Halli Hallo!
Ich habe Zeit neuersten (1-2 Tagen) folgendes Problem:
Jedes Mal wenn ich eine .exe datei öffnen will, Windows starte oder herunterfahre bekomme ich die Fehlermeldung "C:\Progra~2\Search~1\Search~1\bin\VC32LO~1.DLL either not designed to run.... " . Beschreibe diese jetzt nich genauer da ich schon einige Beiträge dazu gefunden habe und hoffe dass Ihr versteht was ich meine
Hier ist der FRST scan:
PHP-Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-02-2015
Ran by sahdkajs (administrator) on SAHDKAJS-PC on 04-02-2015 05:57:35
Running from C:\Users\sahdkajs\Downloads
Loaded Profiles: sahdkajs (Available profiles: sahdkajs & Music)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Englisch (USA)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(Client Connect LTD) C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Client Connect LTD) C:\Program Files\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files\SearchProtect\UI\bin\cltmngui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(VS Revo Group) C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 11.0\Reader\reader_sl.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-09] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [126712 2014-12-31] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2749442998-3716350225-1559413844-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2749442998-3716350225-1559413844-1000\...\MountPoints2: {75cb5c61-3820-11e4-91fc-001d60c1e542} - J:\AUTOPLAY.EXE
AppInit_DLLs: C:\PROGRA~1\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL => C:\Program Files\SearchProtect\SearchProtect\bin\VC32Loader.dll [219408 2015-01-28] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
ShortcutTarget: simplicheck.lnk -> C:\Program Files\simplitec\simplicheck\simplicheck.exe (simplitec)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2749442998-3716350225-1559413844-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\sahdkajs\AppData\Roaming\Mozilla\Firefox\Profiles\u6jcx7mp.default
FF NewTab: hxxp://www.trovi.com/?gd=&ctid=CT3330189&octid=EB_ORIGINAL_CTID&ISID=MC32EABB7-953C-4891-AB30-D24F1D0B8A50&SearchSource=69&CUI=&SSPV=&Lay=1&UM=6&UP=SP898C22DD-92EF-421F-A769-1CBF537B9723
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.trovi.com/?gd=&ctid=CT3330189&octid=EB_ORIGINAL_CTID&ISID=MC32EABB7-953C-4891-AB30-D24F1D0B8A50&SearchSource=55&CUI=&UM=6&UP=SP898C22DD-92EF-421F-A769-1CBF537B9723&SSPV=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\sahdkajs\AppData\Roaming\Mozilla\Firefox\Profiles\u6jcx7mp.default\searchplugins\trovi-search.xml
FF Extension: Adblock Plus - C:\Users\sahdkajs\AppData\Roaming\Mozilla\Firefox\Profiles\u6jcx7mp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-26]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-01-27]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\sahdkajs\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\sahdkajs\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-23]
CHR Extension: (Google Drive) - C:\Users\sahdkajs\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-23]
CHR Extension: (YouTube) - C:\Users\sahdkajs\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-23]
CHR Extension: (Google-Suche) - C:\Users\sahdkajs\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-23]
CHR Extension: (Avira Browserschutz) - C:\Users\sahdkajs\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-01-23]
CHR Extension: (Google Wallet) - C:\Users\sahdkajs\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-23]
CHR Extension: (Google Mail) - C:\Users\sahdkajs\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-23]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [178424 2014-12-31] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files\Common Files\BattlEye\BEService.exe [348032 2015-02-04] ()
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 CltMngSvc; C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe [3505936 2015-01-28] (Client Connect LTD)
R2 NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [4590968 2012-09-05] (Native Instruments GmbH)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [17536800 2014-07-25] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2014-11-30] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98160 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2014-06-17] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-09-09] (Disc Soft Ltd)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19232 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2014-03-31] (NVIDIA Corporation)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2014-06-17] (Avira GmbH)
S3 SynasUSB; C:\Windows\System32\drivers\SynasUSB.sys [18432 2006-11-23] (SIA Syncrosoft) [File not signed]
R3 ZOOM_R16MTR; C:\Windows\System32\Drivers\zmr16usbaudio.sys [80384 2010-06-16] (Zoom Corporation.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-04 05:25 - 2015-02-04 05:26 - 00034211 _____ () C:\Users\sahdkajs\Downloads\Addition.txt
2015-02-04 05:25 - 2015-02-04 05:25 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\sahdkajs\Downloads\revosetup95.exe
2015-02-04 05:25 - 2015-02-04 05:25 - 00001226 _____ () C:\Users\sahdkajs\Desktop\Revo Uninstaller.lnk
2015-02-04 05:25 - 2015-02-04 05:25 - 00000000 ____D () C:\Program Files\VS Revo Group
2015-02-04 05:24 - 2015-02-04 05:57 - 00011224 _____ () C:\Users\sahdkajs\Downloads\FRST.txt
2015-02-04 05:23 - 2015-02-04 05:57 - 00000000 ____D () C:\FRST
2015-02-04 05:23 - 2015-02-04 05:23 - 01122304 _____ (Farbar) C:\Users\sahdkajs\Downloads\FRST.exe
2015-02-04 02:54 - 2015-02-04 03:01 - 00000000 ____D () C:\Users\sahdkajs\Documents\DayZ
2015-02-04 02:54 - 2015-02-04 02:59 - 00000000 ____D () C:\Users\sahdkajs\AppData\Local\DayZ
2015-02-04 02:54 - 2015-02-04 02:54 - 00000000 ____D () C:\Program Files\Common Files\BattlEye
2015-02-04 00:59 - 2015-02-04 00:59 - 00000000 ____D () C:\Users\sahdkajs\Documents\Celemony
2015-02-04 00:59 - 2015-02-04 00:59 - 00000000 ____D () C:\Users\sahdkajs\AppData\Roaming\Celemony Software GmbH
2015-02-04 00:51 - 2015-02-04 00:57 - 00000000 ____D () C:\Users\sahdkajs\AppData\Roaming\Audacity
2015-02-02 23:50 - 2015-02-03 23:55 - 00000000 ____D () C:\Users\sahdkajs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-02-02 20:52 - 2015-02-02 20:52 - 00000000 ____D () C:\Users\Music\AppData\Local\avaxvavya
2015-02-02 17:42 - 2015-02-04 05:36 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-29 23:52 - 2015-01-29 23:52 - 19731050 _____ () C:\Users\Music\Desktop\nothingsl.wav
2015-01-28 15:20 - 2015-01-28 15:20 - 16852415 _____ () C:\Users\Music\Downloads\wetransfer-2b0e11.zip
2015-01-27 20:05 - 2015-01-27 20:05 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-01-26 19:36 - 2015-01-26 19:36 - 00000000 ____D () C:\Users\Music\AppData\Local\Google
2015-01-23 02:30 - 2015-01-27 18:45 - 00002129 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-23 02:30 - 2015-01-23 02:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-23 02:29 - 2015-02-04 05:45 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-23 02:29 - 2015-02-04 05:44 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-23 02:29 - 2015-01-23 02:30 - 00000000 ____D () C:\Users\sahdkajs\AppData\Local\Google
2015-01-23 02:29 - 2015-01-23 02:30 - 00000000 ____D () C:\Program Files\Google
2015-01-18 03:01 - 2015-01-18 03:01 - 00288306 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2015-01-18 03:01 - 2015-01-18 03:01 - 00000000 ____D () C:\Program Files\MSXML 4.0
2015-01-18 03:00 - 2015-01-18 03:01 - 00290468 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2015-01-17 22:28 - 2015-01-17 22:28 - 00000000 ____D () C:\Users\Music\AppData\Roaming\simplitec
2015-01-17 19:05 - 2014-12-19 03:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-17 19:05 - 2014-12-19 02:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-17 19:05 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-01-17 19:05 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-17 19:05 - 2014-12-11 18:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-17 19:05 - 2014-12-06 04:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 00:52 - 2015-01-14 00:52 - 00000000 ____D () C:\Users\sahdkajs\AppData\Roaming\simplitec
2015-01-13 22:36 - 2015-01-13 22:36 - 00000000 ____D () C:\Users\Music\Documents\MAGIX
2015-01-13 22:35 - 2015-01-28 17:03 - 00000000 ____D () C:\ProgramData\simplitec
2015-01-13 22:35 - 2015-01-13 22:36 - 00000000 ____D () C:\ProgramData\MAGIX
2015-01-13 22:35 - 2015-01-13 22:35 - 00001069 _____ () C:\Users\Public\Desktop\simplicheck.lnk
2015-01-13 22:35 - 2015-01-13 22:35 - 00001065 _____ () C:\Users\Public\Desktop\MAGIX Foto Designer 7.lnk
2015-01-13 22:35 - 2015-01-13 22:35 - 00000000 ____D () C:\Users\Music\AppData\Roaming\MAGIX
2015-01-13 22:35 - 2015-01-13 22:35 - 00000000 ____D () C:\Users\Music\AppData\Local\MAGIX
2015-01-13 22:35 - 2015-01-13 22:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec
2015-01-13 22:35 - 2015-01-13 22:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2015-01-13 22:35 - 2015-01-13 22:35 - 00000000 ____D () C:\Program Files\simplitec
2015-01-13 22:35 - 2015-01-13 22:35 - 00000000 ____D () C:\Program Files\MAGIX
2015-01-13 22:35 - 2015-01-13 22:35 - 00000000 ____D () C:\Program Files\Common Files\MAGIX Services
2015-01-13 22:34 - 2015-01-13 22:34 - 24003400 _____ (MAGIX AG) C:\Users\Music\Downloads\foto_designer_7011_23mb_d.exe
2015-01-13 22:28 - 2015-01-13 22:28 - 00002142 _____ () C:\Users\Music\AppData\Local\recently-used.xbel
2015-01-13 22:27 - 2015-01-13 22:27 - 00841650 _____ () C:\Users\Music\Documents\Unbenannt.xcf
2015-01-13 22:23 - 2015-01-13 22:23 - 00038553 _____ () C:\Users\Music\Downloads\fibel_vienna.zip
2015-01-13 21:54 - 2015-01-13 22:27 - 00000000 ____D () C:\Users\Music\AppData\Local\gtk-2.0
2015-01-13 21:52 - 2015-01-13 21:52 - 00000000 ____D () C:\Users\Music\.thumbnails
2015-01-13 21:48 - 2015-01-13 22:33 - 00000000 ____D () C:\Users\Music\.gimp-2.8
2015-01-13 21:48 - 2015-01-13 21:48 - 00000000 ____D () C:\Users\Music\AppData\Local\gegl-0.2
2015-01-13 21:48 - 2015-01-13 21:48 - 00000000 ____D () C:\Users\Music\AppData\Local\fontconfig
2015-01-13 21:46 - 2015-01-13 21:46 - 00202074 _____ () C:\Users\Music\Downloads\livin-hell_carnivalee-freakshow.zip
2015-01-13 21:46 - 2015-01-13 21:46 - 00001051 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-01-13 21:44 - 2015-01-13 21:46 - 00000000 ____D () C:\Program Files\GIMP 2
2015-01-13 21:40 - 2015-01-13 21:41 - 91670064 _____ (The GIMP Team ) C:\Users\Music\Downloads\gimp-2.8.14-setup.exe
2015-01-13 02:58 - 2015-01-13 02:58 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-13 02:57 - 2015-01-13 02:57 - 00638888 _____ (Oracle Corporation) C:\Users\sahdkajs\Downloads\jxpiinstall(1).exe
2015-01-13 02:56 - 2015-01-13 02:56 - 00638888 _____ (Oracle Corporation) C:\Users\sahdkajs\Downloads\jxpiinstall.exe
2015-01-13 02:51 - 2015-01-13 02:51 - 00000000 __SHD () C:\Users\sahdkajs\AppData\Local\EmieBrowserModeList
2015-01-13 00:06 - 2015-02-02 17:45 - 00000000 ____D () C:\Users\sahdkajs\AppData\Local\Adobe
2015-01-13 00:06 - 2015-01-13 00:06 - 00000216 _____ () C:\Users\sahdkajs\Desktop\Magic Barrage - Bitferno.url
2015-01-12 22:14 - 2015-01-12 22:20 - 524894245 _____ () C:\Users\sahdkajs\Downloads\l4d2_the_bloody_moors_4.0.zip
2015-01-06 20:21 - 2015-01-06 20:27 - 59117106 _____ () C:\Users\sahdkajs\Desktop\L4d_HelmsDeep.zip
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-04 05:51 - 2009-07-14 05:34 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-04 05:51 - 2009-07-14 05:34 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-04 05:44 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-04 05:44 - 2009-07-14 05:39 - 00062952 _____ () C:\Windows\setupact.log
2015-02-04 05:44 - 2007-01-01 01:57 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-04 05:43 - 2010-11-20 22:48 - 00203228 _____ () C:\Windows\PFRO.log
2015-02-04 05:41 - 2006-12-31 23:44 - 01981722 _____ () C:\Windows\WindowsUpdate.log
2015-02-04 04:20 - 2014-06-26 21:45 - 00000000 ____D () C:\Program Files\Steam
2015-02-04 04:06 - 2014-06-26 17:52 - 00007669 _____ () C:\Users\sahdkajs\AppData\Local\Resmon.ResmonCfg
2015-02-04 02:50 - 2014-08-12 14:10 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-04 01:02 - 2014-12-23 19:05 - 00000000 ____D () C:\Users\sahdkajs\Desktop\Music stuff
2015-02-03 01:48 - 2014-12-01 20:26 - 00000000 ____D () C:\Users\sahdkajs\AppData\Roaming\TS3Client
2015-02-03 00:45 - 2014-11-28 01:01 - 00282296 _____ () C:\Windows\system32\PnkBstrB.xtr
2015-02-03 00:45 - 2014-11-28 01:00 - 00139048 _____ () C:\Windows\system32\Drivers\PnkBstrK.sys
2015-02-03 00:45 - 2014-11-28 00:59 - 00282296 _____ () C:\Windows\system32\PnkBstrB.exe
2015-02-03 00:44 - 2014-11-28 00:59 - 00215128 _____ () C:\Windows\system32\PnkBstrB.ex0
2015-02-02 21:40 - 2014-06-26 21:45 - 00000000 ____D () C:\Program Files\Common Files\Steam
2015-02-02 20:52 - 2014-07-26 13:15 - 00000000 ____D () C:\Program Files\SearchProtect
2015-02-02 20:49 - 2014-11-17 21:21 - 00000000 ____D () C:\Users\Music\Desktop\bounces
2015-02-02 18:36 - 2014-06-26 23:23 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-02-02 18:36 - 2014-06-26 23:23 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-02-01 20:27 - 2010-11-20 22:01 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-01 04:32 - 2014-12-23 19:44 - 00000000 ____D () C:\Users\Music\AppData\Roaming\Celemony Software GmbH
2015-01-31 23:15 - 2014-06-26 18:22 - 00000000 ____D () C:\Cubase Install
2015-01-29 18:06 - 2014-12-23 19:31 - 00001095 _____ () C:\Users\Public\Desktop\Avira.lnk
2015-01-29 18:06 - 2014-06-26 01:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-01-29 18:05 - 2014-06-26 01:25 - 00000000 ____D () C:\Program Files\Avira
2015-01-29 17:58 - 2014-06-26 01:13 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-01-18 03:05 - 2014-06-26 10:42 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-18 03:01 - 2014-06-26 10:42 - 110348472 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-17 18:58 - 2009-07-14 05:33 - 00270872 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-14 00:53 - 2007-01-01 02:00 - 00059752 _____ () C:\Users\sahdkajs\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-13 23:02 - 2014-06-26 18:06 - 00059752 _____ () C:\Users\Music\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-13 00:06 - 2014-06-26 02:11 - 00000000 ____D () C:\Users\sahdkajs\AppData\Roaming\Adobe
==================== Files in the root of some directories =======
2014-11-28 01:00 - 2014-11-28 01:00 - 0138056 _____ () C:\Users\sahdkajs\AppData\Roaming\PnkBstrK.sys
2014-06-26 17:52 - 2015-02-04 04:06 - 0007669 _____ () C:\Users\sahdkajs\AppData\Local\Resmon.ResmonCfg
Some content of TEMP:
====================
C:\Users\Music\AppData\Local\Temp\6853.exe
C:\Users\Music\AppData\Local\Temp\928.exe
C:\Users\Music\AppData\Local\Temp\avgnt.exe
C:\Users\Music\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Music\AppData\Local\Temp\nshDC5F.exe
C:\Users\Music\AppData\Local\Temp\nsm24A.exe
C:\Users\Music\AppData\Local\Temp\nsr6AE.exe
C:\Users\Music\AppData\Local\Temp\nstC0F3.exe
C:\Users\Music\AppData\Local\Temp\nswDFC9.exe
C:\Users\Music\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Music\AppData\Local\Temp\setup.exe
C:\Users\Music\AppData\Local\Temp\SyncrosoftLicenseControlSetup.exe
C:\Users\sahdkajs\AppData\Local\Temp\avgnt.exe
C:\Users\sahdkajs\AppData\Local\Temp\nsy120E.exe
C:\Users\sahdkajs\AppData\Local\Temp\nsy35B8.exe
C:\Users\sahdkajs\AppData\Local\Temp\nvStInst.exe
C:\Users\sahdkajs\AppData\Local\Temp\SPSetup.exe
C:\Users\sahdkajs\AppData\Local\Temp\uttDED0.tmp.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-03 02:11
==================== End Of Log ============================
Ich verwende meinen Computer eigentlich nur dazu Musik zu produzieren, gelegentlich auf Steam zu Spielen und Youtube Videos zu schauen. Vor dem Eintreten des problems is mein Flashplayer des öfteren gecrasht und ich wurde dazu aufgefordert eine neue Version zu downloaden, dies tat ich auch. Habe im übrigen schon versucht "search and protect" zu löschen das hat aber irgendwie nicht hingehauen. Ich hoffe ich konnte das Problem gut beschreiben und hoffe auf eure Hilfe. Im Übrigen wäre es noch interessant zu wissen wo dieses Problem herkommt, ob es sich dabei um einen Virus handelt und (sollte es einer sein) was dieser anrichtet.
Danke jetzt schon mal und freundliche Grüße von mir
Doc
04.02.2015, 02:59
Baum-Darstellung