|
Plagegeister aller Art und deren Bekämpfung: Problem mit Bild, Bildschirm oft schwarz !Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
28.04.2014, 16:53 | #1 |
| Problem mit Bild, Bildschirm oft schwarz ! Guten Abend zusammen, alles begann gestern Abend, ich ging essen und ließ meinen Pc ganz normal laufen. Als ich wieder in meinem Zimmer war, war der Bildschirm schwarz. Pc war aber noch an und funktionsfähig, hab musik wiedergeben können mit Play-Taste der Tastatur. Mein Pc (win 7 64-bit) ist mit HDMI-Kabel mit meinem Monitor verbunden. Habe versucht durch neustarts des Pcs und Bildschirms vllt. ein Bild zu bekommen, jedoch vergeblich. Habe dann meine PS3 gestartet und siehe da, sie lief über HDMI eingang, mit Bild versteht sich. Anschließend versuchte ich es mit einem VGA-Kabel, Bild kam zwar, jedoch die Farben passten nicht und ständig war das Bild wieder weg, schwarz oder nur mein Desktophintergrund zu sehen. Dann habe ich schluss gemacht. Jetzt eben bin ich heim gekommen und habe es versucht (HDMI und VGA angeschlossen) es kam Bild bei beiden Eingängen jedoch das gleiche Spiel, immer wieder Schwarz oder nur Desktophintergrund zu sehen, Farbtöne passen jedoch, diese sind nur über VGA komisch. Ich weiß nicht weiter und habe keine Ahnung an was es liegt, weswegen ich auch nicht weiß ob ich in der richtigen Kategorie bin. Aber könnte es ein "Plagegeist sein" ? Mein AVAST hatte am Samstag bei einem kompletten Scan 4 infizierte Dateien gefunden. Grus Chris |
28.04.2014, 18:29 | #2 |
/// the machine /// TB-Ausbilder | Problem mit Bild, Bildschirm oft schwarz ! hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
28.04.2014, 19:49 | #3 |
| Problem mit Bild, Bildschirm oft schwarz ! Ok erst mal danke für deine schnelle Antwort und Hilfe
__________________Hier jetzt die txt. : FRST FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-04-2014 Ran by Christian (administrator) on CHRIS-PC on 28-04-2014 20:40:44 Running from C:\Users\Christian\Desktop Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe () C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe (Abelssoft) C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe () C:\Users\Christian\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe () C:\Users\Christian\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe (DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8067616 2009-08-18] (Realtek Semiconductor) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [7406392 2012-11-29] (Logitech Inc.) HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [BCU] => C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe [346320 2009-08-04] (DeviceVM, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-04-23] (AVAST Software) HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5545328 2014-02-28] (Western Digital Technologies, Inc.) HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694080 2013-07-10] (Western Digital Technologies, Inc.) HKLM-x32\...\RunOnce: [20131224] - C:\Program Files\AVAST Software\Avast\setup\emupdate\c55709db-b041-48d3-9a9d-d5adcfc633e3.exe /check [181136 2014-04-28] (AVAST Software) HKU\S-1-5-21-112228590-1735457731-3987380992-1001\...\Run: [Facebook Update] => C:\Users\Christian\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-03-02] (Facebook Inc.) HKU\S-1-5-21-112228590-1735457731-3987380992-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-112228590-1735457731-3987380992-1001\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\Christian\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] () HKU\S-1-5-21-112228590-1735457731-3987380992-1001\...\Run: [Amazon Cloud Player] => C:\Users\Christian\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3140608 2014-01-14] () HKU\S-1-5-21-112228590-1735457731-3987380992-1001\...\MountPoints2: {30dbe812-3ede-11e2-bbf9-00241ddda2b0} - "J:\WD Drive Unlock.exe" autoplay=true HKU\S-1-5-21-112228590-1735457731-3987380992-1001\...\MountPoints2: {3aa6e82c-98b8-11e3-a740-00241ddda2b0} - "J:\WD Drive Unlock.exe" autoplay=true HKU\S-1-5-21-112228590-1735457731-3987380992-1001\...\MountPoints2: {b79cf10a-c44f-11e2-a4dd-00241ddda2b0} - I:\Startme.exe HKU\S-1-5-21-112228590-1735457731-3987380992-1001\...\MountPoints2: {eda59581-3d8f-11e3-bb05-00241ddda2b0} - I:\SETUP.EXE HKU\S-1-5-21-112228590-1735457731-3987380992-1003\...\MountPoints2: {f7cca8ff-3e1b-11e2-bbde-806e6f6e6963} - D:\Run.exe ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xED17A95B35D2CD01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com URLSearchHook: HKCU - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.) SearchScopes: HKCU - DefaultScope {52D45F27-CC87-4788-8EFA-2A9E2393DD7C} URL = http://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD SearchScopes: HKCU - {52D45F27-CC87-4788-8EFA-2A9E2393DD7C} URL = http://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD SearchScopes: HKCU - {6A2BCD92-7683-4a22-82AC-3520B2AD492C} URL = http://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=1975384696&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms} BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.179.1 FireFox: ======== FF ProfilePath: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\jpn1xfzb.default FF Homepage: google.de FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Christian\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Users\Christian\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.) FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll () FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [] FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ [] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-12-05] Chrome: ======= CHR HomePage: hxxp://www.google.com CHR StartupUrls: "hxxp://www.google.com" CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll () CHR Plugin: (Free Studio) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\np_dvs_plugin.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File CHR Plugin: (Java(TM) Platform SE 7 U9) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll No File CHR Plugin: (Java Deployment Toolkit 7.0.90.5) - C:\Windows\SysWOW64\npDeployJava1.dll No File CHR Extension: (Google Drive) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-04] CHR Extension: (YouTube) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-04] CHR Extension: (Google-Suche) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-04] CHR Extension: (Grand Theft Auto V Theme) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fifpefgiomhnkmkkcldjopjcfadhmhhn [2013-10-06] CHR Extension: (avast! Online Security) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-05-20] CHR Extension: (WEB.DE MailCheck) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaogepninmlbinccpbiakcgiolijlllo [2014-03-15] CHR Extension: (Freemake Video Converter) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj [2013-05-12] CHR Extension: (SweetIM for Facebook) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn [2013-01-02] CHR Extension: (DVDVideoSoft) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-08-06] CHR Extension: (Google Wallet) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-29] CHR Extension: (Google Mail) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-04] CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-08-06] CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-02-09] CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [2013-01-02] ==================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-23] (AVAST Software) R2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] () R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation) R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-02-28] (Western Digital Technologies, Inc.) R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [271728 2014-02-28] (Western Digital Technologies, Inc.) ==================== Drivers (Whitelisted) ==================== R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-04-23] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-23] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-23] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-23] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-23] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-23] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-04-23] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-04-23] () R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66360 2012-10-03] (Logitech Inc.) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation) S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2013-03-07] () S3 pwdspio; C:\Windows\system32\pwdspio.sys [9584 2013-03-07] () R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) S3 netr28ux; system32\DRIVERS\netr28ux.sys [X] S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-28 20:40 - 2014-04-28 20:40 - 00018223 _____ () C:\Users\Christian\Desktop\FRST.txt 2014-04-28 20:40 - 2014-04-28 20:40 - 00000000 ____D () C:\FRST 2014-04-28 20:39 - 2014-04-28 20:39 - 02061824 _____ (Farbar) C:\Users\Christian\Desktop\FRST64.exe 2014-04-27 14:53 - 2014-04-27 14:53 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-04-27 14:53 - 2014-04-27 14:53 - 00000000 ____D () C:\Users\Christian\AppData\Local\Skype 2014-04-27 14:53 - 2014-04-27 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-04-26 23:55 - 2014-04-27 00:03 - 00000000 ____D () C:\Users\Christian\Documents\DayZ 2014-04-26 23:55 - 2014-04-26 23:59 - 00000000 ____D () C:\Users\Christian\AppData\Local\DayZ 2014-04-26 22:00 - 2014-04-26 22:00 - 00000047 _____ () C:\Users\Christian\AppData\Roaming\WB.CFG 2014-04-26 21:00 - 2014-04-28 20:00 - 00000306 _____ () C:\Windows\Tasks\MySearchDial.job 2014-04-26 21:00 - 2014-04-26 21:00 - 00003254 _____ () C:\Windows\System32\Tasks\MySearchDial 2014-04-26 21:00 - 2014-04-26 21:00 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\mysearchdial 2014-04-26 21:00 - 2014-04-26 21:00 - 00000000 ____D () C:\Program Files (x86)\Mysearchdial 2014-04-26 20:59 - 2014-04-26 20:59 - 00615384 _____ ( ) C:\Users\Christian\Downloads\FreeYouTubeToMP3Converter(3).exe 2014-04-26 20:19 - 2014-04-26 23:15 - 00000000 ____D () C:\Users\Christian\Desktop\Youtube converter 2014-04-24 20:45 - 2014-04-24 20:45 - 00000000 __SHD () C:\Users\Christian\AppData\Local\EmieUserList 2014-04-24 20:45 - 2014-04-24 20:45 - 00000000 __SHD () C:\Users\Christian\AppData\Local\EmieSiteList 2014-04-23 21:22 - 2014-04-23 21:22 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-04-23 21:22 - 2014-04-23 21:22 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2014-04-23 21:02 - 2014-04-23 21:02 - 00000000 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log 2014-04-11 18:03 - 2014-04-11 18:04 - 00000000 ____D () C:\Users\Christian\Documents\RB 2014-04-11 17:41 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-04-11 17:41 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-04-11 17:40 - 2014-03-06 12:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-04-11 17:40 - 2014-03-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-04-11 17:40 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-04-11 17:40 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-04-11 17:40 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-04-11 17:40 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-04-11 17:40 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-04-11 17:40 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-04-11 17:40 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-04-11 17:40 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-04-11 17:40 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-04-11 17:40 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-04-11 17:40 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-04-11 17:40 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-04-11 17:40 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-04-11 17:40 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-04-11 17:40 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-04-11 17:40 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-04-11 17:40 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-04-11 17:40 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-04-11 17:40 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-04-11 17:40 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-04-11 17:40 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-04-11 17:40 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-04-11 17:40 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-04-11 17:40 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-04-11 17:40 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-04-11 17:40 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-04-11 17:40 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-04-11 17:40 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-04-11 17:40 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-04-11 17:40 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-04-11 17:40 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-04-11 17:40 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-04-11 17:40 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-04-11 17:40 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-04-11 17:40 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-04-11 17:40 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-04-11 17:40 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-04-11 17:40 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-04-11 17:40 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-04-11 17:40 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-04-11 17:40 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-04-11 17:40 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-04-11 17:40 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-04-11 17:40 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-04-10 20:24 - 2014-04-14 20:43 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\dvdcss 2014-04-09 17:21 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2014-04-09 17:21 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2014-04-09 17:21 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2014-04-09 17:21 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2014-04-09 17:21 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2014-04-09 17:21 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2014-04-09 17:21 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2014-04-09 17:21 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2014-04-09 17:21 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2014-04-09 17:21 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2014-04-09 17:21 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2014-04-09 17:21 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2014-04-09 17:21 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2014-04-09 17:21 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys 2014-04-09 17:21 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll 2014-04-09 17:21 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll 2014-04-09 17:21 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2014-04-06 20:22 - 2014-03-04 13:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2014-04-06 20:09 - 2014-04-07 20:29 - 00000000 ____D () C:\Users\Christian\Desktop\Curtain Call - The Hits 2014-04-06 20:09 - 2014-04-06 20:10 - 00000000 ____D () C:\Users\Christian\Desktop\The Marshall Mathers LP 2 ==================== One Month Modified Files and Folders ======= 2014-04-28 20:40 - 2014-04-28 20:40 - 00018223 _____ () C:\Users\Christian\Desktop\FRST.txt 2014-04-28 20:40 - 2014-04-28 20:40 - 00000000 ____D () C:\FRST 2014-04-28 20:39 - 2014-04-28 20:39 - 02061824 _____ (Farbar) C:\Users\Christian\Desktop\FRST64.exe 2014-04-28 20:38 - 2009-07-14 06:51 - 00147401 _____ () C:\Windows\setupact.log 2014-04-28 20:17 - 2012-12-04 17:43 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-04-28 20:15 - 2013-03-02 18:10 - 00000944 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-112228590-1735457731-3987380992-1001UA.job 2014-04-28 20:15 - 2012-12-04 16:10 - 01461183 _____ () C:\Windows\WindowsUpdate.log 2014-04-28 20:00 - 2014-04-26 21:00 - 00000306 _____ () C:\Windows\Tasks\MySearchDial.job 2014-04-28 20:00 - 2013-09-16 17:06 - 00033299 _____ () C:\Users\Christian\Network_Meter_Data.js 2014-04-28 19:51 - 2012-12-04 20:09 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-04-28 19:37 - 2012-12-04 21:12 - 00000254 _____ () C:\service.log 2014-04-28 17:51 - 2012-12-04 20:09 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-04-28 17:36 - 2009-07-14 06:45 - 00023168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-04-28 17:36 - 2009-07-14 06:45 - 00023168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-04-28 17:28 - 2013-04-11 19:34 - 00000296 _____ () C:\Windows\Tasks\CheckDriveBackgroundGuard.job 2014-04-28 17:27 - 2014-02-18 19:25 - 00008192 _____ () C:\Windows\SysWOW64\WDPABKP.dat 2014-04-28 17:26 - 2012-12-04 21:44 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys 2014-04-28 17:26 - 2012-12-04 17:50 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-04-28 17:26 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-04-27 21:23 - 2013-09-15 21:15 - 00000026 _____ () C:\Users\Christian\AppData\Roaming\Network Meter_Usage.ini 2014-04-27 19:55 - 2012-12-09 14:20 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\vlc 2014-04-27 19:19 - 2012-12-09 12:35 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-04-27 19:14 - 2012-12-10 16:24 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\Skype 2014-04-27 17:15 - 2013-03-02 18:10 - 00000922 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-112228590-1735457731-3987380992-1001Core.job 2014-04-27 14:53 - 2014-04-27 14:53 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-04-27 14:53 - 2014-04-27 14:53 - 00000000 ____D () C:\Users\Christian\AppData\Local\Skype 2014-04-27 14:53 - 2014-04-27 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-04-27 14:53 - 2012-12-10 16:24 - 00000000 ____D () C:\ProgramData\Skype 2014-04-27 14:52 - 2012-12-25 12:59 - 00001109 _____ () C:\Users\Christian\Desktop\Serien.txt 2014-04-27 13:04 - 2012-12-10 21:20 - 00000000 ____D () C:\Users\Christian\AppData\Local\Adobe 2014-04-27 13:04 - 2012-12-04 17:43 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-04-27 13:03 - 2012-12-04 17:43 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-04-27 13:03 - 2012-12-04 17:43 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-04-27 00:03 - 2014-04-26 23:55 - 00000000 ____D () C:\Users\Christian\Documents\DayZ 2014-04-27 00:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\LiveKernelReports 2014-04-26 23:59 - 2014-04-26 23:55 - 00000000 ____D () C:\Users\Christian\AppData\Local\DayZ 2014-04-26 23:54 - 2012-12-06 19:57 - 00236613 _____ () C:\Windows\DirectX.log 2014-04-26 23:15 - 2014-04-26 20:19 - 00000000 ____D () C:\Users\Christian\Desktop\Youtube converter 2014-04-26 22:00 - 2014-04-26 22:00 - 00000047 _____ () C:\Users\Christian\AppData\Roaming\WB.CFG 2014-04-26 21:45 - 2012-12-10 15:46 - 00000000 ___RD () C:\Users\Christian\Desktop\Games 2014-04-26 21:10 - 2012-12-10 15:55 - 00000000 ___RD () C:\Users\Christian\Desktop\Programme 2014-04-26 21:00 - 2014-04-26 21:00 - 00003254 _____ () C:\Windows\System32\Tasks\MySearchDial 2014-04-26 21:00 - 2014-04-26 21:00 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\mysearchdial 2014-04-26 21:00 - 2014-04-26 21:00 - 00000000 ____D () C:\Program Files (x86)\Mysearchdial 2014-04-26 21:00 - 2013-08-06 11:40 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft 2014-04-26 21:00 - 2012-12-15 16:26 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\DVDVideoSoft 2014-04-26 21:00 - 2012-12-15 16:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2014-04-26 20:59 - 2014-04-26 20:59 - 00615384 _____ ( ) C:\Users\Christian\Downloads\FreeYouTubeToMP3Converter(3).exe 2014-04-24 20:45 - 2014-04-24 20:45 - 00000000 __SHD () C:\Users\Christian\AppData\Local\EmieUserList 2014-04-24 20:45 - 2014-04-24 20:45 - 00000000 __SHD () C:\Users\Christian\AppData\Local\EmieSiteList 2014-04-23 21:22 - 2014-04-23 21:22 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-04-23 21:22 - 2014-04-23 21:22 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2014-04-23 21:22 - 2014-02-24 18:47 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2014-04-23 21:22 - 2013-03-14 15:03 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-04-23 21:22 - 2013-03-14 15:03 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-04-23 21:22 - 2012-12-05 17:48 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2014-04-23 21:22 - 2012-12-05 17:48 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2014-04-23 21:22 - 2012-12-05 17:48 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2014-04-23 21:22 - 2012-12-05 17:48 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-04-23 21:22 - 2012-12-05 17:48 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-04-23 21:22 - 2012-12-04 20:08 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-04-23 21:02 - 2014-04-23 21:02 - 00000000 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log 2014-04-23 21:02 - 2013-10-01 22:06 - 00000000 ____D () C:\Program Files (x86)\Java 2014-04-14 20:43 - 2014-04-10 20:24 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\dvdcss 2014-04-14 17:27 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-04-11 21:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-04-11 18:04 - 2014-04-11 18:03 - 00000000 ____D () C:\Users\Christian\Documents\RB 2014-04-10 19:07 - 2012-12-18 16:24 - 00000000 ____D () C:\Users\Christian\AppData\Local\CrashDumps 2014-04-10 17:54 - 2012-12-04 20:12 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-04-09 21:43 - 2013-08-14 14:01 - 00000000 ____D () C:\Windows\system32\MRT 2014-04-09 21:41 - 2012-12-04 18:10 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-04-07 20:29 - 2014-04-06 20:09 - 00000000 ____D () C:\Users\Christian\Desktop\Curtain Call - The Hits 2014-04-07 20:23 - 2012-12-04 20:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2014-04-06 20:22 - 2012-12-04 18:54 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-04-06 20:10 - 2014-04-06 20:09 - 00000000 ____D () C:\Users\Christian\Desktop\The Marshall Mathers LP 2 2014-04-02 19:49 - 2012-12-04 20:37 - 00545624 _____ () C:\Windows\PFRO.log 2014-04-01 17:46 - 2012-12-04 20:09 - 00004112 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-04-01 17:46 - 2012-12-04 20:09 - 00003860 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-03-31 17:04 - 2009-07-14 19:58 - 00699416 _____ () C:\Windows\system32\perfh007.dat 2014-03-31 17:04 - 2009-07-14 19:58 - 00149556 _____ () C:\Windows\system32\perfc007.dat 2014-03-31 17:04 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-03-31 09:35 - 2012-12-04 17:41 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe Files to move or delete: ==================== C:\Users\Christian\Network_Meter_Data.js Some content of TEMP: ==================== C:\Users\Christian\AppData\Local\Temp\AskSLib.dll C:\Users\Christian\AppData\Local\Temp\CmdLineExt02.dll C:\Users\Christian\AppData\Local\Temp\drm_dyndata_7380014.dll C:\Users\Christian\AppData\Local\Temp\drm_dyndata_7410004.dll C:\Users\Christian\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp0zhl6y.dll C:\Users\Christian\AppData\Local\Temp\FreemakeVideoConverter_3.2.1.5.exe C:\Users\Christian\AppData\Local\Temp\FreemakeVideoConverter_4.0.1.1.exe C:\Users\Christian\AppData\Local\Temp\i4jdel0.exe C:\Users\Christian\AppData\Local\Temp\JDownloaderSetup.exe C:\Users\Christian\AppData\Local\Temp\jre-7u10-windows-i586-iftw.exe C:\Users\Christian\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe C:\Users\Christian\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe C:\Users\Christian\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe C:\Users\Christian\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe C:\Users\Christian\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe C:\Users\Christian\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe C:\Users\Christian\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe C:\Users\Christian\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe C:\Users\Christian\AppData\Local\Temp\mgsqlite3.dll C:\Users\Christian\AppData\Local\Temp\NOSEventMessages.dll C:\Users\Christian\AppData\Local\Temp\nv3DVStreaming.dll C:\Users\Christian\AppData\Local\Temp\nvSCPAPI.dll C:\Users\Christian\AppData\Local\Temp\nvStereoApiI.dll C:\Users\Christian\AppData\Local\Temp\nvStInst.exe C:\Users\Christian\AppData\Local\Temp\ose00000.exe C:\Users\Christian\AppData\Local\Temp\Shortcut_bundlesweetimsetup.exe C:\Users\Christian\AppData\Local\Temp\SIMEEI2Installer.exe C:\Users\Christian\AppData\Local\Temp\SIMEEIInstaller.exe C:\Users\Christian\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-04-27 14:23 ==================== End Of Log ============================ Addition Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-04-2014 Ran by Christian at 2014-04-28 20:41:05 Running from C:\Users\Christian\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== 3DMark 11 (HKLM-x32\...\{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}) (Version: 1.0.3 - Futuremark Corporation) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated) Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated) Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated) Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated) Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.3.0.422 - Amazon Services LLC) Amazon MP3-Downloader 1.0.18 (HKCU\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC) avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2018 - Avast Software) Browser Configuration Utility (HKLM-x32\...\{5B363E1D-8C36-4458-BAE4-D5081999E094}) (Version: 1.1.11.0 - DeviceVM) Call of Duty: Black Ops - Multiplayer (HKLM-x32\...\Steam App 42710) (Version: - Treyarch) Call of Duty: Black Ops (HKLM-x32\...\Steam App 42700) (Version: - Treyarch) Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward) Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version: - Infinity Ward) Call of Juarez: The Cartel (HKLM-x32\...\Steam App 33420) (Version: - Techland) CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden Camtasia Studio 8 (HKLM-x32\...\{CB2B4C2B-0805-4E06-873D-CECB046A5BE8}) (Version: 8.0.2.964 - TechSmith Corporation) CheckDrive (HKLM-x32\...\{B83513EC-2E4D-4621-816D-4CCF397BE702}_is1) (Version: 3.0 - Abelssoft) DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive) Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.50.56 - Electronic Arts) Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.13.1 - Electronic Arts) Dropbox (HKCU\...\Dropbox) (Version: 2.6.2 - Dropbox, Inc.) EA Download Manager (HKLM-x32\...\EADM) (Version: 5.0.0.255 - Electronic Arts, Inc.) EasySaver B9.0904.1 (HKLM-x32\...\{07300F01-89CA-4CF8-92BD-2A605EB83C95}) (Version: 1.00.0000 - Gigabyte) erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited) Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.05 - Ubisoft) Flixster (HKLM-x32\...\com.wb.DC2) (Version: 0.1.26 - Warner Bros. Entertainment Inc.) Flixster (x32 Version: 0.1.26 - Warner Bros. Entertainment Inc.) Hidden Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.) Free YouTube Download version 3.2.0.128 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.0.128 - DVDVideoSoft Ltd.) Free YouTube to MP3 Converter version 3.12.33.424 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.33.424 - DVDVideoSoft Ltd.) Freemake Video Converter Version 4.0.1 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.0.1 - Ellora Assets Corporation) Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.6.0 - Futuremark Corporation) GeForce Experience NvStream Client Components (Version: 0.1.87 - NVIDIA Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.) Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games) Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden Grand Theft Auto Vice City (HKLM-x32\...\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}) (Version: 1.00.000 - ) Grand Theft Auto: Episodes From Liberty City (HKLM-x32\...\{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}) (Version: 1.1.0.0 - Rockstar Games) Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version: - Square Enix) HP Deskjet 3050A J611 series - Grundlegende Software für das Gerät (HKLM\...\{61ADDE9C-3AE6-46FC-9127-DFFF637AED03}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Deskjet 3050A J611 series Hilfe (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard) HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.510 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH) L.A. Noire (HKLM-x32\...\{915726DF-7891-444A-AA03-0DF1D64F561A}) (Version: 1.00.0000 - Rockstar Games) Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve) Logitech Gaming Software (Version: 8.40.83 - Logitech Inc.) Hidden Logitech Gaming Software 8.40 (HKLM\...\Logitech Gaming Software) (Version: 8.40.83 - Logitech Inc.) Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.) LWS Facebook (x32 Version: 13.50.854.0 - Logitech) Hidden LWS Gallery (x32 Version: 13.51.827.0 - Logitech) Hidden LWS Help_main (x32 Version: 13.51.828.0 - Logitech) Hidden LWS Launcher (x32 Version: 13.51.828.0 - Logitech) Hidden LWS Motion Detection (x32 Version: 13.51.815.0 - Logitech) Hidden LWS Pictures And Video (x32 Version: 13.51.815.0 - Logitech) Hidden LWS Twitter (x32 Version: 13.30.1346.0 - Logitech) Hidden LWS Webcam Software (x32 Version: 13.51.815.0 - Logitech) Hidden LWS WLM Plugin (x32 Version: 1.30.1201.0 - Logitech) Hidden LWS YouTube Plugin (x32 Version: 13.31.1038.0 - Logitech) Hidden Metro 2033 (HKLM-x32\...\Steam App 43110) (Version: - THQ) Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla) MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Mysearchdial (HKLM-x32\...\mysearchdial) (Version: - Mysearchdial) <==== ATTENTION NVIDIA 3D Vision Controller-Treiber 326.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 326.01 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation) NVIDIA GeForce Experience 1.6.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.6.1 - NVIDIA Corporation) NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.145.1024 - NVIDIA Corporation) Hidden NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation) NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation) NVIDIA Update Components (Version: 8.3.14 - NVIDIA Corporation) Hidden NVIDIA Virtual Audio 1.2.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.5 - NVIDIA Corporation) OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation) Opera 12.14 (HKLM\...\Opera 12.14.1738) (Version: 12.14.1738 - Opera Software ASA) Pflanzen gegen Zombies (HKLM-x32\...\Pflanzen gegen Zombies) (Version: - PopCap Games) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0008 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5919 - Realtek Semiconductor Corp.) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.1 - Rockstar Games) Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version: - Volition) SHIELD Streaming (Version: 1.05.28 - NVIDIA Corporation) Hidden SIW version 2011.10.29 (HKLM-x32\...\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1) (Version: 2011.10.29 - Topala Software Solutions) Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.) Sony Pictures Download Manager (HKCU\...\739488040.redeem.sonypicturesstore.com) (Version: - redeem.sonypicturesstore.com) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation) Tt eSPORTS Challenger Ultimate (HKLM-x32\...\{D65D9706-6D6D-42E8-A11A-63E3AFECBBC1}) (Version: 2.0.2.0 - Tt eSPORTS) Uplay (HKLM-x32\...\Uplay) (Version: 4.0 - Ubisoft) VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes) VLC media player 2.0.4 (HKLM\...\VLC media player) (Version: 2.0.4 - VideoLAN) WD Drive Utilities (HKLM-x32\...\{72E40002-8CEC-47C1-A099-83AC8E173BF0}) (Version: 1.0.3.3 - Western Digital Technologies, Inc.) WD Quick View (HKLM-x32\...\{C0D71DFA-F9D4-45C2-A6C9-DAE2212766EE}) (Version: 2.3.0.20 - Western Digital Technologies, Inc.) WD Security (HKLM-x32\...\{8A7B24E8-864E-4794-95C4-17644D0991AA}) (Version: 1.0.6.3 - Western Digital Technologies, Inc.) WD SmartWare (HKLM\...\{50469799-BDF0-4F98-BCC4-80FC3F1F14E1}) (Version: 2.3.0.20 - Western Digital Technologies, Inc.) WD SmartWare Installer (HKLM-x32\...\{1ec9e03a-452b-48fb-8e1b-27ee0477985f}) (Version: 2.3.0.20 - Western Digital Technologies, Inc.) Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation) WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH) ZOTAC FireStorm (HKLM-x32\...\ZOTAC FireStorm) (Version: - ) ==================== Restore Points ========================= 15-04-2014 16:36:17 Windows Update 23-04-2014 18:23:50 Windows Update 23-04-2014 19:02:09 Installed Java 7 Update 55 23-04-2014 19:22:05 avast! antivirus system restore point 26-04-2014 21:52:20 DirectX wurde installiert ==================== Hosts content: ========================== 2012-07-23 19:03 - 2012-07-23 19:07 - 00003802 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 activation.cloud.techsmith.com 127.0.0.1 activate.adobe.com 127.0.0.1 ereg.adobe.com 127.0.0.1 activate.wip3.adobe.com 127.0.0.1 wip3.adobe.com 127.0.0.1 3dns-3.adobe.com 127.0.0.1 3dns-2.adobe.com 127.0.0.1 adobe-dns.adobe.com 127.0.0.1 adobe-dns-2.adobe.com 127.0.0.1 adobe-dns-3.adobe.com 127.0.0.1 ereg.wip3.adobe.com 127.0.0.1 activate-sea.adobe.com 127.0.0.1 wwis-dubc1-vip60.adobe.com 127.0.0.1 activate-sjc0.adobe.com 127.0.0.1 wwis-dubc1-vip60.adobe.com 127.0.0.1 activate.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 ereg.adobe.com 127.0.0.1 activate.wip3.adobe.com 127.0.0.1 wip3.adobe.com 127.0.0.1 3dns-3.adobe.com 127.0.0.1 3dns-2.adobe.com 127.0.0.1 adobe-dns.adobe.com 127.0.0.1 adobe-dns-2.adobe.com 127.0.0.1 adobe-dns-3.adobe.com 127.0.0.1 ereg.wip3.adobe.com 127.0.0.1 activate-sea.adobe.com 127.0.0.1 wwis-dubc1-vip60.adobe.com 127.0.0.1 activate-sjc0.adobe.com There are 63 more lines. ==================== Scheduled Tasks (whitelisted) ============= Task: {0A4B78C7-52E2-41EB-913B-899B521CBBC0} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-112228590-1735457731-3987380992-1001UA => C:\Users\Christian\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-02] (Facebook Inc.) Task: {4C4BC0DC-D54F-42A7-B4A6-ACA85A2CDEF5} - System32\Tasks\MySearchDial => C:\Users\Christian\AppData\Roaming\mysearchdial\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION Task: {6EA47BBC-34F2-4D5F-93CC-30155389B533} - System32\Tasks\CheckDriveBackgroundGuard => C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe [2012-10-17] (Abelssoft) Task: {7DF5FD25-EC95-487C-B011-AE12EDED7008} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-04] (Google Inc.) Task: {BC87DA28-FF99-4BF1-91DB-8D67C54BAE54} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-04] (Google Inc.) Task: {D4C2548E-96E7-45C8-921F-928A3216892B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-27] (Adobe Systems Incorporated) Task: {F2D8A7F2-F660-4260-BB7C-57EA90D191AB} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-04-23] (AVAST Software) Task: {F84B38AF-296F-4E17-98FD-ED2A20046717} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-112228590-1735457731-3987380992-1001Core => C:\Users\Christian\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-02] (Facebook Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\CheckDriveBackgroundGuard.job => C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-112228590-1735457731-3987380992-1001Core.job => C:\Users\Christian\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-112228590-1735457731-3987380992-1001UA.job => C:\Users\Christian\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\MySearchDial.job => C:\Users\CHRIST~1\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION ==================== Loaded Modules (whitelisted) ============= 2012-12-04 18:54 - 2014-03-04 15:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2012-12-04 21:12 - 2009-08-24 15:38 - 00068136 _____ () C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE 2013-04-11 19:34 - 2012-10-17 11:47 - 00013776 _____ () C:\Program Files (x86)\CheckDrive\AbMessages.dll 2013-04-11 19:34 - 2012-10-17 11:47 - 00585680 _____ () C:\Program Files (x86)\CheckDrive\AbScheduler.dll 2013-06-15 00:51 - 2013-06-15 00:51 - 00012520 _____ () C:\Users\Christian\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\CoreTempReader.dll 2013-06-15 00:51 - 2013-06-15 00:51 - 00015080 _____ () C:\Users\Christian\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\GetCoreTempInfoNET.dll 2013-06-15 00:51 - 2013-06-15 00:51 - 00014056 _____ () C:\Users\Christian\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\SystemInfo.dll 2013-05-22 20:50 - 2013-05-22 20:50 - 00400704 _____ () C:\Users\Christian\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe 2014-01-19 22:46 - 2014-01-14 21:46 - 03140608 _____ () C:\Users\Christian\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe 2014-04-27 12:56 - 2014-04-27 12:56 - 02252800 _____ () C:\Program Files\AVAST Software\Avast\defs\14042700\algo.dll 2014-04-28 17:27 - 2014-04-28 17:27 - 02252800 _____ () C:\Program Files\AVAST Software\Avast\defs\14042800\algo.dll 2012-12-04 21:12 - 2009-03-13 12:30 - 00109096 _____ () C:\Program Files (x86)\Gigabyte\EasySaver\YCC.DLL 2012-12-04 21:13 - 2009-07-30 19:15 - 00503202 _____ () C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\sqlite3.dll 2013-12-01 12:51 - 2013-12-01 12:51 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== Disabled items from MSCONFIG ============== MSCONFIG\startupfolder: C:^Users^Christian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Produktregistrierung.lnk => C:\Windows\pss\Logitech . Produktregistrierung.lnk.Startup MSCONFIG\startupfolder: C:^Users^Christian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Tintenwarnungen überwachen - HP Deskjet 3050A J611 series (Netzwerk).lnk => C:\Windows\pss\Tintenwarnungen überwachen - HP Deskjet 3050A J611 series (Netzwerk).lnk.Startup MSCONFIG\startupreg: BCU => "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" MSCONFIG\startupreg: ChallengerUltimate => "C:\Program Files (x86)\Thermaltake Ttesports Ultimate\Ttsystray3.exe" MSCONFIG\startupreg: ChallengerUltimateOSD => "C:\Program Files (x86)\Thermaltake Ttesports Ultimate\tTOSD2k1001.exe" MSCONFIG\startupreg: HP Deskjet 3050A J611 series (NET) => "C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN15L4B1G805PJ:NW" -scfn "HP Deskjet 3050A J611 series (NET)" -AutoStart 1 MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide MSCONFIG\startupreg: RGSC => C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent MSCONFIG\startupreg: Sweetpacks Communicator => C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe MSCONFIG\startupreg: WD Drive Unlocker => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe MSCONFIG\startupreg: WD Quick View => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe ==================== Faulty Device Manager Devices ============= Name: Qualcomm Atheros AR5005G Wireless Network Adapter Description: Qualcomm Atheros AR5005G Wireless Network Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Qualcomm Atheros Communications Inc. Service: athr Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (04/27/2014 01:03:58 AM) (Source: Application Hang) (User: ) Description: Programm DayZ.exe, Version 0.44.123.800 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 3194 Startzeit: 01cf619b5ece4407 Endzeit: 332 Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ.exe Berichts-ID: Error: (04/27/2014 00:03:27 AM) (Source: Application Hang) (User: ) Description: Programm DayZ.exe, Version 0.44.123.800 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 11d0 Startzeit: 01cf619a2b567d00 Endzeit: 104 Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ.exe Berichts-ID: Error: (04/26/2014 08:18:48 PM) (Source: Google Update) (User: Chris-PC) Description: Network Request Error. Error: 0x80072ee7. Http status code: 0. Url=https://www.facebook.com/omaha/update.php Trying config: source=FireFox, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=IE, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=FireFox, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=IE, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80 Error: (04/24/2014 08:22:45 PM) (Source: Customer Experience Improvement Program) (User: ) Description: 80004005 Error: (04/23/2014 08:37:44 PM) (Source: Customer Experience Improvement Program) (User: ) Description: 80004005 Error: (04/16/2014 07:39:28 PM) (Source: Customer Experience Improvement Program) (User: ) Description: 80004005 Error: (04/15/2014 07:06:27 PM) (Source: Customer Experience Improvement Program) (User: ) Description: 80004005 Error: (04/14/2014 05:05:55 PM) (Source: Customer Experience Improvement Program) (User: ) Description: 80004005 Error: (04/14/2014 04:39:01 PM) (Source: PerfOS) (User: ) Description: Error: (04/12/2014 09:44:08 AM) (Source: Customer Experience Improvement Program) (User: ) Description: 80004005 System errors: ============= Error: (04/27/2014 09:03:42 PM) (Source: EventLog) (User: ) Description: Das System wurde zuvor am 27.04.2014 um 20:52:18 unerwartet heruntergefahren. Error: (04/27/2014 08:47:32 PM) (Source: EventLog) (User: ) Description: Das System wurde zuvor am 27.04.2014 um 20:44:07 unerwartet heruntergefahren. Error: (04/27/2014 08:42:22 PM) (Source: EventLog) (User: ) Description: Das System wurde zuvor am 27.04.2014 um 20:39:31 unerwartet heruntergefahren. Error: (04/27/2014 08:39:31 PM) (Source: EventLog) (User: ) Description: Das System wurde zuvor am 27.04.2014 um 20:37:38 unerwartet heruntergefahren. Error: (04/25/2014 09:49:53 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (04/25/2014 09:49:53 PM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht. Error: (04/14/2014 08:33:49 PM) (Source: cdrom) (User: ) Description: Fehlerhafter Block bei Gerät \Device\CdRom0. Error: (04/14/2014 08:33:36 PM) (Source: cdrom) (User: ) Description: Fehlerhafter Block bei Gerät \Device\CdRom0. Error: (04/14/2014 08:33:24 PM) (Source: cdrom) (User: ) Description: Fehlerhafter Block bei Gerät \Device\CdRom0. Error: (04/14/2014 08:33:12 PM) (Source: cdrom) (User: ) Description: Fehlerhafter Block bei Gerät \Device\CdRom0. Microsoft Office Sessions: ========================= Error: (04/27/2014 01:03:58 AM) (Source: Application Hang)(User: ) Description: DayZ.exe0.44.123.800319401cf619b5ece4407332C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ.exe Error: (04/27/2014 00:03:27 AM) (Source: Application Hang)(User: ) Description: DayZ.exe0.44.123.80011d001cf619a2b567d00104C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ.exe Error: (04/26/2014 08:18:48 PM) (Source: Google Update)(User: Chris-PC) Description: Network Request Error. Error: 0x80072ee7. Http status code: 0. Url=https://www.facebook.com/omaha/update.php Trying config: source=FireFox, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=IE, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=FireFox, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=IE, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80 Error: (04/24/2014 08:22:45 PM) (Source: Customer Experience Improvement Program)(User: ) Description: 80004005 Error: (04/23/2014 08:37:44 PM) (Source: Customer Experience Improvement Program)(User: ) Description: 80004005 Error: (04/16/2014 07:39:28 PM) (Source: Customer Experience Improvement Program)(User: ) Description: 80004005 Error: (04/15/2014 07:06:27 PM) (Source: Customer Experience Improvement Program)(User: ) Description: 80004005 Error: (04/14/2014 05:05:55 PM) (Source: Customer Experience Improvement Program)(User: ) Description: 80004005 Error: (04/14/2014 04:39:01 PM) (Source: PerfOS)(User: ) Description: Error: (04/12/2014 09:44:08 AM) (Source: Customer Experience Improvement Program)(User: ) Description: 80004005 ==================== Memory info =========================== Percentage of memory in use: 18% Total physical RAM: 12285.55 MB Available physical RAM: 9957.1 MB Total Pagefile: 24569.29 MB Available Pagefile: 22063.07 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:698.54 GB) (Free:281.71 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 74C174C6) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=699 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
29.04.2014, 17:20 | #4 |
/// the machine /// TB-Ausbilder | Problem mit Bild, Bildschirm oft schwarz ! Revo Uninstaller - Download - Filepony Damit alles deinstallieren was Du in der Additional.txt findest mit dem Zusatz <== ATTENTION Mit Revo auch Moderat die Reste entfernen lassen. Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
11.05.2014, 09:35 | #5 |
| Problem mit Bild, Bildschirm oft schwarz ! Hallo, die letzte Zeit war ich viel unterwegs und konnte deswegen erst heute weiter machen. Hier die Combofix.txt: Code:
ATTFilter ComboFix 14-05-10.01 - Christian 11.05.2014 9:47.1.6 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.12286.9857 [GMT 2:00] ausgeführt von:: c:\users\Christian\Desktop\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B} SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Neuer Wiederherstellungspunkt wurde erstellt . . ((((((((((((((((((((((( Dateien erstellt von 2014-04-11 bis 2014-05-11 )))))))))))))))))))))))))))))) . . 2014-05-11 07:53 . 2014-05-11 07:53 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2014-05-11 07:53 . 2014-05-11 07:53 -------- d-----w- c:\users\Default\AppData\Local\temp 2014-05-11 07:48 . 2014-05-11 07:48 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B3EE8952-0011-4F63-8074-777CC476E875}\offreg.dll 2014-05-11 07:41 . 2014-04-17 03:31 10651704 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B3EE8952-0011-4F63-8074-777CC476E875}\mpengine.dll 2014-05-08 16:18 . 2014-05-08 16:18 -------- d-----w- c:\program files (x86)\VS Revo Group 2014-05-08 15:54 . 2014-05-08 15:54 -------- d-s---w- c:\windows\system32\CompatTel 2014-05-08 15:52 . 2014-05-08 18:33 -------- d-----w- c:\users\Christian\AppData\Local\ElevatedDiagnostics 2014-05-08 15:46 . 2014-04-14 02:24 465408 ----a-w- c:\windows\system32\aepdu.dll 2014-05-08 15:46 . 2014-04-14 02:19 424448 ----a-w- c:\windows\system32\aeinv.dll 2014-05-04 19:07 . 2014-04-29 14:01 23547904 ----a-w- c:\windows\system32\mshtml.dll 2014-05-04 19:07 . 2014-04-29 13:40 2724864 ----a-w- c:\windows\system32\mshtml.tlb 2014-05-04 19:07 . 2014-04-29 12:34 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb 2014-05-04 18:23 . 2014-05-08 16:15 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin 2014-04-28 18:40 . 2014-04-28 18:41 -------- d-----w- C:\FRST 2014-04-27 12:53 . 2014-04-27 12:53 -------- d-----w- c:\users\Christian\AppData\Local\Skype 2014-04-27 12:53 . 2014-04-27 12:53 -------- d-----w- c:\program files (x86)\Common Files\Skype 2014-04-27 12:53 . 2014-04-27 12:53 -------- d-----r- c:\program files (x86)\Skype 2014-04-26 21:55 . 2014-04-26 21:59 -------- d-----w- c:\users\Christian\AppData\Local\DayZ 2014-04-24 18:45 . 2014-04-24 18:45 -------- d-sh--w- c:\users\Christian\AppData\Local\EmieUserList 2014-04-24 18:45 . 2014-04-24 18:45 -------- d-sh--w- c:\users\Christian\AppData\Local\EmieSiteList 2014-04-23 19:22 . 2014-04-23 19:22 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys 2014-04-23 19:22 . 2014-04-23 19:22 43152 ----a-w- c:\windows\avastSS.scr 2014-04-11 15:41 . 2014-03-06 06:00 359936 ----a-w- c:\program files\Internet Explorer\IEShims.dll 2014-04-11 15:41 . 2014-03-06 05:50 257536 ----a-w- c:\program files (x86)\Internet Explorer\IEShims.dll 2014-04-11 15:41 . 2014-03-06 08:32 574976 ----a-w- c:\windows\system32\ieui.dll . . . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2014-05-11 07:39 . 2013-09-16 15:06 33848 ----a-w- c:\users\Christian\Network_Meter_Data.js 2014-05-11 07:34 . 2012-12-04 19:44 25640 ----a-w- c:\windows\gdrv.sys 2014-05-08 16:17 . 2012-12-04 15:43 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2014-05-08 16:17 . 2012-12-04 15:43 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2014-04-23 19:22 . 2014-02-24 16:47 85328 ----a-w- c:\windows\system32\drivers\aswStm.sys 2014-04-23 19:22 . 2013-03-14 13:03 208416 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2014-04-23 19:22 . 2013-03-14 13:03 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys 2014-04-23 19:22 . 2012-12-05 15:48 423240 ----a-w- c:\windows\system32\drivers\aswSP.sys 2014-04-23 19:22 . 2012-12-05 15:48 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2014-04-23 19:22 . 2012-12-05 15:48 1039096 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2014-04-23 19:22 . 2012-12-05 15:48 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2014-04-23 19:22 . 2012-12-04 18:08 334648 ----a-w- c:\windows\system32\aswBoot.exe 2014-04-09 19:41 . 2012-12-04 16:10 90655440 ----a-w- c:\windows\system32\MRT.exe 2014-03-31 07:35 . 2012-12-04 15:41 270496 ------w- c:\windows\system32\MpSigStub.exe 2014-03-20 21:03 . 2012-12-04 16:54 62408 ----a-w- c:\windows\system32\OpenCL.dll 2014-03-20 21:03 . 2012-12-04 16:54 54216 ----a-w- c:\windows\SysWow64\OpenCL.dll 2014-03-20 21:03 . 2014-03-20 21:03 15783992 ----a-w- c:\windows\SysWow64\nvwgf2um.dll 2014-03-20 21:03 . 2012-10-10 20:23 18302384 ----a-w- c:\windows\system32\nvwgf2umx.dll 2014-03-20 21:03 . 2014-03-20 21:03 832936 ----a-w- c:\windows\SysWow64\nvumdshim.dll 2014-03-20 21:03 . 2012-10-10 20:23 947808 ----a-w- c:\windows\system32\nvumdshimx.dll 2014-03-20 21:03 . 2014-03-20 21:03 9690424 ----a-w- c:\windows\SysWow64\nvopencl.dll 2014-03-20 21:03 . 2014-03-20 21:03 11589272 ----a-w- c:\windows\system32\nvopencl.dll 2014-03-20 21:02 . 2013-01-26 20:38 31474976 ----a-w- c:\windows\system32\nvoglv64.dll 2014-03-20 21:02 . 2014-03-20 21:02 353504 ----a-w- c:\windows\system32\nvoglshim64.dll 2014-03-20 21:02 . 2014-03-20 21:02 305600 ----a-w- c:\windows\SysWow64\nvoglshim32.dll 2014-03-20 21:02 . 2014-03-20 21:02 23716640 ----a-w- c:\windows\SysWow64\nvoglv32.dll 2014-03-20 21:02 . 2014-03-20 21:02 12708128 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2014-03-20 21:02 . 2014-03-20 21:02 892704 ----a-w- c:\windows\system32\NvIFR64.dll 2014-03-20 21:02 . 2014-03-20 21:02 863064 ----a-w- c:\windows\SysWow64\NvIFR.dll 2014-03-20 21:02 . 2014-03-20 21:02 174296 ----a-w- c:\windows\system32\nvinitx.dll 2014-03-20 21:02 . 2014-03-20 21:02 148016 ----a-w- c:\windows\SysWow64\nvinit.dll 2014-03-20 21:02 . 2014-03-20 21:02 877856 ----a-w- c:\windows\system32\NvFBC64.dll 2014-03-20 21:02 . 2014-03-20 21:02 846168 ----a-w- c:\windows\SysWow64\NvFBC.dll 2014-03-20 21:02 . 2014-03-20 21:02 1885472 ----a-w- c:\windows\system32\nvdispco6433523.dll 2014-03-20 21:02 . 2014-03-20 21:02 1516488 ----a-w- c:\windows\system32\nvdispgenco6433523.dll 2014-03-20 21:02 . 2014-03-20 21:02 3143456 ----a-w- c:\windows\system32\nvcuvid.dll 2014-03-20 21:02 . 2014-03-20 21:02 17755424 ----a-w- c:\windows\system32\nvd3dumx.dll 2014-03-20 21:02 . 2013-03-26 13:47 14709720 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2014-03-20 21:02 . 2014-03-20 21:02 9728064 ----a-w- c:\windows\SysWow64\nvcuda.dll 2014-03-20 21:02 . 2014-03-20 21:02 2958792 ----a-w- c:\windows\SysWow64\nvcuvid.dll 2014-03-20 21:02 . 2014-03-20 21:02 2783008 ----a-w- c:\windows\system32\nvcuvenc.dll 2014-03-20 21:02 . 2014-03-20 21:02 2411976 ----a-w- c:\windows\SysWow64\nvcuvenc.dll 2014-03-20 21:02 . 2014-03-20 21:02 11636176 ----a-w- c:\windows\system32\nvcuda.dll 2014-03-20 21:02 . 2014-03-20 21:02 17561544 ----a-w- c:\windows\SysWow64\nvcompiler.dll 2014-03-20 21:02 . 2014-03-20 21:02 25255256 ----a-w- c:\windows\system32\nvcompiler.dll 2014-03-20 21:02 . 2012-10-10 20:23 3093280 ----a-w- c:\windows\system32\nvapi64.dll 2014-03-20 21:02 . 2013-03-26 13:47 2715264 ----a-w- c:\windows\SysWow64\nvapi.dll 2014-03-04 13:06 . 2012-12-04 16:54 6714312 ----a-w- c:\windows\system32\nvcpl.dll 2014-03-04 13:06 . 2012-12-04 16:54 3497816 ----a-w- c:\windows\system32\nvsvc64.dll 2014-03-04 13:05 . 2012-12-04 16:54 922968 ----a-w- c:\windows\system32\nvvsvc.exe 2014-03-04 13:05 . 2012-12-04 16:54 64968 ----a-w- c:\windows\system32\nvshext.dll 2014-03-04 13:05 . 2012-12-04 16:54 2558808 ----a-w- c:\windows\system32\nvsvcr.dll 2014-03-04 13:05 . 2012-12-04 16:54 386336 ----a-w- c:\windows\system32\nvmctray.dll 2014-03-04 13:05 . 2012-12-04 16:54 3649185 ----a-w- c:\windows\system32\nvcoproc.bin 2014-03-04 11:32 . 2014-04-06 18:22 599840 ----a-w- c:\windows\SysWow64\nvStreaming.exe 2014-03-04 09:44 . 2014-04-09 15:21 362496 ----a-w- c:\windows\system32\wow64win.dll 2014-03-04 09:44 . 2014-04-09 15:21 243712 ----a-w- c:\windows\system32\wow64.dll 2014-03-04 09:44 . 2014-04-09 15:21 13312 ----a-w- c:\windows\system32\wow64cpu.dll 2014-03-04 09:44 . 2014-04-09 15:21 16384 ----a-w- c:\windows\system32\ntvdm64.dll 2014-03-04 09:44 . 2014-04-09 15:21 1163264 ----a-w- c:\windows\system32\kernel32.dll 2014-03-04 09:17 . 2014-04-09 15:21 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll 2014-03-04 09:17 . 2014-04-09 15:21 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2014-03-04 09:16 . 2014-04-09 15:21 25600 ----a-w- c:\windows\SysWow64\setup16.exe 2014-03-04 09:16 . 2014-04-09 15:21 5120 ----a-w- c:\windows\SysWow64\wow32.dll 2014-03-04 08:09 . 2014-04-09 15:21 7680 ----a-w- c:\windows\SysWow64\instnm.exe 2014-03-04 08:09 . 2014-04-09 15:21 2048 ----a-w- c:\windows\SysWow64\user.exe 2012-12-05 05:37 . 2012-12-05 05:37 4096000 ----a-w- c:\program files (x86)\GUTE5C.tmp 2012-12-04 18:14 . 2012-12-04 18:14 4096000 ----a-w- c:\program files (x86)\GUT25EC.tmp . . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] 2014-04-24 13:25 297128 ----a-w- c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-10 23:54 131248 ----a-w- c:\users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-10 23:54 131248 ----a-w- c:\users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-10 23:54 131248 ----a-w- c:\users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] "HP Deskjet 3050A J611 series (NET)"="c:\program files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" [2012-10-17 2573416] "AmazonMP3DownloaderHelper"="c:\users\Christian\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe" [2013-05-22 400704] "Amazon Cloud Player"="c:\users\Christian\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe" [2014-01-14 3140608] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904] "BCU"="c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [2009-08-04 346320] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336] "VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2013-03-10 88984] "AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-04-23 3873704] "WD Quick View"="c:\program files (x86)\Western Digital\WD Quick View\WDDMStatus.exe" [2014-02-28 5545328] "WD Drive Unlocker"="c:\program files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe" [2013-07-10 1694080] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x] R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x] R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [x] R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x] R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys;c:\windows\SYSNATIVE\pwdrvio.sys [x] R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys;c:\windows\SYSNATIVE\pwdspio.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x] R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x] R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x] R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x] R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x] S0 aswRvrt;avast! Revert; [x] S0 aswVmm;avast! VM Monitor; [x] S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x] S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x] S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x] S2 BCUService;Browser Configuration Utility Service;c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe;c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [x] S2 ES lite Service;ES lite Service for program management.;c:\program files (x86)\Gigabyte\EasySaver\ESSVR.EXE;c:\program files (x86)\Gigabyte\EasySaver\ESSVR.EXE [x] S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] S2 WDBackup;WD Backup;c:\program files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe;c:\program files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [x] S2 WDDriveService;WD Drive Manager;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [x] S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x] S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x] S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x] S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x] S3 LVUVC64;Logitech HD Webcam C270(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x] S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2014-05-04 17:52 1078088 ----a-w- c:\program files (x86)\Google\Chrome\Application\34.0.1847.131\Installer\chrmstp.exe . Inhalt des "geplante Tasks" Ordners . 2014-05-09 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-04 16:17] . 2014-05-11 c:\windows\Tasks\CheckDriveBackgroundGuard.job - c:\program files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe [2013-04-11 09:47] . 2014-04-27 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-112228590-1735457731-3987380992-1001Core.job - c:\users\Christian\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-02 16:10] . 2014-05-09 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-112228590-1735457731-3987380992-1001UA.job - c:\users\Christian\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-02 16:10] . 2014-05-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-04 18:09] . 2014-05-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-04 18:09] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] 2014-01-22 21:51 357432 ----a-w- c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2014-04-23 19:22 290888 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-10 23:54 164016 ----a-w- c:\users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-10 23:54 164016 ----a-w- c:\users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-10 23:54 164016 ----a-w- c:\users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-10 23:54 164016 ----a-w- c:\users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-08-18 8067616] "Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2012-11-29 7406392] "Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-08-27 1028896] . ------- Zusätzlicher Suchlauf ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.de/ mLocal Page = c:\windows\SysWOW64\blank.htm IE: Free YouTube Download - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll TCP: DhcpNameServer = 192.168.179.1 FF - ProfilePath - c:\users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\jpn1xfzb.default\ FF - prefs.js: browser.startup.homepage - google.de . - - - - Entfernte verwaiste Registrierungseinträge - - - - . Wow6432Node-HKLM-Run-<NO NAME> - (no file) HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start AddRemove-Free Audio CD to MP3 Converter_is1 - c:\program files (x86)\Common Files\DVDVideoSoft\Uninstall.exe AddRemove-739488040.redeem.sonypicturesstore.com - c:\program files (x86)\Microsoft Silverlight\5.1.20913.0\Silverlight.Configuration.exe . . . --------------------- Gesperrte Registrierungsschluessel --------------------- . [HKEY_USERS\S-1-5-21-112228590-1735457731-3987380992-1001\Software\SecuROM\License information*] "datasecu"=hex:40,7b,36,98,29,00,da,5a,9c,88,62,b1,62,d6,22,40,22,b6,15,01,6f, db,de,12,73,ee,c5,5a,d0,19,de,ae,6f,5e,d2,8a,0b,d5,d6,1d,88,fc,2d,bb,7d,bc,\ "rkeysecu"=hex:88,74,e5,a6,13,f0,5e,b4,c0,a1,61,a7,31,b3,39,32 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_206_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_206_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_206_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_206_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.13" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Zeit der Fertigstellung: 2014-05-11 09:55:26 ComboFix-quarantined-files.txt 2014-05-11 07:55 . Vor Suchlauf: 10 Verzeichnis(se), 302.008.942.592 Bytes frei Nach Suchlauf: 14 Verzeichnis(se), 308.239.290.368 Bytes frei . - - End Of File - - 24242C47859434AD882445258A36BFE4 A36C5E4F47E84449FF07ED3517B43A31 |
12.05.2014, 10:06 | #6 |
/// the machine /// TB-Ausbilder | Problem mit Bild, Bildschirm oft schwarz ! Downloade Dir bitte Malwarebytes Anti-Malware
Downloade Dir bitte AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> Problem mit Bild, Bildschirm oft schwarz ! |
Themen zu Problem mit Bild, Bildschirm oft schwarz ! |
ahnung, avast, bild, bildschirm, dateien, essen, farbe, farben, gen, geschlossen, gestartet, guten, infizierte, kein bild, monitor, musik, pcs, problem, ps3, samstag, scan, schwarz, spiel, ständig schwarz, versucht, win, zusammen |