================== Restore Points =========================
28-01-2014 18:03:54 Installed Java 7 Update 51
29-01-2014 17:32:07 Windows Update
03-02-2014 10:44:12 Windows Update
03-02-2014 23:15:01 Windows Update
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {1AB22998-124B-4B90-92C9-E7B7735B6F4C} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2009-12-28] (ASUSTeK Computer Inc.)
Task: {26BD6C4F-2C5C-4FA3-92B6-4A2BF60D9D32} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-26] (Google Inc.)
Task: {6250E2E1-18F1-4F7B-9D3D-359E25CD1D3E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05] (Adobe Systems Incorporated)
Task: {9C2FC061-5EE4-449B-A3AF-A78B5E906EB9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-26] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-12-08 16:28 - 2010-08-17 17:45 - 00381440 _____ () C:\Program Files (x86)\MonitorSwitch\MonitorSwitchDll64.dll
2013-02-14 11:57 - 2013-02-14 11:54 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-10-17 15:40 - 2013-10-17 15:40 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2013-10-17 15:40 - 2013-10-17 15:40 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2013-10-17 15:40 - 2013-10-17 15:40 - 00044392 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2013-10-17 15:40 - 2013-10-17 15:40 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2013-10-17 15:40 - 2013-10-17 15:40 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2013-10-17 15:42 - 2013-10-17 15:42 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2013-10-17 15:43 - 2013-10-17 15:43 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2013-10-18 12:46 - 2013-10-18 12:46 - 01260624 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2013-12-08 16:28 - 2010-08-17 17:44 - 00290816 _____ () C:\Program Files (x86)\MonitorSwitch\MonitorSwitchDll.dll
2013-12-11 14:21 - 2013-12-11 14:21 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2003-07-11 02:09 - 2003-07-11 02:09 - 00048192 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\1031\nsextint.dll
2013-10-18 12:46 - 2013-10-18 12:46 - 00329808 _____ () C:\Program Files (x86)\VMware\VMware Player\libcurl.dll
2013-10-18 12:45 - 2013-10-18 12:45 - 00319056 _____ () C:\Program Files (x86)\VMware\VMware Player\libldap_r.dll
2013-10-18 12:45 - 2013-10-18 12:45 - 00146000 _____ () C:\Program Files (x86)\VMware\VMware Player\liblber.dll
2013-10-18 12:45 - 2013-10-18 12:45 - 00069712 _____ () C:\Program Files (x86)\VMware\VMware Player\zlib1.dll
2014-02-04 19:43 - 2014-02-04 19:43 - 03019376 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-02-04 19:43 - 2014-02-04 19:43 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-02-04 19:43 - 2014-02-04 19:43 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2014-02-05 15:24 - 2014-02-05 15:24 - 16287624 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll
2013-11-29 12:15 - 2013-06-04 11:29 - 04094976 _____ () C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\CommentsSummary.fpi
2013-11-29 12:15 - 2013-07-23 17:27 - 01791488 _____ () C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\Speech.fpi
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\mm\Downloads\05-2012 _ Internetsüchtig_.eml:OECustomProperty
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Realtek 8185 Extensible 802.11b/g Wireless Device
Description: Realtek 8185 Extensible 802.11b/g Wireless Device
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek Semiconductor Corp
Service: RTL85n64
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/03/2014 03:29:27 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FXC_ProxyProcess.exe, Version: 0.3.1.0, Zeitstempel: 0x5177b080
Name des fehlerhaften Moduls: FXC_ProxyProcess.exe, Version: 0.3.1.0, Zeitstempel: 0x5177b080
Ausnahmecode: 0xc0000409
Fehleroffset: 0x00001510
ID des fehlerhaften Prozesses: 0xd98
Startzeit der fehlerhaften Anwendung: 0xFXC_ProxyProcess.exe0
Pfad der fehlerhaften Anwendung: FXC_ProxyProcess.exe1
Pfad des fehlerhaften Moduls: FXC_ProxyProcess.exe2
Berichtskennung: FXC_ProxyProcess.exe3
Error: (02/01/2014 04:32:38 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FlashUtil32_11_9_900_170_Plugin.exe, Version: 11.9.900.170, Zeitstempel: 0x529b7b0c
Name des fehlerhaften Moduls: fpb.tmp_unloaded, Version: 0.0.0.0, Zeitstempel: 0x529b78f4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x74394335
ID des fehlerhaften Prozesses: 0xd90
Startzeit der fehlerhaften Anwendung: 0xFlashUtil32_11_9_900_170_Plugin.exe0
Pfad der fehlerhaften Anwendung: FlashUtil32_11_9_900_170_Plugin.exe1
Pfad des fehlerhaften Moduls: FlashUtil32_11_9_900_170_Plugin.exe2
Berichtskennung: FlashUtil32_11_9_900_170_Plugin.exe3
Error: (01/24/2014 08:52:40 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FlashUtil32_11_9_900_170_Plugin.exe, Version: 11.9.900.170, Zeitstempel: 0x529b7b0c
Name des fehlerhaften Moduls: fpb.tmp_unloaded, Version: 0.0.0.0, Zeitstempel: 0x529b78f4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x74754335
ID des fehlerhaften Prozesses: 0xeec
Startzeit der fehlerhaften Anwendung: 0xFlashUtil32_11_9_900_170_Plugin.exe0
Pfad der fehlerhaften Anwendung: FlashUtil32_11_9_900_170_Plugin.exe1
Pfad des fehlerhaften Moduls: FlashUtil32_11_9_900_170_Plugin.exe2
Berichtskennung: FlashUtil32_11_9_900_170_Plugin.exe3
Error: (01/18/2014 10:29:30 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FlashUtil32_11_9_900_170_Plugin.exe, Version: 11.9.900.170, Zeitstempel: 0x529b7b0c
Name des fehlerhaften Moduls: fpb.tmp_unloaded, Version: 0.0.0.0, Zeitstempel: 0x529b78f4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x74464335
ID des fehlerhaften Prozesses: 0xf2c
Startzeit der fehlerhaften Anwendung: 0xFlashUtil32_11_9_900_170_Plugin.exe0
Pfad der fehlerhaften Anwendung: FlashUtil32_11_9_900_170_Plugin.exe1
Pfad des fehlerhaften Moduls: FlashUtil32_11_9_900_170_Plugin.exe2
Berichtskennung: FlashUtil32_11_9_900_170_Plugin.exe3
Error: (12/23/2013 05:40:51 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_RpcEptMapper, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000c4102
ID des fehlerhaften Prozesses: 0x4b4
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_RpcEptMapper0
Pfad der fehlerhaften Anwendung: svchost.exe_RpcEptMapper1
Pfad des fehlerhaften Moduls: svchost.exe_RpcEptMapper2
Berichtskennung: svchost.exe_RpcEptMapper3
Error: (12/23/2013 02:28:42 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000003940fd8
ID des fehlerhaften Prozesses: 0xcc0
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Error: (12/23/2013 02:11:24 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_SysMain, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: sysmain.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c9db
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002d562
ID des fehlerhaften Prozesses: 0x5c8
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_SysMain0
Pfad der fehlerhaften Anwendung: svchost.exe_SysMain1
Pfad des fehlerhaften Moduls: svchost.exe_SysMain2
Berichtskennung: svchost.exe_SysMain3
Error: (12/06/2013 04:37:38 PM) (Source: Application Hang) (User: )
Description: Programm StreamTransport.exe, Version 1.1.0.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1f68
Startzeit: 01cef2944b5ddeac
Endzeit: 6
Anwendungspfad: C:\Program Files (x86)\StreamTransport\StreamTransport.exe
Berichts-ID: 3ea250b0-5e8c-11e3-b34a-0009dd507ae3
Error: (12/06/2013 03:31:29 PM) (Source: Application Hang) (User: )
Description: Programm StreamTransport.exe, Version 1.1.0.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1388
Startzeit: 01cef28e81aa527a
Endzeit: 10
Anwendungspfad: C:\Program Files (x86)\StreamTransport\StreamTransport.exe
Berichts-ID: 0b8bd2d4-5e83-11e3-b34a-0009dd507ae3
Error: (12/03/2013 11:01:53 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: RootkitRevealer.exe, Version: 1.71.0.0, Zeitstempel: 0x44e255aa
Name des fehlerhaften Moduls: RootkitRevealer.exe, Version: 1.71.0.0, Zeitstempel: 0x44e255aa
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000040cd
ID des fehlerhaften Prozesses: 0xb14
Startzeit der fehlerhaften Anwendung: 0xRootkitRevealer.exe0
Pfad der fehlerhaften Anwendung: RootkitRevealer.exe1
Pfad des fehlerhaften Moduls: RootkitRevealer.exe2
Berichtskennung: RootkitRevealer.exe3
System errors:
=============
Error: (02/06/2014 10:35:39 AM) (Source: atikmdag) (User: )
Description: Display is not active
Error: (02/06/2014 10:35:39 AM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter
Error: (02/06/2014 10:35:38 AM) (Source: atikmdag) (User: )
Description: Display is not active
Error: (02/06/2014 10:35:38 AM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter
Error: (02/05/2014 10:48:12 AM) (Source: atikmdag) (User: )
Description: Display is not active
Error: (02/05/2014 10:48:12 AM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter
Error: (02/05/2014 10:48:12 AM) (Source: atikmdag) (User: )
Description: Display is not active
Error: (02/05/2014 10:48:12 AM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter
Error: (02/04/2014 10:00:16 PM) (Source: atikmdag) (User: )
Description: Display is not active
Error: (02/04/2014 10:00:16 PM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter
Microsoft Office Sessions:
=========================
Error: (02/03/2014 03:29:27 PM) (Source: Application Error)(User: )
Description: FXC_ProxyProcess.exe0.3.1.05177b080FXC_ProxyProcess.exe0.3.1.05177b080c000040900001510d9801cf20ec57d8c114C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\Creator\FXC_ProxyProcess.exeC:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\Creator\FXC_ProxyProcess.exe95ad7d22-8cdf-11e3-a3e3-0009dd507ae3
Error: (02/01/2014 04:32:38 PM) (Source: Application Error)(User: )
Description: FlashUtil32_11_9_900_170_Plugin.exe11.9.900.170529b7b0cfpb.tmp_unloaded0.0.0.0529b78f4c000000574394335d9001cf1f62c9a65e9dC:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_170_Plugin.exefpb.tmp141e216d-8b56-11e3-b4c6-0009dd507ae3
Error: (01/24/2014 08:52:40 PM) (Source: Application Error)(User: )
Description: FlashUtil32_11_9_900_170_Plugin.exe11.9.900.170529b7b0cfpb.tmp_unloaded0.0.0.0529b78f4c000000574754335eec01cf193dc3f5f4a2C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_170_Plugin.exefpb.tmp14615240-8531-11e3-9bf5-0009dd507ae3
Error: (01/18/2014 10:29:30 PM) (Source: Application Error)(User: )
Description: FlashUtil32_11_9_900_170_Plugin.exe11.9.900.170529b7b0cfpb.tmp_unloaded0.0.0.0529b78f4c000000574464335f2c01cf14944e14c4e1C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_170_Plugin.exefpb.tmp9cf5fe3b-8087-11e3-b153-0009dd507ae3
Error: (12/23/2013 05:40:51 PM) (Source: Application Error)(User: )
Description: svchost.exe_RpcEptMapper6.1.7600.163854a5bc3c1ntdll.dll6.1.7601.18247521eaf24c000037400000000000c41024b401ceffe01bb77803C:\Windows\system32\svchost.exeC:\Windows\SYSTEM32\ntdll.dllfb8c84ff-6bf0-11e3-93f2-0009dd507ae3
Error: (12/23/2013 02:28:42 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.1.7601.175674d672ee4unknown0.0.0.000000000c00000050000000003940fd8cc001ceffe029971f87C:\Windows\Explorer.EXEunknown23752be3-6bd6-11e3-93f2-0009dd507ae3
Error: (12/23/2013 02:11:24 PM) (Source: Application Error)(User: )
Description: svchost.exe_SysMain6.1.7600.163854a5bc3c1sysmain.dll6.1.7601.175144ce7c9dbc0000005000000000002d5625c801ceffe01f876ccaC:\Windows\System32\svchost.exec:\windows\system32\sysmain.dllb8c61d33-6bd3-11e3-93f2-0009dd507ae3
Error: (12/06/2013 04:37:38 PM) (Source: Application Hang)(User: )
Description: StreamTransport.exe1.1.0.11f6801cef2944b5ddeac6C:\Program Files (x86)\StreamTransport\StreamTransport.exe3ea250b0-5e8c-11e3-b34a-0009dd507ae3
Error: (12/06/2013 03:31:29 PM) (Source: Application Hang)(User: )
Description: StreamTransport.exe1.1.0.1138801cef28e81aa527a10C:\Program Files (x86)\StreamTransport\StreamTransport.exe0b8bd2d4-5e83-11e3-b34a-0009dd507ae3
Error: (12/03/2013 11:01:53 PM) (Source: Application Error)(User: )
Description: RootkitRevealer.exe1.71.0.044e255aaRootkitRevealer.exe1.71.0.044e255aac0000005000040cdb1401cef073443f3ec5C:\Program Files (x86)\sysinternals\RootkitRevealer.exeC:\Program Files (x86)\sysinternals\RootkitRevealer.exe84174692-5c66-11e3-8d35-0009dd507ae3
CodeIntegrity Errors:
===================================
Date: 2013-08-26 23:58:03.316
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\testcrypt\testcrypt-x64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-08-26 23:58:03.087
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\testcrypt\testcrypt-x64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-08-26 23:57:16.509
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\testcrypt\testcrypt-x64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-08-26 23:57:16.281
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\testcrypt\testcrypt-x64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-08-26 22:36:09.070
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\testcrypt\testcrypt-x64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-08-26 22:36:08.832
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\testcrypt\testcrypt-x64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 50%
Total physical RAM: 7935.11 MB
Available physical RAM: 3898.92 MB
Total Pagefile: 15868.41 MB
Available Pagefile: 11517 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: (System-reserviert) (Fixed) (Total:698.63 GB) (Free:129.91 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Media - 2TB) (Fixed) (Total:1863.01 GB) (Free:1008.62 GB) NTFS
Drive f: () (Removable) (Total:3.74 GB) (Free:3.57 GB) FAT32
Drive m: (MM USB 32GB) (Removable) (Total:29.86 GB) (Free:0.18 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: A88BC5B0)
Partition 1: (Active) - (Size=699 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 39D191E0)
Partition 1: (Not Active) - (Size=-198626508800) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: 8CE757E5)
Partition 1: (Not Active) - (Size=466 GB) - (Type=06)
========================================================
Disk: 3 (Size: 4 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=4 GB) - (Type=0B)
========================================================
Disk: 4 (MBR Code: Windows XP) (Size: 30 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=30 GB) - (Type=07 NTFS)
==================== End Of Log ============================ |