|
Plagegeister aller Art und deren Bekämpfung: Plagegeist - und ich werde ihn nicht los...Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
11.07.2013, 22:07 | #1 |
| Plagegeist - und ich werde ihn nicht los... Hallo Leute... seit Monaten habe ich nun immer wieder das Problem das sporadisch nachdem der PC einige Stunden an war sich ein Schädling bemerkbar macht und ich diesen nicht beseitigen kann... Es passiert folgendes: Es werden im Abstand von einigen Sekunden (3-5) links-Klicks ausgeführt... Irgendwann wird dann auch sofern gerade der Browser oder etwas offen ist wo man einen Text eingeben kann der Text: "Servus, alles klar?" eingegeben wie von Geisterhand... Ich habe bereits unendlich viele Programm runtergeladen... Anti Malware, Spyware... die ganze Palette und KEIN Programm kann etwas finden... ich bin echt am Verzweifeln... denn nur ein Hardreset hilft bei dem besagten Problem... Hat jemand damit Erfahrung? Hijack This findet auch nichts ungewöhnliches... Auch GMER etc pp hab ich durchlaufen lassen ohne Ergebniss... Was kann ich noch tun? System neu aufsetzen wollte ich sehr sehr ungern... Hier das Thema von damals... da konnte leider keiner helfen... http://www.trojaner-board.de/129009-...rlich-tun.html . |
11.07.2013, 23:35 | #2 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Plagegeist - und ich werde ihn nicht los... Hallo,
__________________Zitat:
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
12.07.2013, 08:33 | #3 |
| Plagegeist - und ich werde ihn nicht los... Huhu, danke für deine Antwort...hier die beiden Files!
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-07-2013 01 Ran by Chris (administrator) on 12-07-2013 09:30:29 Running from C:\Users\Chris\Downloads Windows 8 Pro (X64) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\WINDOWS\system32\atiesrxx.exe (AMD) C:\WINDOWS\system32\atieclxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe (Microsoft Corporation) C:\WINDOWS\system32\dashost.exe (MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe (Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe () E:\Program Files (x86)\Sapphire TRIXX\TRIXX.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe () C:\Users\Chris\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Almico Software (www.almico.com)) D:\Program Files (x86)\SpeedFan\speedfan.exe (Google Inc.) C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s [6839952 2012-09-13] (Realtek Semiconductor) HKLM\...\Run: [Chew7Hale] - "C:\Windows\System32\hale.exe" /nolog [x] HKLM\...\Run: [PAC7302_Monitor] - C:\WINDOWS\PixArt\PAC7302\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation) HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,"C:\Program Files (x86)\NoTilesPlease\ntpload.exe", HKCU\...\Run: [Google Update] - "C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe" /c [116648 2013-01-03] (Google Inc.) HKCU\...\Run: [Spotify Web Helper] - "C:\Users\Chris\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [1105408 2013-05-14] (Spotify Ltd) HKCU\...\Run: [Spotify] - "C:\Users\Chris\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart [4573184 2013-05-14] (Spotify Ltd) HKCU\...\Run: [AmazonMP3DownloaderHelper] - C:\Users\Chris\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] () HKCU\...\Policies\system: [DisableLockWorkstation] 0 HKLM-x32\...\Run: [Live Update 5] - C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe /reminder [315392 2012-01-30] () HKLM-x32\...\Run: [Super-Charger] - C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [502328 2012-10-23] (MSI) HKLM-x32\...\Run: [StartCCC] - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642808 2012-12-19] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4858968 2013-05-09] (AVAST Software) Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip () Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.dell.com HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Chrome: ======= CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter} CHR Plugin: (Shockwave Flash) - C:\Users\Chris\AppData\Local\Google\Chrome\Application\28.0.1500.71\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Users\Chris\AppData\Local\Google\Chrome\Application\28.0.1500.71\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Users\Chris\AppData\Local\Google\Chrome\Application\28.0.1500.71\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll No File CHR Plugin: (Java(TM) Platform SE 7 U7) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Google Update) - C:\Users\Chris\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File CHR Plugin: (Shockwave Flash) - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll () CHR Plugin: (Java Deployment Toolkit 7.0.70.11) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) ==================== Services (Whitelisted) ================= S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-06-30] (Adobe Systems) S4 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software) R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-02-25] (Ellora Assets Corp.) R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [143416 2012-10-25] (MSI) R2 MSMQ; C:\Windows\system32\mqsvc.exe [25088 2012-07-26] (Microsoft Corporation) R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [471552 2012-07-26] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== R2 AODDriver4.01; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices) S2 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices) R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software) R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] () R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-06-27] (AVAST Software) R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-06-27] (AVAST Software) R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-06-27] () R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [104184 2012-12-21] (Advanced Micro Devices) S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [38456 2013-02-11] (GFI Software) R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-01-03] (GFI Software) S3 ipadtst; C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [19000 2012-07-27] (Windows (R) Win 7 DDK provider) S3 ipadtst; C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [19000 2012-07-27] (Windows (R) Win 7 DDK provider) R3 MQAC; C:\Windows\System32\drivers\mqac.sys [185856 2012-07-26] (Microsoft Corporation) S3 MSI_MSIBIOS_010507; C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys [33592 2010-05-10] (Your Corporation) S3 MSI_MSIBIOS_010507; C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys [33592 2010-05-10] (Your Corporation) R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.) R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI) R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI) S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI) S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI) S3 PAC7302; C:\Windows\system32\DRIVERS\PAC7302.SYS [527872 2007-11-08] (PixArt Imaging Inc.) S3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation) U3 idsvc; R3 TRIXX; \??\C:\Users\Chris\AppData\Local\Temp\TRIXX.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-07-12 09:30 - 2013-07-12 09:30 - 00000000 ____D C:\FRST 2013-07-12 09:29 - 2013-07-12 09:29 - 01778143 _____ (Farbar) C:\Users\Chris\Downloads\FRST64.exe 2013-07-08 09:04 - 2013-07-08 09:04 - 02328864 _____ C:\Users\Chris\Downloads\AmazonMP3DownloaderInstall._V383688031_.exe 2013-07-08 09:04 - 2013-07-08 09:04 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon 2013-07-05 18:42 - 2013-07-05 18:42 - 00000096 ____H C:\Users\Chris\Desktop\.~lock.Kosten.ods# 2013-07-05 17:00 - 2013-07-05 17:00 - 00314366 _____ C:\Users\Chris\Downloads\neosilver.zip 2013-07-05 16:59 - 2013-07-05 16:59 - 00764285 _____ C:\Users\Chris\Downloads\proglass.zip 2013-07-05 16:59 - 2013-07-05 16:59 - 00346763 _____ C:\Users\Chris\Downloads\promenue.zip 2013-06-30 20:07 - 2013-06-30 20:07 - 00830505 _____ C:\Users\Chris\Downloads\absolution.zip 2013-06-30 19:09 - 2013-06-30 19:09 - 00000000 ____D C:\Users\Chris\Documents\Updater 2013-06-30 18:44 - 2013-06-30 18:44 - 00000627 _____ C:\Users\Chris\Desktop\Upload.lnk 2013-06-30 18:43 - 2013-07-05 19:51 - 00000000 ____D C:\UL 2013-06-30 18:38 - 2013-06-30 18:38 - 00000885 _____ C:\Users\Chris\Desktop\Nvu.lnk 2013-06-30 18:38 - 2013-06-30 18:38 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Nvu 2013-06-30 18:38 - 2013-06-30 18:38 - 00000000 ____D C:\Program Files (x86)\Nvu 2013-06-30 18:32 - 2013-06-30 18:32 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Weaverslave 2013-06-30 18:32 - 2013-06-30 18:32 - 00000000 ____D C:\Program Files (x86)\Weaverslave 2013-06-30 18:16 - 2013-06-30 18:16 - 00000989 _____ C:\Users\Chris\Desktop\WS_FTP95 LE.lnk 2013-06-30 18:16 - 2013-06-30 18:16 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WS_FTP 2013-06-30 18:16 - 2013-06-30 18:16 - 00000000 ____D C:\Program Files\WS_FTP 2013-06-30 18:11 - 2013-06-30 18:11 - 00000000 ____D C:\Users\Public\Documents\Adobe PDF 2013-06-30 18:07 - 2013-06-30 18:07 - 00000000 ____D C:\PS_CS2_Gr_NonRet 2013-06-27 23:09 - 2013-06-27 23:09 - 00000175 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys.sum 2013-06-26 20:20 - 2013-06-27 23:09 - 00000175 _____ C:\WINDOWS\system32\Drivers\aswSP.sys.sum 2013-06-26 20:20 - 2013-06-27 23:09 - 00000175 _____ C:\WINDOWS\system32\Drivers\aswSnx.sys.sum 2013-06-23 23:00 - 2013-07-01 04:22 - 00305112 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2013-06-23 12:57 - 2013-06-23 12:57 - 00000000 ____D C:\Users\Default\AppData\LocalGoogle 2013-06-23 12:57 - 2013-06-23 12:57 - 00000000 ____D C:\Users\Default\AppData\Local\Google 2013-06-23 12:57 - 2013-06-23 12:57 - 00000000 ____D C:\Users\Default User\AppData\LocalGoogle 2013-06-23 12:57 - 2013-06-23 12:57 - 00000000 ____D C:\Users\Default User\AppData\Local\Google 2013-06-21 00:58 - 2013-06-21 00:58 - 00028698 _____ C:\Users\Chris\Downloads\eBayISAPI.gz 2013-06-20 22:41 - 2013-05-16 00:35 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssdisai.dll 2013-06-19 15:40 - 2013-06-19 15:40 - 00312232 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2013-06-19 15:40 - 2013-06-19 15:40 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2013-06-19 15:40 - 2013-06-19 15:40 - 00188840 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2013-06-19 15:40 - 2013-06-19 15:40 - 00108968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll 2013-06-19 15:40 - 2013-06-19 15:40 - 00000000 ____D C:\Program Files\Java 2013-06-19 15:33 - 2013-06-19 15:34 - 33150376 _____ (Oracle Corporation) C:\Users\Chris\Downloads\jre-7u25-windows-x64.exe 2013-06-17 20:33 - 2013-06-17 20:33 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_wpdcomp_01_11_00.Wdf 2013-06-17 10:31 - 2013-05-31 01:24 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll 2013-06-17 10:31 - 2013-05-31 01:08 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll 2013-06-17 10:31 - 2013-05-24 01:01 - 01300992 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2013-06-17 10:31 - 2013-05-24 00:27 - 01022464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2013-06-17 10:31 - 2013-05-15 04:25 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe 2013-06-17 10:31 - 2013-05-15 04:25 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll 2013-06-17 10:31 - 2013-05-15 04:24 - 00793088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe 2013-06-17 10:31 - 2013-05-15 04:24 - 00482816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll 2013-06-15 10:12 - 2013-05-04 09:58 - 00120736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe 2013-06-15 10:12 - 2013-05-04 09:34 - 00446720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2013-06-15 10:12 - 2013-05-04 09:34 - 00284416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2013-06-15 10:12 - 2013-05-04 09:34 - 00213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS 2013-06-15 10:12 - 2013-05-04 09:30 - 00058312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2013-06-15 10:12 - 2013-05-04 08:59 - 13644288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2013-06-15 10:12 - 2013-05-04 08:59 - 03241472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2013-06-15 10:12 - 2013-05-04 08:59 - 01619968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2013-06-15 10:12 - 2013-05-04 08:59 - 01483776 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe 2013-06-15 10:12 - 2013-05-04 08:59 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe 2013-06-15 10:12 - 2013-05-04 08:59 - 00760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2013-06-15 10:12 - 2013-05-04 08:59 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2013-06-15 10:12 - 2013-05-04 08:59 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll 2013-06-15 10:12 - 2013-05-04 08:59 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2013-06-15 10:12 - 2013-05-04 08:59 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe 2013-06-15 10:12 - 2013-05-04 08:58 - 10116096 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2013-06-15 10:12 - 2013-05-04 08:58 - 01332736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll 2013-06-15 10:12 - 2013-05-04 08:58 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll 2013-06-15 10:12 - 2013-05-04 08:58 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll 2013-06-15 10:12 - 2013-05-04 08:58 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll 2013-06-15 10:12 - 2013-05-04 08:58 - 00173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2013-06-15 10:12 - 2013-05-04 08:58 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll 2013-06-15 10:12 - 2013-05-04 08:58 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll 2013-06-15 10:12 - 2013-05-04 08:58 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2013-06-15 10:12 - 2013-05-04 08:57 - 02305024 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2013-06-15 10:12 - 2013-05-04 08:57 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2013-06-15 10:12 - 2013-05-04 08:57 - 00820736 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll 2013-06-15 10:12 - 2013-05-04 08:57 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2013-06-15 10:12 - 2013-05-04 08:57 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2013-06-15 10:12 - 2013-05-04 08:57 - 00501760 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll 2013-06-15 10:12 - 2013-05-04 08:57 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47Langs.dll 2013-06-15 10:12 - 2013-05-04 08:57 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2013-06-15 10:12 - 2013-05-04 08:57 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\biwinrt.dll 2013-06-15 10:12 - 2013-05-04 08:57 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\muifontsetup.dll 2013-06-15 10:12 - 2013-05-04 08:56 - 00419840 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl 2013-06-15 10:12 - 2013-05-04 06:58 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe 2013-06-15 10:12 - 2013-05-04 06:58 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2013-06-15 10:12 - 2013-05-04 06:58 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll 2013-06-15 10:12 - 2013-05-04 06:58 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2013-06-15 10:12 - 2013-05-04 06:58 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe 2013-06-15 10:12 - 2013-05-04 06:57 - 10788864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2013-06-15 10:12 - 2013-05-04 06:57 - 08857088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2013-06-15 10:12 - 2013-05-04 06:57 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll 2013-06-15 10:12 - 2013-05-04 06:57 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ubpm.dll 2013-06-15 10:12 - 2013-05-04 06:57 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll 2013-06-15 10:12 - 2013-05-04 06:57 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprofm.dll 2013-06-15 10:12 - 2013-05-04 06:57 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll 2013-06-15 10:12 - 2013-05-04 06:57 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\muifontsetup.dll 2013-06-15 10:12 - 2013-05-04 06:56 - 02035712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2013-06-15 10:12 - 2013-05-04 06:56 - 00582144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll 2013-06-15 10:12 - 2013-05-04 06:56 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll 2013-06-15 10:12 - 2013-05-04 06:56 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2013-06-15 10:12 - 2013-05-04 06:56 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47Langs.dll 2013-06-15 10:12 - 2013-05-04 06:56 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\biwinrt.dll 2013-06-15 10:12 - 2013-05-04 06:55 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl 2013-06-15 10:12 - 2013-05-04 06:51 - 00014848 _____ (Microsoft) C:\WINDOWS\system32\rars.rs 2013-06-15 10:12 - 2013-05-04 06:48 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys 2013-06-15 10:12 - 2013-05-04 06:48 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys 2013-06-15 10:12 - 2013-05-04 06:47 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2013-06-15 10:12 - 2013-05-04 06:10 - 00014848 _____ (Microsoft) C:\WINDOWS\SysWOW64\rars.rs 2013-06-15 10:12 - 2013-05-03 00:04 - 00386646 _____ C:\WINDOWS\system32\ApnDatabase.xml 2013-06-13 02:24 - 2013-06-13 02:24 - 00000000 _____ C:\Users\Chris\Desktop\+62.txt 2013-06-12 20:17 - 2013-05-04 09:45 - 02233600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2013-06-12 19:13 - 2013-04-24 01:13 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe 2013-06-12 19:13 - 2013-04-24 01:12 - 01569792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll 2013-06-12 19:13 - 2013-04-24 01:12 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptnet.dll 2013-06-12 19:13 - 2013-04-24 00:56 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe 2013-06-12 19:13 - 2013-04-24 00:55 - 01889280 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll 2013-06-12 19:13 - 2013-04-24 00:55 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptnet.dll 2013-06-12 19:13 - 2013-04-24 00:55 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll 2013-06-12 17:17 - 2013-04-27 07:20 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2013-06-12 15:26 - 2013-04-03 01:37 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdlg.dll 2013-06-12 15:26 - 2013-04-03 01:12 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdlg.dll 2013-06-12 14:32 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll 2013-06-12 14:32 - 2013-05-16 00:36 - 14320640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2013-06-12 14:32 - 2013-05-16 00:35 - 19230720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2013-06-12 14:32 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll 2013-06-12 14:32 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2013-06-12 14:32 - 2013-05-14 11:23 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2013-06-12 14:32 - 2013-04-29 00:30 - 13760512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2013-06-12 14:32 - 2013-04-29 00:30 - 02877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2013-06-12 14:32 - 2013-04-29 00:30 - 02046976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2013-06-12 14:32 - 2013-04-29 00:30 - 01767936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2013-06-12 14:32 - 2013-04-29 00:30 - 01141248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2013-06-12 14:32 - 2013-04-29 00:30 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2013-06-12 14:32 - 2013-04-29 00:30 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2013-06-12 14:32 - 2013-04-29 00:28 - 03958784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2013-06-12 14:32 - 2013-04-29 00:28 - 02241024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2013-06-12 14:32 - 2013-04-29 00:28 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2013-06-12 14:32 - 2013-04-29 00:28 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll 2013-06-12 14:32 - 2013-04-29 00:28 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2013-06-12 14:32 - 2013-04-29 00:28 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2013-06-12 14:32 - 2013-04-29 00:27 - 15404544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2013-06-12 14:32 - 2013-04-29 00:27 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2013-06-12 14:32 - 2013-04-29 00:27 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2013-06-12 14:08 - 2013-06-12 14:08 - 00000000 ____D C:\Users\Chris\Documents\StarCraft II ==================== One Month Modified Files and Folders ======= 2013-07-12 09:30 - 2013-07-12 09:30 - 00000000 ____D C:\FRST 2013-07-12 09:30 - 2012-07-26 12:27 - 00864376 _____ C:\WINDOWS\system32\perfh007.dat 2013-07-12 09:30 - 2012-07-26 12:27 - 00197374 _____ C:\WINDOWS\system32\perfc007.dat 2013-07-12 09:30 - 2012-07-26 09:28 - 02032354 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2013-07-12 09:29 - 2013-07-12 09:29 - 01778143 _____ (Farbar) C:\Users\Chris\Downloads\FRST64.exe 2013-07-12 09:25 - 2013-05-21 18:50 - 00001120 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2013-07-12 09:25 - 2012-11-12 02:49 - 04689787 _____ C:\WINDOWS\setupact.log 2013-07-12 09:25 - 2012-07-26 09:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2013-07-12 00:35 - 2013-01-03 22:15 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2002472793-1124930146-3328520967-1000UA.job 2013-07-12 00:00 - 2013-05-21 18:50 - 00001124 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2013-07-11 23:00 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\sru 2013-07-11 09:50 - 2012-11-25 19:14 - 00000000 ____D C:\Users\Chris\AppData\Local\Deployment 2013-07-11 08:35 - 2013-01-03 22:15 - 00001084 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2002472793-1124930146-3328520967-1000Core.job 2013-07-11 03:37 - 2013-01-03 22:17 - 00002367 _____ C:\Users\Chris\Desktop\Google Chrome.lnk 2013-07-09 11:15 - 2012-11-12 03:38 - 01705984 ___SH C:\Users\Chris\Desktop\Thumbs.db 2013-07-08 23:29 - 2012-11-12 02:31 - 00528896 ___SH C:\Users\Chris\Downloads\Thumbs.db 2013-07-08 09:04 - 2013-07-08 09:04 - 02328864 _____ C:\Users\Chris\Downloads\AmazonMP3DownloaderInstall._V383688031_.exe 2013-07-08 09:04 - 2013-07-08 09:04 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon 2013-07-08 09:04 - 2012-12-01 20:46 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Amazon 2013-07-05 19:51 - 2013-06-30 18:43 - 00000000 ____D C:\UL 2013-07-05 18:42 - 2013-07-05 18:42 - 00000096 ____H C:\Users\Chris\Desktop\.~lock.Kosten.ods# 2013-07-05 17:00 - 2013-07-05 17:00 - 00314366 _____ C:\Users\Chris\Downloads\neosilver.zip 2013-07-05 16:59 - 2013-07-05 16:59 - 00764285 _____ C:\Users\Chris\Downloads\proglass.zip 2013-07-05 16:59 - 2013-07-05 16:59 - 00346763 _____ C:\Users\Chris\Downloads\promenue.zip 2013-07-05 16:36 - 2012-12-05 02:09 - 00000000 ____D C:\Users\Chris\Desktop\Misc 2013-07-05 10:55 - 2013-05-21 18:50 - 00004096 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2013-07-05 10:55 - 2013-05-21 18:50 - 00003860 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2013-07-02 22:43 - 2013-02-05 22:39 - 00011559 _____ C:\Users\Chris\Desktop\Kosten.ods 2013-07-02 22:41 - 2013-04-11 23:06 - 00011458 _____ C:\Users\Chris\Desktop\17,6b.ods 2013-07-01 04:22 - 2013-06-23 23:00 - 00305112 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2013-06-30 20:07 - 2013-06-30 20:07 - 00830505 _____ C:\Users\Chris\Downloads\absolution.zip 2013-06-30 19:20 - 2012-10-22 19:47 - 00000000 ____D C:\Users\Chris\AppData\Local\Adobe 2013-06-30 19:09 - 2013-06-30 19:09 - 00000000 ____D C:\Users\Chris\Documents\Updater 2013-06-30 19:09 - 2012-10-09 20:53 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Adobe 2013-06-30 18:44 - 2013-06-30 18:44 - 00000627 _____ C:\Users\Chris\Desktop\Upload.lnk 2013-06-30 18:38 - 2013-06-30 18:38 - 00000885 _____ C:\Users\Chris\Desktop\Nvu.lnk 2013-06-30 18:38 - 2013-06-30 18:38 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Nvu 2013-06-30 18:38 - 2013-06-30 18:38 - 00000000 ____D C:\Program Files (x86)\Nvu 2013-06-30 18:32 - 2013-06-30 18:32 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Weaverslave 2013-06-30 18:32 - 2013-06-30 18:32 - 00000000 ____D C:\Program Files (x86)\Weaverslave 2013-06-30 18:16 - 2013-06-30 18:16 - 00000989 _____ C:\Users\Chris\Desktop\WS_FTP95 LE.lnk 2013-06-30 18:16 - 2013-06-30 18:16 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WS_FTP 2013-06-30 18:16 - 2013-06-30 18:16 - 00000000 ____D C:\Program Files\WS_FTP 2013-06-30 18:16 - 2012-10-09 20:42 - 00000000 ____D C:\Users\Chris\AppData\Local\VirtualStore 2013-06-30 18:16 - 2009-07-14 04:34 - 00000835 _____ C:\WINDOWS\win.ini 2013-06-30 18:11 - 2013-06-30 18:11 - 00000000 ____D C:\Users\Public\Documents\Adobe PDF 2013-06-30 18:11 - 2012-10-22 19:44 - 00000000 ____D C:\Program Files (x86)\Adobe 2013-06-30 18:11 - 2012-10-09 20:42 - 00000000 ___RD C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-06-30 18:10 - 2012-10-09 20:47 - 00000000 ____D C:\ProgramData\Adobe 2013-06-30 18:07 - 2013-06-30 18:07 - 00000000 ____D C:\PS_CS2_Gr_NonRet 2013-06-28 22:02 - 2013-01-10 23:15 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Audacity 2013-06-27 23:09 - 2013-06-27 23:09 - 00000175 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys.sum 2013-06-27 23:09 - 2013-06-26 20:20 - 00000175 _____ C:\WINDOWS\system32\Drivers\aswSP.sys.sum 2013-06-27 23:09 - 2013-06-26 20:20 - 00000175 _____ C:\WINDOWS\system32\Drivers\aswSnx.sys.sum 2013-06-27 23:09 - 2013-06-09 20:20 - 01030952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2013-06-27 23:09 - 2013-06-09 20:20 - 00378944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2013-06-27 23:09 - 2013-06-09 20:20 - 00189936 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys 2013-06-27 08:27 - 2013-06-09 20:20 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update 2013-06-24 09:41 - 2012-11-12 01:58 - 01332396 _____ C:\WINDOWS\WindowsUpdate.log 2013-06-23 23:00 - 2012-07-26 07:37 - 00000000 ____D C:\WINDOWS\servicing 2013-06-23 23:00 - 2012-07-26 07:26 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2013-06-23 12:57 - 2013-06-23 12:57 - 00000000 ____D C:\Users\Default\AppData\LocalGoogle 2013-06-23 12:57 - 2013-06-23 12:57 - 00000000 ____D C:\Users\Default\AppData\Local\Google 2013-06-23 12:57 - 2013-06-23 12:57 - 00000000 ____D C:\Users\Default User\AppData\LocalGoogle 2013-06-23 12:57 - 2013-06-23 12:57 - 00000000 ____D C:\Users\Default User\AppData\Local\Google 2013-06-22 10:25 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent 2013-06-21 00:58 - 2013-06-21 00:58 - 00028698 _____ C:\Users\Chris\Downloads\eBayISAPI.gz 2013-06-20 15:43 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\rescache 2013-06-20 15:04 - 2012-07-26 10:12 - 00000000 ___RD C:\WINDOWS\ToastData 2013-06-20 15:04 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\WinStore 2013-06-20 15:04 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2013-06-20 15:04 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2013-06-20 15:04 - 2012-07-26 07:38 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism 2013-06-20 15:04 - 2012-07-26 07:38 - 00000000 ____D C:\WINDOWS\system32\Dism 2013-06-19 15:40 - 2013-06-19 15:40 - 00312232 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2013-06-19 15:40 - 2013-06-19 15:40 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2013-06-19 15:40 - 2013-06-19 15:40 - 00188840 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2013-06-19 15:40 - 2013-06-19 15:40 - 00108968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll 2013-06-19 15:40 - 2013-06-19 15:40 - 00000000 ____D C:\Program Files\Java 2013-06-19 15:40 - 2013-06-10 00:52 - 01093032 _____ (Oracle Corporation) C:\WINDOWS\system32\npDeployJava1.dll 2013-06-19 15:40 - 2013-06-10 00:52 - 00972712 _____ (Oracle Corporation) C:\WINDOWS\system32\deployJava1.dll 2013-06-19 15:34 - 2013-06-19 15:33 - 33150376 _____ (Oracle Corporation) C:\Users\Chris\Downloads\jre-7u25-windows-x64.exe 2013-06-17 20:33 - 2013-06-17 20:33 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_wpdcomp_01_11_00.Wdf 2013-06-14 15:09 - 2013-01-31 17:11 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Spotify 2013-06-14 15:07 - 2013-01-31 17:12 - 00000000 ____D C:\Users\Chris\AppData\Local\Spotify 2013-06-13 11:53 - 2012-11-12 01:55 - 00000000 ____D C:\Users\Chris 2013-06-13 02:24 - 2013-06-13 02:24 - 00000000 _____ C:\Users\Chris\Desktop\+62.txt 2013-06-12 14:38 - 2012-12-12 11:32 - 75825640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2013-06-12 14:09 - 2012-10-09 15:57 - 00000000 ____D C:\ProgramData\Blizzard Entertainment 2013-06-12 14:08 - 2013-06-12 14:08 - 00000000 ____D C:\Users\Chris\Documents\StarCraft II 2013-06-12 11:46 - 2012-11-12 02:32 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2002472793-1124930146-3328520967-1000 ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-07-12 00:33 ==================== End Of Log ============================ Und die Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-07-2013 01 Ran by Chris at 2013-07-12 09:31:08 Running from C:\Users\Chris\Downloads Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= Adobe AIR (x32 Version: 3.7.0.2090) Adobe Bridge 1.0 (x32 Version: 001.000.001) Adobe Common File Installer (x32 Version: 1.00.001) Adobe Flash Player 11 Plugin (x32 Version: 11.5.502.135) Adobe Help Center 1.0 (x32 Version: 1.0.1) Adobe Photoshop CS2 (x32 Version: 9.0) Adobe Reader XI - Deutsch (x32 Version: 11.0.00) Adobe Stock Photos 1.0 (x32 Version: 1.0.1) Amazon MP3-Downloader 1.0.18 (HKCU Version: 1.0.18) AMD Accelerated Video Transcoding (Version: 12.5.100.21219) AMD APP SDK Runtime (Version: 10.0.1084.4) AMD Catalyst Install Manager (Version: 8.0.903.0) AMD Drag and Drop Transcoding (Version: 2.00.0000) AMD Fuel (Version: 2012.1219.1521.27485) AMD Media Foundation Decoders (Version: 1.0.70405.2224) AMD VISION Engine Control Center (x32 Version: 2012.1219.1521.27485) Asmedia ASM104x USB 3.0 Host Controller Driver (x32 Version: 1.14.10.0) Audacity 2.0.2 (x32 Version: 2.0.2) avast! Free Antivirus (x32 Version: 8.0.1489.0) Catalyst Control Center - Branding (x32 Version: 1.00.0000) Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1219.1521.27485) Catalyst Control Center InstallProxy (x32 Version: 2012.1219.1521.27485) Catalyst Control Center Localization All (x32 Version: 2012.1219.1521.27485) CCC Help Chinese Standard (x32 Version: 2012.1219.1520.27485) CCC Help Chinese Traditional (x32 Version: 2012.1219.1520.27485) CCC Help Czech (x32 Version: 2012.1219.1520.27485) CCC Help Danish (x32 Version: 2012.1219.1520.27485) CCC Help Dutch (x32 Version: 2012.1219.1520.27485) CCC Help English (x32 Version: 2012.1219.1520.27485) CCC Help Finnish (x32 Version: 2012.1219.1520.27485) CCC Help French (x32 Version: 2012.1219.1520.27485) CCC Help German (x32 Version: 2012.1219.1520.27485) CCC Help Greek (x32 Version: 2012.1219.1520.27485) CCC Help Hungarian (x32 Version: 2012.1219.1520.27485) CCC Help Italian (x32 Version: 2012.1219.1520.27485) CCC Help Japanese (x32 Version: 2012.1219.1520.27485) CCC Help Korean (x32 Version: 2012.1219.1520.27485) CCC Help Norwegian (x32 Version: 2012.1219.1520.27485) CCC Help Polish (x32 Version: 2012.1219.1520.27485) CCC Help Portuguese (x32 Version: 2012.1219.1520.27485) CCC Help Russian (x32 Version: 2012.1219.1520.27485) CCC Help Spanish (x32 Version: 2012.1219.1520.27485) CCC Help Swedish (x32 Version: 2012.1219.1520.27485) CCC Help Thai (x32 Version: 2012.1219.1520.27485) CCC Help Turkish (x32 Version: 2012.1219.1520.27485) ccc-utility64 (Version: 2012.1219.1521.27485) Counter-Strike: Condition Zero Deleted Scenes (x32) Counter-Strike: Source (x32) Counter-Strike: Source Beta (x32) CrystalDiskInfo 5.0.4 (x32 Version: 5.0.4) Curse Client (HKCU Version: 5.1.1.792) Dark Messiah Might and Magic Multi-Player (x32) Dark Messiah Might and Magic Single Player (x32) Day of Defeat (x32) Deathmatch Classic (x32) Dedicated Server (x32) DHTML Editing Component (x32 Version: 6.02.0001) Free M4a to MP3 Converter 7.2 (x32) Freemake Video Downloader (x32 Version: 3.5.0) Garry's Mod (x32) Google Chrome (HKCU Version: 28.0.1500.71) Google Drive (x32 Version: 1.10.4769.632) Google Earth Plug-in (x32 Version: 7.1.1.1580) Google Update Helper (x32 Version: 1.3.21.149) Half-Life 2 (x32) Half-Life 2: Deathmatch (x32) Half-Life 2: Episode One (x32) Half-Life 2: Lost Coast (x32) Half-Life Deathmatch: Source (x32) IrfanView (remove only) (x32 Version: 4.32) Java 7 Update 25 (64-bit) (Version: 7.0.250) Java 7 Update 7 (x32 Version: 7.0.70) Java Auto Updater (x32 Version: 2.1.9.0) LAME v3.99.3 (for Windows) (x32) Live Update 5 (x32 Version: 5.0.091) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) MobMap 4.31 (x32) neroxml (x32 Version: 1.0.0) NoTilesPlease Version 1.0.4.3 (x32 Version: 1.0.4.3) Nvu 1.0 (x32 Version: 1.0) OpenOffice.org 3.4.1 (x32 Version: 3.41.9593) Realtek Ethernet Controller Driver (x32 Version: 8.3.730.2012) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6738) Ricochet (x32) rosoft-Maus- und Tastatur-Center (Version: 2.1.177.0) Sapphire TRIXX (x32) simfy (x32 Version: 1.7.3) Source SDK (x32) Source SDK Base 2006 (x32) Source SDK Base 2007 (x32) SpeedFan (remove only) (x32) Spotify (HKCU Version: 0.9.0.133.gd18ed589) StarCraft II (x32 Version: ) Steam (x32 Version: 1.0.0.0) Stronghold Crusader (x32) Super-Charger (x32 Version: 1.2.014) TeamSpeak 3 Client (Version: 3.0.10) Telescope Driver (x32 Version: 10.30.09) Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1) VLC media player 2.0.5 (x32 Version: 2.0.5) Web Easy Professional 8 (x32 Version: 8) WinPcap 4.1.2 (x32 Version: 4.1.0.2001) WinRAR 4.20 (64-Bit) (Version: 4.20.0) ==================== Restore Points ========================= ==================== Hosts content: ========================== 2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {0582717F-A4E6-4414-9DE4-DE560ED541AE} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe No File Task: {065317D2-FAF4-49BA-B2A6-F68E7C19DAA7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2002472793-1124930146-3328520967-1000UA => C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-03] (Google Inc.) Task: {08686AFC-C59F-4F2F-A99E-8C51AA7BF3BD} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect Task: {09669B99-ADCE-4594-A5F8-28DFC2FBF9AC} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe No File Task: {09E284F5-696A-4FF3-981B-852DA02AADFD} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe No File Task: {0F6E0357-21C9-4780-B67B-D807F66B2547} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe No File Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-26] (Microsoft Corporation) Task: {139BD1AF-56B6-4740-9C6C-2C7669F955F6} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => C:\program files\windows defender\MpCmdRun.exe [2013-01-29] (Microsoft Corporation) Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical Task: {17130071-2555-46DF-AEDA-44A66FE29E6D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation) Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance Task: {2237C0A0-7B55-4B91-A23B-E5F3067CF72F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software) Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation) Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update Task: {3215B6D0-01ED-4879-9558-C242C1D97156} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe No File Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem Task: {3E1D88C3-1CC9-46BB-AE08-B1A30F0F6FCE} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall Task: {3E483172-06DA-4FA3-AB7A-01EED9D028E4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-21] (Google Inc.) Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance Task: {419C9716-3EA8-446B-A94C-013F73DA34A2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2002472793-1124930146-3328520967-1000Core => C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-03] (Google Inc.) Task: {42261BB3-926D-4C9A-BD9E-E89C4C4F5057} - System32\Tasks\Sapphire TRIXX => C:\Program Files (x86)\Sapphire TRIXX\TRIXX.exe [2012-04-19] () Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2012-07-26] (Microsoft Corporation) Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon Task: {4BB5A094-F96F-493A-9EC2-9C759EFB5785} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2002472793-1124930146-3328520967-1000 Task: {54CE3A42-A8B6-4AC2-A122-A6D5E029D210} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe No File Task: {572FCFE7-AD88-41CB-8F4A-C4D538C3B46A} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe No File Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance Task: {58CFE23F-0EDC-4709-8F45-D267A46433A6} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required Task: {5FD42637-EF02-4249-8710-824074C843FC} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2012-09-20] (Microsoft Corporation) Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-26] (Microsoft Corporation) Task: {63A9171D-C028-4C7F-936B-28FFAE51143B} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe No File Task: {6D29EEF1-1939-4A74-8F06-34866978B72D} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation) Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-09-20] (Microsoft Corporation) Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Task: {702CE2F2-F062-4C7E-9BF9-A5BCAFDC3089} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation) Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update Task: {76ABF01A-7087-4D08-AABD-0E2237D803C0} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe No File Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance Task: {82806DA5-FDEF-4A59-9F98-4B3F167F49A6} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe No File Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance Task: {86E458DA-73AD-4E9F-AFC3-1CFF3E6EDA96} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-21] (Google Inc.) Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode) Task: {891EBF70-46F7-4525-8D27-BFD9130D33E2} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => C:\WINDOWS\system32\sc.exe [2012-07-26] (Microsoft Corporation) Task: {8A9BC54F-82F1-4569-96A0-88F3ADDB6074} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe No File Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic Task: {9A1D5285-BAE2-4016-9A6F-710D782CE341} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe No File Task: {9CE86E7B-1688-4780-BD25-FCA0BC30177A} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe No File Task: {9DEA3D86-92AA-4F33-B0E0-4F35B3DB8955} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-01-29] (Microsoft) Task: {9F246C0D-E7C7-48D7-91A3-FCAEFD2ABA12} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe No File Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation) Task: {A7CBB7E4-25D4-4385-852D-CC8EE17D7597} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe No File Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask Task: {A8635631-9B6F-4C9D-97BD-AE36AFAE031F} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation) Task: {A8E58CF3-6E17-4036-ABA0-4BBB34D9A412} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe No File Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan Task: {B6C33CC4-E0C9-46E1-8E62-B1F3C4ED21CE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe No File Task: {BC51067B-22EE-4742-A474-1AF403C4B10B} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe No File Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation) Task: {C77B0F36-7810-4B6B-96E3-C26ADB7DBC16} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe No File Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork Task: {D24A69F3-20A6-4540-B94F-BEC666B7A8F1} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe No File Task: {D2C88CF6-8A2E-41E0-8BCD-A1718A73D12A} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation) Task: {D2F9CC01-7E73-4409-BB0B-0824F541B5DE} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe No File Task: {DBAB04BB-3A28-411B-A20A-9BAFDD0B3C2D} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe No File Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-09-20] (Microsoft Corporation) Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation) Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM Task: {EED7E74C-04AF-462B-AB9C-29611C809FD6} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe No File Task: {FFE3FD50-646E-4A64-913B-23C4187E6025} - System32\Tasks\Microsoft\Windows\File Classification Infrastructure\Property Definition Sync Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2002472793-1124930146-3328520967-1000Core.job => C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2002472793-1124930146-3328520967-1000UA.job => C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Faulty Device Manager Devices ============= Name: Videocontroller für Multimedia Description: Videocontroller für Multimedia Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Multimediacontroller Description: Multimediacontroller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (06/09/2013 08:30:38 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: avgmfapx.exe, Version: 0.0.0.0, Zeitstempel: 0x51361b4e Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x4573776f ID des fehlerhaften Prozesses: 0x19f4 Startzeit der fehlerhaften Anwendung: 0xavgmfapx.exe0 Pfad der fehlerhaften Anwendung: avgmfapx.exe1 Pfad des fehlerhaften Moduls: avgmfapx.exe2 Berichtskennung: avgmfapx.exe3 Vollständiger Name des fehlerhaften Pakets: avgmfapx.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: avgmfapx.exe5 Error: (06/05/2013 04:48:15 PM) (Source: Application Hang) (User: ) Description: Programm Explorer.EXE, Version 6.2.9200.16433 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1b50 Startzeit: 01ce61fae999d40c Endzeit: 0 Anwendungspfad: C:\WINDOWS\Explorer.EXE Berichts-ID: f2609692-cdee-11e2-bec0-d43d7e2d2140 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (06/01/2013 09:34:03 PM) (Source: Application Hang) (User: ) Description: Programm Steam.exe, Version 1.74.87.19 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: f60 Startzeit: 01ce5efb54130a2f Endzeit: 18 Anwendungspfad: E:\Program Files (x86)\Steam\Steam.exe Berichts-ID: 35b9c67a-caf2-11e2-bec0-d43d7e2d2140 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (05/03/2013 07:34:28 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: simfy.exe, Version: 0.0.0.0, Zeitstempel: 0x4eb75ae0 Name des fehlerhaften Moduls: Adobe AIR.dll, Version: 3.7.0.1530, Zeitstempel: 0x515664fb Ausnahmecode: 0xc0000005 Fehleroffset: 0x001849d9 ID des fehlerhaften Prozesses: 0x84c Startzeit der fehlerhaften Anwendung: 0xsimfy.exe0 Pfad der fehlerhaften Anwendung: simfy.exe1 Pfad des fehlerhaften Moduls: simfy.exe2 Berichtskennung: simfy.exe3 Vollständiger Name des fehlerhaften Pakets: simfy.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: simfy.exe5 Error: (05/02/2013 04:29:52 PM) (Source: Application Hang) (User: ) Description: Programm Explorer.EXE, Version 6.2.9200.16433 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 133c Startzeit: 01ce4736f529bcb6 Endzeit: 0 Anwendungspfad: C:\WINDOWS\Explorer.EXE Berichts-ID: be41755a-b334-11e2-beb7-d43d7e2d2140 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (04/13/2013 11:49:49 AM) (Source: MsiInstaller) (User: CHRISPC) Description: Product: simfy -- Error 1730. You must be an Administrator to remove this application. To remove this application, you can log on as an Administrator, or contact your technical support group for assistance. Error: (03/26/2013 01:06:33 PM) (Source: Microsoft-Windows-RestartManager) (User: CHRISPC) Description: Die Anwendung oder der Dienst "Apple Mobile Device" konnte nicht neu gestartet werden. Error: (03/26/2013 00:59:32 PM) (Source: Microsoft Security Client Setup) (User: CHRISPC) Description: HRESULT:0x8004FF6F Description:You don’t need to install Microsoft Security Essentials. Your version of Windows includes an updated version of Windows Defender that provides the same level of protection as Microsoft Security Essentials, along with other significant improvements. <a>For more information on the differences and improvements, see online Help</a>. Error code:0x8004FF6F. Error: (03/25/2013 08:54:57 PM) (Source: Application Hang) (User: ) Description: Programm Explorer.EXE, Version 6.2.9200.16433 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 284 Startzeit: 01ce293a94b754c0 Endzeit: 0 Anwendungspfad: C:\WINDOWS\Explorer.EXE Berichts-ID: 7a903e83-957d-11e2-beaf-d43d7e2d2140 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (03/25/2013 11:37:47 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "ACME,processorArchitecture="x86",type="win32",version="12.0.0.0"1". Die abhängige Assemblierung "ACME,processorArchitecture="x86",type="win32",version="12.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". System errors: ============= Error: (07/12/2013 09:27:27 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" ist vom Dienst "Windows Search" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058 Error: (07/12/2013 09:25:26 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (07/12/2013 09:25:25 AM) (Source: EventLog) (User: ) Description: Das System wurde zuvor am 12.07.2013 um 09:24:02 unerwartet heruntergefahren. Error: (07/12/2013 09:25:20 AM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT) Description: 0xc000014d0 Error: (07/11/2013 11:04:38 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" ist vom Dienst "Windows Search" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058 Error: (07/11/2013 11:02:32 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (07/11/2013 11:02:29 PM) (Source: EventLog) (User: ) Description: Das System wurde zuvor am 11.07.2013 um 22:34:17 unerwartet heruntergefahren. Error: (07/11/2013 11:02:24 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT) Description: 0xc000014d0 Error: (07/11/2013 04:40:56 PM) (Source: volsnap) (User: ) Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte. Error: (07/11/2013 04:06:21 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" ist vom Dienst "Windows Search" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058 Microsoft Office Sessions: ========================= Error: (06/09/2013 08:30:38 PM) (Source: Application Error)(User: ) Description: avgmfapx.exe0.0.0.051361b4eunknown0.0.0.000000000c00000054573776f19f401ce653ebbe8baebC:\Program Files (x86)\AVG\AVG2013\avgmfapx.exeunknownae3b1c3f-d132-11e2-bec2-d43d7e2d2140 Error: (06/05/2013 04:48:15 PM) (Source: Application Hang)(User: ) Description: Explorer.EXE6.2.9200.164331b5001ce61fae999d40c0C:\WINDOWS\Explorer.EXEf2609692-cdee-11e2-bec0-d43d7e2d2140 Error: (06/01/2013 09:34:03 PM) (Source: Application Hang)(User: ) Description: Steam.exe1.74.87.19f6001ce5efb54130a2f18E:\Program Files (x86)\Steam\Steam.exe35b9c67a-caf2-11e2-bec0-d43d7e2d2140 Error: (05/03/2013 07:34:28 PM) (Source: Application Error)(User: ) Description: simfy.exe0.0.0.04eb75ae0Adobe AIR.dll3.7.0.1530515664fbc0000005001849d984c01ce482091be6781E:\Program Files (x86)\simfy\simfy.exec:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllb4638a4d-b417-11e2-beb7-d43d7e2d2140 Error: (05/02/2013 04:29:52 PM) (Source: Application Hang)(User: ) Description: Explorer.EXE6.2.9200.16433133c01ce4736f529bcb60C:\WINDOWS\Explorer.EXEbe41755a-b334-11e2-beb7-d43d7e2d2140 Error: (04/13/2013 11:49:49 AM) (Source: MsiInstaller)(User: CHRISPC) Description: Product: simfy -- Error 1730. You must be an Administrator to remove this application. To remove this application, you can log on as an Administrator, or contact your technical support group for assistance.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (03/26/2013 01:06:33 PM) (Source: Microsoft-Windows-RestartManager)(User: CHRISPC) Description: 0AppleMobileDeviceService.exeApple Mobile Device03026217818440 Error: (03/26/2013 00:59:32 PM) (Source: Microsoft Security Client Setup)(User: CHRISPC) Description: HRESULT:0x8004FF6F Description:You don’t need to install Microsoft Security Essentials. Your version of Windows includes an updated version of Windows Defender that provides the same level of protection as Microsoft Security Essentials, along with other significant improvements. <a>For more information on the differences and improvements, see online Help</a>. Error code:0x8004FF6F. Error: (03/25/2013 08:54:57 PM) (Source: Application Hang)(User: ) Description: Explorer.EXE6.2.9200.1643328401ce293a94b754c00C:\WINDOWS\Explorer.EXE7a903e83-957d-11e2-beaf-d43d7e2d2140 Error: (03/25/2013 11:37:47 AM) (Source: SideBySide)(User: ) Description: ACME,processorArchitecture="x86",type="win32",version="12.0.0.0"c:\program files (x86)\Nero\Nero 12\nero recode\NeroBRServer.exe.Manifest CodeIntegrity Errors: =================================== Date: 2013-03-01 03:00:18.466 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load. Date: 2013-03-01 03:00:17.962 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load. Date: 2013-02-28 03:00:16.288 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load. Date: 2013-02-28 03:00:15.863 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load. Date: 2013-02-27 03:00:14.864 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load. Date: 2013-02-27 03:00:14.483 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load. Date: 2013-02-26 16:03:59.221 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load. Date: 2013-02-26 16:03:58.798 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load. Date: 2013-02-25 03:00:14.965 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load. Date: 2013-02-25 03:00:14.591 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load. ==================== Memory info =========================== Percentage of memory in use: 26% Total physical RAM: 8162.12 MB Available physical RAM: 6026.34 MB Total Pagefile: 8674.12 MB Available Pagefile: 5651.57 MB Total Virtual: 8192 MB Available Virtual: 8191.77 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:111.69 GB) (Free:33.51 GB) NTFS (Disk=0 Partition=2) Drive d: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS (Disk=1 Partition=1) ==>[System with boot components (obtained from reading drive)] Drive e: () (Fixed) (Total:931.41 GB) (Free:838.47 GB) NTFS (Disk=1 Partition=2) ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: A703D369) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=112 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: CC5A81F6) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
12.07.2013, 11:15 | #4 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Plagegeist - und ich werde ihn nicht los...Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
12.07.2013, 13:23 | #5 |
| Plagegeist - und ich werde ihn nicht los... Irgendein Tool mit "Chew7" hatte ich mal benutzt um mein Windows erneut zu aktivieren da ich meinen Key nicht mehr gefunden habe... Hat sich damit noch ein Virus/Trojaner eingeschlichen? Wie entferne ich das Teil? Welches Porgramm erkennt den Mist? Die Datei ist im Ordner system32 nicht erkennbar/sichtbar! |
12.07.2013, 13:47 | #6 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Plagegeist - und ich werde ihn nicht los...Zitat:
Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html Es geht weiter wenn du alles Illegale entfernt hast. Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.
__________________ --> Plagegeist - und ich werde ihn nicht los... |
12.07.2013, 13:54 | #7 |
| Plagegeist - und ich werde ihn nicht los... Naja wie gesagt ich habe das damals nur verwendet weil ich den Key nicht zur Hand hatte. Ich habe es aber legal erworben... kann ich auch Nachweisen durch Abbuchung damals und entsprechende Email von Microsoft mit dem Key. Hilft also wohl nur Neuinstallation... |
12.07.2013, 14:06 | #8 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Plagegeist - und ich werde ihn nicht los... Den Key hättest du auslesen können oder MS anrufen und fragen können anstatt zu illegalen Mitteln zu greifen
__________________ Logfiles bitte immer in CODE-Tags posten |
Themen zu Plagegeist - und ich werde ihn nicht los... |
anti, aufsetzen, bereits, beseitigen, browser, eingebe, erfahrung, folge, folgendes, gmer, hilft, malware, monate, neu, nichts, offen, plagegeist, problem, programm, schädling, sekunden, servus, stunden, system, system neu, this |