| |  GVU Trojaner - System bereits wiederhergestellt!
 Hallo alle zusammen,
heute habe ich mir leider auch den GUV Trojaner eingefangen. Konnte mein System über "Samsung Recovery" wiederherstellen (quasi auf Werkseinstellung zurücksetzen).
Meine Festplatte hat zwei Partitionen: die Windows - und eine weitere Partition. Ich habe lediglich die Windowspartition zurückgesetzt, will jedoch sicher gehen, dass ich keinen weiteren Virus auf meinem Rechner habe.
Hier die logfiles die ihr anscheinend benötigt:
FIRST: Zitat:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-07-2013
Ran by Rave (administrator) on 04-07-2013 17:05:12
Running from C:\Users\Rave\Downloads
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
(McAfee, Inc.) C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\MSK\MskSrver.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
() C:\Windows\SysWOW64\Rezip.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(McAfee, Inc.) C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(McAfee, Inc.) C:\PROGRA~2\McAfee.com\Agent\mcagent.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager2.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(McAfee, Inc.) c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\EasySpeedUpManager\ProgressDlg.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
(Microsoft Corp.) C:\Windows\system32\defrag.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(McAfee, Inc.) C:\PROGRA~2\mcafee\msc\mcshell.exe
(McAfee, Inc.) C:\Program Files (x86)\Common Files\McAfee\Core\mchost.exe
(Dropbox, Inc.) C:\Users\Rave\AppData\Roaming\Dropbox\bin\Dropbox.exe
(McAfee, Inc.) C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
(McAfee, Inc.) c:\PROGRA~2\mcafee\VIRUSS~1\mcvsshld.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup [17412200 2010-05-05] (NVIDIA Corporation)
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [10144288 2010-04-07] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2074408 2010-02-26] (Synaptics Incorporated)
HKLM-x32\...\Run: [NortonOnlineBackup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1112920 2010-03-05] (Symantec Corporation)
HKLM-x32\...\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [103720 2009-06-03] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePDRShortCut] "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0" [222504 2008-01-04] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl8] "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe" [91432 2009-04-15] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD8LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe" [50472 2009-04-15] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePPShortCut] "C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0" [218408 2008-12-03] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" [210216 2009-07-21] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mcagent_exe] C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe /runkey [645328 2009-05-01] (McAfee, Inc.)
HKLM-x32\...\Run: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" [222504 2009-05-19] (CyberLink Corp.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll [95848 2010-05-06] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll [90216 2010-05-06] (NVIDIA Corporation)
Startup: C:\Users\Rave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Rave\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
HKCU SearchScopes: DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - C:\Program Files (x86)\McAfee\MSK\mskapbho64.dll ()
BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - C:\Program Files (x86)\McAfee\MSK\MskAPBho.dll ()
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-x32: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Rave\AppData\Roaming\Mozilla\Firefox\Profiles\v86ins7n.default
FF Plugin-x32: @mcafee.com/SAFFPlugin - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Extension: No Name - C:\Users\Rave\AppData\Roaming\Mozilla\Firefox\Profiles\v86ins7n.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor
==================== Services (Whitelisted) =================
S2 0224541372948240mcinstcleanup; C:\Windows\TEMP\022454~1.EXE [828032 2012-06-14] (McAfee, Inc.)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [110312 2009-12-08] (McAfee, Inc.)
R2 mcmscsvc; C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe [865832 2009-05-01] (McAfee, Inc.)
R2 McNASvc; c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe [2482848 2009-04-09] (McAfee, Inc.)
R3 McODS; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [696848 2009-06-16] (McAfee, Inc.)
R2 McProxy; c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe [359952 2009-04-09] (McAfee, Inc.)
R2 McShield; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [155456 2009-06-18] (McAfee, Inc.)
S4 McSysmon; C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe [606736 2009-06-16] (McAfee, Inc.)
R2 MpfService; C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe [893112 2009-06-09] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files (x86)\McAfee\MSK\MskSrver.exe [26640 2009-04-09] (McAfee, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2782552 2010-03-05] (Symantec Corporation)
R2 Rezip; C:\Windows\SysWOW64\Rezip.exe [311296 2009-03-05] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] ()
==================== Drivers (Whitelisted) ====================
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [102600 2009-06-18] (McAfee, Inc.)
R1 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [307400 2009-06-18] (McAfee, Inc.)
S3 mferkdk; C:\Windows\System32\drivers\mferkdk.sys [40904 2009-06-18] (McAfee, Inc.)
S3 mfesmfk; C:\Windows\System32\drivers\mfesmfk.sys [49480 2009-06-18] (McAfee, Inc.)
R1 MPFP; C:\Windows\System32\Drivers\Mpfp.sys [176144 2009-04-09] (McAfee, Inc.)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-07-04 17:05 - 2013-07-04 17:05 - 00000000 ____D C:\FRST
2013-07-04 17:04 - 2013-07-04 17:04 - 01934636 ____A (Farbar) C:\Users\Rave\Downloads\FRST64.exe
2013-07-04 16:56 - 2013-07-04 17:03 - 00000000 ___RD C:\Users\Rave\Dropbox
2013-07-04 16:56 - 2013-07-04 16:56 - 00001037 ____A C:\Users\Rave\Desktop\Dropbox.lnk
2013-07-04 16:55 - 2013-07-04 16:55 - 00000000 __RSD C:\Users\Rave\Documents\My Stationery
2013-07-04 16:53 - 2013-07-04 17:07 - 00000000 ____D C:\Users\Rave\AppData\Roaming\Dropbox
2013-07-04 16:50 - 2013-07-04 16:51 - 33578320 ____A (Dropbox, Inc.) C:\Users\Rave\Downloads\Dropbox 2.2.8.exe
2013-07-04 16:34 - 2013-07-04 16:34 - 00000000 ____D C:\Users\Rave\AppData\Roaming\Mozilla
2013-07-04 16:34 - 2013-07-04 16:34 - 00000000 ____D C:\Users\Rave\AppData\Local\Mozilla
2013-07-04 16:34 - 2013-07-04 16:34 - 00000000 ____D C:\ProgramData\Mozilla
2013-07-04 16:34 - 2013-07-04 16:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-04 16:34 - 2013-07-04 16:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-04 16:31 - 2013-07-04 16:32 - 00000000 ____D C:\Users\Rave\Documents\Youcam
2013-07-04 16:31 - 2013-07-04 16:31 - 00000000 ____D C:\Users\Rave\AppData\Local\Microsoft Help
2013-07-04 16:31 - 2013-07-04 16:31 - 00000000 ____D C:\Users\Public\CyberLink
2013-07-04 16:31 - 2013-07-04 16:31 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-04 16:29 - 2013-07-04 16:29 - 00000000 ____D C:\Users\Rave\AppData\Roaming\Macromedia
2013-07-04 16:25 - 2013-07-04 16:32 - 00000000 ____D C:\Users\Rave\AppData\Roaming\Adobe
2013-07-04 16:25 - 2013-07-04 16:25 - 00000000 ____D C:\Users\Rave\AppData\Roaming\Google
2013-07-04 16:25 - 2013-07-04 16:25 - 00000000 ____D C:\Users\Rave\AppData\Local\Google
2013-07-04 16:21 - 2013-07-04 16:21 - 00000000 ____A C:\Windows\setuperr.log
2013-07-04 16:16 - 2013-07-04 16:16 - 00000000 ____D C:\Users\Rave\AppData\Local\Power2Go
2013-07-04 16:15 - 2013-07-04 16:16 - 00000000 ____D C:\Users\Rave\AppData\Local\VirtualStore
2013-07-04 16:14 - 2013-07-04 16:14 - 00000882 ____A C:\Users\Public\Desktop\MultimediaPOP.lnk
2013-07-04 16:13 - 2013-07-04 16:13 - 00001139 ____A C:\Users\UpdatusUser\Desktop\CyberLink YouCam.lnk
2013-07-04 16:13 - 2013-07-04 16:13 - 00001139 ____A C:\Users\Default\Desktop\CyberLink YouCam.lnk
2013-07-04 16:13 - 2013-07-04 16:13 - 00001139 ____A C:\Users\Default User\Desktop\CyberLink YouCam.lnk
2013-07-04 16:12 - 2013-07-04 16:12 - 00000000 ____D C:\Program Files\Windows Live
2013-07-04 16:12 - 2013-07-04 16:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-04 16:12 - 2009-08-05 23:24 - 00061280 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fssfltr.sys
2013-07-04 16:11 - 2013-07-04 16:11 - 00031343 ____A C:\Windows\DirectX.log
2013-07-04 16:11 - 2012-02-15 08:27 - 01031680 ____A (Microsoft Corporation) C:\Windows\System32\rdpcore.dll
2013-07-04 16:11 - 2012-02-15 07:44 - 00826368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2013-07-04 16:11 - 2012-02-15 06:47 - 00204800 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2013-07-04 16:11 - 2012-02-15 06:46 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys
2013-07-04 16:11 - 2006-11-29 13:06 - 04398360 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_32.dll
2013-07-04 16:11 - 2006-11-29 13:06 - 03426072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2013-07-04 16:10 - 2013-07-04 16:10 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-07-04 16:09 - 2013-07-04 16:12 - 00000000 ____D C:\Program Files (x86)\Windows Live
2013-07-04 16:09 - 2013-07-04 16:09 - 00000000 ____D C:\Windows\PCHEALTH
2013-07-04 16:09 - 2013-07-04 16:09 - 00000000 ____D C:\Program Files (x86)\Windows Live SkyDrive
2013-07-04 16:07 - 2013-07-04 16:12 - 00138093 ____A C:\Windows\2013-07-04_16-07_378-97hcv2tg.log
2013-07-04 16:07 - 2013-07-04 16:07 - 00062648 ____A C:\Users\Rave\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-04 16:07 - 2013-07-04 16:07 - 00000033 ____A C:\Windows\0
2013-07-04 16:07 - 2013-07-04 16:07 - 00000000 ____D C:\ProgramData\OberonGameConsole
2013-07-04 16:04 - 2012-06-03 00:19 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2013-07-04 16:04 - 2012-06-03 00:19 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2013-07-04 16:04 - 2012-06-03 00:19 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2013-07-04 16:04 - 2012-06-03 00:19 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2013-07-04 16:04 - 2012-06-03 00:19 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2013-07-04 16:04 - 2012-06-03 00:15 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2013-07-04 16:04 - 2012-06-03 00:15 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2013-07-04 16:04 - 2012-06-02 15:19 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2013-07-04 16:04 - 2012-06-02 15:15 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2013-07-04 16:01 - 2013-07-04 16:07 - 00000000 ____D C:\Program Files (x86)\Game Pack
2013-07-04 16:01 - 2013-07-04 16:01 - 00002014 ____A C:\Users\Public\Desktop\Adobe Reader 9.lnk
2013-07-04 16:01 - 2013-07-04 16:01 - 00000000 ____D C:\Users\Rave\AppData\Local\Adobe
2013-07-04 16:01 - 2013-07-04 16:01 - 00000000 ____D C:\ProgramData\Adobe
2013-07-04 16:01 - 2013-07-04 16:01 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-07-04 16:01 - 2010-01-16 07:15 - 00131368 ____A C:\ProgramData\FullRemove.exe
2013-07-04 16:00 - 2013-07-04 16:56 - 00000000 ____D C:\users\Rave
2013-07-04 16:00 - 2013-07-04 16:00 - 00000020 ___SH C:\Users\Rave\ntuser.ini
2013-07-04 16:00 - 2013-07-04 16:00 - 00000000 __SHD C:\Users\Rave\Vorlagen
2013-07-04 16:00 - 2013-07-04 16:00 - 00000000 __SHD C:\Users\Rave\Startmenü
2013-07-04 16:00 - 2013-07-04 16:00 - 00000000 __SHD C:\Users\Rave\Netzwerkumgebung
2013-07-04 16:00 - 2013-07-04 16:00 - 00000000 __SHD C:\Users\Rave\Lokale Einstellungen
2013-07-04 16:00 - 2013-07-04 16:00 - 00000000 __SHD C:\Users\Rave\Eigene Dateien
2013-07-04 16:00 - 2013-07-04 16:00 - 00000000 __SHD C:\Users\Rave\Druckumgebung
2013-07-04 16:00 - 2013-07-04 16:00 - 00000000 __SHD C:\Users\Rave\Documents\Eigene Musik
2013-07-04 16:00 - 2013-07-04 16:00 - 00000000 __SHD C:\Users\Rave\Documents\Eigene Bilder
2013-07-04 16:00 - 2013-07-04 16:00 - 00000000 __SHD C:\Users\Rave\AppData\Local\Verlauf
2013-07-04 16:00 - 2013-07-04 16:00 - 00000000 __SHD C:\Users\Rave\AppData\Local\Anwendungsdaten
2013-07-04 16:00 - 2013-07-04 16:00 - 00000000 __SHD C:\Users\Rave\Anwendungsdaten
2013-07-04 16:00 - 2013-07-04 16:00 - 00000000 ____A C:\Windows\System32\Drivers\144D_SAMSUNG_N_Q330_03UU.mrk
2013-07-04 15:58 - 2013-07-04 15:58 - 00000000 __SHD C:\Recovery
==================== One Month Modified Files and Folders =======
2013-07-05 01:53 - 2010-06-28 05:14 - 00000000 ____D C:\ProgramData\WinClon
2013-07-04 17:07 - 2013-07-04 16:53 - 00000000 ____D C:\Users\Rave\AppData\Roaming\Dropbox
2013-07-04 17:05 - 2013-07-04 17:05 - 00000000 ____D C:\FRST
2013-07-04 17:04 - 2013-07-04 17:04 - 01934636 ____A (Farbar) C:\Users\Rave\Downloads\FRST64.exe
2013-07-04 17:03 - 2013-07-04 16:56 - 00000000 ___RD C:\Users\Rave\Dropbox
2013-07-04 16:56 - 2013-07-04 16:56 - 00001037 ____A C:\Users\Rave\Desktop\Dropbox.lnk
2013-07-04 16:56 - 2013-07-04 16:00 - 00000000 ____D C:\users\Rave
2013-07-04 16:55 - 2013-07-04 16:55 - 00000000 __RSD C:\Users\Rave\Documents\My Stationery
2013-07-04 16:51 - 2013-07-04 16:50 - 33578320 ____A (Dropbox, Inc.) C:\Users\Rave\Downloads\Dropbox 2.2.8.exe
2013-07-04 16:46 - 2009-07-14 06:45 - 00013936 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-04 16:46 - 2009-07-14 06:45 - 00013936 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-04 16:34 - 2013-07-04 16:34 - 00000000 ____D C:\Users\Rave\AppData\Roaming\Mozilla
2013-07-04 16:34 - 2013-07-04 16:34 - 00000000 ____D C:\Users\Rave\AppData\Local\Mozilla
2013-07-04 16:34 - 2013-07-04 16:34 - 00000000 ____D C:\ProgramData\Mozilla
2013-07-04 16:34 - 2013-07-04 16:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-04 16:34 - 2013-07-04 16:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-04 16:32 - 2013-07-04 16:31 - 00000000 ____D C:\Users\Rave\Documents\Youcam
2013-07-04 16:32 - 2013-07-04 16:25 - 00000000 ____D C:\Users\Rave\AppData\Roaming\Adobe
2013-07-04 16:32 - 2010-06-28 05:05 - 00000000 ____D C:\ProgramData\CyberLink
2013-07-04 16:31 - 2013-07-04 16:31 - 00000000 ____D C:\Users\Rave\AppData\Local\Microsoft Help
2013-07-04 16:31 - 2013-07-04 16:31 - 00000000 ____D C:\Users\Public\CyberLink
2013-07-04 16:31 - 2013-07-04 16:31 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-04 16:30 - 2010-06-28 05:16 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-07-04 16:29 - 2013-07-04 16:29 - 00000000 ____D C:\Users\Rave\AppData\Roaming\Macromedia
2013-07-04 16:28 - 2010-07-06 21:31 - 00680010 ____A C:\Windows\System32\perfh010.dat
2013-07-04 16:28 - 2010-07-06 21:31 - 00124006 ____A C:\Windows\System32\perfc010.dat
2013-07-04 16:28 - 2010-07-06 21:25 - 00643866 ____A C:\Windows\System32\perfh007.dat
2013-07-04 16:28 - 2010-07-06 21:25 - 00126394 ____A C:\Windows\System32\perfc007.dat
2013-07-04 16:28 - 2010-07-06 21:19 - 00684954 ____A C:\Windows\System32\perfh00C.dat
2013-07-04 16:28 - 2010-07-06 21:19 - 00127070 ____A C:\Windows\System32\perfc00C.dat
2013-07-04 16:28 - 2009-07-14 07:13 - 03085342 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-04 16:26 - 2010-06-28 04:57 - 02054395 ____A C:\Windows\WindowsUpdate.log
2013-07-04 16:25 - 2013-07-04 16:25 - 00000000 ____D C:\Users\Rave\AppData\Roaming\Google
2013-07-04 16:25 - 2013-07-04 16:25 - 00000000 ____D C:\Users\Rave\AppData\Local\Google
2013-07-04 16:25 - 2010-06-28 05:30 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-04 16:24 - 2010-06-28 05:29 - 00004619 ____A C:\Windows\System32\Config.MPF
2013-07-04 16:21 - 2013-07-04 16:21 - 00000000 ____A C:\Windows\setuperr.log
2013-07-04 16:21 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-04 16:21 - 2009-07-14 06:51 - 00037823 ____A C:\Windows\setupact.log
2013-07-04 16:21 - 2009-07-14 06:45 - 00276976 ____A C:\Windows\System32\FNTCACHE.DAT
2013-07-04 16:20 - 2010-06-28 05:56 - 00658854 ____A C:\Windows\PFRO.log
2013-07-04 16:16 - 2013-07-04 16:16 - 00000000 ____D C:\Users\Rave\AppData\Local\Power2Go
2013-07-04 16:16 - 2013-07-04 16:15 - 00000000 ____D C:\Users\Rave\AppData\Local\VirtualStore
2013-07-04 16:14 - 2013-07-04 16:14 - 00000882 ____A C:\Users\Public\Desktop\MultimediaPOP.lnk
2013-07-04 16:14 - 2010-07-06 21:10 - 00000000 ____D C:\Windows\MSetup
2013-07-04 16:14 - 2010-06-28 05:03 - 00000000 ____D C:\Program Files (x86)\Samsung
2013-07-04 16:14 - 2010-06-28 04:55 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-04 16:14 - 2010-06-28 04:53 - 00000162 ____A C:\setup.log
2013-07-04 16:13 - 2013-07-04 16:13 - 00001139 ____A C:\Users\UpdatusUser\Desktop\CyberLink YouCam.lnk
2013-07-04 16:13 - 2013-07-04 16:13 - 00001139 ____A C:\Users\Default\Desktop\CyberLink YouCam.lnk
2013-07-04 16:13 - 2013-07-04 16:13 - 00001139 ____A C:\Users\Default User\Desktop\CyberLink YouCam.lnk
2013-07-04 16:13 - 2010-06-28 05:05 - 00000000 ____D C:\Program Files (x86)\CyberLink
2013-07-04 16:13 - 2010-06-28 04:56 - 00000157 ____A C:\Windows\setup.log
2013-07-04 16:12 - 2013-07-04 16:12 - 00000000 ____D C:\Program Files\Windows Live
2013-07-04 16:12 - 2013-07-04 16:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-04 16:12 - 2013-07-04 16:09 - 00000000 ____D C:\Program Files (x86)\Windows Live
2013-07-04 16:12 - 2013-07-04 16:07 - 00138093 ____A C:\Windows\2013-07-04_16-07_378-97hcv2tg.log
2013-07-04 16:11 - 2013-07-04 16:11 - 00031343 ____A C:\Windows\DirectX.log
2013-07-04 16:10 - 2013-07-04 16:10 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-07-04 16:09 - 2013-07-04 16:09 - 00000000 ____D C:\Windows\PCHEALTH
2013-07-04 16:09 - 2013-07-04 16:09 - 00000000 ____D C:\Program Files (x86)\Windows Live SkyDrive
2013-07-04 16:09 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-07-04 16:07 - 2013-07-04 16:07 - 00062648 ____A C:\Users\Rave\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-04 16:07 - 2013-07-04 16:07 - 00000033 ____A C:\Windows\0
2013-07-04 16:07 - 2013-07-04 16:07 - 00000000 ____D C:\ProgramData\OberonGameConsole
2013-07-04 16:07 - 2013-07-04 16:01 - 00000000 ____D C:\Program Files (x86)\Game Pack
2013-07-04 16:03 - 2010-06-28 05:16 - 00000000 ____D C:\ProgramData\McAfee
2013-07-04 16:02 - 2010-06-28 06:00 - 00014897 ____A C:\Windows\SetDisplayResolution.log
2013-07-04 16:01 - 2013-07-04 16:01 - 00002014 ____A C:\Users\Public\Desktop\Adobe Reader 9.lnk
2013-07-04 16:01 - 2013-07-04 16:01 - 00000000 ____D C:\Users\Rave\AppData\Local\Adobe
2013-07-04 16:01 - 2013-07-04 16:01 - 00000000 ____D C:\ProgramData\Adobe
2013-07-04 16:01 - 2013-07-04 16:01 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-07-04 16:00 - 2013-07-04 16:00 - 00000020 ___SH C:\Users\Rave\ntuser.ini
2013-07-04 16:00 - 2013-07-04 16:00 - 00000000 __SHD C:\Users\Rave\Vorlagen
2013-07-04 16:00 - 2013-07-04 16:00 - 00000000 __SHD C:\Users\Rave\Startmenü
2013-07-04 16:00 - 2013-07-04 16:00 - 00000000 __SHD C:\Users\Rave\Netzwerkumgebung
2013-07-04 16:00 - 2013-07-04 16:00 - 00000000 __SHD C:\Users\Rave\Lokale Einstellungen
2013-07-04 16:00 - 2013-07-04 16:00 - 00000000 __SHD C:\Users\Rave\Eigene Dateien
2013-07-04 16:00 - 2013-07-04 16:00 - 00000000 __SHD C:\Users\Rave\Druckumgebung
2013-07-04 16:00 - 2013-07-04 16:00 - 00000000 __SHD C:\Users\Rave\Documents\Eigene Musik
2013-07-04 16:00 - 2013-07-04 16:00 - 00000000 __SHD C:\Users\Rave\Documents\Eigene Bilder
2013-07-04 16:00 - 2013-07-04 16:00 - 00000000 __SHD C:\Users\Rave\AppData\Local\Verlauf
2013-07-04 16:00 - 2013-07-04 16:00 - 00000000 __SHD C:\Users\Rave\AppData\Local\Anwendungsdaten
2013-07-04 16:00 - 2013-07-04 16:00 - 00000000 __SHD C:\Users\Rave\Anwendungsdaten
2013-07-04 16:00 - 2013-07-04 16:00 - 00000000 ____A C:\Windows\System32\Drivers\144D_SAMSUNG_N_Q330_03UU.mrk
2013-07-04 16:00 - 2010-06-28 05:59 - 00001336 ____A C:\Windows\LCDStretchMode.log
2013-07-04 15:58 - 2013-07-04 15:58 - 00000000 __SHD C:\Recovery
2013-07-04 15:58 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
Files to move or delete:
====================
C:\ProgramData\FullRemove.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2010-06-28 06:21
==================== End Of Log ============================
| und ADDITION: Zitat:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-07-2013
Ran by Rave at 2013-07-04 17:08:04
Running from C:\Users\Rave\Downloads
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
Adobe AIR (x32 Version: 1.5.2.8870)
Adobe Flash Player 10 ActiveX (x32 Version: 10.0.42.34)
Adobe Reader 9.1 - Deutsch (x32 Version: 9.1.0)
Alice Greenfingers (x32)
Atheros Client Installation Program (x32 Version: 1.0.2.1119)
BatteryLifeExtender (x32 Version: 1.0.3)
Bonbon Quest (x32)
Broadcom 802.11 Network Adapter (Version: 5.60.48.44)
Cake Mania (x32)
ChargeableUSB (x32 Version: 1.0.0.0)
CyberLink DVD Suite (x32 Version: 6.0.2806)
CyberLink LabelPrint (x32 Version: 2.5.1916)
CyberLink Power2Go (x32 Version: 6.0.3108a)
CyberLink PowerDirector (x32 Version: 7.0.3213)
CyberLink PowerDVD 8 (x32 Version: 8.0.2815b)
CyberLink PowerProducer (x32 Version: 5.0.1.1812)
CyberLink YouCam (x32 Version: 2.0.3911)
Daycare Nightmare (x32)
Dropbox (HKCU Version: 2.2.8)
Easy Content Share (x32 Version: 1.0.0.13)
Easy Display Manager (x32 Version: 3.2)
Easy Network Manager (x32 Version: 4.3.1)
Easy SpeedUp Manager (x32 Version: 2.1.0.11)
EasyBatteryManager (x32 Version: 4.0.0.4)
EasyFileShare (x32 Version: 1.0.3)
Flip Words (x32)
Galapago (x32)
Game Pack (x32 Version: 6.3.1.1)
Gem Shop (x32)
Insaniquarium Deluxe (x32)
Intel PROSet Wireless
Intel(R) Graphics Media Accelerator Driver (x32 Version: 8.15.10.2104)
Intel(R) Management Engine Components (x32 Version: 6.0.0.1179)
Intel(R) PROSet/Wireless WiFi Software (Version: 13.02.0000)
Intel(R) Rapid Storage Technology (x32 Version: 9.6.3.1001)
Junk Mail filter update (x32 Version: 14.0.8089.726)
Mahjong Escape Ancient China (x32)
Marvell Miniport Driver (x32 Version: 11.22.3.3)
McAfee SecurityCenter (x32)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (x32 Version: 2.0.48.0)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Silverlight (x32 Version: 3.0.40624.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
MSVCRT (x32 Version: 14.0.1468.721)
MultimediaPOP (x32 Version: 1.0)
Norton Online Backup (x32 Version: 2.1.13580)
NVIDIA Drivers (Version: 1.10.61.39)
NVIDIA Updatus (x32 Version: 1.0.3)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6083)
REALTEK Wireless LAN Software (x32 Version: 0133.09.1202)
Samsung Recovery Solution 4 (x32 Version: 4.0.0.6)
Samsung Support Center (x32 Version: 1.0.2)
Samsung Update Plus (x32 Version: 2.0)
Skype Toolbars (x32 Version: 1.0.4051)
Skype™ 4.2 (x32 Version: 4.2.155)
Slingo (x32)
Synaptics Pointing Device Driver (Version: 15.0.10.0)
User Guide (x32 Version: 1.0)
Windows Live Anmelde-Assistent (x32 Version: 5.000.818.5)
Windows Live Call (x32 Version: 14.0.8064.0206)
Windows Live Communications Platform (x32 Version: 14.0.8064.206)
Windows Live Essentials (x32 Version: 14.0.8089.0726)
Windows Live Essentials (x32 Version: 14.0.8089.726)
Windows Live Family Safety (Version: 14.0.8093.805)
Windows Live Fotogalerie (x32 Version: 14.0.8081.709)
Windows Live Mail (x32 Version: 14.0.8089.0726)
Windows Live Messenger (x32 Version: 14.0.8089.0726)
Windows Live Movie Maker (x32 Version: 14.0.8091.0730)
Windows Live Sync (x32 Version: 14.0.8089.726)
Windows Live Writer (x32 Version: 14.0.8089.0726)
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029)
==================== Restore Points =========================
04-07-2013 14:00:22 Installed Adobe Reader 9.1 - Deutsch.
04-07-2013 14:03:36 Windows Update
04-07-2013 14:11:02 DirectX wurde installiert
04-07-2013 14:12:36 Installiert YouCam
04-07-2013 14:13:50 Installed MultimediaPOP
04-07-2013 14:14:21 Installed Adobe AIR
04-07-2013 14:16:25 Windows Update
04-07-2013 14:30:24 Installed Microsoft Office Professional 2010-Testversion
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {212959D5-5770-4FF1-92AF-CB74F26E80D5} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-04-17] (Samsung Electronics. Co. Ltd.)
Task: {3C5E96EE-4009-4E5B-BA42-FB87C04E5E30} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe No File
Task: {3CC57143-F009-4A14-936B-914ACE2E02C4} - System32\Tasks\EasyBatteryManager => %ProgramFiles(x86)%\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe No File
Task: {4A153465-2DFB-40E0-B6F9-8E8D5307068F} - System32\Tasks\McQcTask => C:\PROGRA~2\mcafee\mqc\QcConsol.exe [2009-04-09] (McAfee, Inc.)
Task: {4A75A083-5425-49D5-98E4-7A86D2AB3FDB} - System32\Tasks\SamsungSupportCenterSettings => %programfiles(x86)%\Common Files\Samsung\SSCSettings\SSCSettings.exe No File
Task: {8C470476-9A45-40C4-B3DC-B92F68974BC4} - System32\Tasks\EasySpeedUpManager => %programfiles(x86)%\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe No File
Task: {9D2922E8-3C75-4815-A329-DEC12C0FDAE4} - System32\Tasks\SamsungSupportCenter => %programfiles(x86)%\Samsung\Samsung Support Center\SSCKbdHk.exe No File
Task: {AE636520-2E4B-4CDC-A6C5-C145CCE4BB0D} - System32\Tasks\McDefragTask => C:\PROGRA~2\mcafee\mqc\QcConsol.exe [2009-04-09] (McAfee, Inc.)
Task: {CCA18D8F-FCFD-4DBB-BF39-0965FE043642} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2010-05-20] (Samsung Electronics Co., Ltd.)
Task: {E2D27C30-AEB4-45A6-9005-02CEF1D319E2} - System32\Tasks\advSRS4 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2010-01-19] (SEC)
Task: C:\Windows\Tasks\McDefragTask.job => C:\Windows\system32\defrag.exe
Task: C:\Windows\Tasks\McQcTask.job => c:\PROGRA~2\mcafee\mqc\QcConsol.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/04/2013 08:55:55 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Vom Kryptografiedienst konnte das VSS-Sicherungsobjekt "System Writer" nicht initialisiert werden.
Details:
Could not query the status of the EventSystem service.
System Error:
A system shutdown is in progress.
.
System errors:
=============
Error: (07/04/2013 04:23:40 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80070420
Microsoft Office Sessions:
=========================
Error: (07/04/2013 08:55:55 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
Could not query the status of the EventSystem service.
System Error:
A system shutdown is in progress.
==================== Memory info ===========================
Percentage of memory in use: 70%
Total physical RAM: 3892.49 MB
Available physical RAM: 1131.23 MB
Total Pagefile: 7783.12 MB
Available Pagefile: 5323.77 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:179 GB) (Free:148.39 GB) NTFS (Disk=0 Partition=3)
Drive d: () (Fixed) (Total:266.66 GB) (Free:47.37 GB) NTFS (Disk=0 Partition=4)
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: DEC82739)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=179 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=267 GB) - (Type=OF Extended)
==================== End Of Log ============================
| Ich hoffe ihr habt alles was ihr braucht 
Vielen Dank schonmal für eure Hilfe
|
04.07.2013, 16:15
Baum-Darstellung