Plagegeister aller Art und deren Bekämpfung: Svchost.exe wieder ein ProblemWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
![]() | ![]() Svchost.exe wieder ein Problem Hallo, ich habe wieder das selbe Problem. Die Svchost.exe verbraucht irgend wie ziemlich viel Arbeitsspeicher und mein Computer ist ziemlich langsam. Ich weiß nicht ob es genau daran liegt aber es scheint so. Der SvchostAnalyzer hat das hier ergeben. ![]() Das letzte Mal ging es für ne Zeit weg, aber da ich mich mit solchen Sachen nicht auskenne will ich erstmal nicht machen. Ein danke schonmal im Vorraus ![]() |
/// the machine /// TB-Ausbilder ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Svchost.exe wieder ein Problem Bilder bitte anhängen, ich seh die sonst nicht. Arbeitsrechner blockiert die.
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: ![]() (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
![]() | ![]() Svchost.exe wieder ein Problem FRST.txt
ATTFilter ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\System32\atiesrxx.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe (AMD) C:\Windows\System32\atieclxx.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe () C:\Program Files\Rainmeter\Rainmeter.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\\deploy\LoLLauncher.exe () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\\deploy\LolClient.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe () C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\\deploy\League of Legends.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11905128 2011-06-28] (Realtek Semiconductor) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-25] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-12-28] (Microsoft Corporation) HKU\S-1-5-21-1314872181-3393721534-3354367582-1000\...\MountPoints2: {f6e388e9-7a25-11e3-9edd-c86000570f5b} - F:\HTC_Sync_Manager_PC.exe Startup: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x6CA700261003CF01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de SearchScopes: HKLM-x32 - DefaultScope value is missing. BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] FireFox: ======== FF ProfilePath: C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lpom3v7f.default FF Homepage: google.de FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll () FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Adam\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: ProxTube - Unblock YouTube - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lpom3v7f.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7} [2014-01-03] FF Extension: Adblock Plus - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lpom3v7f.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-27] ==================== Services (Whitelisted) ================= R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-05-25] (Advanced Micro Devices, Inc.) [File not signed] ==================== Drivers (Whitelisted) ==================== S3 BrSerIf; C:\Windows\System32\DRIVERS\BrSerIf.sys [97280 2006-12-12] (Brother Industries Ltd.) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-17] () S3 ss_bserd; C:\Windows\System32\DRIVERS\ss_bserd.sys [128000 2009-09-19] (MCCI Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-14 15:45 - 2014-06-14 15:45 - 07764160 _____ (Hewlett-Packard Development Company, L.P. ) C:\Users\Adam\Documents\sp65305.exe 2014-06-14 15:44 - 2014-06-14 15:44 - 01830208 _____ (Hewlett-Packard Development Company, L.P. ) C:\Users\Adam\Documents\sp57359.exe 2014-06-14 15:43 - 2014-06-14 15:49 - 159726344 _____ (Hewlett-Packard Development Company, L.P. ) C:\Users\Adam\Documents\sp57362.exe 2014-06-14 15:43 - 2014-06-14 15:44 - 21599096 _____ (Hewlett-Packard Development Company, L.P. ) C:\Users\Adam\Documents\sp57492.exe 2014-06-13 20:48 - 2014-06-13 21:38 - 00000306 __RSH () C:\ProgramData\ntuser.pol 2014-06-13 20:47 - 2014-06-13 20:47 - 00961360 _____ (Chip Digital GmbH) C:\Users\Adam\Documents\Rufus - CHIP-Installer.exe 2014-06-13 20:26 - 2014-06-13 20:26 - 00005474 _____ () C:\Users\Adam\Downloads\eicfg_removal_utility.zip 2014-06-13 11:38 - 2014-06-13 11:39 - 00232971 _____ () C:\Users\Adam\Downloads\BOOTX64.efi 2014-06-12 18:18 - 2014-06-12 18:21 - 00000000 ____D () C:\Users\Adam\USB 2014-06-12 13:54 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-06-12 13:54 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-06-12 13:54 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-06-12 13:54 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-06-12 13:54 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-06-12 13:54 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-06-12 13:54 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-06-12 13:54 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-06-12 13:54 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-06-12 13:54 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-06-12 13:54 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-06-12 13:54 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-06-12 13:54 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-06-12 13:54 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-06-12 13:54 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-06-12 13:54 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-06-12 13:54 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-06-12 13:54 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-06-12 13:54 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-06-12 13:54 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-06-12 13:54 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-06-12 13:54 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-06-12 13:54 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-06-12 13:54 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-06-12 13:54 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-06-12 13:54 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-06-12 13:54 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-06-12 13:54 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-06-12 13:54 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-06-12 13:54 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-06-12 13:54 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-06-12 13:54 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-06-12 13:54 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-06-12 13:54 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-06-12 13:54 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-06-12 13:54 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-06-12 13:54 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-06-12 13:54 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-06-12 13:54 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-06-12 13:54 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-06-12 13:54 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-06-12 13:54 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-06-12 13:54 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-06-12 13:54 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-06-12 13:54 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-06-12 13:54 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-06-12 13:54 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-06-12 13:54 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-06-12 13:54 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-06-12 13:54 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-06-12 13:54 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-06-12 13:54 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-06-12 13:54 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2014-06-12 13:54 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll 2014-06-12 13:54 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-06-12 13:54 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2014-06-12 13:54 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2014-06-12 13:54 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-06-12 13:54 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2014-06-12 13:54 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-06-12 13:54 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2014-06-12 13:54 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-06-12 13:54 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2014-06-12 13:54 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-06-12 13:53 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-12 13:53 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-11 15:19 - 2014-06-11 15:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-11 01:03 - 2014-06-11 01:03 - 00000000 ____D () C:\Users\Adam\AppData\Local\Blizzard 2014-06-11 00:50 - 2014-06-11 01:03 - 00000000 ____D () C:\Program Files (x86)\Hearthstone 2014-06-11 00:50 - 2014-06-11 00:50 - 00001169 _____ () C:\Users\Public\Desktop\Hearthstone.lnk 2014-06-11 00:50 - 2014-06-11 00:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone 2014-06-11 00:32 - 2014-06-14 15:25 - 00000000 ____D () C:\Users\Adam\AppData\Local\Battle.net 2014-06-11 00:32 - 2014-06-11 00:50 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\Battle.net 2014-06-11 00:32 - 2014-06-11 00:32 - 00001132 _____ () C:\Users\Public\Desktop\Battle.net.lnk 2014-06-11 00:32 - 2014-06-11 00:32 - 00000000 ____D () C:\Users\Adam\AppData\Local\Blizzard Entertainment 2014-06-11 00:32 - 2014-06-11 00:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net 2014-06-11 00:32 - 2014-06-11 00:32 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment 2014-06-11 00:32 - 2014-06-11 00:32 - 00000000 ____D () C:\Program Files (x86)\Battle.net 2014-06-11 00:31 - 2014-06-11 00:31 - 03099552 _____ (Blizzard Entertainment) C:\Users\Adam\Downloads\Hearthstone-Setup-deDE.exe 2014-06-11 00:31 - 2014-06-11 00:31 - 00000000 ____D () C:\ProgramData\Battle.net 2014-06-02 12:23 - 2014-06-02 12:23 - 00961360 _____ (Chip Digital GmbH) C:\Users\Adam\Documents\MultiLoader - CHIP-Installer.exe 2014-06-02 11:54 - 2014-06-02 12:18 - 152299911 _____ () C:\Users\Adam\Documents\S7233EJPKB1_OJPJL2.zip 2014-06-02 11:08 - 2014-06-02 11:08 - 00046592 _____ () C:\Users\Adam\Documents\kalender-mai-2014-tage-untereinander.xls 2014-05-25 19:41 - 2014-05-25 19:41 - 02294104 _____ () C:\Users\Adam\Downloads\Rainmeter-3.1.exe 2014-05-23 17:12 - 2014-05-23 17:12 - 00000858 _____ () C:\Windows\PFRO.log 2014-05-23 16:16 - 2014-06-17 12:25 - 00013132 _____ () C:\Windows\setupact.log 2014-05-23 16:16 - 2014-05-23 16:16 - 00000000 _____ () C:\Windows\setuperr.log ==================== One Month Modified Files and Folders ======= 2014-06-17 13:32 - 2013-12-27 16:19 - 00000000 ____D () C:\Users\Adam\AppData\Local\Temp 2014-06-17 13:30 - 2014-03-02 16:58 - 00006683 _____ () C:\Users\Adam\Downloads\FRST.txt 2014-06-17 13:30 - 2014-03-02 16:58 - 00000000 ____D () C:\FRST 2014-06-17 13:30 - 2013-12-29 16:18 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\Skype 2014-06-17 13:29 - 2014-03-02 16:58 - 02081280 _____ (Farbar) C:\Users\Adam\Downloads\FRST64.exe 2014-06-17 13:01 - 2013-12-27 17:07 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-06-17 12:44 - 2013-12-29 13:30 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1314872181-3393721534-3354367582-1000UA.job 2014-06-17 12:44 - 2013-12-29 13:30 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1314872181-3393721534-3354367582-1000Core.job 2014-06-17 12:43 - 2014-01-02 23:03 - 00007629 _____ () C:\Users\Adam\AppData\Local\Resmon.ResmonCfg 2014-06-17 12:36 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-06-17 12:35 - 2014-03-02 15:11 - 00540072 _____ (Neuber Software) C:\Users\Adam\Downloads\svchostanalyzer.exe 2014-06-17 12:35 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-06-17 12:34 - 2009-07-14 06:45 - 00015600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-06-17 12:34 - 2009-07-14 06:45 - 00015600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-06-17 12:33 - 2013-12-27 16:10 - 01580270 _____ () C:\Windows\WindowsUpdate.log 2014-06-17 12:28 - 2013-12-27 17:07 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-06-17 12:27 - 2013-12-27 17:07 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-06-17 12:27 - 2013-12-27 17:07 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-06-17 12:25 - 2014-05-23 16:16 - 00013132 _____ () C:\Windows\setupact.log 2014-06-15 15:07 - 2013-12-29 15:19 - 00001110 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk 2014-06-14 20:07 - 2013-12-27 22:49 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\TS3Client 2014-06-14 15:49 - 2014-06-14 15:43 - 159726344 _____ (Hewlett-Packard Development Company, L.P. ) C:\Users\Adam\Documents\sp57362.exe 2014-06-14 15:45 - 2014-06-14 15:45 - 07764160 _____ (Hewlett-Packard Development Company, L.P. ) C:\Users\Adam\Documents\sp65305.exe 2014-06-14 15:44 - 2014-06-14 15:44 - 01830208 _____ (Hewlett-Packard Development Company, L.P. ) C:\Users\Adam\Documents\sp57359.exe 2014-06-14 15:44 - 2014-06-14 15:43 - 21599096 _____ (Hewlett-Packard Development Company, L.P. ) C:\Users\Adam\Documents\sp57492.exe 2014-06-14 15:25 - 2014-06-11 00:32 - 00000000 ____D () C:\Users\Adam\AppData\Local\Battle.net 2014-06-13 21:38 - 2014-06-13 20:48 - 00000306 __RSH () C:\ProgramData\ntuser.pol 2014-06-13 20:48 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy 2014-06-13 20:48 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy 2014-06-13 20:47 - 2014-06-13 20:47 - 00961360 _____ (Chip Digital GmbH) C:\Users\Adam\Documents\Rufus - CHIP-Installer.exe 2014-06-13 20:26 - 2014-06-13 20:26 - 00005474 _____ () C:\Users\Adam\Downloads\eicfg_removal_utility.zip 2014-06-13 20:26 - 2014-02-05 14:51 - 3192264704 _____ () C:\Users\Adam\Downloads\X15-65741.iso 2014-06-13 17:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-06-13 11:39 - 2014-06-13 11:38 - 00232971 _____ () C:\Users\Adam\Downloads\BOOTX64.efi 2014-06-12 18:30 - 2013-12-27 18:27 - 00000000 ____D () C:\Windows\system32\MRT 2014-06-12 18:29 - 2013-12-27 18:27 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-06-12 18:28 - 2014-05-06 11:11 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-06-12 18:21 - 2014-06-12 18:18 - 00000000 ____D () C:\Users\Adam\USB 2014-06-12 18:18 - 2013-12-27 16:19 - 00000000 ____D () C:\Users\Adam 2014-06-12 18:18 - 2009-07-14 19:58 - 00685228 _____ () C:\Windows\system32\perfh007.dat 2014-06-12 18:18 - 2009-07-14 19:58 - 00145060 _____ () C:\Windows\system32\perfc007.dat 2014-06-12 18:18 - 2009-07-14 07:13 - 01619272 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-06-11 19:36 - 2013-12-27 16:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-06-11 15:19 - 2014-06-11 15:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-11 01:03 - 2014-06-11 01:03 - 00000000 ____D () C:\Users\Adam\AppData\Local\Blizzard 2014-06-11 01:03 - 2014-06-11 00:50 - 00000000 ____D () C:\Program Files (x86)\Hearthstone 2014-06-11 00:50 - 2014-06-11 00:50 - 00001169 _____ () C:\Users\Public\Desktop\Hearthstone.lnk 2014-06-11 00:50 - 2014-06-11 00:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone 2014-06-11 00:50 - 2014-06-11 00:32 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\Battle.net 2014-06-11 00:32 - 2014-06-11 00:32 - 00001132 _____ () C:\Users\Public\Desktop\Battle.net.lnk 2014-06-11 00:32 - 2014-06-11 00:32 - 00000000 ____D () C:\Users\Adam\AppData\Local\Blizzard Entertainment 2014-06-11 00:32 - 2014-06-11 00:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net 2014-06-11 00:32 - 2014-06-11 00:32 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment 2014-06-11 00:32 - 2014-06-11 00:32 - 00000000 ____D () C:\Program Files (x86)\Battle.net 2014-06-11 00:31 - 2014-06-11 00:31 - 03099552 _____ (Blizzard Entertainment) C:\Users\Adam\Downloads\Hearthstone-Setup-deDE.exe 2014-06-11 00:31 - 2014-06-11 00:31 - 00000000 ____D () C:\ProgramData\Battle.net 2014-06-08 11:13 - 2014-06-12 13:53 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-08 11:08 - 2014-06-12 13:53 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-02 12:23 - 2014-06-02 12:23 - 00961360 _____ (Chip Digital GmbH) C:\Users\Adam\Documents\MultiLoader - CHIP-Installer.exe 2014-06-02 12:18 - 2014-06-02 11:54 - 152299911 _____ () C:\Users\Adam\Documents\S7233EJPKB1_OJPJL2.zip 2014-06-02 11:08 - 2014-06-02 11:08 - 00046592 _____ () C:\Users\Adam\Documents\kalender-mai-2014-tage-untereinander.xls 2014-05-30 12:21 - 2014-06-12 13:54 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-30 12:02 - 2014-06-12 13:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-30 12:02 - 2014-06-12 13:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-05-30 11:45 - 2014-06-12 13:54 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-05-30 11:39 - 2014-06-12 13:54 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-05-30 11:39 - 2014-06-12 13:54 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-05-30 11:38 - 2014-06-12 13:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-05-30 11:28 - 2014-06-12 13:54 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-05-30 11:27 - 2014-06-12 13:54 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-05-30 11:24 - 2014-06-12 13:54 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-05-30 11:21 - 2014-06-12 13:54 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-05-30 11:21 - 2014-06-12 13:54 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-05-30 11:20 - 2014-06-12 13:54 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-05-30 11:18 - 2014-06-12 13:54 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-30 11:11 - 2014-06-12 13:54 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-05-30 11:08 - 2014-06-12 13:54 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-05-30 11:06 - 2014-06-12 13:54 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-05-30 11:02 - 2014-06-12 13:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-30 10:55 - 2014-06-12 13:54 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-05-30 10:49 - 2014-06-12 13:54 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-05-30 10:46 - 2014-06-12 13:54 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-05-30 10:44 - 2014-06-12 13:54 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-05-30 10:44 - 2014-06-12 13:54 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-05-30 10:43 - 2014-06-12 13:54 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-05-30 10:42 - 2014-06-12 13:54 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-05-30 10:38 - 2014-06-12 13:54 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-05-30 10:35 - 2014-06-12 13:54 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-05-30 10:34 - 2014-06-12 13:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-05-30 10:33 - 2014-06-12 13:54 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-05-30 10:30 - 2014-06-12 13:54 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-05-30 10:29 - 2014-06-12 13:54 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-05-30 10:28 - 2014-06-12 13:54 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-05-30 10:27 - 2014-06-12 13:54 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-05-30 10:24 - 2014-06-12 13:54 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-05-30 10:23 - 2014-06-12 13:54 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-05-30 10:16 - 2014-06-12 13:54 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-05-30 10:10 - 2014-06-12 13:54 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-05-30 10:06 - 2014-06-12 13:54 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-05-30 10:04 - 2014-06-12 13:54 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-05-30 10:02 - 2014-06-12 13:54 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-05-30 09:56 - 2014-06-12 13:54 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-05-30 09:56 - 2014-06-12 13:54 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-05-30 09:54 - 2014-06-12 13:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-05-30 09:50 - 2014-06-12 13:54 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-05-30 09:49 - 2014-06-12 13:54 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-05-30 09:43 - 2014-06-12 13:54 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-05-30 09:40 - 2014-06-12 13:54 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-05-30 09:30 - 2014-06-12 13:54 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-05-30 09:21 - 2014-06-12 13:54 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-05-30 09:15 - 2014-06-12 13:54 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-05-30 09:13 - 2014-06-12 13:54 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-05-30 09:13 - 2014-06-12 13:54 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-05-26 21:08 - 2014-01-02 17:22 - 00001714 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainmeter.lnk 2014-05-26 21:08 - 2014-01-02 17:22 - 00000000 ____D () C:\Program Files\Rainmeter 2014-05-25 19:41 - 2014-05-25 19:41 - 02294104 _____ () C:\Users\Adam\Downloads\Rainmeter-3.1.exe 2014-05-23 17:12 - 2014-05-23 17:12 - 00000858 _____ () C:\Windows\PFRO.log 2014-05-23 16:16 - 2014-05-23 16:16 - 00000000 _____ () C:\Windows\setuperr.log 2014-05-23 14:44 - 2014-04-13 17:16 - 00000000 ___RD () C:\Users\Adam\Dropbox Some content of TEMP: ==================== C:\Users\Adam\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpycv9s0.dll C:\Users\Adam\AppData\Local\Temp\ICReinstall_Free Light Arabic 1.2 1.2 by iwdownload.exe C:\Users\Adam\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-09 17:56 ==================== End Of Log ============================ Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-06-2014 Ran by Adam at 2014-06-17 14:18:30 Running from C:\Users\Adam\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: - Adobe Systems Incorporated) Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: - Adobe Systems Incorporated) Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated) AMD APP SDK Runtime (Version: 2.4.650.9 - Advanced Micro Devices Inc.) Hidden AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden AMD Fuel (Version: 2011.0524.2352.41027 - Ihr Firmenname) Hidden AMD Media Foundation Decoders (Version: 1.0.60524.2309 - ATI Technologies Inc.) Hidden AMD VISION Engine Control Center (x32 Version: 2011.0524.2352.41027 - Ihr Firmenname) Hidden ATI AVIVO64 Codecs (Version: - ATI Technologies Inc.) Hidden ATI Catalyst Install Manager (HKLM\...\{94D5B25E-194F-AF08-E444-F51FC2038DE5}) (Version: 3.0.829.0 - ATI Technologies, Inc.) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0524.2352.41027 - ATI) Hidden Catalyst Control Center InstallProxy (x32 Version: 2011.0524.2352.41027 - ATI Technologies, Inc.) Hidden Catalyst Control Center Localization All (x32 Version: 2011.0524.2352.41027 - ATI) Hidden CCC Help Chinese Standard (x32 Version: 2011.0524.2351.41027 - ATI) Hidden CCC Help Chinese Traditional (x32 Version: 2011.0524.2351.41027 - ATI) Hidden CCC Help Czech (x32 Version: 2011.0524.2351.41027 - ATI) Hidden CCC Help Danish (x32 Version: 2011.0524.2351.41027 - ATI) Hidden CCC Help Dutch (x32 Version: 2011.0524.2351.41027 - ATI) Hidden CCC Help English (x32 Version: 2011.0524.2351.41027 - ATI) Hidden CCC Help Finnish (x32 Version: 2011.0524.2351.41027 - ATI) Hidden CCC Help French (x32 Version: 2011.0524.2351.41027 - ATI) Hidden CCC Help German (x32 Version: 2011.0524.2351.41027 - ATI) Hidden CCC Help Greek (x32 Version: 2011.0524.2351.41027 - ATI) Hidden CCC Help Hungarian (x32 Version: 2011.0524.2351.41027 - ATI) Hidden CCC Help Italian (x32 Version: 2011.0524.2351.41027 - ATI) Hidden CCC Help Japanese (x32 Version: 2011.0524.2351.41027 - ATI) Hidden CCC Help Korean (x32 Version: 2011.0524.2351.41027 - ATI) Hidden CCC Help Norwegian (x32 Version: 2011.0524.2351.41027 - ATI) Hidden CCC Help Polish (x32 Version: 2011.0524.2351.41027 - ATI) Hidden CCC Help Portuguese (x32 Version: 2011.0524.2351.41027 - ATI) Hidden CCC Help Russian (x32 Version: 2011.0524.2351.41027 - ATI) Hidden CCC Help Spanish (x32 Version: 2011.0524.2351.41027 - ATI) Hidden CCC Help Swedish (x32 Version: 2011.0524.2351.41027 - ATI) Hidden CCC Help Thai (x32 Version: 2011.0524.2351.41027 - ATI) Hidden CCC Help Turkish (x32 Version: 2011.0524.2351.41027 - ATI) Hidden ccc-utility64 (Version: 2011.0524.2352.41027 - ATI) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform) Facebook Video Calling (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited) GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) HydraVision (x32 Version: - ATI Technologies Inc.) Hidden Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle) Java Auto Updater (x32 Version: - Sun Microsystems, Inc.) Hidden League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games ) League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Corporation (Version: - Microsoft Corporation) Hidden Microsoft Corporation (x32 Version: - Microsoft Corporation) Hidden Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation) Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.1 r2290 - ) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.610.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - Realtek Semiconductor Corp.) Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH) TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer) WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) ==================== Restore Points ========================= 21-05-2014 11:07:43 Windows Update 30-05-2014 10:58:12 Windows Update 03-06-2014 10:28:17 Windows Update 06-06-2014 11:28:45 Windows Update 10-06-2014 12:11:43 Windows Update 12-06-2014 16:27:56 Windows Update 17-06-2014 10:30:30 Windows Update ==================== Hosts content: ========================== 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {099CC8DD-4E67-45CE-A253-32C2D231B9EF} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1314872181-3393721534-3354367582-1000UA => C:\Users\Adam\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-29] (Facebook Inc.) Task: {76243C05-5F33-4A01-A980-0B3DE200B67E} - System32\Tasks\{546A7BFF-7A47-4ABB-8612-B465FB0CFECA} => C:\Users\Adam\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe [2013-12-29] (Facebook Inc.) Task: {76E7D8DB-08E2-4737-B84F-29572C6F4864} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd) Task: {8F05DA66-C77E-48BD-9215-AB06E07CED7A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1314872181-3393721534-3354367582-1000Core => C:\Users\Adam\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-29] (Facebook Inc.) Task: {9248D7CB-242A-4BDC-9631-B485D37BBE27} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-17] (Adobe Systems Incorporated) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1314872181-3393721534-3354367582-1000Core.job => C:\Users\Adam\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1314872181-3393721534-3354367582-1000UA.job => C:\Users\Adam\AppData\Local\Facebook\Update\FacebookUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-05-25 16:18 - 2014-05-25 16:18 - 00036536 _____ () C:\Program Files\Rainmeter\Rainmeter.exe 2014-05-25 16:18 - 2014-05-25 16:18 - 00747192 _____ () C:\Program Files\Rainmeter\Rainmeter.dll 2014-05-25 16:17 - 2014-05-25 16:17 - 00012800 _____ () C:\Program Files\Rainmeter\Plugins\PerfMon.dll 2014-05-25 16:17 - 2014-05-25 16:17 - 00011776 _____ () C:\Program Files\Rainmeter\Plugins\PowerPlugin.dll 2014-05-25 16:17 - 2014-05-25 16:17 - 00019968 _____ () C:\Program Files\Rainmeter\Plugins\SysInfo.dll 2014-05-25 16:17 - 2014-05-25 16:17 - 00056832 _____ () C:\Program Files\Rainmeter\Plugins\WebParser.dll 2014-05-25 16:17 - 2014-05-25 16:17 - 00011776 _____ () C:\Program Files\Rainmeter\Plugins\RecycleManager.dll 2011-05-25 00:18 - 2011-05-25 00:18 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll 2011-05-25 00:50 - 2011-05-25 00:50 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll 2013-12-27 17:26 - 2014-06-04 12:41 - 05431800 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\\deploy\LoLLauncher.exe 2013-12-27 22:32 - 2013-12-27 22:32 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\\deploy\LolClient.exe 2013-12-27 17:27 - 2014-06-04 12:41 - 01531896 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\\deploy\RiotLauncher.dll 2014-06-11 15:19 - 2014-06-11 15:19 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2014-06-17 12:27 - 2014-06-17 12:27 - 17024688 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== EXE Association (whitelisted) ============= ==================== MSCONFIG/TASK MANAGER disabled items ========= MSCONFIG\startupreg: ApnTBMon => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" MSCONFIG\startupreg: Facebook Update => "C:\Users\Adam\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver MSCONFIG\startupreg: LifeCam => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (06/16/2014 04:25:49 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version:, Zeitstempel: 0x53914233 Name des fehlerhaften Moduls: mozalloc.dll, Version:, Zeitstempel: 0x53911393 Ausnahmecode: 0x80000003 Fehleroffset: 0x0000141b ID des fehlerhaften Prozesses: 0xe34 Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0 Pfad der fehlerhaften Anwendung: plugin-container.exe1 Pfad des fehlerhaften Moduls: plugin-container.exe2 Berichtskennung: plugin-container.exe3 Error: (06/16/2014 01:43:44 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version:, Zeitstempel: 0x53914233 Name des fehlerhaften Moduls: mozalloc.dll, Version:, Zeitstempel: 0x53911393 Ausnahmecode: 0x80000003 Fehleroffset: 0x0000141b ID des fehlerhaften Prozesses: 0xf70 Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0 Pfad der fehlerhaften Anwendung: plugin-container.exe1 Pfad des fehlerhaften Moduls: plugin-container.exe2 Berichtskennung: plugin-container.exe3 Error: (06/15/2014 11:21:22 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version:, Zeitstempel: 0x53914233 Name des fehlerhaften Moduls: mozalloc.dll, Version:, Zeitstempel: 0x53911393 Ausnahmecode: 0x80000003 Fehleroffset: 0x0000141b ID des fehlerhaften Prozesses: 0xe18 Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0 Pfad der fehlerhaften Anwendung: plugin-container.exe1 Pfad des fehlerhaften Moduls: plugin-container.exe2 Berichtskennung: plugin-container.exe3 Error: (06/15/2014 02:01:33 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version:, Zeitstempel: 0x53914233 Name des fehlerhaften Moduls: mozalloc.dll, Version:, Zeitstempel: 0x53911393 Ausnahmecode: 0x80000003 Fehleroffset: 0x0000141b ID des fehlerhaften Prozesses: 0x59c Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0 Pfad der fehlerhaften Anwendung: plugin-container.exe1 Pfad des fehlerhaften Moduls: plugin-container.exe2 Berichtskennung: plugin-container.exe3 Error: (06/14/2014 11:31:38 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version:, Zeitstempel: 0x53914233 Name des fehlerhaften Moduls: mozalloc.dll, Version:, Zeitstempel: 0x53911393 Ausnahmecode: 0x80000003 Fehleroffset: 0x0000141b ID des fehlerhaften Prozesses: 0xd60 Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0 Pfad der fehlerhaften Anwendung: plugin-container.exe1 Pfad des fehlerhaften Moduls: plugin-container.exe2 Berichtskennung: plugin-container.exe3 Error: (06/14/2014 10:40:04 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version:, Zeitstempel: 0x53914233 Name des fehlerhaften Moduls: mozalloc.dll, Version:, Zeitstempel: 0x53911393 Ausnahmecode: 0x80000003 Fehleroffset: 0x0000141b ID des fehlerhaften Prozesses: 0x998 Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0 Pfad der fehlerhaften Anwendung: plugin-container.exe1 Pfad des fehlerhaften Moduls: plugin-container.exe2 Berichtskennung: plugin-container.exe3 Error: (05/14/2014 06:24:07 PM) (Source: .NET Runtime Optimization Service) (EventID: 1107) (User: ) Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.Transactions, Version=, Culture=Neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=x86" /NoDependencies . The error returned was Error: The specified assembly is not installed. . Error: (05/10/2014 04:55:16 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm explorer.exe, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1170 Startzeit: 01cf6c5e0dc596c7 Endzeit: 3320 Anwendungspfad: C:\Windows\explorer.exe Berichts-ID: 10875953-d853-11e3-ab3c-c86000570f5b Error: (05/10/2014 04:51:03 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm DllHost.exe, Version 6.1.7600.16385 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 314 Startzeit: 01cf6c5f33f4d3af Endzeit: 3334 Anwendungspfad: C:\Windows\system32\DllHost.exe Berichts-ID: 7c13b1e3-d852-11e3-ab3c-c86000570f5b Error: (05/10/2014 04:43:33 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 664 Startzeit: 01cf6c2441bda6e5 Endzeit: 60000 Anwendungspfad: C:\Windows\Explorer.EXE Berichts-ID: 41abbf48-d851-11e3-ab3c-c86000570f5b System errors: ============= Error: (06/17/2014 00:37:09 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Multimediaklassenplaner" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: %%1056 Error: (06/17/2014 00:37:09 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Computerbrowser" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: %%1056 Error: (06/17/2014 00:36:09 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Server" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: %%1056 Error: (06/17/2014 00:35:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Windows Update" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts. Error: (06/17/2014 00:35:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts. Error: (06/17/2014 00:35:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Designs" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts. Error: (06/17/2014 00:35:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Shellhardwareerkennung" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts. Error: (06/17/2014 00:35:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Benachrichtigungsdienst für Systemereignisse" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts. Error: (06/17/2014 00:35:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Sekundäre Anmeldung" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts. Error: (06/17/2014 00:35:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Aufgabenplanung" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts. Microsoft Office Sessions: ========================= Error: (06/16/2014 04:25:49 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141be3401cf89627b181b81C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll1c578612-f562-11e3-8d05-c86000570f5b Error: (06/16/2014 01:43:44 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141bf7001cf894f1fb0d732C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll77d0f626-f54b-11e3-8d05-c86000570f5b Error: (06/15/2014 11:21:22 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141be1801cf88cc0ca1f26aC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllff152193-f4d2-11e3-aa3e-c86000570f5b Error: (06/15/2014 02:01:33 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b59c01cf881c56d6c68cC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll35533d4a-f420-11e3-b6bc-c86000570f5b Error: (06/14/2014 11:31:38 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141bd6001cf8816b38abb4cC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll4414ae8d-f40b-11e3-b6bc-c86000570f5b Error: (06/14/2014 10:40:04 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b99801cf87fbca6e4c95C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll0fc495a2-f404-11e3-b6bc-c86000570f5b Error: (05/14/2014 06:24:07 PM) (Source: .NET Runtime Optimization Service) (EventID: 1107) (User: ) Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.Transactions, Version=, Culture=Neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=x86" /NoDependencies . The error returned was Error: The specified assembly is not installed. . Error: (05/10/2014 04:55:16 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: explorer.exe6.1.7601.17567117001cf6c5e0dc596c73320C:\Windows\explorer.exe10875953-d853-11e3-ab3c-c86000570f5b Error: (05/10/2014 04:51:03 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: DllHost.exe6.1.7600.1638531401cf6c5f33f4d3af3334C:\Windows\system32\DllHost.exe7c13b1e3-d852-11e3-ab3c-c86000570f5b Error: (05/10/2014 04:43:33 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Explorer.EXE6.1.7601.1756766401cf6c2441bda6e560000C:\Windows\Explorer.EXE41abbf48-d851-11e3-ab3c-c86000570f5b ==================== Memory info =========================== Percentage of memory in use: 64% Total physical RAM: 2046.12 MB Available physical RAM: 734.68 MB Total Pagefile: 4092.23 MB Available Pagefile: 1656.63 MB Total Virtual: 8192 MB Available Virtual: 8191.85 MB ==================== Drives ================================ Drive c: (Windows7) (Fixed) (Total:465.66 GB) (Free:414.35 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 88BA1CE9) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
/// the machine /// TB-Ausbilder ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Svchost.exe wieder ein Problem Das Bild als Anhang? ProcessExplorer als Ersatz für den Windows Taskmanager installieren Lade Dir den Process Explorer als Ersatz für den Taskmanager herunter und installiere ihn, hier findest Du eine Anleitung. Das ist ein wesentlich leistungsfähigerer Ersatz für den Windows-Taskmanager. Im Menü unter "Options" kannst Du den ProcessExplorer dauerhaft als Ersatz für den Taskmanager einrichten (Replace Taskmanager). Das ist sehr empfehlenswert, weil der ProcessExplorer erheblich mehr Funktionen als der Taskmanager hat. Wenn Du diese Einstellung gemacht hast, öffnet sich mit der Tastenkombination STRG + ALT + Entf. nicht mehr der Taskmanager, sondern der ProcessExplorer. Das kann jederzeit durch Abhaken dieser Einstellung wieder rückgängig gemacht werden. Was wir jetzt konkret brauchen: In jeder Zeile steht ein Prozess, ein paar der Zeilen sind keine richtigen Prozesse, sondern nur Pseudoprozesse für die Tätigkeit des Windos-Kernels. Im Menü View => Select Columns wird ein Dialog geöffnet, in dem Du auswählen kannst, welche Spalten mit Informationen zu den Prozessen angezeigt werden sollen. In dem gehe in das Register "Process Performance" und stelle sicher, dass dort "CPU Usage" angehakt ist, "CPU History" wäre ebenfalls sinnvoll. Unter "CPU Usage" wird der aktuelle Wert der Prozessorauslastung für jeden Prozess angezeigt (im Tabellentitel steht nur kurz "CPU"), "CPU History" blendet für jeden Prozess ein Diagramm ein, das eine Kurve mit der Prozessorauslastung für die letzte Zeit anzeigt. Damit sollte es Dir möglich sein, zu identifizieren, welcher Prozess Deine CPU in Trab hält. Mache einen Doppelklick auf den Prozess. Du kannst von dem ganzen auch einen Screenshot machen und ihn als Anhang mit Deiner Antwort hochladen (auf "Erweitert" unter dem Textfeld klicken und über "Anhänge verwalten" auf Deinem Rechner suchen lassen und über "Hochladen" anhängen).
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
![]() | ![]() Svchost.exe wieder ein Problem Hier ist der Screenshot ![]() |
/// the machine /// TB-Ausbilder ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Svchost.exe wieder ein Problem ich sehe keine cpu auslastung.
__________________ --> Svchost.exe wieder ein Problem |
![]() | ![]() Svchost.exe wieder ein Problem Ich weiß nich wo das Problem ist. Manchmal bleibt der Computer stehen wenn ich nur nen Stream über Mozilla am laufen habe. |
/// the machine /// TB-Ausbilder ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Svchost.exe wieder ein Problem und genau dann muss vorher proces explorer offen sein damit man auf dem screen sieht was abgeht.
und genau dann muss vorher proces explorer offen sein damit man auf dem screen sieht was abgeht.
![]() | ![]() Svchost.exe wieder ein Problem Hier nun hab ich den Process Explorer ma bisschen laufen lassen und die Svchost.exe kam dann sogar auf 61%. Ich hoffe du das hilft irgend wie. Ahja und die Interrupt.exe geht manchmal auch hoch wofür ist den die? |
/// the machine /// TB-Ausbilder ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Svchost.exe wieder ein Problem Das ist ein WIndows Dienst für Core-Aufgaben, wenn ein Treiber Probleme meldet. POste mal bitte ein frisches FRST log, diesmal aber bitte komplett mit Header.
POste mal bitte ein frisches FRST log, diesmal aber bitte komplett mit Header.
![]() | ![]() Svchost.exe wieder ein Problem Das FRST.txt FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-06-2014 Ran by Adam (administrator) on ADAM-PC on 23-06-2014 20:56:52 Running from C:\Users\Adam\Downloads Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe () C:\Program Files\Rainmeter\Rainmeter.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.4710\Battle.net.exe (Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe () C:\Program Files (x86)\Hearthstone\Hearthstone.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11905128 2011-06-28] (Realtek Semiconductor) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-25] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-09] (Avira Operations GmbH & Co. KG) HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-12-28] (Microsoft Corporation) HKU\S-1-5-21-1314872181-3393721534-3354367582-1000\...\MountPoints2: {f6e388e9-7a25-11e3-9edd-c86000570f5b} - E:\HTC_Sync_Manager_PC.exe IFEO\taskmgr.exe: [Debugger] "C:\USERS\ADAM\DOWNLOADS\PROCEXP.EXE" Startup: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x6CA700261003CF01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de SearchScopes: HKLM-x32 - DefaultScope value is missing. BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Avira Savings Advisor BHO - {A18A516C-AA41-46A9-92DB-60208917E442} - C:\Program Files (x86)\avira\Internet Explorer\avira32.dll () BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] FireFox: ======== FF ProfilePath: C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lpom3v7f.default FF Homepage: google.de FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll () FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Adam\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Avira Savings Advisor - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lpom3v7f.default\Extensions\ciuvo-extension@avira.de [2014-06-19] FF Extension: ProxTube - Unblock YouTube - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lpom3v7f.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7} [2014-01-03] FF Extension: Adblock Plus - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lpom3v7f.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-27] ==================== Services (Whitelisted) ================= R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-05-25] (Advanced Micro Devices, Inc.) [File not signed] R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-09] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-09] (Avira Operations GmbH & Co. KG) ==================== Drivers (Whitelisted) ==================== R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-09] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-09] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-05-09] (Avira Operations GmbH & Co. KG) S3 BrSerIf; C:\Windows\System32\DRIVERS\BrSerIf.sys [97280 2006-12-12] (Brother Industries Ltd.) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-17] () S3 ss_bserd; C:\Windows\System32\DRIVERS\ss_bserd.sys [128000 2009-09-19] (MCCI Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-23 20:56 - 2014-06-23 20:56 - 00000000 ____D () C:\Users\Adam\Downloads\FRST-OlderVersion 2014-06-20 01:31 - 2014-02-04 00:43 - 02924736 _____ (Sysinternals - www.sysinternals.com) C:\Users\Adam\Downloads\procexp.exe 2014-06-19 21:36 - 2014-06-19 21:34 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2014-06-19 21:34 - 2014-06-19 21:34 - 00003408 _____ () C:\Windows\System32\Tasks\aviraSWU 2014-06-19 21:34 - 2014-06-19 21:34 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\Avira 2014-06-19 21:32 - 2014-06-19 21:34 - 00000000 ____D () C:\Program Files (x86)\Avira 2014-06-19 21:32 - 2014-06-19 21:32 - 00002078 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk 2014-06-19 21:32 - 2014-06-19 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2014-06-19 21:32 - 2014-06-19 21:32 - 00000000 ____D () C:\ProgramData\Avira 2014-06-19 21:32 - 2014-05-09 11:16 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2014-06-19 21:32 - 2014-05-09 11:16 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2014-06-19 21:32 - 2014-05-09 11:16 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2014-06-19 00:07 - 2014-06-19 00:09 - 137314600 _____ () C:\Users\Adam\Downloads\avira_free_antivirus_de_642.exe 2014-06-18 22:24 - 2014-06-18 22:24 - 00000000 ____D () C:\Users\Adam\AppData\Local\Adobe 2014-06-14 15:45 - 2014-06-14 15:45 - 07764160 _____ (Hewlett-Packard Development Company, L.P. ) C:\Users\Adam\Documents\sp65305.exe 2014-06-14 15:44 - 2014-06-14 15:44 - 01830208 _____ (Hewlett-Packard Development Company, L.P. ) C:\Users\Adam\Documents\sp57359.exe 2014-06-14 15:43 - 2014-06-14 15:49 - 159726344 _____ (Hewlett-Packard Development Company, L.P. ) C:\Users\Adam\Documents\sp57362.exe 2014-06-14 15:43 - 2014-06-14 15:44 - 21599096 _____ (Hewlett-Packard Development Company, L.P. ) C:\Users\Adam\Documents\sp57492.exe 2014-06-13 20:48 - 2014-06-13 21:38 - 00000306 __RSH () C:\ProgramData\ntuser.pol 2014-06-13 20:47 - 2014-06-13 20:47 - 00961360 _____ (Chip Digital GmbH) C:\Users\Adam\Documents\Rufus - CHIP-Installer.exe 2014-06-13 20:26 - 2014-06-13 20:26 - 00005474 _____ () C:\Users\Adam\Downloads\eicfg_removal_utility.zip 2014-06-13 11:38 - 2014-06-13 11:39 - 00232971 _____ () C:\Users\Adam\Downloads\BOOTX64.efi 2014-06-12 18:18 - 2014-06-21 16:12 - 00000000 ____D () C:\Users\Adam\USB 2014-06-12 13:54 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-06-12 13:54 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-06-12 13:54 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-06-12 13:54 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-06-12 13:54 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-06-12 13:54 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-06-12 13:54 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-06-12 13:54 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-06-12 13:54 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-06-12 13:54 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-06-12 13:54 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-06-12 13:54 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-06-12 13:54 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-06-12 13:54 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-06-12 13:54 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-06-12 13:54 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-06-12 13:54 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-06-12 13:54 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-06-12 13:54 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-06-12 13:54 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-06-12 13:54 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-06-12 13:54 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-06-12 13:54 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-06-12 13:54 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-06-12 13:54 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-06-12 13:54 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-06-12 13:54 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-06-12 13:54 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-06-12 13:54 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-06-12 13:54 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-06-12 13:54 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-06-12 13:54 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-06-12 13:54 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-06-12 13:54 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-06-12 13:54 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-06-12 13:54 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-06-12 13:54 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-06-12 13:54 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-06-12 13:54 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-06-12 13:54 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-06-12 13:54 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-06-12 13:54 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-06-12 13:54 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-06-12 13:54 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-06-12 13:54 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-06-12 13:54 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-06-12 13:54 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-06-12 13:54 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-06-12 13:54 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-06-12 13:54 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-06-12 13:54 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-06-12 13:54 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-06-12 13:54 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2014-06-12 13:54 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll 2014-06-12 13:54 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-06-12 13:54 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2014-06-12 13:54 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2014-06-12 13:54 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-06-12 13:54 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2014-06-12 13:54 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-06-12 13:54 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2014-06-12 13:54 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-06-12 13:54 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2014-06-12 13:54 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-06-12 13:53 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-12 13:53 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-11 15:19 - 2014-06-11 15:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-11 01:03 - 2014-06-11 01:03 - 00000000 ____D () C:\Users\Adam\AppData\Local\Blizzard 2014-06-11 00:50 - 2014-06-11 01:03 - 00000000 ____D () C:\Program Files (x86)\Hearthstone 2014-06-11 00:50 - 2014-06-11 00:50 - 00001169 _____ () C:\Users\Public\Desktop\Hearthstone.lnk 2014-06-11 00:50 - 2014-06-11 00:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone 2014-06-11 00:32 - 2014-06-23 20:55 - 00000000 ____D () C:\Users\Adam\AppData\Local\Battle.net 2014-06-11 00:32 - 2014-06-11 00:50 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\Battle.net 2014-06-11 00:32 - 2014-06-11 00:32 - 00001132 _____ () C:\Users\Public\Desktop\Battle.net.lnk 2014-06-11 00:32 - 2014-06-11 00:32 - 00000000 ____D () C:\Users\Adam\AppData\Local\Blizzard Entertainment 2014-06-11 00:32 - 2014-06-11 00:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net 2014-06-11 00:32 - 2014-06-11 00:32 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment 2014-06-11 00:32 - 2014-06-11 00:32 - 00000000 ____D () C:\Program Files (x86)\Battle.net 2014-06-11 00:31 - 2014-06-11 00:31 - 03099552 _____ (Blizzard Entertainment) C:\Users\Adam\Downloads\Hearthstone-Setup-deDE.exe 2014-06-11 00:31 - 2014-06-11 00:31 - 00000000 ____D () C:\ProgramData\Battle.net 2014-06-02 12:23 - 2014-06-02 12:23 - 00961360 _____ (Chip Digital GmbH) C:\Users\Adam\Documents\MultiLoader - CHIP-Installer.exe 2014-06-02 11:54 - 2014-06-02 12:18 - 152299911 _____ () C:\Users\Adam\Documents\S7233EJPKB1_OJPJL2.zip 2014-06-02 11:08 - 2014-06-02 11:08 - 00046592 _____ () C:\Users\Adam\Documents\kalender-mai-2014-tage-untereinander.xls 2014-05-25 19:41 - 2014-05-25 19:41 - 02294104 _____ () C:\Users\Adam\Downloads\Rainmeter-3.1.exe ==================== One Month Modified Files and Folders ======= 2014-06-23 20:57 - 2014-03-02 16:58 - 00008073 _____ () C:\Users\Adam\Downloads\FRST.txt 2014-06-23 20:56 - 2014-06-23 20:56 - 00000000 ____D () C:\Users\Adam\Downloads\FRST-OlderVersion 2014-06-23 20:56 - 2014-03-02 16:58 - 02082816 _____ (Farbar) C:\Users\Adam\Downloads\FRST64.exe 2014-06-23 20:56 - 2014-03-02 16:58 - 00000000 ____D () C:\FRST 2014-06-23 20:55 - 2014-06-11 00:32 - 00000000 ____D () C:\Users\Adam\AppData\Local\Battle.net 2014-06-23 20:53 - 2013-12-29 16:18 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\Skype 2014-06-23 20:44 - 2009-07-14 06:45 - 00015600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-06-23 20:44 - 2009-07-14 06:45 - 00015600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-06-23 20:42 - 2013-12-27 16:10 - 01810593 _____ () C:\Windows\WindowsUpdate.log 2014-06-23 20:40 - 2014-05-23 16:16 - 00017335 _____ () C:\Windows\setupact.log 2014-06-23 20:38 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-06-23 17:01 - 2013-12-27 17:07 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-06-23 16:17 - 2009-07-14 19:58 - 00685228 _____ () C:\Windows\system32\perfh007.dat 2014-06-23 16:17 - 2009-07-14 19:58 - 00145060 _____ () C:\Windows\system32\perfc007.dat 2014-06-23 16:17 - 2009-07-14 07:13 - 01619272 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-06-22 00:44 - 2013-12-29 13:30 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1314872181-3393721534-3354367582-1000UA.job 2014-06-21 16:27 - 2014-03-31 21:37 - 00000000 ____D () C:\Users\Adam\Desktop\Maria Handy 2014-06-21 16:18 - 2013-12-27 16:19 - 00000000 ____D () C:\Users\Adam 2014-06-21 16:15 - 2013-12-27 22:49 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\TS3Client 2014-06-21 16:12 - 2014-06-12 18:18 - 00000000 ____D () C:\Users\Adam\USB 2014-06-21 14:18 - 2014-01-02 17:22 - 00000000 ____D () C:\Program Files\Rainmeter 2014-06-19 21:45 - 2014-05-23 17:12 - 00098360 _____ () C:\Windows\PFRO.log 2014-06-19 21:34 - 2014-06-19 21:36 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2014-06-19 21:34 - 2014-06-19 21:34 - 00003408 _____ () C:\Windows\System32\Tasks\aviraSWU 2014-06-19 21:34 - 2014-06-19 21:34 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\Avira 2014-06-19 21:34 - 2014-06-19 21:32 - 00000000 ____D () C:\Program Files (x86)\Avira 2014-06-19 21:32 - 2014-06-19 21:32 - 00002078 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk 2014-06-19 21:32 - 2014-06-19 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2014-06-19 21:32 - 2014-06-19 21:32 - 00000000 ____D () C:\ProgramData\Avira 2014-06-19 12:44 - 2013-12-29 13:30 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1314872181-3393721534-3354367582-1000Core.job 2014-06-19 00:09 - 2014-06-19 00:07 - 137314600 _____ () C:\Users\Adam\Downloads\avira_free_antivirus_de_642.exe 2014-06-18 22:24 - 2014-06-18 22:24 - 00000000 ____D () C:\Users\Adam\AppData\Local\Adobe 2014-06-17 22:45 - 2013-12-29 16:18 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-06-17 22:45 - 2013-12-29 16:18 - 00000000 ____D () C:\ProgramData\Skype 2014-06-17 14:19 - 2014-03-02 16:59 - 00024437 _____ () C:\Users\Adam\Downloads\Addition.txt 2014-06-17 12:43 - 2014-01-02 23:03 - 00007629 _____ () C:\Users\Adam\AppData\Local\Resmon.ResmonCfg 2014-06-17 12:35 - 2014-03-02 15:11 - 00540072 _____ (Neuber Software) C:\Users\Adam\Downloads\svchostanalyzer.exe 2014-06-17 12:35 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-06-17 12:28 - 2013-12-27 17:07 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-06-17 12:27 - 2013-12-27 17:07 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-06-17 12:27 - 2013-12-27 17:07 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-06-15 15:07 - 2013-12-29 15:19 - 00001110 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk 2014-06-14 15:49 - 2014-06-14 15:43 - 159726344 _____ (Hewlett-Packard Development Company, L.P. ) C:\Users\Adam\Documents\sp57362.exe 2014-06-14 15:45 - 2014-06-14 15:45 - 07764160 _____ (Hewlett-Packard Development Company, L.P. ) C:\Users\Adam\Documents\sp65305.exe 2014-06-14 15:44 - 2014-06-14 15:44 - 01830208 _____ (Hewlett-Packard Development Company, L.P. ) C:\Users\Adam\Documents\sp57359.exe 2014-06-14 15:44 - 2014-06-14 15:43 - 21599096 _____ (Hewlett-Packard Development Company, L.P. ) C:\Users\Adam\Documents\sp57492.exe 2014-06-13 21:38 - 2014-06-13 20:48 - 00000306 __RSH () C:\ProgramData\ntuser.pol 2014-06-13 20:48 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy 2014-06-13 20:48 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy 2014-06-13 20:47 - 2014-06-13 20:47 - 00961360 _____ (Chip Digital GmbH) C:\Users\Adam\Documents\Rufus - CHIP-Installer.exe 2014-06-13 20:26 - 2014-06-13 20:26 - 00005474 _____ () C:\Users\Adam\Downloads\eicfg_removal_utility.zip 2014-06-13 20:26 - 2014-02-05 14:51 - 3192264704 _____ () C:\Users\Adam\Downloads\X15-65741.iso 2014-06-13 17:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-06-13 11:39 - 2014-06-13 11:38 - 00232971 _____ () C:\Users\Adam\Downloads\BOOTX64.efi 2014-06-12 18:30 - 2013-12-27 18:27 - 00000000 ____D () C:\Windows\system32\MRT 2014-06-12 18:29 - 2013-12-27 18:27 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-06-12 18:28 - 2014-05-06 11:11 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-06-11 19:36 - 2013-12-27 16:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-06-11 15:19 - 2014-06-11 15:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-11 01:03 - 2014-06-11 01:03 - 00000000 ____D () C:\Users\Adam\AppData\Local\Blizzard 2014-06-11 01:03 - 2014-06-11 00:50 - 00000000 ____D () C:\Program Files (x86)\Hearthstone 2014-06-11 00:50 - 2014-06-11 00:50 - 00001169 _____ () C:\Users\Public\Desktop\Hearthstone.lnk 2014-06-11 00:50 - 2014-06-11 00:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone 2014-06-11 00:50 - 2014-06-11 00:32 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\Battle.net 2014-06-11 00:32 - 2014-06-11 00:32 - 00001132 _____ () C:\Users\Public\Desktop\Battle.net.lnk 2014-06-11 00:32 - 2014-06-11 00:32 - 00000000 ____D () C:\Users\Adam\AppData\Local\Blizzard Entertainment 2014-06-11 00:32 - 2014-06-11 00:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net 2014-06-11 00:32 - 2014-06-11 00:32 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment 2014-06-11 00:32 - 2014-06-11 00:32 - 00000000 ____D () C:\Program Files (x86)\Battle.net 2014-06-11 00:31 - 2014-06-11 00:31 - 03099552 _____ (Blizzard Entertainment) C:\Users\Adam\Downloads\Hearthstone-Setup-deDE.exe 2014-06-11 00:31 - 2014-06-11 00:31 - 00000000 ____D () C:\ProgramData\Battle.net 2014-06-08 11:13 - 2014-06-12 13:53 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-08 11:08 - 2014-06-12 13:53 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-02 12:23 - 2014-06-02 12:23 - 00961360 _____ (Chip Digital GmbH) C:\Users\Adam\Documents\MultiLoader - CHIP-Installer.exe 2014-06-02 12:18 - 2014-06-02 11:54 - 152299911 _____ () C:\Users\Adam\Documents\S7233EJPKB1_OJPJL2.zip 2014-06-02 11:08 - 2014-06-02 11:08 - 00046592 _____ () C:\Users\Adam\Documents\kalender-mai-2014-tage-untereinander.xls 2014-05-30 12:21 - 2014-06-12 13:54 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-30 12:02 - 2014-06-12 13:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-30 12:02 - 2014-06-12 13:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-05-30 11:45 - 2014-06-12 13:54 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-05-30 11:39 - 2014-06-12 13:54 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-05-30 11:39 - 2014-06-12 13:54 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-05-30 11:38 - 2014-06-12 13:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-05-30 11:28 - 2014-06-12 13:54 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-05-30 11:27 - 2014-06-12 13:54 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-05-30 11:24 - 2014-06-12 13:54 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-05-30 11:21 - 2014-06-12 13:54 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-05-30 11:21 - 2014-06-12 13:54 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-05-30 11:20 - 2014-06-12 13:54 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-05-30 11:18 - 2014-06-12 13:54 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-30 11:11 - 2014-06-12 13:54 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-05-30 11:08 - 2014-06-12 13:54 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-05-30 11:06 - 2014-06-12 13:54 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-05-30 11:02 - 2014-06-12 13:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-30 10:55 - 2014-06-12 13:54 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-05-30 10:49 - 2014-06-12 13:54 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-05-30 10:46 - 2014-06-12 13:54 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-05-30 10:44 - 2014-06-12 13:54 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-05-30 10:44 - 2014-06-12 13:54 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-05-30 10:43 - 2014-06-12 13:54 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-05-30 10:42 - 2014-06-12 13:54 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-05-30 10:38 - 2014-06-12 13:54 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-05-30 10:35 - 2014-06-12 13:54 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-05-30 10:34 - 2014-06-12 13:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-05-30 10:33 - 2014-06-12 13:54 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-05-30 10:30 - 2014-06-12 13:54 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-05-30 10:29 - 2014-06-12 13:54 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-05-30 10:28 - 2014-06-12 13:54 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-05-30 10:27 - 2014-06-12 13:54 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-05-30 10:24 - 2014-06-12 13:54 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-05-30 10:23 - 2014-06-12 13:54 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-05-30 10:16 - 2014-06-12 13:54 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-05-30 10:10 - 2014-06-12 13:54 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-05-30 10:06 - 2014-06-12 13:54 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-05-30 10:04 - 2014-06-12 13:54 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-05-30 10:02 - 2014-06-12 13:54 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-05-30 09:56 - 2014-06-12 13:54 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-05-30 09:56 - 2014-06-12 13:54 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-05-30 09:54 - 2014-06-12 13:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-05-30 09:50 - 2014-06-12 13:54 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-05-30 09:49 - 2014-06-12 13:54 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-05-30 09:43 - 2014-06-12 13:54 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-05-30 09:40 - 2014-06-12 13:54 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-05-30 09:30 - 2014-06-12 13:54 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-05-30 09:21 - 2014-06-12 13:54 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-05-30 09:15 - 2014-06-12 13:54 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-05-30 09:13 - 2014-06-12 13:54 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-05-30 09:13 - 2014-06-12 13:54 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-05-26 21:08 - 2014-01-02 17:22 - 00001714 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainmeter.lnk 2014-05-25 19:41 - 2014-05-25 19:41 - 02294104 _____ () C:\Users\Adam\Downloads\Rainmeter-3.1.exe Some content of TEMP: ==================== C:\Users\Adam\AppData\Local\Temp\avgnt.exe C:\Users\Adam\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-18 13:22 ==================== End Of Log ============================ Das Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-06-2014 Ran by Adam at 2014-06-23 20:57:52 Running from C:\Users\Adam\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: - Adobe Systems Incorporated) Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: - Adobe Systems Incorporated) Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated) AMD APP SDK Runtime (Version: 2.4.650.9 - Advanced Micro Devices Inc.) Hidden AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden AMD Fuel (Version: 2011.0524.2352.41027 - Ihr Firmenname) Hidden AMD Media Foundation Decoders (Version: 1.0.60524.2309 - ATI Technologies Inc.) Hidden AMD VISION Engine Control Center (x32 Version: 2011.0524.2352.41027 - Ihr Firmenname) Hidden ATI AVIVO64 Codecs (Version: - ATI Technologies Inc.) Hidden ATI Catalyst Install Manager (HKLM\...\{94D5B25E-194F-AF08-E444-F51FC2038DE5}) (Version: 3.0.829.0 - ATI Technologies, Inc.) Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: - Avira) Avira Savings Advisor (HKLM-x32\...\{A18A516C-AA41-46A9-92DB-60208917E442}) (Version: 1.5.14 - Avira) <==== ATTENTION Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0524.2352.41027 - ATI) Hidden Catalyst Control Center InstallProxy (x32 Version: 2011.0524.2352.41027 - ATI Technologies, Inc.) Hidden Catalyst Control Center Localization All (x32 Version: 2011.0524.2352.41027 - ATI) Hidden CCC Help Chinese Standard (x32 Version: 2011.0524.2351.41027 - ATI) Hidden CCC Help Chinese Traditional (x32 Version: 2011.0524.2351.41027 - ATI) Hidden CCC Help Czech (x32 Version: 2011.0524.2351.41027 - ATI) Hidden CCC Help Danish (x32 Version: 2011.0524.2351.41027 - ATI) Hidden CCC Help Dutch (x32 Version: 2011.0524.2351.41027 - ATI) Hidden CCC Help English (x32 Version: 2011.0524.2351.41027 - ATI) Hidden CCC Help Finnish (x32 Version: 2011.0524.2351.41027 - ATI) Hidden CCC Help French (x32 Version: 2011.0524.2351.41027 - ATI) Hidden CCC Help German (x32 Version: 2011.0524.2351.41027 - ATI) Hidden CCC Help Greek (x32 Version: 2011.0524.2351.41027 - ATI) Hidden CCC Help Hungarian (x32 Version: 2011.0524.2351.41027 - ATI) Hidden CCC Help Italian (x32 Version: 2011.0524.2351.41027 - ATI) Hidden CCC Help Japanese (x32 Version: 2011.0524.2351.41027 - ATI) Hidden CCC Help Korean (x32 Version: 2011.0524.2351.41027 - ATI) Hidden CCC Help Norwegian (x32 Version: 2011.0524.2351.41027 - ATI) Hidden CCC Help Polish (x32 Version: 2011.0524.2351.41027 - ATI) Hidden CCC Help Portuguese (x32 Version: 2011.0524.2351.41027 - ATI) Hidden CCC Help Russian (x32 Version: 2011.0524.2351.41027 - ATI) Hidden CCC Help Spanish (x32 Version: 2011.0524.2351.41027 - ATI) Hidden CCC Help Swedish (x32 Version: 2011.0524.2351.41027 - ATI) Hidden CCC Help Thai (x32 Version: 2011.0524.2351.41027 - ATI) Hidden CCC Help Turkish (x32 Version: 2011.0524.2351.41027 - ATI) Hidden ccc-utility64 (Version: 2011.0524.2352.41027 - ATI) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform) Facebook Video Calling (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited) GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) HydraVision (x32 Version: - ATI Technologies Inc.) Hidden Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle) Java Auto Updater (x32 Version: - Sun Microsystems, Inc.) Hidden League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games ) League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Corporation (Version: - Microsoft Corporation) Hidden Microsoft Corporation (x32 Version: - Microsoft Corporation) Hidden Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation) Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.1 r2290 - ) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.610.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - Realtek Semiconductor Corp.) Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH) TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer) WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) ==================== Restore Points ========================= 06-06-2014 11:28:45 Windows Update 10-06-2014 12:11:43 Windows Update 12-06-2014 16:27:56 Windows Update 17-06-2014 10:30:30 Windows Update ==================== Hosts content: ========================== 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {099CC8DD-4E67-45CE-A253-32C2D231B9EF} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1314872181-3393721534-3354367582-1000UA => C:\Users\Adam\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-29] (Facebook Inc.) Task: {524482C6-12BF-4439-A676-76CEB5A3B32C} - System32\Tasks\aviraSWU => Cscript.exe "C:\Program Files (x86)\avira\Internet Explorer\swu.vbs" Task: {76243C05-5F33-4A01-A980-0B3DE200B67E} - System32\Tasks\{546A7BFF-7A47-4ABB-8612-B465FB0CFECA} => C:\Users\Adam\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe [2013-12-29] (Facebook Inc.) Task: {76E7D8DB-08E2-4737-B84F-29572C6F4864} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd) Task: {8F05DA66-C77E-48BD-9215-AB06E07CED7A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1314872181-3393721534-3354367582-1000Core => C:\Users\Adam\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-29] (Facebook Inc.) Task: {9248D7CB-242A-4BDC-9631-B485D37BBE27} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-17] (Adobe Systems Incorporated) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1314872181-3393721534-3354367582-1000Core.job => C:\Users\Adam\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1314872181-3393721534-3354367582-1000UA.job => C:\Users\Adam\AppData\Local\Facebook\Update\FacebookUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-05-25 16:18 - 2014-05-25 16:18 - 00036536 _____ () C:\Program Files\Rainmeter\Rainmeter.exe 2014-05-25 16:18 - 2014-05-25 16:18 - 00747192 _____ () C:\Program Files\Rainmeter\Rainmeter.dll 2014-05-25 16:17 - 2014-05-25 16:17 - 00012800 _____ () C:\Program Files\Rainmeter\Plugins\PerfMon.dll 2014-05-25 16:17 - 2014-05-25 16:17 - 00011776 _____ () C:\Program Files\Rainmeter\Plugins\PowerPlugin.dll 2014-05-25 16:17 - 2014-05-25 16:17 - 00019968 _____ () C:\Program Files\Rainmeter\Plugins\SysInfo.dll 2014-05-25 16:17 - 2014-05-25 16:17 - 00056832 _____ () C:\Program Files\Rainmeter\Plugins\WebParser.dll 2014-05-25 16:17 - 2014-05-25 16:17 - 00011776 _____ () C:\Program Files\Rainmeter\Plugins\RecycleManager.dll 2011-05-25 00:18 - 2011-05-25 00:18 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll 2011-05-25 00:50 - 2011-05-25 00:50 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll 2014-06-11 00:50 - 2014-06-11 00:56 - 10400304 _____ () C:\Program Files (x86)\Hearthstone\Hearthstone.exe 2014-06-11 15:19 - 2014-06-11 15:19 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2014-06-17 12:27 - 2014-06-17 12:27 - 17024688 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll 2014-06-11 00:32 - 2014-06-11 00:32 - 26065408 _____ () C:\Program Files (x86)\Battle.net\Battle.net.4710\libcef.dll 2014-06-11 00:32 - 2014-06-11 00:32 - 00739840 _____ () C:\Program Files (x86)\Battle.net\Battle.net.4710\libglesv2.dll 2014-06-11 00:32 - 2014-06-11 00:32 - 00130048 _____ () C:\Program Files (x86)\Battle.net\Battle.net.4710\libegl.dll 2014-06-11 00:58 - 2014-06-11 00:58 - 02099712 _____ () C:\Program Files (x86)\Hearthstone\Hearthstone_Data\Mono\mono.dll 2014-06-11 00:51 - 2014-06-11 00:51 - 00028672 _____ () C:\Program Files (x86)\Hearthstone\Hearthstone_Data\Plugins\PlayErrors32.DLL 2014-06-11 00:57 - 2014-06-11 00:57 - 02351104 _____ () C:\Program Files (x86)\Hearthstone\Hearthstone_Data\Plugins\Connect.DLL ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== EXE Association (whitelisted) ============= ==================== MSCONFIG/TASK MANAGER disabled items ========= MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: ApnTBMon => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" MSCONFIG\startupreg: Facebook Update => "C:\Users\Adam\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver MSCONFIG\startupreg: LifeCam => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (06/20/2014 10:58:44 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm Hearthstone.exe, Version kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1240 Startzeit: 01cf8cc3bc1582c2 Endzeit: 228 Anwendungspfad: C:\Program Files (x86)\Hearthstone\Hearthstone.exe Berichts-ID: a333897e-f8bd-11e3-9744-c86000570f5b Error: (06/20/2014 02:01:04 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version:, Zeitstempel: 0x53914233 Name des fehlerhaften Moduls: mozalloc.dll, Version:, Zeitstempel: 0x53911393 Ausnahmecode: 0x80000003 Fehleroffset: 0x0000141b ID des fehlerhaften Prozesses: 0xc74 Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0 Pfad der fehlerhaften Anwendung: plugin-container.exe1 Pfad des fehlerhaften Moduls: plugin-container.exe2 Berichtskennung: plugin-container.exe3 Error: (06/19/2014 10:33:09 PM) (Source: VSS) (EventID: 12298) (User: ) Description: Volumeschattenkopie-Dienstfehler: Die E/A-Schreibvorgänge können während des Schattenkopie-Erstellungszeitraums auf Volume "C:\" nicht gespeichert werden. Der Volumeindex im Schattenkopiesatz ist 0. Fehlerdetails: Offen[0x00000000, Der Vorgang wurde erfolgreich beendet. ], Leerung[0x00000000, Der Vorgang wurde erfolgreich beendet. ], Freigabe[0x80042314, Der Schattenkopieanbieter hat beim Warten auf den Schreibvorgang auf das Volume, von dem eine Schattenkopie erstellt wird, das Zeitlimit überschritten. Ursache hierfür könnte eine durch eine Anwendung oder einen Systemdienst verursachte hohe Aktivität auf dem Volume sein. Wiederholen Sie den Vorgang später, wenn das Volume nicht so stark ausgelastet ist. ], Ausführung[0x00000000, Der Vorgang wurde erfolgreich beendet. ]. Vorgang: Asynchroner Vorgang wird ausgeführt Kontext: Aktueller Status: DoSnapshotSet Error: (06/19/2014 10:33:09 PM) (Source: VSS) (EventID: 12310) (User: ) Description: Volumeschattenkopie-Dienstfehler: Die Schattenkopie kann nicht zugesichert werden - Vorgang hat das Zeitlimit überschritten. Fehlerkontext: DeviceIoControl(\\?\Volume{2bcd4a9c-6f00-11e3-972c-806e6f6e6963} - 000000000000011C,0x0053c010,00000000004FD280,0,00000000004FE290,4096,[0]). Vorgang: Schattenkopien werden übertragen Kontext: Ausführungskontext: System Provider Error: (06/19/2014 06:23:42 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm Skype.exe, Version kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: f38 Startzeit: 01cf8bc30ad4408f Endzeit: 782 Anwendungspfad: C:\Program Files (x86)\Skype\Phone\Skype.exe Berichts-ID: 06710590-f7ce-11e3-bafd-c86000570f5b Error: (06/19/2014 00:42:18 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version:, Zeitstempel: 0x53914233 Name des fehlerhaften Moduls: mozalloc.dll, Version:, Zeitstempel: 0x53911393 Ausnahmecode: 0x80000003 Fehleroffset: 0x0000141b ID des fehlerhaften Prozesses: 0x624 Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0 Pfad der fehlerhaften Anwendung: plugin-container.exe1 Pfad des fehlerhaften Moduls: plugin-container.exe2 Berichtskennung: plugin-container.exe3 Error: (06/17/2014 09:47:32 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version:, Zeitstempel: 0x53914233 Name des fehlerhaften Moduls: mozalloc.dll, Version:, Zeitstempel: 0x53911393 Ausnahmecode: 0x80000003 Fehleroffset: 0x0000141b ID des fehlerhaften Prozesses: 0x900 Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0 Pfad der fehlerhaften Anwendung: plugin-container.exe1 Pfad des fehlerhaften Moduls: plugin-container.exe2 Berichtskennung: plugin-container.exe3 Error: (06/16/2014 04:25:49 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version:, Zeitstempel: 0x53914233 Name des fehlerhaften Moduls: mozalloc.dll, Version:, Zeitstempel: 0x53911393 Ausnahmecode: 0x80000003 Fehleroffset: 0x0000141b ID des fehlerhaften Prozesses: 0xe34 Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0 Pfad der fehlerhaften Anwendung: plugin-container.exe1 Pfad des fehlerhaften Moduls: plugin-container.exe2 Berichtskennung: plugin-container.exe3 Error: (06/16/2014 01:43:44 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version:, Zeitstempel: 0x53914233 Name des fehlerhaften Moduls: mozalloc.dll, Version:, Zeitstempel: 0x53911393 Ausnahmecode: 0x80000003 Fehleroffset: 0x0000141b ID des fehlerhaften Prozesses: 0xf70 Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0 Pfad der fehlerhaften Anwendung: plugin-container.exe1 Pfad des fehlerhaften Moduls: plugin-container.exe2 Berichtskennung: plugin-container.exe3 Error: (06/15/2014 11:21:22 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version:, Zeitstempel: 0x53914233 Name des fehlerhaften Moduls: mozalloc.dll, Version:, Zeitstempel: 0x53911393 Ausnahmecode: 0x80000003 Fehleroffset: 0x0000141b ID des fehlerhaften Prozesses: 0xe18 Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0 Pfad der fehlerhaften Anwendung: plugin-container.exe1 Pfad des fehlerhaften Moduls: plugin-container.exe2 Berichtskennung: plugin-container.exe3 System errors: ============= Error: (06/23/2014 08:39:47 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: ) Description: Dienst "WMPNetworkSvc" konnte nicht ordnungsgemäß gestartet werden, da ein Fehler "0x80004005" in "CoCreateInstance(CLSID_UPnPDeviceFinder)" aufgetreten ist. Überprüfen Sie, ob der Dienst "UPnPHost" ausgeführt wird und ob die Windows-Komponente "UPnPHost" richtig installiert ist. Error: (06/23/2014 05:55:22 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} Error: (06/23/2014 05:06:17 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} Error: (06/23/2014 03:55:41 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: ) Description: Dienst "WMPNetworkSvc" konnte nicht ordnungsgemäß gestartet werden, da ein Fehler "0x80004005" in "CoCreateInstance(CLSID_UPnPDeviceFinder)" aufgetreten ist. Überprüfen Sie, ob der Dienst "UPnPHost" ausgeführt wird und ob die Windows-Komponente "UPnPHost" richtig installiert ist. Error: (06/22/2014 01:37:36 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} Error: (06/22/2014 01:30:42 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: ) Description: Dienst "WMPNetworkSvc" konnte nicht ordnungsgemäß gestartet werden, da ein Fehler "0x80004005" in "CoCreateInstance(CLSID_UPnPDeviceFinder)" aufgetreten ist. Überprüfen Sie, ob der Dienst "UPnPHost" ausgeführt wird und ob die Windows-Komponente "UPnPHost" richtig installiert ist. Error: (06/22/2014 01:29:44 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 22.06.2014 um 01:28:28 unerwartet heruntergefahren. Error: (06/21/2014 11:36:14 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: ) Description: Dienst "WMPNetworkSvc" konnte nicht ordnungsgemäß gestartet werden, da ein Fehler "0x80070420" in "CoCreateInstance(CLSID_UPnPDeviceFinder)" aufgetreten ist. Überprüfen Sie, ob der Dienst "UPnPHost" ausgeführt wird und ob die Windows-Komponente "UPnPHost" richtig installiert ist. Error: (06/21/2014 08:21:30 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} Error: (06/21/2014 06:52:48 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: ) Description: Dienst "WMPNetworkSvc" konnte nicht ordnungsgemäß gestartet werden, da ein Fehler "0x80004005" in "CoCreateInstance(CLSID_UPnPDeviceFinder)" aufgetreten ist. Überprüfen Sie, ob der Dienst "UPnPHost" ausgeführt wird und ob die Windows-Komponente "UPnPHost" richtig installiert ist. Microsoft Office Sessions: ========================= Error: (06/20/2014 10:58:44 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Hearthstone.exe1.0.0.5506124001cf8cc3bc1582c2228C:\Program Files (x86)\Hearthstone\Hearthstone.exea333897e-f8bd-11e3-9744-c86000570f5b Error: (06/20/2014 02:01:04 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141bc7401cf8bf75e8cbccfC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllf823e8d3-f80d-11e3-8b9e-c86000570f5b Error: (06/19/2014 10:33:09 PM) (Source: VSS) (EventID: 12298) (User: ) Description: C:\00x00000000, Der Vorgang wurde erfolgreich beendet. 0x00000000, Der Vorgang wurde erfolgreich beendet. 0x80042314, Der Schattenkopieanbieter hat beim Warten auf den Schreibvorgang auf das Volume, von dem eine Schattenkopie erstellt wird, das Zeitlimit überschritten. Ursache hierfür könnte eine durch eine Anwendung oder einen Systemdienst verursachte hohe Aktivität auf dem Volume sein. Wiederholen Sie den Vorgang später, wenn das Volume nicht so stark ausgelastet ist. 0x00000000, Der Vorgang wurde erfolgreich beendet. Vorgang: Asynchroner Vorgang wird ausgeführt Kontext: Aktueller Status: DoSnapshotSet Error: (06/19/2014 10:33:09 PM) (Source: VSS) (EventID: 12310) (User: ) Description: DeviceIoControl(\\?\Volume{2bcd4a9c-6f00-11e3-972c-806e6f6e6963} - 000000000000011C,0x0053c010,00000000004FD280,0,00000000004FE290,4096,[0]) Vorgang: Schattenkopien werden übertragen Kontext: Ausführungskontext: System Provider Error: (06/19/2014 06:23:42 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Skype.exe6.16.0.105f3801cf8bc30ad4408f782C:\Program Files (x86)\Skype\Phone\Skype.exe06710590-f7ce-11e3-bafd-c86000570f5b Error: (06/19/2014 00:42:18 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b62401cf8b2ffe322b68C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllcd3abfa3-f739-11e3-abbb-c86000570f5b Error: (06/17/2014 09:47:32 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b90001cf8a6046be861eC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll389255b4-f658-11e3-8ab0-c86000570f5b Error: (06/16/2014 04:25:49 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141be3401cf89627b181b81C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll1c578612-f562-11e3-8d05-c86000570f5b Error: (06/16/2014 01:43:44 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141bf7001cf894f1fb0d732C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll77d0f626-f54b-11e3-8d05-c86000570f5b Error: (06/15/2014 11:21:22 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141be1801cf88cc0ca1f26aC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllff152193-f4d2-11e3-aa3e-c86000570f5b ==================== Memory info =========================== Percentage of memory in use: 54% Total physical RAM: 4094.12 MB Available physical RAM: 1877.57 MB Total Pagefile: 8186.41 MB Available Pagefile: 5345.06 MB Total Virtual: 8192 MB Available Virtual: 8191.85 MB ==================== Drives ================================ Drive c: (Windows7) (Fixed) (Total:465.66 GB) (Free:409.5 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 88BA1CE9) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
/// the machine /// TB-Ausbilder ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Svchost.exe wieder ein Problem Mach mal nen Clean Boot, ist die Auslastung dann besser?
Mach mal nen Clean Boot, ist die Auslastung dann besser?
