olynt

Trojan.Generic.11387527 (B) wurde bei Suchlauf gefunden

Recommended Posts

Liebe Community!

 

Bei einem Suchlauf wurde ein Trojaner (siehe Überschrift) gefunden.

 

Ich habe die Datei (siehe Screenshot 1) in die Quarantäne gestellt.

 

Kann mir jemand sagen was das für eine Datei ist?

 

Direkt nach dem Screenshot 1 ist Anti-Malware dann ausgestiegen - beide Fenster waren weiß.

 

Im Task-Manager ist mir dann aufgefallen, dass da verschiedene Versionsnummern für die beiden Fenster standen (siehe Screenshot 2).

 

Das eine Fenster war das Suchlauf-Fenster, das andere war das Quarantäne Fenster.

 

Es wäre sehr nett, wenn mir jemand etwas dazu sagen könnte!

 

Und zwar:

 

1. Ob ich die Datei problemlos in der Quarantäne lassen kann

 

2. Was das mit den Versionsnummern auf sich hat

 

Vielen Dank im Voraus!!!

 

Liebe Grüße

 

olynt

 

 

Share this post


Link to post
Share on other sites

Hi, der Eintrag ist leider nicht so aussagekräftig. Sieht nach false positiv aus. Hast Du noch eine weitere Antivirus Software am laufen? Ich würde dich ja ins "Malware Research Center" verschieben, aber leider habe ich keine Moderationsrechte. Thomas kann dir da besser weiter helfen.

Share this post


Link to post
Share on other sites

Hi norgetroll!

 

Ich habe keine weitere Antivirus-Software. Nur MBAM, was ja keine Antiviren-Software in dem Sinne ist...

 

"false positive"??? Was ist das? Ein Fund von einem Antiviren-Programm in den Daten eines anderen Antiviren-Programms?

 

Bis ca. Mitte Januar hatte ich Avira. Aber das hatte ich dann entfernt und gecleant, bevor ich Emsi installiert hatte...

 

LG

 

olynt

Share this post


Link to post
Share on other sites

...oh... Mist!

 

Wie ich gerade hier gelesen habe: http://support.emsisoft.com/forum-11/announcement-16-bitte-folgende-hinweise-beachten-bei-nichtbeachtung-werdet-ihr-automatisch-auf-diesen-thread-verwiesen/, habe ich ja alles falsch gemacht...

 

Wie soll ich jetzt vorgehen? Soll ich die Datei aus der Quarantäne wiederherstellen (wenn das überhaupt geht?) und dann mit OTL den Rechner scannen?

 

Hier jedenfalls schon 'mal das Protokoll:

Emsisoft Anti-Malware - Version 9.0
Letztes Update: 25.06.2014 17:19:50
Benutzerkonto: SDGS-PC\OLYNT

Scan Einstellungen:

Scan Methode: Detail Scan
Objekte: Rootkits, Speicher, Traces, C:\, D:\, P:\, Y:\

PUPs-Erkennung: An
Archiv Scan: An
ADS Scan: An
Dateitypen-Filter: Aus
Erweitertes Caching: An
Direkter Festplattenzugriff: Aus

Scan Beginn:	25.06.2014 17:20:22
C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}\{D3742F82-1C1A-4DCC-ABBD-0E831C0185CC}.msi -> (Embedded EXE) 	gefunden: Trojan.Generic.11387527 (B)

Gescannt	222142
Gefunden	1

Scan Ende:	25.06.2014 17:55:06
Scan Zeit:	0:34:44

C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}\{D3742F82-1C1A-4DCC-ABBD-0E831C0185CC}.msi	Quarantäne Trojan.Generic.11387527 (B)

Quarantäne	1

LG

 

olynt

Share this post


Link to post
Share on other sites

Hi und Herzlich Willkommen beim Emsisoft Support Forum!

Systemscan mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit

(Wenn du nicht sicher bist: Start > Computer (Rechtsklick) > Eigenschaften)

  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Scan.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Bitte beide Logfiles in der nächsten Antwort anhängen.

Share this post


Link to post
Share on other sites

Hi Schrauber!

 

Vielen Dank für das Willkommen! ...aber ich kenne Dich schon! :D

 

Ich weiß nicht wie ich die Dateien anhängen kann... deshalb packe ich die Inhalte in Code-Boxen.

 

FRST:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-06-2014
Ran by Admin (administrator) on SDGS-PC on 26-06-2014 14:16:22
Running from D:\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Emsisoft GmbH) C:\Program Files (x86)\Online Armor\oacat.exe
(Emsisoft GmbH) C:\Program Files (x86)\Online Armor\oasrv.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Foxit Corporation) P:\Programme (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(TeamViewer GmbH) P:\Programme (x86)\TeamViewer\TeamViewer_Service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Emsisoft GmbH) C:\Program Files (x86)\Online Armor\oaui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(BillP Studios) P:\Programme (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(Emsisoft GmbH) C:\Program Files (x86)\Online Armor\oahlp.exe
() C:\Users\OLYNT\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Acronis) P:\Programme (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(TeamViewer GmbH) P:\Programme (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) P:\Programme (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) P:\Programme (x86)\TeamViewer\tv_x64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11490408 2010-10-22] (Realtek Semiconductor)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [519408 2013-07-18] (Acronis)
HKLM\...\Run: [@OnlineArmor GUI] => C:\Program Files (x86)\Online Armor\oaui.exe [7558464 2013-10-11] (Emsisoft GmbH)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-10-13] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => P:\Programme (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7843744 2014-02-04] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1104616 2013-10-10] (Acronis International GmbH)
HKLM-x32\...\Run: [emsisoft anti-malware] => c:\program files (x86)\emsisoft anti-malware\a2guard.exe [4842336 2014-06-24] (Emsisoft GmbH)
HKLM-x32\...\RunOnce: [NSIS.Library.RegTool.v3] - "P:\Programme (x86)\FileZilla\FileZilla FTP Client\NSIS.Library.RegTool.v3.{F04F4D33-FA0E-44F8-91A0-A2F15F16C832}.exe" /S [5120 2009-09-28] ()
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-12-29] (Microsoft Corporation)
HKU\S-1-5-21-3605761526-4051760409-21443896-1000\...\Run: [WinPatrol] => P:\Programme (x86)\BillP Studios\WinPatrol\winpatrol.exe [429120 2014-01-24] (BillP Studios)
HKU\S-1-5-21-3605761526-4051760409-21443896-1000\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\OLYNT\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
ShellIconOverlayIdentifiers: AcronisSyncError -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => P:\Programme (x86)\Acronis\TrueImageHome\tishell64.dll ()
ShellIconOverlayIdentifiers: AcronisSyncInProgress -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => P:\Programme (x86)\Acronis\TrueImageHome\tishell64.dll ()
ShellIconOverlayIdentifiers: AcronisSyncOk -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => P:\Programme (x86)\Acronis\TrueImageHome\tishell64.dll ()

==================== Internet (Whitelisted) ====================

SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.1 - P:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - P:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - P:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 - P:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF StartMenuInternet: FIREFOX.EXE - P:\Programme (x86)\Mozilla\Firefox\firefox.exe

==================== Services (Whitelisted) =================

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4725440 2014-06-24] (Emsisoft GmbH)
R2 FoxitCloudUpdateService; P:\Programme (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [239680 2014-02-19] (Foxit Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151744 2013-12-29] (IObit)
R2 OAcat; C:\Program Files (x86)\Online Armor\OAcat.exe [584864 2013-10-11] (Emsisoft GmbH)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
R2 SvcOnlineArmor; C:\Program Files (x86)\Online Armor\oasrv.exe [4457688 2013-10-11] (Emsisoft GmbH)
R2 TeamViewer9; P:\Programme (x86)\TeamViewer\TeamViewer_Service.exe [5037888 2014-06-16] (TeamViewer GmbH)

==================== Drivers (Whitelisted) ====================

R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [71472 2014-05-12] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [23088 2014-05-12] (Emsisoft GmbH)
R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
S3 cpuz136; P:\Programme (x86)\PC Wizard 2013\pcwiz_x64.sys [25320 2013-08-24] (CPUID)
R1 OADevice; C:\Windows\SysWow64\Drivers\OADriver.sys [64720 2013-10-11] ()
R1 oahlpXX; C:\Windows\syswow64\drivers\oahlp64.sys [62008 2013-10-11] ()
R1 OAmon; C:\Windows\SysWOW64\Drivers\OAmon.sys [52360 2013-10-11] (Emsisoft)
R3 OAnet; C:\Windows\System32\DRIVERS\oanet.sys [35368 2013-10-11] (Emsisoft)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2013-12-30] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2013-12-30] (Acronis International GmbH)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2013-12-30] (Acronis International GmbH)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-26 14:16 - 2014-06-26 14:16 - 00000000 ____D () C:\FRST
2014-06-25 16:54 - 2014-06-25 16:54 - 00000000 _____ () C:\Users\OLYNT\Sti_Trace.log
2014-06-18 18:15 - 2014-06-25 20:03 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-18 18:14 - 2014-06-18 18:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-18 18:14 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-18 18:14 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-18 18:09 - 2014-06-18 18:10 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-18 17:56 - 2014-06-18 17:56 - 00000000 ____D () C:\ProgramData\Emsisoft
2014-06-11 14:35 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 14:35 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 14:35 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 14:35 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 14:35 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 14:35 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 14:35 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 14:35 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 14:35 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 14:35 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 14:34 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 14:34 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 14:34 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 14:34 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 14:34 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 14:34 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 14:34 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 14:34 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 14:34 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 14:34 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 14:34 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 14:34 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 14:34 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 14:34 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 14:34 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 14:34 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 14:34 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 14:34 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 14:34 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 14:34 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 14:34 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 14:34 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 14:34 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 14:34 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 14:34 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 14:34 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 14:34 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 14:34 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 14:34 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 14:34 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 14:34 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 14:34 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 14:34 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 14:34 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 14:34 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-11 14:34 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 14:34 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 14:34 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 14:34 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 14:34 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 14:34 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 14:34 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 14:34 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-11 14:34 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-11 14:34 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 14:34 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 14:34 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 14:34 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 14:34 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 14:34 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 14:34 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 14:34 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 14:34 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 14:34 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 14:34 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 14:34 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-11 14:33 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-11 14:33 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-05 14:35 - 2014-06-05 14:35 - 00000000 ____D () C:\Users\OLYNT\AppData\Roaming\Amazon
2014-06-05 14:32 - 2014-06-05 14:32 - 00000000 ____D () C:\Users\OLYNT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2014-06-02 19:57 - 2014-06-02 19:57 - 00000000 __SHD () C:\Users\OLYNT\AppData\Local\EmieUserList
2014-06-02 19:57 - 2014-06-02 19:57 - 00000000 __SHD () C:\Users\OLYNT\AppData\Local\EmieSiteList

==================== One Month Modified Files and Folders =======

2014-06-26 14:16 - 2014-06-26 14:16 - 00000000 ____D () C:\FRST
2014-06-26 14:15 - 2014-02-21 15:18 - 00000000 ____D () C:\Users\Admin
2014-06-26 13:59 - 2009-07-14 06:45 - 00009888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-26 13:59 - 2009-07-14 06:45 - 00009888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-26 13:56 - 2010-12-31 01:32 - 01698154 _____ () C:\Windows\WindowsUpdate.log
2014-06-26 13:53 - 2014-01-23 23:21 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-06-26 13:51 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-26 13:51 - 2009-07-14 06:51 - 00045397 _____ () C:\Windows\setupact.log
2014-06-25 20:03 - 2014-06-18 18:15 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-25 19:36 - 2013-12-29 04:59 - 00000000 __SHD () C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2014-06-25 17:02 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-06-25 16:54 - 2014-06-25 16:54 - 00000000 _____ () C:\Users\OLYNT\Sti_Trace.log
2014-06-25 16:54 - 2013-12-28 03:40 - 00000000 ____D () C:\Users\OLYNT
2014-06-25 15:51 - 2014-01-12 14:48 - 00000000 ____D () C:\Users\OLYNT\AppData\Roaming\vlc
2014-06-25 14:05 - 2013-12-29 05:37 - 00000000 ____D () C:\ProgramData\ProductData
2014-06-20 14:09 - 2014-02-03 20:18 - 00000717 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-06-20 14:09 - 2014-02-03 20:18 - 00000717 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-06-18 22:09 - 2010-05-12 10:18 - 00698688 _____ () C:\Windows\system32\perfh007.dat
2014-06-18 22:09 - 2010-05-12 10:18 - 00148828 _____ () C:\Windows\system32\perfc007.dat
2014-06-18 22:09 - 2009-07-14 07:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-18 19:35 - 2010-12-31 01:01 - 00621106 _____ () C:\Windows\PFRO.log
2014-06-18 18:14 - 2014-06-18 18:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-18 18:14 - 2014-05-21 17:17 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Malwarebytes
2014-06-18 18:14 - 2014-01-19 22:56 - 00000973 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-18 18:14 - 2014-01-06 01:39 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-18 18:10 - 2014-06-18 18:09 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-18 17:56 - 2014-06-18 17:56 - 00000000 ____D () C:\ProgramData\Emsisoft
2014-06-18 14:42 - 2014-01-20 04:57 - 00000000 ____D () C:\Users\OLYNT\AppData\Roaming\FileZilla
2014-06-18 14:36 - 2014-03-08 19:39 - 00001010 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk
2014-06-18 14:36 - 2014-03-08 19:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-06-11 15:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-11 14:40 - 2014-01-05 04:35 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-11 14:37 - 2014-04-30 14:36 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-11 14:30 - 2013-12-29 05:11 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-11 14:30 - 2013-12-29 05:11 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-08 11:13 - 2014-06-11 14:33 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-11 14:33 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-05 14:35 - 2014-06-05 14:35 - 00000000 ____D () C:\Users\OLYNT\AppData\Roaming\Amazon
2014-06-05 14:32 - 2014-06-05 14:32 - 00000000 ____D () C:\Users\OLYNT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2014-06-03 16:40 - 2014-01-06 01:29 - 00000000 ____D () C:\Users\OLYNT\AppData\Local\Paint.NET
2014-06-02 20:02 - 2014-01-02 02:03 - 00000865 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-02 19:57 - 2014-06-02 19:57 - 00000000 __SHD () C:\Users\OLYNT\AppData\Local\EmieUserList
2014-06-02 19:57 - 2014-06-02 19:57 - 00000000 __SHD () C:\Users\OLYNT\AppData\Local\EmieSiteList
2014-06-02 19:55 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-30 12:21 - 2014-06-11 14:34 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 12:02 - 2014-06-11 14:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 12:02 - 2014-06-11 14:34 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 11:45 - 2014-06-11 14:34 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 11:39 - 2014-06-11 14:34 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 11:39 - 2014-06-11 14:34 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 11:38 - 2014-06-11 14:35 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 11:28 - 2014-06-11 14:34 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 11:27 - 2014-06-11 14:34 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 11:24 - 2014-06-11 14:34 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 11:21 - 2014-06-11 14:34 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 11:21 - 2014-06-11 14:34 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 11:20 - 2014-06-11 14:34 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 11:18 - 2014-06-11 14:35 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 11:11 - 2014-06-11 14:34 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 11:08 - 2014-06-11 14:34 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 11:06 - 2014-06-11 14:34 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 11:02 - 2014-06-11 14:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 10:55 - 2014-06-11 14:35 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 10:49 - 2014-06-11 14:34 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 10:46 - 2014-06-11 14:34 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 10:44 - 2014-06-11 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 10:44 - 2014-06-11 14:34 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 10:43 - 2014-06-11 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 10:42 - 2014-06-11 14:35 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 10:38 - 2014-06-11 14:34 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 10:35 - 2014-06-11 14:34 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 10:34 - 2014-06-11 14:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 10:33 - 2014-06-11 14:34 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 10:30 - 2014-06-11 14:34 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 10:29 - 2014-06-11 14:34 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 10:28 - 2014-06-11 14:34 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 10:27 - 2014-06-11 14:35 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 10:24 - 2014-06-11 14:34 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 10:23 - 2014-06-11 14:34 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 10:16 - 2014-06-11 14:35 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 10:10 - 2014-06-11 14:35 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 10:06 - 2014-06-11 14:34 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 10:04 - 2014-06-11 14:35 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 10:02 - 2014-06-11 14:34 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 09:56 - 2014-06-11 14:34 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 09:56 - 2014-06-11 14:34 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 09:54 - 2014-06-11 14:35 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 09:50 - 2014-06-11 14:34 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 09:49 - 2014-06-11 14:34 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 09:43 - 2014-06-11 14:34 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 09:40 - 2014-06-11 14:34 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 09:30 - 2014-06-11 14:34 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 09:21 - 2014-06-11 14:34 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 09:15 - 2014-06-11 14:35 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 09:13 - 2014-06-11 14:34 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 09:13 - 2014-06-11 14:34 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

Some content of TEMP:
====================
C:\Users\OLYNT\AppData\Local\Temp\Foxit Reader Updater.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-18 21:12

==================== End Of Log ============================

Addition:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-06-2014
Ran by Admin at 2014-06-26 14:17:23
Running from D:\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Emsisoft Anti-Malware (Enabled - Up to date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367}
FW: Online Armor Firewall (Enabled) {BD3F5FCA-866B-1E2E-0A68-58900A751EA1}

==================== Installed Programs ======================

2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Acronis True Image 2014 (HKLM-x32\...\{3ECDD663-5AF8-489B-9E3C-561F33A271BD}Visible) (Version: 17.0.6673 - Acronis)
Acronis True Image 2014 (x32 Version: 17.0.6673 - Acronis) Hidden
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Ashampoo Burning Studio FREE v.1.12.0 (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.12.0 - Ashampoo GmbH & Co. KG)
ATI Catalyst Install Manager (HKLM\...\{5479F9EC-5D71-CB4F-7091-3BF696F82035}) (Version: 3.0.804.0 - ATI Technologies, Inc.)
Canon iP4800 series Benutzerregistrierung (HKLM-x32\...\Canon iP4800 series Benutzerregistrierung) (Version:  - )
Canon iP4800 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4800_series) (Version:  - )
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.1013.2133.36853 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.1013.2133.36853 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.1013.2133.36853 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.1013.2132.36853 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.1013.2132.36853 - ATI) Hidden
CCC Help English (x32 Version: 2010.1013.2132.36853 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.1013.2132.36853 - ATI) Hidden
CCC Help French (x32 Version: 2010.1013.2132.36853 - ATI) Hidden
CCC Help German (x32 Version: 2010.1013.2132.36853 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.1013.2132.36853 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.1013.2132.36853 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.1013.2132.36853 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.1013.2132.36853 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.1013.2132.36853 - ATI) Hidden
ccc-core-static (x32 Version: 2010.1013.2133.36853 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2010.1013.2133.36853 - ATI) Hidden
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version:  - )
Emsisoft Anti-Malware (HKLM-x32\...\{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1) (Version: 8.1 - Emsisoft GmbH)
Eusing Free Registry Cleaner (HKLM-x32\...\Eusing Free Registry Cleaner) (Version:  - Eusing Software)
FileZilla Client 3.8.1 (HKLM-x32\...\FileZilla Client) (Version: 3.8.1 - Tim Kosse)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.2.75.126 - Foxit Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.4.217 - Foxit Corporation)
Free Studio version 2014 (HKLM-x32\...\Free Studio_is1) (Version: 6.2.4.1230 - DVDVideoSoft Ltd.)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.0.4.922 - IObit)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Hybrid 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.1.1 - Mozilla)
Mozilla Thunderbird 24.1.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.1.1 (x86 de)) (Version: 24.1.1 - Mozilla)
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version:  - )
Online Armor 7.0 (HKLM-x32\...\OnlineArmor_is1) (Version: 7.0 - Emsisoft GmbH)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
PC Wizard 2013.2.12 (HKLM-x32\...\PC Wizard 2013_is1) (Version:  - CPUID)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6225 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.30.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.30.0 - Renesas Electronics Corporation) Hidden
ResultsAlpha (HKLM\...\ResultsAlpha) (Version: 2013.11.20.232030 - ResultsAlpha)
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29480 - TeamViewer)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROHYBRIDR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2880505) 32-Bit Edition (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{2720451F-5D04-43EC-AB1F-26D948FD971B}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VirusTotal Uploader 2.0 (HKLM-x32\...\VirusTotalUploader2.0) (Version:  - )
VIS (HKLM-x32\...\VIS) (Version:  - ) <==== ATTENTION
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
WinPatrol (HKLM\...\{84481A87-2316-4923-8FAB-3BA8CA29323D}) (Version: 30.0.2014.0 - BillP Studios)

==================== Restore Points  =========================

02-06-2014 12:30:56 Geplanter Prüfpunkt
02-06-2014 20:50:55 vor TFC
10-06-2014 13:02:42 Geplanter Prüfpunkt
11-06-2014 12:35:28 Windows Update
18-06-2014 19:19:17 Geplanter Prüfpunkt
25-06-2014 19:40:03 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1487FD24-A5BE-492C-8C74-884D2D910071} - System32\Tasks\{ABAD65D5-C9DE-452C-9D24-3005601D04D3} => P:\Programme (x86)\Burrrn\Burrrn.exe [2005-04-18] (Gambit ([email protected]))
Task: {42A0C554-AF16-4171-87A5-7CDA2F28D1AC} - System32\Tasks\{0C430E64-7B51-4197-946C-EAB0C2DD5018} => P:\Programme (x86)\Burrrn\Burrrn.exe [2005-04-18] (Gambit ([email protected]rn.net))
Task: {F9696896-8B46-4B8D-86C9-BB8C699D88AC} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup

==================== Loaded Modules (whitelisted) =============

2013-10-01 11:32 - 2013-10-01 11:32 - 02818216 _____ () P:\Programme (x86)\Acronis\TrueImageHome\tishell64.dll
2014-05-01 21:29 - 2014-05-01 21:29 - 00098304 _____ () P:\Programme (x86)\FileZilla\FileZilla FTP Client\fzshellext_64.dll
2013-05-22 20:50 - 2013-05-22 20:50 - 00400704 _____ () C:\Users\OLYNT\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
2010-10-13 21:32 - 2010-10-13 21:32 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-06-18 15:07 - 2014-06-18 15:07 - 00703800 _____ () C:\Program Files (x86)\Emsisoft Anti-Malware\fw32.dll
2014-01-09 23:42 - 2013-12-25 00:14 - 00642016 ____N () P:\Programme (x86)\BillP Studios\WinPatrol\sqlite3.dll
2014-02-04 19:25 - 2014-02-04 19:25 - 00036672 _____ () P:\Programme (x86)\Acronis\TrueImageHome\qt_icontray_ex.dll
2014-02-04 19:25 - 2014-02-04 19:25 - 00028992 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2013-10-10 13:02 - 2013-10-10 13:02 - 00013120 _____ () C:\Program Files (x86)\Common Files\Acronis\TibMounter\icudt38.dll
2014-02-04 19:28 - 2014-02-04 19:28 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2013-10-01 12:00 - 2013-10-01 12:00 - 00022336 _____ () P:\Programme (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/25/2014 07:45:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm a2start.exe, Version 9.0.0.4142 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: f08

Startzeit: 01cf9088d1c6d17d

Endzeit: 93

Anwendungspfad: C:\Program Files (x86)\Emsisoft Anti-Malware\a2start.exe

Berichts-ID: 6847c136-fc90-11e3-87f8-6c626db74192

Error: (06/18/2014 04:12:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WINWORD.EXE, Version: 12.0.6700.5000, Zeitstempel: 0x5375d131
Name des fehlerhaften Moduls: wwlib.dll, Version: 12.0.6700.5000, Zeitstempel: 0x5375d203
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000ecd9d
ID des fehlerhaften Prozesses: 0x1480
Startzeit der fehlerhaften Anwendung: 0xWINWORD.EXE0
Pfad der fehlerhaften Anwendung: WINWORD.EXE1
Pfad des fehlerhaften Moduls: WINWORD.EXE2
Berichtskennung: WINWORD.EXE3

Error: (06/03/2014 08:31:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: A2CONTMENU64.DLL, Version: 8.0.0.1, Zeitstempel: 0x51de8ef2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000015026
ID des fehlerhaften Prozesses: 0x7a4
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (06/02/2014 08:03:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: A2CONTMENU64.DLL, Version: 8.0.0.1, Zeitstempel: 0x51de8ef2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000015026
ID des fehlerhaften Prozesses: 0x7dc
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (05/22/2014 05:00:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PhotoScreensaver.scr, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7af1a
Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.1.7601.18429, Zeitstempel: 0x5330ecd9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000208ed0
ID des fehlerhaften Prozesses: 0xbf0
Startzeit der fehlerhaften Anwendung: 0xPhotoScreensaver.scr0
Pfad der fehlerhaften Anwendung: PhotoScreensaver.scr1
Pfad des fehlerhaften Moduls: PhotoScreensaver.scr2
Berichtskennung: PhotoScreensaver.scr3

Error: (05/15/2014 03:09:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PhotoScreensaver.scr, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7af1a
Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.1.7601.18429, Zeitstempel: 0x5330ecd9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000208ed0
ID des fehlerhaften Prozesses: 0xb9c
Startzeit der fehlerhaften Anwendung: 0xPhotoScreensaver.scr0
Pfad der fehlerhaften Anwendung: PhotoScreensaver.scr1
Pfad des fehlerhaften Moduls: PhotoScreensaver.scr2
Berichtskennung: PhotoScreensaver.scr3

Error: (05/05/2014 08:27:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000004600fd8
ID des fehlerhaften Prozesses: 0xd3c
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (04/23/2014 04:17:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: A2CONTMENU64.DLL, Version: 8.0.0.1, Zeitstempel: 0x51de8ef2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000015026
ID des fehlerhaften Prozesses: 0x5b0
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (04/17/2014 04:22:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000003c50fd8
ID des fehlerhaften Prozesses: 0xa50
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (04/08/2014 05:10:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000004bc0fd8
ID des fehlerhaften Prozesses: 0xee0
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3


System errors:
=============
Error: (06/26/2014 01:53:03 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (06/26/2014 01:52:58 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (06/25/2014 09:57:09 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (06/25/2014 09:57:01 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (06/25/2014 07:49:02 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (06/25/2014 07:48:56 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (06/25/2014 02:04:59 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (06/25/2014 02:04:53 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (06/24/2014 02:27:47 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (06/24/2014 02:27:36 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)


Microsoft Office Sessions:
=========================
Error: (06/18/2014 04:12:56 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 26 seconds with 0 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Percentage of memory in use: 30%
Total physical RAM: 4095.29 MB
Available physical RAM: 2855.37 MB
Total Pagefile: 10235.47 MB
Available Pagefile: 8231.8 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:101 GB) (Free:70.25 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Daten) (Fixed) (Total:996.26 GB) (Free:899.93 GB) NTFS
Drive p: (Programme) (Fixed) (Total:300 GB) (Free:288.37 GB) NTFS
Drive y: (SDGS Extern - 1) (Fixed) (Total:931.51 GB) (Free:641.56 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or  (Size: 1397 GB) (Disk ID: E76D9B3F)
Partition 1: (Active) - (Size=101 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=300 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=996 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 932 GB) (Disk ID: 4C182D31)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Vielen Dank!

 

Liebe Grüße

 

olynt

Share this post


Link to post
Share on other sites

Hi,

 

VIS (HKLM-x32\...\VIS) (Version: - ) <==== ATTENTION

Dieses Programm bitte deinstallieren.

Fix mit FRST

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} 
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Fix Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

Share this post


Link to post
Share on other sites

Hallo Schrauber!

 

Per Systemsteurung ließ sich das VIS nicht deinstallieren. Da hieß es, dass schon deinstalliert sei.

 

Ich habe die Deinstallation dann mit IObit Uninstaller erzwungen und auch alle gefundenen Reste davon entfernen lassen.

 

Hier das Fixlog:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-06-2014
Ran by Admin at 2014-06-27 18:06:24 Run:1
Running from D:\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} 
*****************

C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} => Moved successfully.

==== End of Fixlog ====

Liebe Grüße

 

olynt

 

 

P. S.: Wie ich hier eine Datei anhängen könnte, habe ich immer noch nicht herausgefunden...

Share this post


Link to post
Share on other sites

Wenn Du unten auf More Reply Options klickst kommt der erweiterte Editor. Dann bissl runterscrollen, zu Attach Files.

Bestehen noch Probleme mit dem System?

Share this post


Link to post
Share on other sites

Hi Schrauber!

 

Danke für den Tipp!

 

Es bestehen keine merklichen Probleme mit dem System! Merkliche Probleme gab es sowieso noch nicht....

 

War's das denn schon??? :o

 

Vielen Dank für Deine Hilfe!

 

Liebe Grüße

 

olynt

Share this post


Link to post
Share on other sites

Du kannst zur Kontrolle nochmal einen frischen Scan mit FRST machen und das Logfile anhängen, dann haben wir auch das Anhängen geübt :)

Share this post


Link to post
Share on other sites

Okay!

 

...werde ich machen, sobald ich wieder im Tanzstudio bin! Wenn ich's schaffe, dann fahre ich Morgen kurz hin.... ansonsten mache ich's Montag Mittag...

 

Vielen Dank!

 

LG

 

olynt

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.