alles soweit, hoffe ich
, erledigt..
vielen Dank im Voraus!
Code:
Alles auswählen Aufklappen ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-09-2013
Ran by SYSTEM on MININT-DGVC9NP on 22-09-2013 16:34:09
Running from G:\
Windows 7 Starter (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Recovery
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2299176 2011-10-13] (Synaptics Incorporated)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)
HKLM\...\Run: [AmIcoSinglun] - C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [237568 2010-06-17] (Alcor Micro Corp.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray.exe [495708 2010-06-17] (IDT, Inc.)
HKLM\...\Run: [HP Quick Launch] - C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [602168 2010-06-29] (Hewlett-Packard Company)
HKLM\...\Run: [ZumoDrive] - C:\Program Files\Hewlett-Packard\HP CloudDrive\ZumoLauncher.lnk [2038 2010-08-16] ()
HKLM\...\Run: [HPWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-07-08] (Hewlett-Packard Company)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254896 2012-09-17] (Sun Microsystems, Inc.)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [] - [x]
HKLM\...\Run: [ApnUpdater] - C:\Program Files\Ask.com\Updater\Updater.exe [1644680 2013-02-08] (Ask)
HKLM\...\Run: [BingDesktop] - C:\Program Files\Microsoft\BingDesktop\BingDesktop.exe [2249352 2013-06-20] (Microsoft Corp.)
HKU\Matika71\...\Winlogon: [Shell] explorer.exe,C:\Users\Matika71\AppData\Roaming\skype.dat [ 2011-11-16] () <==== ATTENTION
HKU\Matika71\...\Command Processor: <===== ATTENTION!
========================== Services (Whitelisted) =================
S2 BingDesktopUpdate; C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-20] (Microsoft Corp.)
S2 DvmMDES; C:\SwSetup\HPQWMM\QuickWeb\QW.SYS\config\DVMExportService.exe [338168 2010-07-20] (DeviceVM, Inc.)
S3 GameConsoleService; C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe [246520 2010-04-03] (WildTangent, Inc.)
S2 HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [103992 2010-07-08] (Hewlett-Packard Company)
S2 HPWMISVC; C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [27192 2010-06-29] ()
S2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [237650 2010-06-17] (IDT, Inc.)
==================== Drivers (Whitelisted) ====================
S3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [27136 2010-06-17] (Alcor Micro, Corp.)
S0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-13] (Microsoft Corporation)
S1 DVMIO; C:\Windows\System32\DRIVERS\dvmio.sys [18136 2009-11-11] (DeviceVM, Inc.)
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [15896 2011-03-07] (HandSet Incorporated)
S2 5776; \??\C:\Users\Matika71\AppData\Local\Temp\5776.sys [x]
S3 cmnsusbser; system32\DRIVERS\cmnsusbser.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-22 16:33 - 2013-09-22 16:33 - 00000000 ____D C:\FRST
==================== One Month Modified Files and Folders =======
2013-09-22 16:33 - 2013-09-22 16:33 - 00000000 ____D C:\FRST
2013-09-22 06:24 - 2013-06-27 11:24 - 00000004 _____ C:\Users\Matika71\AppData\Roaming\skype.ini
2013-09-22 06:24 - 2011-03-19 13:18 - 00000000 ____D C:\Users\Matika71\AppData\Roaming\ZumoDrive
2013-09-22 06:24 - 2009-07-13 20:39 - 00079835 _____ C:\Windows\setupact.log
2013-09-15 08:20 - 2010-10-29 01:48 - 01644825 _____ C:\Windows\WindowsUpdate.log
2013-09-15 08:20 - 2009-09-06 15:02 - 01500254 _____ C:\Windows\System32\PerfStringBackup.INI
2013-09-15 08:20 - 2009-07-13 20:34 - 00014128 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-15 08:20 - 2009-07-13 20:34 - 00014128 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
Files to move or delete:
====================
C:\Users\Matika71\AppData\Roaming\skype.dat
C:\Users\Matika71\AppData\Roaming\skype.ini
Some content of TEMP:
====================
C:\Users\Matika71\AppData\Local\Temp\ApnStub.exe
C:\Users\Matika71\AppData\Local\Temp\eiiahdsk.dll
C:\Users\Matika71\AppData\Local\Temp\g_2eu4gh.dll
C:\Users\Matika71\AppData\Local\Temp\HPQSi.exe
C:\Users\Matika71\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Matika71\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe
C:\Users\Matika71\AppData\Local\Temp\Resource.exe
C:\Users\Matika71\AppData\Local\Temp\setup.exe
C:\Users\Matika71\AppData\Local\Temp\sp50843.exe.exe
C:\Users\Matika71\AppData\Local\Temp\sp54620.exe
C:\Users\Matika71\AppData\Local\Temp\swt-gdip-win32-3448.dll
C:\Users\Matika71\AppData\Local\Temp\swt-win32-3448.dll
C:\Users\Matika71\AppData\Local\Temp\Uninstaller.exe
C:\Users\Matika71\AppData\Local\Temp\UninstallerGer.dll
C:\Users\Matika71\AppData\Local\Temp\UninstallerIta.dll
C:\Users\Matika71\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Matika71\AppData\Local\Temp\UninstallHPTCA.exe
C:\Users\Matika71\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Matika71\AppData\Local\Temp\WindowsAPI.dll
C:\Users\Matika71\AppData\Local\Temp\WtgDriverInstallX.dll
==================== Known DLLs (Whitelisted) ============
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
Restore point made on: 2013-03-21 10:56:35
Restore point made on: 2013-03-23 08:04:03
Restore point made on: 2013-03-24 03:52:25
Restore point made on: 2013-03-28 23:54:13
Restore point made on: 2013-03-29 13:22:42
Restore point made on: 2013-03-29 13:25:52
Restore point made on: 2013-03-30 00:52:39
Restore point made on: 2013-04-03 10:49:32
Restore point made on: 2013-04-07 09:54:23
Restore point made on: 2013-04-08 19:45:16
Restore point made on: 2013-04-14 11:32:57
Restore point made on: 2013-04-29 11:12:57
Restore point made on: 2013-04-29 12:02:34
Restore point made on: 2013-05-05 02:27:37
Restore point made on: 2013-05-12 01:37:35
Restore point made on: 2013-05-17 11:14:13
Restore point made on: 2013-05-26 11:33:09
Restore point made on: 2013-05-26 11:56:24
Restore point made on: 2013-06-15 11:31:23
Restore point made on: 2013-07-13 10:12:00
==================== Memory info ===========================
Percentage of memory in use: 49%
Total physical RAM: 1011.87 MB
Available physical RAM: 508.17 MB
Total Pagefile: 1011.87 MB
Available Pagefile: 508 MB
Total Virtual: 2047.88 MB
Available Virtual: 1944.2 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:214.73 GB) (Free:156.74 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (RECOVERY) (Fixed) (Total:17.86 GB) (Free:2.59 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
Drive g: () (Removable) (Total:0.12 GB) (Free:0.12 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.16 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 233 GB) (Disk ID: 24DA2EA1)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=215 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=18 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
========================================================
Disk: 1 (Size: 124 MB) (Disk ID: E6E408B9)
Partition 1: (Active) - (Size=124 MB) - (Type=0B)
LastRegBack: 2013-01-15 09:58
==================== End Of Log ============================
22.09.2013, 15:48
, erledigt..
Baum-Darstellung