Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
PC fährt nicht mehr runter, kann explorer nicht beenden

PC fährt nicht mehr runter, kann explorer nicht beenden


Log-Analyse und Auswertung: PC fährt nicht mehr runter, kann explorer nicht beenden

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 12.04.2015, 17:26   #1
Medi
 
PC fährt nicht mehr runter, kann explorer nicht beenden - Standard

PC fährt nicht mehr runter, kann explorer nicht beenden


Hallo,

seit einiger Zeit passiert es immer wieder, dass ich den Explorer oder ein anderes Programm, das zu viel Arbeitsspeicher benötigt, nicht mehr mit dem Taskmanager beenden kann. Wenn ich den Computer dann neustarten oder herunterfahren will, bleibt er hängen und ich muss ihn mit der Taste ausschalten. Dass er nicht mehr herunterfahren will, passiert auch, wenn ich kein Problem mit dem Explorer habe. Manchmal fährt er auch ganz normal runter.
Ich dachte, diese Probleme hängen mit einer defekten Festplatte zusammen. Diese habe ich aber gestern gegen eine neue ausgetauscht.
Kurioserweise hat ein Freund von mir dieselben Probleme (Explorer, PC fährt nicht mehr runter) und er hat weder ein Programm installiert noch die Hardware verändert.

Ich habe den Defogger verwendet, danach Frst gestartet und da sagte G-DATA, "erunt.exe" würde was Verbotenes tun und darum habe ich die Datei in Quarantäne. G-Data wollte daraufhin neustarten um den (vermeintlichen) Virus zu vernichten, aber der PC ließ sich wieder nicht runterfahren. Nach dem Hochfahren steht nun in der Quarantäne: c\frst\hives\users\00000001, was wohl das Frst-Programm ist - und kein Virus, oder? Soll ich die Datei wiederherstellen?

Jedenfalls sind hier mal die Logs, die ich vor dem Herunterfahren noch gemacht habe:

FRST:

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-04-2015
Ran by CH (administrator) on CH-HP on 12-04-2015 17:45:02
Running from C:\Users\CH\Downloads
Loaded Profiles: CH (Available profiles: CH)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
() C:\Program Files (x86)\LG Soft India\forteManager\bin\Monitor.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqgpc01.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [568888 2010-01-18] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2010-01-25] (EasyBits Software AS)
HKLM-x32\...\Run: [ATICustomerCare] => C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe [311296 2010-05-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-16] (InstallShield Software Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1855608 2015-02-20] (G DATA Software AG)
HKLM\...\Winlogon: [Userinit] C:\Windows\System32\Userinit.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe,
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-3869574007-4155416212-3619733498-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3869574007-4155416212-3619733498-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\syswow64\GdScrSv.scr [2229880 2015-02-20] (G Data Software AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\forteManager.lnk
ShortcutTarget: forteManager.lnk -> C:\Program Files (x86)\LG Soft India\forteManager\bin\Monitor.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3869574007-4155416212-3619733498-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
SearchScopes: HKLM -> {F07F94CD-C87B-4CB7-8A1A-209F96B139B9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {F07F94CD-C87B-4CB7-8A1A-209F96B139B9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3869574007-4155416212-3619733498-1000 -> {F07F94CD-C87B-4CB7-8A1A-209F96B139B9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2010-05-28] (Hewlett-Packard Co.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-08-12] (RealDownloader)
BHO-x32: SSVHelper Class -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2010-05-28] (Hewlett-Packard Co.)
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: HKLM-x32 {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: HKLM-x32 {CA47E69B-B484-44C1-8E29-19B6B2694810} hxxp://games.bigfishgames.com/de_fashion-fortune/online/axcontrol.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {DB28CF23-0083-40B5-BF63-69925D672385} hxxp://www.nero.com/doc/NeroVersionChecker.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} -  No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} -  No File
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2010-06-19] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\CH\AppData\Roaming\Mozilla\Firefox\Profiles\tjqp8o3j.default
FF Homepage: hxxp://www.t-online.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-13] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-13] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @real.com/nppl3260;version=16.0.4.19 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2015-01-19] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll [2012-09-28] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.4 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-08-12] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-09-28] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-09-28] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.4.19 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2015-01-19] (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2014-08-12] (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3869574007-4155416212-3619733498-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101727.dll [2012-09-15] (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-3869574007-4155416212-3619733498-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-01-03] ()
FF Extension: Video DownloadHelper - C:\Users\CH\AppData\Roaming\Mozilla\Firefox\Profiles\tjqp8o3j.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-31]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-07-07]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2015-01-19]
FF HKLM-x32\...\Firefox\Extensions: [{1B12EF76-2B5E-4DA1-B587-4762D49BFE03}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKU\S-1-5-21-3869574007-4155416212-3619733498-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [128752 2010-06-29] (SUPERAntiSpyware.com) [File not signed]
S4 AdobeActiveFileMonitor13.0; C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe [231120 2014-08-31] (Adobe Systems Incorporated)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2527864 2015-03-04] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [965240 2015-02-20] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [3672560 2015-04-07] (G Data Software AG)
S4 Browser7Maintenance; C:\Program Files (x86)\Browser 7 Maintenance Service\maintenanceservice.exe [148792 2015-03-09] (Deutsche Telekom AG)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-01-25] (EasyBits Software AS) [File not signed]
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [3193080 2015-02-20] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [789112 2015-03-04] (G Data Software AG)
S4 hasplms; C:\Windows\system32\hasplms.exe [4412872 2012-08-23] (SafeNet Inc.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
S4 PCLEPCI; C:\Windows\SysWOW64\drivers\pclepci.sys [14165 2005-02-09] (Pinnacle Systems GmbH) [File not signed]
S4 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [487960 2015-02-05] (Sony Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
S4 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2014-08-12] ()
S4 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S4 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
S4 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
R3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [60488 2013-08-09] (SafeNet Inc.)
R3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [303624 2013-08-09] (SafeNet Inc.)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [150016 2015-03-31] (G Data Software AG)
R3 GDKBB; C:\Windows\system32\drivers\GDKBB64.sys [27648 2015-03-31] (G Data Software AG)
R1 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [20992 2015-03-31] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [230400 2015-03-31] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [75776 2015-03-31] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64512 2015-04-09] (G Data Software AG)
S1 GLogin; No ImagePath
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2015-03-31] (G Data Software)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331608 2014-07-15] (SafeNet Inc.)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [124928 2015-03-31] (G Data Software AG)
S3 LGDDCDevice; C:\Program Files (x86)\LG Soft India\forteManager\bin\I2CDriver.sys [14336 2008-12-12] () [File not signed]
S3 LGII2CDevice; C:\Program Files (x86)\LG Soft India\forteManager\bin\PII2CDriver.sys [18432 2008-12-12] () [File not signed]
R3 netr28x; C:\Windows\System32\DRIVERS\netr28x.sys [2486416 2014-12-31] (MediaTek Inc.)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14920 2010-02-17] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12360 2010-02-17] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-10-10] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2014-10-10] (Acronis)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2014-10-10] (Acronis International GmbH)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2010-03-03] (CyberLink Corp.)
S3 ALSysIO; \??\C:\Users\CH\AppData\Local\Temp\ALSysIO64.sys [X]
S3 ATIXPGAA; \??\C:\Program Files\PC-Doctor for Windows\ATIXPGAA.SYS [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S3 PcdrNdisuio; syswow64\drivers\pcdrndisuio.sys [X]
S3 PCDSRVC{4942F9C0-0B403F17-06000000}_0; \??\c:\pcdr5\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-12 17:44 - 2015-04-12 17:44 - 00064402 _____ () C:\Users\CH\Downloads\Addition.txt
2015-04-12 17:43 - 2015-04-12 17:45 - 00022920 _____ () C:\Users\CH\Downloads\FRST.txt
2015-04-12 17:40 - 2015-04-12 17:45 - 00000000 ____D () C:\FRST
2015-04-12 17:40 - 2015-04-12 17:40 - 00000466 _____ () C:\Users\CH\Downloads\defogger_disable.log
2015-04-12 17:40 - 2015-04-12 17:40 - 00000000 _____ () C:\Users\CH\defogger_reenable
2015-04-12 17:37 - 2015-04-12 17:37 - 02096640 _____ (Farbar) C:\Users\CH\Downloads\FRST64.exe
2015-04-12 17:37 - 2015-04-12 17:37 - 00380416 _____ () C:\Users\CH\Downloads\Gmer-19357.exe
2015-04-12 17:36 - 2015-04-12 17:36 - 00050477 _____ () C:\Users\CH\Downloads\Defogger.exe
2015-04-12 10:54 - 2015-04-12 11:23 - 00000168 _____ () C:\Windows\setupact.log
2015-04-12 10:54 - 2015-04-12 10:54 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-12 10:53 - 2015-04-12 10:54 - 00483304 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-12 10:51 - 2015-04-12 10:51 - 00147024 _____ () C:\Users\CH\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-12 10:48 - 2015-04-12 10:48 - 00109406 _____ () C:\Users\CH\Documents\cc_20150412_104816.reg
2015-04-12 10:30 - 2015-04-12 10:30 - 04218880 _____ (Piriform Ltd) C:\Users\CH\Downloads\ccsetup504_slim.exe
2015-04-12 02:10 - 2015-04-12 10:56 - 00000000 ____D () C:\ProgramData\SecTaskMan
2015-04-12 02:10 - 2015-04-12 02:10 - 02931056 _____ () C:\Users\CH\Downloads\SecurityTaskManager_Setup.exe
2015-04-12 02:10 - 2015-04-12 02:10 - 00000000 ____D () C:\Users\CH\AppData\Local\SecTaskMan
2015-04-12 02:09 - 2015-04-12 02:09 - 00540072 _____ (Neuber Software) C:\Users\CH\Downloads\svchost-prozess-analyser_25937.exe
2015-04-12 02:02 - 2015-04-12 02:02 - 00000000 ____D () C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2015-04-12 01:55 - 2015-04-12 01:55 - 00000477 _____ () C:\Users\CH\Desktop\System - Verknüpfung.lnk
2015-04-12 00:41 - 2015-04-12 00:41 - 00588816 _____ () C:\Users\CH\Downloads\Autoruns_13.2.zip
2015-04-12 00:40 - 2015-04-12 00:40 - 01203488 _____ () C:\Users\CH\Downloads\Autoruns - CHIP-Installer.exe
2015-04-12 00:37 - 2015-04-12 00:38 - 455920754 _____ () C:\Users\CH\Documents\Standard_20150412_003622.zip
2015-04-09 10:33 - 2015-04-09 10:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA INTERNET SECURITY
2015-04-08 15:21 - 2015-04-08 15:21 - 06420600 _____ (Tim Kosse) C:\Users\CH\Downloads\FileZilla_3.10.3_win64-setup.exe
2015-04-08 14:34 - 2015-04-08 14:34 - 00063267 _____ () C:\Users\CH\Desktop\Wir_waren_Könige_SDH.ezt
2015-04-04 19:42 - 2015-04-04 19:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-04 13:38 - 2015-04-04 13:38 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-04 13:38 - 2015-04-04 13:38 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-04 11:45 - 2015-04-04 11:50 - 00000000 ____D () C:\Users\CH\AppData\Local\elfopatch
2015-04-03 13:33 - 2015-04-03 13:33 - 00000000 ____D () C:\Users\CH\AppData\Local\{83839650-ADAA-4FB7-8A45-69E1687B4BB7}
2015-04-02 12:51 - 2015-04-02 12:51 - 00000000 ____D () C:\Users\CH\Desktop\Neuer Ordner (5)
2015-04-02 11:07 - 2015-04-02 11:08 - 00000000 ____D () C:\Users\CH\Desktop\Neuer Ordner (4)
2015-03-31 11:04 - 2015-03-31 11:04 - 00027648 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDKBB64.sys
2015-03-31 11:04 - 2015-03-31 11:04 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_GDKBB64_01007.Wdf
2015-03-30 19:26 - 2015-03-30 19:26 - 00000000 ____D () C:\Users\CH\Desktop\Teil 2
2015-03-30 15:39 - 2015-03-30 15:39 - 00001298 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser 7 der Telekom.lnk
2015-03-30 15:39 - 2015-03-30 15:39 - 00001286 _____ () C:\Users\Public\Desktop\Browser 7 der Telekom.lnk
2015-03-30 15:39 - 2015-03-30 15:39 - 00000000 ____D () C:\Program Files (x86)\Browser 7 Maintenance Service
2015-03-30 15:33 - 2015-03-30 15:33 - 00003118 _____ () C:\Windows\System32\Tasks\{618DF8AF-F72D-4443-B426-7863CEF14793}
2015-03-28 19:01 - 2015-03-28 19:01 - 00000871 _____ () C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2015-03-28 19:01 - 2015-03-28 19:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2015-03-28 19:01 - 2015-03-28 19:01 - 00000000 ____D () C:\Program Files\CPUID
2015-03-28 19:00 - 2015-03-28 19:00 - 01582736 _____ ( ) C:\Users\CH\Downloads\cpu-z_1.72_en.exe
2015-03-26 17:45 - 2015-03-26 17:45 - 00372040 _____ (Deutsche Telekom AG) C:\Users\CH\Downloads\browser7_setup (1).exe
2015-03-26 11:53 - 2015-04-12 10:36 - 00000000 ____D () C:\Users\CH\AppData\Local\CrashDumps
2015-03-26 11:50 - 2015-03-26 11:50 - 06208736 _____ (Tim Kosse) C:\Users\CH\Downloads\FileZilla_3.10.2_win32-setup.exe
2015-03-25 19:48 - 2015-03-11 06:06 - 00943616 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-03-25 19:48 - 2015-03-11 06:06 - 00760832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-03-25 19:48 - 2015-03-11 06:06 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-03-25 19:48 - 2015-03-11 06:06 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-03-25 19:48 - 2015-03-11 06:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-03-25 19:48 - 2015-03-11 06:05 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-03-25 19:48 - 2015-03-11 06:05 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-03-25 19:48 - 2015-03-11 06:02 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-03-25 18:33 - 2015-03-25 18:33 - 00002163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home.lnk
2015-03-25 18:33 - 2015-03-25 18:33 - 00002139 _____ () C:\Users\Public\Desktop\PlayMemories Home.lnk
2015-03-25 18:33 - 2015-03-25 18:33 - 00002025 _____ () C:\Users\Public\Desktop\PlayMemories Home-Hilfe.lnk
2015-03-25 18:33 - 2015-03-25 18:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home
2015-03-25 18:21 - 2015-03-25 18:22 - 13612568 _____ (Sony Corporation) C:\Users\CH\Downloads\PMHOME_4200DL.exe
2015-03-20 01:08 - 2015-03-30 15:40 - 00000000 ____D () C:\Users\CH\Desktop\Alte Browser7-Daten
2015-03-18 17:26 - 2015-03-29 01:23 - 00000000 ____D () C:\Users\CH\Desktop\Neuer Ordner

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-12 17:40 - 2010-10-02 16:12 - 00000000 ____D () C:\Users\CH
2015-04-12 17:38 - 2015-01-07 11:48 - 00000000 ____D () C:\Users\CH\Desktop\Titelbild 2015
2015-04-12 17:28 - 2012-04-04 11:29 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-12 17:13 - 2013-04-05 17:24 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-12 17:00 - 2013-07-08 13:44 - 00000349 _____ () C:\Users\Public\Documents\PCLECHAL.INI
2015-04-12 16:55 - 2013-03-20 22:57 - 00000000 ____D () C:\Users\CH\AppData\Local\EZTitles4
2015-04-12 16:42 - 2010-06-19 16:48 - 01583227 _____ () C:\Windows\WindowsUpdate.log
2015-04-12 13:52 - 2014-10-29 11:20 - 00003328 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3869574007-4155416212-3619733498-1000
2015-04-12 13:52 - 2013-10-08 10:13 - 00003188 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3869574007-4155416212-3619733498-1000
2015-04-12 12:21 - 2009-07-14 06:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-12 12:21 - 2009-07-14 06:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-12 11:55 - 2014-06-17 13:47 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-12 11:29 - 2010-06-19 17:35 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2015-04-12 11:29 - 2010-06-19 17:35 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2015-04-12 11:29 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-12 11:24 - 2013-04-05 17:24 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-12 11:23 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-12 11:15 - 2014-10-23 10:11 - 00003350 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3869574007-4155416212-3619733498-1000
2015-04-12 11:15 - 2013-05-14 15:10 - 00003210 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3869574007-4155416212-3619733498-1000
2015-04-12 10:46 - 2013-09-24 10:50 - 00000000 ____D () C:\Users\CH\AppData\Roaming\FileZilla
2015-04-12 10:36 - 2013-07-05 17:12 - 00000000 ____D () C:\Windows\Minidump
2015-04-12 10:30 - 2012-01-28 03:16 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-04-12 10:30 - 2012-01-28 03:15 - 00000000 ____D () C:\Program Files\CCleaner
2015-04-12 02:00 - 2014-08-26 10:35 - 00000000 ____D () C:\Users\CH\AppData\Local\Adobe
2015-04-11 19:17 - 2014-06-03 19:37 - 00003168 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForCH
2015-04-11 19:17 - 2014-06-03 19:37 - 00000320 _____ () C:\Windows\Tasks\HPCeeScheduleForCH.job
2015-04-10 11:57 - 2011-02-10 14:02 - 00000000 ____D () C:\Users\CH\AppData\Roaming\vlc
2015-04-09 10:33 - 2014-10-07 01:22 - 00001940 _____ () C:\Users\Public\Desktop\G DATA INTERNET SECURITY.lnk
2015-04-09 10:33 - 2014-10-07 00:57 - 00064512 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys
2015-04-07 19:16 - 2010-11-27 16:56 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-04-05 01:50 - 2015-02-10 20:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-04 11:50 - 2013-10-01 14:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2015-04-04 11:50 - 2013-10-01 14:30 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2015-04-04 11:45 - 2014-10-11 11:47 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-03 13:33 - 2011-01-25 21:44 - 00000000 ____D () C:\Users\CH\AppData\Local\Windows Live
2015-04-03 00:43 - 2015-02-10 20:21 - 00000000 ____D () C:\Users\CH\dwhelper
2015-04-02 20:09 - 2011-04-27 02:57 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-03-31 13:11 - 2014-10-07 11:12 - 00106272 _____ (G Data Software) C:\Windows\system32\Drivers\GRD.sys
2015-03-31 13:11 - 2014-10-07 11:12 - 00018160 _____ (G Data Software) C:\Windows\system32\Drivers\GdPhyMem.sys
2015-03-31 11:07 - 2014-10-07 00:57 - 00075776 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys
2015-03-31 11:04 - 2014-10-07 00:57 - 00020992 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDKBFlt64.sys
2015-03-31 11:04 - 2014-10-07 00:56 - 00230400 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys
2015-03-31 11:04 - 2014-10-07 00:56 - 00150016 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys
2015-03-31 11:04 - 2014-10-07 00:56 - 00124928 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys
2015-03-31 00:46 - 2010-10-02 16:12 - 00000544 _____ () C:\Windows\Tasks\PCDRScheduledMaintenance.job
2015-03-30 15:39 - 2014-01-15 01:09 - 00000000 ____D () C:\Program Files (x86)\Deutsche Telekom AG
2015-03-28 15:01 - 2013-06-08 14:14 - 00003595 _____ () C:\Windows\SysWOW64\InstallUtil.InstallLog
2015-03-26 11:51 - 2014-04-01 12:30 - 00001966 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk
2015-03-26 11:51 - 2014-04-01 12:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-03-26 11:51 - 2014-04-01 12:30 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2015-03-26 11:47 - 2014-12-11 03:24 - 00000000 ____D () C:\Windows\system32\appraiser
2015-03-26 11:47 - 2014-05-13 00:10 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-03-25 23:26 - 2013-07-28 15:40 - 00000000 ____D () C:\HDW50_TMP
2015-03-25 18:35 - 2013-09-23 15:50 - 00000000 ____D () C:\Windows\System32\Tasks\Sony Corporation
2015-03-25 18:34 - 2013-09-23 15:48 - 00000000 ____D () C:\Program Files\Common Files\Sony Shared
2015-03-25 18:32 - 2010-12-07 14:25 - 00000000 ____D () C:\Program Files (x86)\Sony
2015-03-16 01:00 - 2010-11-11 16:57 - 00000000 ____D () C:\Users\CH\Documents\NeroVision
2015-03-15 13:09 - 2013-11-21 21:55 - 00000000 ____D () C:\Users\CH\Documents\My Kindle Content
2015-03-13 16:51 - 2012-04-04 11:29 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-13 16:51 - 2012-04-04 11:29 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-03-13 16:51 - 2011-05-15 11:51 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-13 11:36 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-13 01:59 - 2014-05-14 10:51 - 00000000 ____D () C:\Users\CH\Desktop\Neuer Ordner (2)

==================== Files in the root of some directories =======

2013-05-25 18:58 - 2013-05-25 18:59 - 5082084 _____ (The Public) C:\Users\CH\AppData\Roaming\Avisynth.exe
2013-05-25 18:59 - 2013-05-25 18:59 - 5243208 _____ (                                                            ) C:\Users\CH\AppData\Roaming\AvsP.exe
2014-08-03 13:50 - 2014-08-15 14:14 - 0000040 _____ () C:\Users\CH\AppData\Roaming\cdr.ini
2012-09-27 15:25 - 2012-09-27 15:25 - 0000211 _____ () C:\Users\CH\AppData\Roaming\CH-HP.MTBF.txt
2011-07-07 12:44 - 2012-02-29 01:34 - 0000697 _____ () C:\Users\CH\AppData\Roaming\ConvAPIPlugin.log
2014-09-14 15:25 - 2014-09-14 15:25 - 0000000 _____ () C:\Users\CH\AppData\Roaming\gdfw.log
2014-09-14 15:25 - 2014-10-07 00:56 - 0001558 _____ () C:\Users\CH\AppData\Roaming\gdscan.log
2011-07-01 16:32 - 2011-08-07 20:32 - 0001854 _____ () C:\Users\CH\AppData\Roaming\GhostObjGAFix.xml
2013-05-25 18:59 - 2013-05-25 18:59 - 5514668 _____ (LIGHTNING UK!) C:\Users\CH\AppData\Roaming\Imgburn.exe
2004-01-26 17:15 - 2004-01-26 17:15 - 0233472 ____R () C:\Users\CH\AppData\Roaming\MafiaSetup.exe
2013-05-25 18:59 - 2013-05-25 18:59 - 1357348 _____ () C:\Users\CH\AppData\Roaming\MatroskaSplitter.exe
2011-05-02 15:07 - 2011-05-02 15:07 - 0114803 _____ () C:\Users\CH\AppData\Roaming\mdbu.bin
2013-05-25 18:59 - 2013-05-25 19:00 - 7760687 _____ (Boraxsoft) C:\Users\CH\AppData\Roaming\SetupGFD.exe
2012-03-15 18:25 - 2013-12-23 20:32 - 0239510 _____ () C:\Users\CH\AppData\Roaming\WavePad.dmp
2013-05-25 18:59 - 2013-05-25 18:59 - 0117723 _____ () C:\Users\CH\AppData\Roaming\yuvcodecs-1.3.exe
2012-09-27 15:26 - 2012-09-27 17:07 - 0000900 _____ () C:\Users\CH\AppData\Roaming\__AvidCloudManager.log
2012-09-27 15:26 - 2012-09-27 15:26 - 0000676 _____ () C:\Users\CH\AppData\Roaming\__AvidCloudManagerPrevious.log
2010-11-11 23:46 - 2015-02-15 12:54 - 0111104 _____ () C:\Users\CH\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-05-07 16:05 - 2014-12-14 05:12 - 0007601 _____ () C:\Users\CH\AppData\Local\Resmon.ResmonCfg
2014-05-12 20:09 - 2014-05-12 20:09 - 0000000 _____ () C:\Users\CH\AppData\Local\{DCA72C06-BECF-421A-819D-A632B98363C9}
2011-07-07 12:23 - 2014-11-03 17:13 - 0006805 _____ () C:\ProgramData\hpzinstall.log
2010-11-11 23:43 - 2014-08-27 19:01 - 0000024 _____ () C:\ProgramData\__FileUploader.log

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-04 00:37

==================== End Of Log ============================

 

Themen zu PC fährt nicht mehr runter, kann explorer nicht beenden
browser, ccsetup, computer, defender, desktop, festplatte, flash player, ftp, g-data, helper, home, homepage, hängen, lightning, mozilla, problem, programm, registry, scan, security, services.exe, software, superantispyware, system, taskmanager, virus, windows


« Wohl kein Virus/Trojaner | Ich bin Teil von einem server, also ich habe einen Administrator über mir »


Ähnliche Themen: PC fährt nicht mehr runter, kann explorer nicht beenden


  1. PC fährt nicht mehr runter / Win7 64bit
    Alles rund um Windows - 30.07.2015 (10)
  2. Computer plötzlich langsam und fährt nicht mehr runter ohne den Strom auszuschalten
    Plagegeister aller Art und deren Bekämpfung - 05.10.2013 (7)
  3. PC fährt nicht mehr runter [Win7]
    Plagegeister aller Art und deren Bekämpfung - 26.06.2013 (1)
  4. Rechner fährt nicht runter, kein Strg+Alt+Entf mehr möglich
    Log-Analyse und Auswertung - 12.01.2013 (1)
  5. Nach bka 2.0.7 fährt PC nicht mehr runter
    Plagegeister aller Art und deren Bekämpfung - 05.09.2012 (3)
  6. PC fährt nicht mehr ordentlich runter - Windows Vista
    Alles rund um Windows - 02.08.2012 (7)
  7. Pc fährt nicht mehr richtig runter und brauche eine HiJack Auswertung
    Mülltonne - 05.11.2008 (1)
  8. Notebook fährt nicht mehr runter ....
    Log-Analyse und Auswertung - 12.09.2008 (10)
  9. Rechner fährt nicht mehr runter!
    Log-Analyse und Auswertung - 21.06.2007 (1)
  10. Windows fährt runter nach Beenden des RPC-Dienstes
    Log-Analyse und Auswertung - 13.03.2007 (3)
  11. Pufferüberlauf;System fährt runter, wann es will; microsoft update nicht mehr möglich
    Plagegeister aller Art und deren Bekämpfung - 16.09.2006 (5)
  12. Nach Anti-Vir-Update kein Internetzugang mehr & Rechner fährt nicht runter
    Antiviren-, Firewall- und andere Schutzprogramme - 03.02.2006 (6)
  13. Laptop fährt nicht mehr richtig runter -HijackThis file
    Log-Analyse und Auswertung - 14.11.2005 (13)
  14. Laptop fährt nicht mehr sauber runter (Hijack Logfile)
    Log-Analyse und Auswertung - 20.03.2005 (10)
  15. !!! Rechner Fährt Nicht Mehr Runter !!!
    Alles rund um Windows - 30.01.2005 (6)
  16. Rechner fährt nicht mehr runter....Trojaner???
    Plagegeister aller Art und deren Bekämpfung - 22.08.2004 (7)
  17. Computer fährt nicht mehr runter....
    Alles rund um Windows - 31.08.2003 (10)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema PC fährt nicht mehr runter, kann explorer nicht beenden - Hallo, seit einiger Zeit passiert es immer wieder, dass ich den Explorer oder ein anderes Programm, das zu viel Arbeitsspeicher benötigt, nicht mehr mit dem Taskmanager beenden kann. Wenn ich - PC fährt nicht mehr runter, kann explorer nicht beenden...
Archiv
Du betrachtest: PC fährt nicht mehr runter, kann explorer nicht beenden auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131