SoftwareUpdater.UI.exe erscheint bei jedem Neustart.

Prode78 · 02.10.2013, 12:17

Hallo Trojaner-Board Team,

habe seit gestern ein Problem mit softwareUpdater.UI.exe! Habe mir die Probleme beim fixen der Treiber eingefangen als ich FreeDriver Scout von Freemium benutzt habe.
Dachte damit ließe sich mein Problem mit rundll32 o.ä. beheben, konnte nämlich keinen Kontakt über HDMI zu meinem TV aufbauen.

Mein Problem mit diesem Updater ist folgendes, plötzlich stand im Geräte Manager ein unbekanntes Gerät drinn welches dieses Update verlangt. Ich habe es dummerweise zugelassen weil ich dieser Software vertraut habe, immerhin habe ich sie bei Chip.de runtergeladen. Seit gestern habe ich nun keinen Ton mehr auf meinem Rechner und kann auch Videos schlecht abspielen (Videos starten permanent neu).

Ich poste euch mal meine Logfiles:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-09-2013 01
Ran by James Brown (administrator) on JAMESBROWN on 02-10-2013 12:53:26
Running from C:\Users\James Brown\Downloads
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Agere Systems) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\Windows\system32\PnkBstrA.exe
() C:\Windows\system32\PnkBstrB.exe
() C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
() C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
() C:\Windows\SMINST\BLService.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Spotify Ltd) C:\Users\James Brown\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Hewlett-Packard) c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [995176 2013-06-20] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2299176 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SDTray] - C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKCU\...\Run: [Spybot-S&D Cleaning] - C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [3642312 2013-05-16] (Safer-Networking Ltd.)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\James Brown\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1140736 2013-10-01] (Spotify Ltd)
HKCU\...\Winlogon: [Shell] explorer.exe <==== ATTENTION
MountPoints2: {4c200ad7-7973-11df-9769-002186b3671f} - XpgDps.exE
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Test\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Test\...\Run: [LightScribe Control Panel] - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [ 2008-02-26] (Hewlett-Packard Company)
HKU\Test\...\RunOnce: [] -
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

ProxyServer: http=127.0.0.1:54768
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb
SearchScopes: HKLM - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
SearchScopes: HKLM - {D9A80BB3-B0E4-4B4D-93DF-67B60F57DAC5} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKLM - {DE9FEAA3-5CD2-4DC3-A08D-D2562FDD252F} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcnnbie7-de-de
SearchScopes: HKCU - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
SearchScopes: HKCU - {D9A80BB3-B0E4-4B4D-93DF-67B60F57DAC5} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKCU - {DE9FEAA3-5CD2-4DC3-A08D-D2562FDD252F} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcnnbie7-de-de
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: WebEnhance - {814664b0-d93b-4da6-9216-722c56179397} - C:\Program Files\WebEnhance\webenhance.dll (WebEnhance)
BHO: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
Toolbar: HKCU -DVDVideoSoftTB Toolbar - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\James Brown\AppData\Roaming\Mozilla\Firefox\Profiles\nafdxroc.default-1365777958740
FF Homepage: www.google.com
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.13.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.13.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\James Brown\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\James Brown\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\James Brown\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\James Brown\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\James Brown\AppData\Roaming\Mozilla\Firefox\Profiles\nafdxroc.default-1365777958740\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{38e9e285-5266-4fe2-b5b5-c14c29b0cd45}] - C:\Program Files\WebEnhance\webenhance.xpi
FF Extension: No Name - C:\Program Files\WebEnhance\webenhance.xpi

Chrome:
=======
CHR HomePage: hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=5440a24d-dd17-457b-a27a-61180977eed7&searchtype=hp&installDate=01/03/2013
CHR Extension: (YouTube) - C:\Users\JAMESB~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Adblock Plus) - C:\Users\JAMESB~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.5_0
CHR Extension: (Google Search) - C:\Users\JAMESB~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (AdBlock) - C:\Users\JAMESB~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.8_0
CHR Extension: (Man of Steel) - C:\Users\JAMESB~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\knfmphhfikndpfbllhdojajhgpmlnlef\1_0
CHR Extension: (Skype Click to Call) - C:\Users\JAMESB~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\JAMESB~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\JAMESB~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM\...\Chrome\Extension: [mbegnhpbhfjiaelealfpieodkembdgbj] - C:\Program Files\WebEnhance\webenhance.crx

========================== Services (Whitelisted) =================

R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [14336 2008-08-26] (Agere Systems)
S2 gupdate1c9eee673820d67; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-06-17] (Google Inc.)
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-04-15] (Hewlett-Packard)
S3 Macromedia Licensing Service; C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [68096 2010-04-27] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-06-20] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [295376 2013-06-20] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75064 2009-03-31] ()
R2 PnkBstrB; C:\Windows\system32\PnkBstrB.exe [189248 2013-04-27] ()
R2 QPCapSvc; C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [292232 2008-04-23] ()
R2 QPSched; C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [112008 2008-04-23] ()
R2 Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [341328 2008-03-26] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2007-01-09] ()
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
S3 SystemExplorerHelpService; C:\Program Files\System Explorer\service\SystemExplorerService.exe [567256 2012-11-25] (Mister Group)
S2 SystemStoreService; C:\Program Files\SoftwareUpdater\SystemStore.exe [296448 2013-09-29] ()

==================== Drivers (Whitelisted) ====================

R0 CLFS; C:\Windows\System32\CLFS.sys [245736 2009-04-11] (Microsoft Corporation)
S3 HpqRemHid; C:\Windows\System32\DRIVERS\HpqRemHid.sys [7168 2007-07-11] (Hewlett-Packard Development Company, L.P.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [211560 2013-06-18] (Microsoft Corporation)
S3 ssudnflt; C:\Windows\System32\DRIVERS\ssudnflt.sys [15936 2011-02-18] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [180672 2011-02-18] (DEVGURU Co., LTD.(www.devguru.co.kr))
U4 eabfiltr;
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 SNP2UVC; system32\DRIVERS\snp2uvc.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-10-02 12:53 - 2013-10-02 12:53 - 00000000 ____D C:\FRST
2013-10-02 12:52 - 2013-10-02 12:52 - 01086873 _____ (Farbar) C:\Users\James Brown\Downloads\FRST.exe
2013-10-02 11:44 - 2013-10-02 11:44 - 05249448 _____ (ParetoLogic Inc.) C:\Users\James Brown\Downloads\ParetoLogic PC Health Advisor_de(1).exe
2013-10-02 01:24 - 2013-10-02 01:24 - 00000000 ____D C:\Windows\system32\SRSLabs
2013-10-02 01:24 - 2013-10-02 01:24 - 00000000 ____D C:\Program Files\IDT
2013-10-02 01:24 - 2009-07-21 22:33 - 12030044 _____ (IDT, Inc.) C:\Windows\system32\idtcpl.cpl
2013-10-02 01:24 - 2009-07-21 22:33 - 03600384 ____N (IDT, Inc.) C:\Windows\system32\stlang.dll
2013-10-02 01:24 - 2009-07-21 22:33 - 00536576 _____ (IDT, Inc.) C:\Windows\system32\idtmini1.exe
2013-10-02 01:24 - 2009-07-21 22:33 - 00458844 _____ (IDT, Inc.) C:\Windows\sttray.exe
2013-10-02 01:24 - 2009-06-25 18:58 - 00138240 _____ (Andrea Electronics Corporation) C:\Windows\system32\aestacap.dll
2013-10-02 01:24 - 2009-05-21 18:58 - 00372736 _____ (Andrea Electronics Corporation) C:\Windows\system32\aestecap.dll
2013-10-02 01:24 - 2009-03-02 17:57 - 00061440 _____ (Andrea Electronics Corporation) C:\Windows\system32\aestaren.dll
2013-10-02 01:24 - 2009-03-02 17:47 - 00086016 ____N (Andrea Electronics Corporation) C:\Windows\system32\AESTCom.dll
2013-10-01 21:38 - 2013-10-01 21:38 - 00000000 ____D C:\Program Files\LSI SoftModem
2013-10-01 21:20 - 2013-10-01 21:20 - 00000876 _____ C:\Users\James Brown\Documents\cc_20131001_212034.reg
2013-10-01 21:19 - 2013-10-01 21:19 - 04369632 _____ (Piriform Ltd) C:\Users\James Brown\Downloads\ccsetup406.exe
2013-10-01 21:15 - 2013-10-01 21:15 - 00008460 _____ C:\Users\James Brown\Documents\cc_20131001_211501.reg
2013-10-01 17:18 - 2013-10-01 17:18 - 00000000 ____D C:\Program Files\AGEIA Technologies
2013-10-01 17:17 - 2013-10-01 17:17 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-10-01 17:17 - 2013-10-01 17:17 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2013-10-01 17:17 - 2013-10-01 17:17 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2013-10-01 17:17 - 2013-10-01 17:17 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2013-10-01 17:17 - 2013-10-01 17:17 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2013-10-01 17:17 - 2013-10-01 17:17 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2013-10-01 17:17 - 2013-10-01 17:17 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-01 17:17 - 2013-10-01 17:17 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2013-10-01 17:17 - 2009-12-01 12:17 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Macromedia
2013-10-01 17:17 - 2009-03-24 04:02 - 00000000 ____D C:\Users\UpdatusUser\AppData\Local\Microsoft Help
2013-10-01 17:17 - 2009-02-13 18:54 - 00002050 _____ C:\Users\UpdatusUser\Desktop\HP Backup and Recovery.lnk
2013-10-01 17:17 - 2009-02-09 18:31 - 00001231 _____ C:\Users\UpdatusUser\Desktop\Handbücher.lnk
2013-10-01 17:17 - 2009-01-27 13:59 - 00000934 _____ C:\Users\UpdatusUser\Desktop\CyberLink YouCam.lnk
2013-10-01 17:17 - 2009-01-27 13:59 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
2013-10-01 17:17 - 2009-01-27 13:57 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2013-10-01 17:17 - 2008-01-21 04:42 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-01 17:17 - 2008-01-21 04:42 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-01 17:12 - 2013-10-01 17:12 - 00000000 ____D C:\NVIDIA
2013-10-01 17:12 - 2013-06-23 01:18 - 22093088 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2013-10-01 17:12 - 2013-06-23 01:18 - 17560352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-10-01 17:12 - 2013-06-23 01:18 - 13611728 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll
2013-10-01 17:12 - 2013-06-23 01:18 - 09219872 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-10-01 17:12 - 2013-06-23 01:18 - 07691712 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-10-01 17:12 - 2013-06-23 01:18 - 06329016 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-10-01 17:12 - 2013-06-23 01:18 - 02788640 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-10-01 17:12 - 2013-06-23 01:18 - 02007328 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-10-01 17:12 - 2013-06-23 01:18 - 01048864 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3232601.dll
2013-10-01 17:12 - 2013-06-23 01:18 - 00893728 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3232601.dll
2013-10-01 17:12 - 2013-06-23 01:18 - 00017619 _____ C:\Windows\system32\nvinfo.pb
2013-10-01 17:12 - 2013-02-18 10:22 - 00028008 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap32.dll
2013-10-01 17:07 - 2013-10-01 17:07 - 00000000 ____D C:\Windows\Options
2013-09-29 00:16 - 2013-09-29 00:16 - 00000000 ____D C:\Users\James Brown\Documents\Freemium Driver Utilities
2013-09-29 00:16 - 2013-09-29 00:16 - 00000000 ____D C:\ProgramData\DriversGalaxy
2013-09-29 00:15 - 2013-09-29 00:16 - 00000000 ____D C:\Program Files\SoftwareUpdater
2013-09-29 00:15 - 2013-09-29 00:15 - 00000000 ____D C:\Program Files\WebEnhance
2013-09-29 00:14 - 2013-09-29 00:14 - 00444400 _____ C:\Users\James Brown\Downloads\DLG_free-driver-scout_chip_de-DE.exe
2013-09-28 12:02 - 2013-09-28 12:09 - 00000000 ____D C:\ProgramData\SystemExplorer
2013-09-28 12:02 - 2013-09-28 12:02 - 02061008 _____ (Mister Group ) C:\Users\James Brown\Downloads\SystemExplorerSetup_422.exe
2013-09-28 12:02 - 2013-09-28 12:02 - 00000000 ____D C:\Program Files\System Explorer
2013-09-28 11:34 - 2013-10-01 21:30 - 00001674 _____ C:\Windows\PFRO.log
2013-09-28 01:12 - 2013-09-28 01:12 - 00039546 _____ C:\Users\James Brown\Documents\cc_20130928_011156.reg
2013-09-28 00:15 - 2013-09-28 11:23 - 00000000 ____D C:\ProgramData\ParetoLogic
2013-09-28 00:15 - 2013-09-28 00:15 - 00000000 ____D C:\Users\James Brown\AppData\Roaming\ParetoLogic
2013-09-28 00:15 - 2013-09-28 00:15 - 00000000 ____D C:\Users\James Brown\AppData\Roaming\DriverCure
2013-09-28 00:13 - 2013-09-28 00:13 - 05249448 _____ (ParetoLogic Inc.) C:\Users\James Brown\Downloads\ParetoLogic PC Health Advisor_de.exe
2013-09-26 10:28 - 2013-09-26 10:28 - 00001854 _____ C:\Users\Public\Desktop\MyPhoneExplorer.lnk
2013-09-26 10:28 - 2013-09-26 10:28 - 00000000 ____D C:\Users\James Brown\.android
2013-09-26 10:26 - 2013-09-26 10:26 - 07080248 _____ C:\Users\James Brown\Downloads\MyPhoneExplorer_Setup_1.8.5.exe
2013-09-25 19:53 - 2013-10-01 19:41 - 00000124 _____ C:\Windows\setupact.log
2013-09-25 19:53 - 2013-09-25 19:53 - 00000000 _____ C:\Windows\setuperr.log
2013-09-24 17:07 - 2013-09-24 17:06 - 04454952 _____ (Piriform Ltd) C:\Users\James Brown\Downloads\ccsetup405.exe
2013-09-22 00:32 - 2013-09-22 00:32 - 00000000 ____D C:\Program Files\CPUID
2013-09-22 00:30 - 2013-09-22 00:30 - 00614816 _____ C:\Users\James Brown\Downloads\CPU Z - CHIP-Downloader.exe
2013-09-18 18:42 - 2013-09-18 18:42 - 00000000 ____D C:\Program Files\Lavalys
2013-09-18 18:39 - 2013-09-18 18:40 - 04179293 _____ (Lavalys, Inc. ) C:\Users\James Brown\Downloads\everesthome220.exe
2013-09-18 12:07 - 2013-09-18 12:07 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-11 15:01 - 2013-07-31 11:52 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-11 15:01 - 2013-07-31 11:49 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-11 15:01 - 2013-07-31 11:48 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-09-11 15:01 - 2013-07-31 11:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-09-11 15:01 - 2013-07-31 11:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-11 15:01 - 2013-07-31 11:45 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-11 15:01 - 2013-07-31 11:45 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-09-11 15:01 - 2013-07-31 11:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-11 15:00 - 2013-07-31 12:30 - 12335104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-11 15:00 - 2013-07-31 12:05 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-11 15:00 - 2013-07-31 12:00 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-11 15:00 - 2013-07-31 11:53 - 01104896 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-11 15:00 - 2013-07-31 11:52 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-09-11 15:00 - 2013-07-31 11:51 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-09-11 15:00 - 2013-07-31 11:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-11 15:00 - 2013-07-31 11:46 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-11 14:41 - 2013-08-08 03:45 - 02049536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-11 14:41 - 2013-07-16 06:35 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll

==================== One Month Modified Files and Folders =======

2013-10-02 12:53 - 2013-10-02 12:53 - 00000000 ____D C:\FRST
2013-10-02 12:52 - 2013-10-02 12:52 - 01086873 _____ (Farbar) C:\Users\James Brown\Downloads\FRST.exe
2013-10-02 12:49 - 2006-11-02 12:33 - 01445546 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-02 12:47 - 2011-05-16 12:32 - 01306835 _____ C:\Windows\WindowsUpdate.log
2013-10-02 12:41 - 2013-08-08 18:17 - 00000644 _____ C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2013-10-02 12:41 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-02 12:41 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-02 12:41 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-02 12:17 - 2009-02-09 17:06 - 00000012 _____ C:\Windows\bthservsdp.dat
2013-10-02 12:17 - 2006-11-02 15:01 - 00032558 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-02 12:06 - 2008-07-02 08:34 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-10-02 12:06 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\twain_32
2013-10-02 11:44 - 2013-10-02 11:44 - 05249448 _____ (ParetoLogic Inc.) C:\Users\James Brown\Downloads\ParetoLogic PC Health Advisor_de(1).exe
2013-10-02 01:24 - 2013-10-02 01:24 - 00000000 ____D C:\Windows\system32\SRSLabs
2013-10-02 01:24 - 2013-10-02 01:24 - 00000000 ____D C:\Program Files\IDT
2013-10-02 00:37 - 2013-08-08 18:17 - 00000616 _____ C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2013-10-01 21:38 - 2013-10-01 21:38 - 00000000 ____D C:\Program Files\LSI SoftModem
2013-10-01 21:38 - 2009-03-21 11:59 - 00000000 ____D C:\Users\James Brown
2013-10-01 21:30 - 2013-09-28 11:34 - 00001674 _____ C:\Windows\PFRO.log
2013-10-01 21:20 - 2013-10-01 21:20 - 00000876 _____ C:\Users\James Brown\Documents\cc_20131001_212034.reg
2013-10-01 21:19 - 2013-10-01 21:19 - 04369632 _____ (Piriform Ltd) C:\Users\James Brown\Downloads\ccsetup406.exe
2013-10-01 21:19 - 2011-02-17 16:35 - 00000000 ____D C:\Program Files\CCleaner
2013-10-01 21:15 - 2013-10-01 21:15 - 00008460 _____ C:\Users\James Brown\Documents\cc_20131001_211501.reg
2013-10-01 19:41 - 2013-09-25 19:53 - 00000124 _____ C:\Windows\setupact.log
2013-10-01 17:18 - 2013-10-01 17:18 - 00000000 ____D C:\Program Files\AGEIA Technologies
2013-10-01 17:18 - 2011-02-12 01:11 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-10-01 17:17 - 2013-10-01 17:17 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-10-01 17:17 - 2013-10-01 17:17 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2013-10-01 17:17 - 2013-10-01 17:17 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2013-10-01 17:17 - 2013-10-01 17:17 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2013-10-01 17:17 - 2013-10-01 17:17 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2013-10-01 17:17 - 2013-10-01 17:17 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2013-10-01 17:17 - 2013-10-01 17:17 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-01 17:17 - 2013-10-01 17:17 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2013-10-01 17:17 - 2009-01-27 14:00 - 00000000 ____D C:\ProgramData\NVIDIA
2013-10-01 17:12 - 2013-10-01 17:12 - 00000000 ____D C:\NVIDIA
2013-10-01 17:07 - 2013-10-01 17:07 - 00000000 ____D C:\Windows\Options
2013-10-01 14:20 - 2012-07-19 11:28 - 00000000 ____D C:\Users\James Brown\AppData\Roaming\Spotify
2013-10-01 01:08 - 2013-08-08 18:17 - 00000446 _____ C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2013-09-29 00:16 - 2013-09-29 00:16 - 00000000 ____D C:\Users\James Brown\Documents\Freemium Driver Utilities
2013-09-29 00:16 - 2013-09-29 00:16 - 00000000 ____D C:\ProgramData\DriversGalaxy
2013-09-29 00:16 - 2013-09-29 00:15 - 00000000 ____D C:\Program Files\SoftwareUpdater
2013-09-29 00:15 - 2013-09-29 00:15 - 00000000 ____D C:\Program Files\WebEnhance
2013-09-29 00:14 - 2013-09-29 00:14 - 00444400 _____ C:\Users\James Brown\Downloads\DLG_free-driver-scout_chip_de-DE.exe
2013-09-28 12:22 - 2009-10-20 19:31 - 00000000 ____D C:\ProgramData\Nero
2013-09-28 12:22 - 2009-10-20 19:31 - 00000000 ____D C:\Program Files\Common Files\Nero
2013-09-28 12:17 - 2009-10-20 19:31 - 00000000 ____D C:\Program Files\Nero
2013-09-28 12:09 - 2013-09-28 12:02 - 00000000 ____D C:\ProgramData\SystemExplorer
2013-09-28 12:02 - 2013-09-28 12:02 - 02061008 _____ (Mister Group ) C:\Users\James Brown\Downloads\SystemExplorerSetup_422.exe
2013-09-28 12:02 - 2013-09-28 12:02 - 00000000 ____D C:\Program Files\System Explorer
2013-09-28 11:23 - 2013-09-28 00:15 - 00000000 ____D C:\ProgramData\ParetoLogic
2013-09-28 03:33 - 2012-07-19 11:29 - 00000000 ____D C:\Users\James Brown\AppData\Local\Spotify
2013-09-28 01:12 - 2013-09-28 01:12 - 00039546 _____ C:\Users\James Brown\Documents\cc_20130928_011156.reg
2013-09-28 00:15 - 2013-09-28 00:15 - 00000000 ____D C:\Users\James Brown\AppData\Roaming\ParetoLogic
2013-09-28 00:15 - 2013-09-28 00:15 - 00000000 ____D C:\Users\James Brown\AppData\Roaming\DriverCure
2013-09-28 00:13 - 2013-09-28 00:13 - 05249448 _____ (ParetoLogic Inc.) C:\Users\James Brown\Downloads\ParetoLogic PC Health Advisor_de.exe
2013-09-26 10:28 - 2013-09-26 10:28 - 00001854 _____ C:\Users\Public\Desktop\MyPhoneExplorer.lnk
2013-09-26 10:28 - 2013-09-26 10:28 - 00000000 ____D C:\Users\James Brown\.android
2013-09-26 10:28 - 2012-10-13 11:37 - 00000000 ____D C:\Program Files\MyPhoneExplorer
2013-09-26 10:26 - 2013-09-26 10:26 - 07080248 _____ C:\Users\James Brown\Downloads\MyPhoneExplorer_Setup_1.8.5.exe
2013-09-25 22:37 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\LogFiles
2013-09-25 19:53 - 2013-09-25 19:53 - 00000000 _____ C:\Windows\setuperr.log
2013-09-24 17:21 - 2011-08-18 03:30 - 00000000 ____D C:\Program Files\GridinSoft Trojan Killer
2013-09-24 17:12 - 2012-01-12 22:20 - 00000000 ____D C:\Program Files\PDFCreator
2013-09-24 17:12 - 2010-09-30 15:17 - 00000000 ____D C:\Program Files\Steam
2013-09-24 17:12 - 2008-07-02 18:12 - 00000000 ____D C:\Windows\panther
2013-09-24 17:06 - 2013-09-24 17:07 - 04454952 _____ (Piriform Ltd) C:\Users\James Brown\Downloads\ccsetup405.exe
2013-09-24 16:07 - 2012-04-27 09:54 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-09-22 00:32 - 2013-09-22 00:32 - 00000000 ____D C:\Program Files\CPUID
2013-09-22 00:30 - 2013-09-22 00:30 - 00614816 _____ C:\Users\James Brown\Downloads\CPU Z - CHIP-Downloader.exe
2013-09-21 02:40 - 2009-06-17 02:57 - 00001971 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-18 18:42 - 2013-09-18 18:42 - 00000000 ____D C:\Program Files\Lavalys
2013-09-18 18:40 - 2013-09-18 18:39 - 04179293 _____ (Lavalys, Inc. ) C:\Users\James Brown\Downloads\everesthome220.exe
2013-09-18 12:07 - 2013-09-18 12:07 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-11 15:15 - 2012-05-18 11:46 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-09-11 15:15 - 2011-06-01 17:47 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-09-11 15:10 - 2006-11-02 14:47 - 00355392 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-11 15:03 - 2006-11-02 12:23 - 00000240 _____ C:\Windows\win.ini
2013-09-11 14:55 - 2013-08-07 12:51 - 00000000 ____D C:\Windows\system32\MRT
2013-09-11 14:50 - 2006-11-02 12:24 - 76725432 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-09-05 14:49 - 2013-03-25 16:27 - 00000000 ____D C:\Users\James Brown\Desktop\Diplomarbeit

Files to move or delete:
====================
C:\ProgramData\ezsid.dat

Some content of TEMP:
====================
C:\Users\James Brown\AppData\Local\Temp\vmpremov.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-10-02 12:50

==================== End Of Log ============================

Falls abgesehen davon noch irgendetwas auffallen sollte wär ich froh wenn ihr mich davon unterrichten könntet.

Vielen Dank für die Hilfe!

SoftwareUpdater.UI.exe erscheint bei jedem Neustart.

Log-Analyse und Auswertung: SoftwareUpdater.UI.exe erscheint bei jedem Neustart.

SoftwareUpdater.UI.exe erscheint bei jedem Neustart.

Ähnliche Themen: SoftwareUpdater.UI.exe erscheint bei jedem Neustart.