| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: svchost.exe Avast geblocktWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
14.06.2015, 20:26
| #1 |
 |  svchost.exe Avast geblockt Hallo zusammen. Seit einger Zeit erscheint bei Avast im Mozilla Browser die die Virusmeldung c:\windows\system32\svchost.exe Infektion blockiert. Malwarebyte habe ich schon ausprobiert ebenso update von Avast und erneuter Virusscan. Alles gelöscht wie angegeben, jedoch kommt nach dem Neustart die erneute o.g. Meldung . Was kann ich noch machen? Vielen Dank schon einmal im Voraus michael FRST FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-06-2015
Ran by Luiza (administrator) on LUIZA-PC on 14-06-2015 21:10:53
Running from C:\Users\Luiza\Downloads
Loaded Profiles: Luiza (Available Profiles: Luiza)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Inglês (Estados Unidos)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPStart.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
() C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [287800 2009-11-11] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-23] (Avast Software s.r.o.)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1183744 2007-02-21] (Analog Devices, Inc.)
HKLM\...\Run: [SynTPStart] => C:\Program Files\Synaptics\SynTP\SynTPStart.exe [102400 2007-09-15] (Synaptics, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-21-3946875533-3410000714-2897456997-1001\...\Run: [*LABAL*] => [X]
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-08-06] (Microsoft Corporation)
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-05-23] (Avast Software s.r.o.)
BootExecute: autocheck autochk * sdnclean.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-3946875533-3410000714-2897456997-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-3946875533-3410000714-2897456997-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3946875533-3410000714-2897456997-1001 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = https://www.google.de/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-06-13] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-23] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-13] (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Luiza\AppData\Roaming\Mozilla\Firefox\Profiles\dgoy43gq.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_160.dll [2015-06-14] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-13] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-13] (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-14] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-14] (Google Inc.)
FF Extension: Português Portugal Language Pack - C:\Users\Luiza\AppData\Roaming\Mozilla\Firefox\Profiles\dgoy43gq.default\Extensions\langpack-pt-PT@firefox.mozilla.org.xpi [2014-08-05]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-06-04]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-08]
Chrome:
=======
CHR Profile: C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-14]
CHR Extension: (Google Docs) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-14]
CHR Extension: (Google Drive) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-14]
CHR Extension: (YouTube) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-14]
CHR Extension: (Google Search) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-14]
CHR Extension: (Google Sheets) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-14]
CHR Extension: (Avast Online Security) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-06-14]
CHR Extension: (Google Wallet) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-14]
CHR Extension: (Gmail) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-14]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-23]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AAV UpdateService; C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-23] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-05-23] (Avast Software)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2012-01-18] (Logitech Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-05-23] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-05-23] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-05-23] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-05-23] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-05-23] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427992 2015-05-23] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-05-23] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-05-23] ()
R3 GTIPCI21; C:\Windows\System32\DRIVERS\gtipci21.sys [97280 2007-05-09] (Texas Instruments)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-06-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-05-23] (Avast Software)
S3 cpuz136; \??\C:\Users\Luiza\AppData\Local\Temp\cpuz136\cpuz136_x32.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 WinRing0_1_2_0; \??\C:\Users\Luiza\AppData\Local\Temp\Rar$EXa0.252\WinRing0.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-14 21:10 - 2015-06-14 21:11 - 00012750 _____ C:\Users\Luiza\Downloads\FRST.txt
2015-06-14 21:09 - 2015-06-14 21:10 - 00000000 ____D C:\FRST
2015-06-14 21:09 - 2015-06-14 21:09 - 01148416 _____ (Farbar) C:\Users\Luiza\Downloads\FRST.exe
2015-06-14 21:07 - 2015-06-14 21:07 - 00000115 _____ C:\Users\Luiza\Desktop\Fixlist.txt
2015-06-14 21:02 - 2015-06-14 21:02 - 00003672 _____ C:\Users\Luiza\Documents\viren.txt
2015-06-14 20:31 - 2015-06-14 20:31 - 00000000 ____D C:\Program Files\ESET
2015-06-14 20:30 - 2015-06-14 20:30 - 02870984 _____ (ESET) C:\Users\Luiza\Downloads\esetsmartinstaller_deu.exe
2015-06-14 15:56 - 2015-06-14 15:56 - 00017618 _____ C:\Users\Luiza\Desktop\dds.txt
2015-06-14 15:56 - 2015-06-14 15:56 - 00002594 _____ C:\Users\Luiza\Desktop\attach.txt
2015-06-14 15:49 - 2015-06-14 15:49 - 00688992 ____R (Swearware) C:\Users\Luiza\Downloads\dds.exe
2015-06-14 14:29 - 2015-06-14 14:29 - 00007605 _____ C:\Users\Luiza\AppData\Local\Resmon.ResmonCfg
2015-06-14 13:26 - 2015-06-14 15:53 - 00000000 ____D C:\AdwCleaner
2015-06-14 13:26 - 2015-06-14 13:26 - 02231296 _____ C:\Users\Luiza\Downloads\adwcleaner_4.206.exe
2015-06-14 12:48 - 2015-06-14 12:48 - 00002201 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-14 12:48 - 2015-06-14 12:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-14 12:47 - 2015-06-14 21:04 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-14 12:47 - 2015-06-14 20:57 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-14 12:47 - 2015-06-14 12:48 - 00000000 ____D C:\Users\Luiza\AppData\Local\Google
2015-06-14 12:47 - 2015-06-14 12:48 - 00000000 ____D C:\Program Files\Google
2015-06-13 19:43 - 2015-06-13 19:43 - 00000000 ____D C:\ProgramData\Sun
2015-06-13 19:43 - 2015-06-13 19:43 - 00000000 ____D C:\Program Files\Common Files\Java
2015-06-13 19:43 - 2015-06-13 19:42 - 00096352 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-06-13 19:42 - 2015-06-13 19:46 - 00000000 ____D C:\ProgramData\Oracle
2015-06-13 19:42 - 2015-06-13 19:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-06-13 19:42 - 2015-06-13 19:42 - 00000000 ____D C:\Program Files\Java
2015-06-13 19:41 - 2015-05-09 05:14 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-13 19:41 - 2015-05-09 05:13 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-13 19:41 - 2015-05-09 05:13 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-13 19:41 - 2015-05-09 05:12 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-13 19:41 - 2015-05-09 05:08 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 03:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 03:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 03:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 03:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-13 19:39 - 2015-06-13 19:39 - 00561248 _____ (Oracle Corporation) C:\Users\Luiza\Downloads\jxpiinstall.exe
2015-06-10 17:24 - 2015-06-02 21:35 - 00342728 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 17:24 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 17:24 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-06-10 17:24 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 17:24 - 2015-05-25 20:07 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 17:24 - 2015-05-25 20:07 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 17:24 - 2015-05-25 20:04 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 17:24 - 2015-05-25 20:01 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 17:24 - 2015-05-25 20:01 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 17:24 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 17:24 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 17:24 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 17:24 - 2015-05-25 20:01 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 17:24 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 17:24 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 17:24 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 17:24 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 17:24 - 2015-05-25 20:01 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 17:24 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 17:24 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 17:24 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 17:24 - 2015-05-25 20:01 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 17:24 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 17:24 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 17:24 - 2015-05-25 20:01 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 17:24 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 17:24 - 2015-05-25 20:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 17:24 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 17:24 - 2015-05-25 20:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 17:24 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 17:24 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 17:24 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 17:24 - 2015-05-25 20:00 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 17:24 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 17:24 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 17:24 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 17:24 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 17:24 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 17:24 - 2015-05-25 19:00 - 02384384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 17:24 - 2015-05-25 18:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 17:24 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 17:24 - 2015-05-23 05:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 17:24 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 17:24 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 17:24 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 17:24 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 17:24 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 17:24 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 17:24 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 17:24 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 17:24 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 17:24 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 17:24 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 17:24 - 2015-05-23 05:05 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 17:24 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 17:24 - 2015-05-23 05:00 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 17:24 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 17:24 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 17:24 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 17:24 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 17:24 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 17:24 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 17:24 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 17:24 - 2015-05-23 04:38 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 17:24 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 17:24 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 17:24 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 17:24 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 17:24 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 17:24 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 17:23 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 17:23 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 17:23 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 17:23 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 17:23 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 17:23 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-05 13:45 - 2015-05-22 20:03 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-05 13:45 - 2015-05-22 20:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-05 13:45 - 2015-05-22 20:02 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-05 13:45 - 2015-05-22 20:02 - 00333824 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-05 13:45 - 2015-05-22 20:02 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-05 13:45 - 2015-05-22 20:02 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-05 13:45 - 2015-05-22 19:58 - 00901120 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-05 13:45 - 2015-05-21 15:20 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-04 23:05 - 2015-06-04 23:05 - 00000000 ____D C:\Users\Luiza\AppData\Local\GWX
2015-06-04 12:16 - 2015-06-04 23:04 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-05-24 22:35 - 2015-05-24 22:35 - 00000000 ____D C:\Windows\system32\Flash
2015-05-24 22:24 - 2015-05-24 22:28 - 00000004 _____ C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
2015-05-24 22:08 - 2015-05-24 22:08 - 00000000 ____D C:\Users\Luiza\AppData\Roaming\Opera Software
2015-05-24 22:08 - 2015-05-24 22:08 - 00000000 ____D C:\Users\Luiza\AppData\Local\Opera Software
2015-05-24 22:04 - 2015-05-24 22:41 - 00000000 ____D C:\Program Files\Opera
2015-05-23 10:51 - 2015-05-23 10:51 - 00001404 _____ C:\Users\Luiza\Desktop\Windows Live Mail.lnk
2015-05-23 10:48 - 2015-05-23 10:48 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-05-23 10:48 - 2015-05-23 10:48 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-05-23 10:45 - 2015-05-23 10:45 - 00000000 ____D C:\Users\Luiza\AppData\Roaming\Windows Live Writer
2015-05-23 10:40 - 2015-05-23 10:40 - 00001404 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2015-05-23 10:40 - 2015-05-23 10:40 - 00000000 ____D C:\Windows\PCHEALTH
2015-05-23 10:40 - 2015-05-23 10:40 - 00000000 ____D C:\Program Files\Windows Live
2015-05-21 22:56 - 2015-04-11 05:07 - 00054656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-05-21 22:56 - 2015-03-14 05:04 - 01372160 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-05-21 22:56 - 2015-03-14 05:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-05-21 21:02 - 2015-06-14 12:51 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-14 21:08 - 2014-08-05 19:36 - 00720822 _____ C:\Windows\system32\prfh0816.dat
2015-06-14 21:08 - 2014-08-05 19:36 - 00152774 _____ C:\Windows\system32\prfc0816.dat
2015-06-14 21:08 - 2014-08-05 17:55 - 02492380 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-14 21:07 - 2014-08-05 20:34 - 02067664 _____ C:\Windows\WindowsUpdate.log
2015-06-14 21:03 - 2015-04-13 11:16 - 00001904 _____ C:\Windows\setupact.log
2015-06-14 21:03 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-14 21:02 - 2014-08-05 22:25 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-14 20:49 - 2015-04-12 23:21 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-14 20:17 - 2009-07-14 06:34 - 00020192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-14 20:17 - 2009-07-14 06:34 - 00020192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-14 20:01 - 2014-08-05 22:56 - 00000000 ____D C:\Users\Luiza\AppData\Roaming\Skype
2015-06-14 14:48 - 2015-02-10 21:33 - 00000000 ____D C:\Michael SSD
2015-06-14 13:30 - 2015-04-13 11:16 - 00340024 _____ C:\Windows\PFRO.log
2015-06-14 13:16 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system
2015-06-14 13:00 - 2014-08-05 18:27 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-06-14 12:53 - 2014-08-05 22:55 - 00000000 ____D C:\ProgramData\Skype
2015-06-14 12:51 - 2014-08-07 19:28 - 00001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2015-06-14 12:51 - 2014-08-07 19:28 - 00001159 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2015-06-14 12:47 - 2014-08-05 22:25 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-06-14 12:47 - 2014-08-05 22:25 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-06-13 19:32 - 2009-07-14 06:33 - 00287072 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-13 19:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pt-PT
2015-06-13 19:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2015-06-13 19:15 - 2014-08-05 18:19 - 00000000 ____D C:\Windows\system32\MRT
2015-06-13 19:11 - 2014-08-05 18:19 - 136900096 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-10 19:55 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2015-06-08 11:59 - 2009-07-14 06:52 - 00000000 ____D C:\Windows\system32\WinBioDatabase
2015-06-06 11:15 - 2014-12-16 21:57 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-06 11:15 - 2014-08-05 19:14 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-04 12:04 - 2014-08-05 22:55 - 00000000 ___RD C:\Program Files\Skype
2015-05-24 23:08 - 2014-08-05 18:11 - 00000000 ____D C:\Windows\tiinst
2015-05-24 23:06 - 2009-07-14 04:04 - 00000505 _____ C:\Windows\win.ini
2015-05-24 22:36 - 2014-08-05 19:39 - 00001121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-05-24 22:36 - 2014-08-05 19:39 - 00001109 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-05-24 22:36 - 2014-08-05 17:49 - 00001417 _____ C:\Users\Luiza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-24 22:13 - 2015-04-12 23:20 - 00001064 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-05-24 22:13 - 2015-04-12 23:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-05-24 22:13 - 2015-04-12 23:20 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware
2015-05-23 10:48 - 2014-08-08 15:46 - 00787760 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-05-23 10:48 - 2014-08-08 15:46 - 00427992 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-05-23 10:48 - 2014-08-08 15:46 - 00209048 _____ C:\Windows\system32\Drivers\aswVmm.sys
2015-05-23 10:48 - 2014-08-08 15:46 - 00106912 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-05-23 10:48 - 2014-08-08 15:46 - 00081728 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-05-23 10:48 - 2014-08-08 15:46 - 00074976 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-05-23 10:48 - 2014-08-08 15:46 - 00049904 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2015-05-23 10:48 - 2014-08-08 15:46 - 00024144 _____ C:\Windows\system32\Drivers\aswHwid.sys
2015-05-23 10:46 - 2014-08-06 20:54 - 00000000 ____D C:\Users\Luiza\AppData\Local\Windows Live
2015-05-23 10:40 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-05-21 22:53 - 2015-01-20 23:04 - 00000000 ____D C:\Users\Luiza\AppData\Local\Adobe
2015-05-21 12:13 - 2015-04-05 12:26 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-18 13:19 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-05-16 11:36 - 2009-07-14 09:50 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-16 11:36 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
==================== Files in the root of some directories =======
2015-03-09 22:36 - 2015-03-09 22:36 - 1231328 _____ (CPUID) C:\Users\Luiza\AppData\Roaming\siw_sdk.dll
2014-08-05 19:15 - 2014-08-05 19:15 - 0000000 _____ () C:\Users\Luiza\AppData\Local\AtStart.txt
2014-08-05 19:15 - 2014-08-05 19:15 - 0000000 _____ () C:\Users\Luiza\AppData\Local\DSwitch.txt
2014-08-05 19:15 - 2014-08-05 19:15 - 0000000 _____ () C:\Users\Luiza\AppData\Local\QSwitch.txt
2015-06-14 14:29 - 2015-06-14 14:29 - 0007605 _____ () C:\Users\Luiza\AppData\Local\Resmon.ResmonCfg
Some files in TEMP:
====================
C:\Users\Luiza\AppData\Local\Temp\Quarantine.exe
C:\Users\Luiza\AppData\Local\Temp\sqlite3.dll
C:\Users\Luiza\AppData\Local\Temp\Uninstall.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-06 11:46
==================== End of log ============================
Geändert von pingodoce (14.06.2015 um 21:08 Uhr) |
|
14.06.2015, 21:20
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | svchost.exe Avast geblockt Hi,
__________________- Log von Avast bitte posten - Addition.txt fehlt, bitte nachreichen  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
14.06.2015, 21:49
| #3 |
| | svchost.exe Avast geblockt Hallo cosinus ,
__________________vielen Dank für die Antwort hier die Additonal.txtFRST Additions Logfile: FRST Additions Logfile: [CODE]Additional FRST Logfile: Code:
ATTFilter scan result of Farbar Recovery Scan Tool (x86) Version: 13-06-2015
Ran by Luiza at 2015-06-14 22:41:44
Running from C:\Users\Luiza\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3946875533-3410000714-2897456997-500 - Administrator - Disabled)
Guest (S-1-5-21-3946875533-3410000714-2897456997-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3946875533-3410000714-2897456997-1002 - Limited - Enabled)
Luiza (S-1-5-21-3946875533-3410000714-2897456997-1001 - Administrator - Enabled) => C:\Users\Luiza
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AAVUpdateManager (HKLM\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.160 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.2.2218 - AVAST Software)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11b Network Adapter) (Version: - )
Canon MG5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series) (Version: - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
globalupdate Helper (Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ATTENTION
Google Chrome (HKLM\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Update Helper (Version: 1.3.27.5 - Google Inc.) Hidden
HP Quick Launch Buttons (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.14.1 - Hewlett-Packard Company)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Junk Mail filter update (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Português) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 2070) (Version: 4.5.51209 - Microsoft Corporation)
Mozilla Firefox 38.0.5 (x86 de) (HKLM\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)
Mozilla Thunderbird 38.0.1 (x86 pt-PT) (HKLM\...\Mozilla Thunderbird 38.0.1 (x86 pt-PT)) (Version: 38.0.1 - Mozilla)
OpenOffice 4.1.0 (HKLM\...\{3A0489C9-BEF9-4A62-BF79-8383F24CEC1A}) (Version: 4.10.9764 - Apache Software Foundation)
QLBCASL (Version: 6.40.17.2 - Hewlett-Packard) Hidden
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.5 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
SteuerSparErklärung 2015 (HKLM\...\{312C0E08-8F94-4536-AAF6-3413F784AC5F}) (Version: 20.30.147 - Akademische Arbeitsgemeinschaft)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 10.0.13.2 - Synaptics)
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.31064 - TeamViewer)
Texas Instruments PCIxx21/x515/xx12 drivers. (HKLM\...\InstallShield_{767B964C-D9B4-422D-802B-F7ACBE2D310A}) (Version: 2.00.0004 - Texas Instruments Inc.)
TIPCI (Version: 2.00.0004 - Texas Instruments Inc.) Hidden
VoipConnect (HKLM\...\VoipConnect_is1) (Version: 4.14 build 762 - Finarea S.A. Switzerland)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
14-06-2015 22:38:13 avast! antivirus system restore point
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2014-09-27 18:34 - 00450709 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
There are 1000 more lines.
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0274C13A-F490-4764-86C6-4B090F54534F} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {0B4276C0-8FE6-4D83-BBC3-D21EB34332E4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-06-14] (Google Inc.)
Task: {13D9CE0C-3DA8-46F4-8E17-19F27403B671} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {47594560-8CE2-4F42-B58D-520A0E730C03} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-14] (Adobe Systems Incorporated)
Task: {4B6479D2-EA12-47ED-AE18-23693BF8AADA} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {6478C7E0-C68D-4B43-9DB5-FC3CDC5EE466} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {732F20F4-7650-44D5-817D-5E834C2EFAA2} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {930C2C3B-207B-4379-A829-A584FA1BC2AD} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {981472AF-848D-4848-AF88-308F40DE1BDB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {B443E700-8E20-488A-9575-817DFB1ACF5F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-06-14] (Google Inc.)
Task: {FAB311F9-A3E4-41E1-9F77-AE978183D175} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-23] (Avast Software s.r.o.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2015-05-23 10:48 - 2015-05-23 10:48 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-23 10:48 - 2015-05-23 10:48 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-06-14 20:05 - 2015-06-14 20:05 - 02954752 _____ () C:\Program Files\AVAST Software\Avast\defs\15061401\algo.dll
2015-05-23 10:48 - 2015-05-23 10:48 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2008-10-24 17:35 - 2008-10-24 17:35 - 00128296 _____ () C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
There are 7865 more restricted sites.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3946875533-3410000714-2897456997-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Luiza\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: VoipConnect => "C:\Program Files\VoipConnect.com\VoipConnect\VoipConnect.exe" -nosplash -minimized
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{FFA5C05E-6D6A-4FED-95DA-63E2835DC8F0}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{85B8A795-DFEC-424E-883B-076C9DAC34CE}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{A25BF6DF-1ED2-4903-BF06-C7AF1DA2BC76}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{7B0EAE30-289D-4F34-8DAA-DC32C4783A0B}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{506EFCFA-4C91-42F7-8D7E-C3CFF7197298}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{E94D37B1-9230-42D6-9697-5C417FFC31B3}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{5A34989C-F0EF-4334-B9D7-BE378FCF6186}] => (Allow) C:\Program Files\VoipConnect.com\VoipConnect\VoipConnect.exe
FirewallRules: [{2D3E4F40-C879-47ED-9599-6BDC1243D835}] => (Allow) C:\Program Files\VoipConnect.com\VoipConnect\VoipConnect.exe
FirewallRules: [TCP Query User{50B6997F-6FBD-443D-B4AB-E9F618894D88}C:\program files\voipconnect.com\voipconnect\voipconnect.exe] => (Allow) C:\program files\voipconnect.com\voipconnect\voipconnect.exe
FirewallRules: [UDP Query User{397952BD-0BA8-4893-B37F-422585C75A3B}C:\program files\voipconnect.com\voipconnect\voipconnect.exe] => (Allow) C:\program files\voipconnect.com\voipconnect\voipconnect.exe
FirewallRules: [{D7BFA842-2DA2-43AC-86C1-67EB3C27BE81}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3E78C5DF-C0B0-4660-934B-2DA82972FE92}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{3F45FE91-272D-48F8-B671-5862400F07D2}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{A5257A0A-06FF-440D-8483-CC6D2512965E}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{1703990C-59C7-4D2A-82C7-9D6F2DAB2F1E}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{54D62771-06C6-4926-AFB9-0CE829B5C710}] => (Allow) LPort=2869
FirewallRules: [{0B6D3DE2-E66C-488B-A7A3-C28DBF4FFBE3}] => (Allow) LPort=1900
FirewallRules: [{29B8616D-D8C4-40F6-B8DA-68D9C2524EAA}] => (Allow) C:\Program Files\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
FirewallRules: [{B677D45D-CB0B-4DC2-82BC-3A5C19843600}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{1EBC0B7E-77B5-428D-B993-E31C92852500}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{894B8189-1791-47E6-BC19-A314133B489A}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de Túnel Teredo da Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/14/2015 10:38:12 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Erro do Serviço de Cópia Sombra de Volumes: erro inesperado ao consultar a interface IVssWriterCallback. hr = 0x80070005, Access is denied.
.
Este é muitas vezes causado por definições de segurança incorrectas no processo do escritor ou requerente.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {417d0080-8a24-4e14-b69f-0ba1d802a992}
Error: (06/14/2015 00:52:01 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Error 1316. The specified account already exists.
Error: (06/14/2015 00:39:22 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Não foi possível criar o ponto de restauro (Processo = C:\Windows\system32\svchost.exe -k netsvcs; Descrição = Windows Update; Erro = 0x81000101).
Error: (05/24/2015 10:39:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome da aplicação com falha: plugin-container.exe, versão: 38.0.1.5611, carimbo de data/hora: 0x55541a90
Nome do módulo com falha: mozalloc.dll, versão: 38.0.1.5611, carimbo de data/hora: 0x55540a1e
Código de excepção: 0x80000003
Desvio de falha: 0x00001aa1
ID do processo com falha: 0x15ac
Data/hora de início da aplicação com falha: 0xplugin-container.exe0
Caminho da aplicação com falha: plugin-container.exe1
Caminho do módulo com falha: plugin-container.exe2
ID do Relatório: plugin-container.exe3
Error: (05/24/2015 10:20:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome da aplicação com falha: plugin-container.exe, versão: 38.0.1.5611, carimbo de data/hora: 0x55541a90
Nome do módulo com falha: mozalloc.dll, versão: 38.0.1.5611, carimbo de data/hora: 0x55540a1e
Código de excepção: 0x80000003
Desvio de falha: 0x00001aa1
ID do processo com falha: 0x16b0
Data/hora de início da aplicação com falha: 0xplugin-container.exe0
Caminho da aplicação com falha: plugin-container.exe1
Caminho do módulo com falha: plugin-container.exe2
ID do Relatório: plugin-container.exe3
Error: (05/23/2015 10:39:02 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Erro do Serviço de Cópia Sombra de Volumes: erro inesperado ao consultar a interface IVssWriterCallback. hr = 0x80070005, Access is denied.
.
Este é muitas vezes causado por definições de segurança incorrectas no processo do escritor ou requerente.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {13b0da11-dc7e-42c5-b02e-7eb3fdbeb93d}
Error: (05/21/2015 00:12:26 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Não foi possível criar o ponto de restauro (Processo = C:\Windows\system32\svchost.exe -k netsvcs; Descrição = Windows Update; Erro = 0x81000101).
Error: (04/18/2015 08:02:06 PM) (Source: SDFSSvc.exe) (EventID: 0) (User: )
Description: The service process could not connect to the service controller
Error: (03/12/2015 07:54:09 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Não foi possível inicializar o índice.
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (03/12/2015 07:54:09 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Não foi possível inicializar a aplicação.
Context: Windows Application
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
System errors:
=============
Error: (06/14/2015 09:04:25 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falhou o carregamento dos seguintes controladores de início de arranque ou de início do sistema:
cdrom
Error: (06/14/2015 08:04:51 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falhou o carregamento dos seguintes controladores de início de arranque ou de início do sistema:
cdrom
Error: (06/14/2015 07:05:18 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falhou o carregamento dos seguintes controladores de início de arranque ou de início do sistema:
cdrom
Error: (06/14/2015 03:54:47 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falhou o carregamento dos seguintes controladores de início de arranque ou de início do sistema:
cdrom
Error: (06/14/2015 03:53:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Volume Shadow Copy terminou inesperadamente. Isto aconteceu 1 vez(es).
Error: (06/14/2015 03:53:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Com4QLBEx terminou inesperadamente. Isto aconteceu 1 vez(es).
Error: (06/14/2015 03:53:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Windows Media Player Network Sharing Service terminou inesperadamente. Já o fez 1 vez(es). Será efectuada a seguinte acção correctiva em 30000 milissegundos: Restart the service.
Error: (06/14/2015 03:53:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço hpqwmiex terminou inesperadamente. Isto aconteceu 1 vez(es).
Error: (06/14/2015 03:53:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Windows Search terminou inesperadamente. Já o fez 1 vez(es). Será efectuada a seguinte acção correctiva em 30000 milissegundos: Restart the service.
Error: (06/14/2015 03:53:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Windows Live ID Sign-in Assistant terminou inesperadamente. Já o fez 1 vez(es). Será efectuada a seguinte acção correctiva em 10000 milissegundos: Restart the service.
Microsoft Office:
=========================
Error: (06/14/2015 10:38:12 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Access is denied.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {417d0080-8a24-4e14-b69f-0ba1d802a992}
Error: (06/14/2015 00:52:01 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Error 1316. The specified account already exists.
(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (06/14/2015 00:39:22 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x81000101
Error: (05/24/2015 10:39:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe38.0.1.561155541a90mozalloc.dll38.0.1.561155540a1e8000000300001aa115ac01d09661761f34a8C:\Program Files\Mozilla Firefox\plugin-container.exeC:\Program Files\Mozilla Firefox\mozalloc.dll049c188e-0255-11e5-a4f3-0016d4c5861b
Error: (05/24/2015 10:20:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe38.0.1.561155541a90mozalloc.dll38.0.1.561155540a1e8000000300001aa116b001d0965f0f42710cC:\Program Files\Mozilla Firefox\plugin-container.exeC:\Program Files\Mozilla Firefox\mozalloc.dll4f71a12e-0252-11e5-87c4-f574ce380b02
Error: (05/23/2015 10:39:02 AM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Access is denied.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {13b0da11-dc7e-42c5-b02e-7eb3fdbeb93d}
Error: (05/21/2015 00:12:26 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x81000101
Error: (04/18/2015 08:02:06 PM) (Source: SDFSSvc.exe) (EventID: 0) (User: )
Description: The service process could not connect to the service controller
Error: (03/12/2015 07:54:09 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description:
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (03/12/2015 07:54:09 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Context: Windows Application
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 CPU T5500 @ 1.66GHz
Percentage of memory in use: 44%
Total physical RAM: 3447.43 MB
Available physical RAM: 1922.05 MB
Total Pagefile: 6893.17 MB
Available Pagefile: 5502.77 MB
Total Virtual: 2047.88 MB
Available Virtual: 1904.72 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.69 GB) (Free:76.4 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 9AE11EB2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)
==================== End of log ============================
--- --- --- Geändert von pingodoce (14.06.2015 um 21:58 Uhr) |
|
14.06.2015, 21:50
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | svchost.exe Avast geblockt Bitte das Log immer nur einmal posten. In CODE-Tags. Nicht zusätzlich in den Anhang packen. Außerdem fehlt das Log von Avast immer noch.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
14.06.2015, 22:02
| #5 |
| | svchost.exe Avast geblockt und dann noch der teil des avast webshield Code:
ATTFilter *
* Relatório de verificação do escudo de tempo real do avast!
* Este ficheiro é generado automaticamente
*
* Iniciado em: sexta-feira, 8 de agosto de 2014 15:46:40
*
*
* Escudo parado: Freitag, 8. August 2014 15:57:54
* O tempo de execução foi 11 minuto(s), 11 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do avast!
* Este ficheiro é generado automaticamente
*
* Iniciado em: sexta-feira, 8 de agosto de 2014 16:00:46
*
*
* Escudo parado: sexta-feira, 8 de agosto de 2014 16:04:46
* O tempo de execução foi 4 minuto(s), 4 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do avast!
* Este ficheiro é generado automaticamente
*
* Iniciado em: sexta-feira, 8 de agosto de 2014 16:14:18
*
*
* Escudo parado: sábado, 9 de agosto de 2014 23:57:27
* O tempo de execução foi 1 dia(s), 7 hora(s), 43 minuto(s), 43 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do avast!
* Este ficheiro é generado automaticamente
*
* Iniciado em: domingo, 10 de agosto de 2014 11:30:36
*
*
* Escudo parado: Samstag, 16. August 2014 00:41:48
* O tempo de execução foi 5 dia(s), 13 hora(s), 11 minuto(s), 11 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do avast!
* Este ficheiro é generado automaticamente
*
* Iniciado em: sábado, 16 de agosto de 2014 00:42:48
*
*
* Escudo parado: Freitag, 29. August 2014 23:03:32
* O tempo de execução foi 13 dia(s), 22 hora(s), 20 minuto(s), 20 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do avast!
* Este ficheiro é generado automaticamente
*
* Iniciado em: sexta-feira, 29 de agosto de 2014 23:04:33
*
*
* Escudo parado: Freitag, 29. August 2014 23:05:17
* O tempo de execução foi 0 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do avast!
* Este ficheiro é generado automaticamente
*
* Iniciado em: sábado, 30 de agosto de 2014 10:18:01
*
*
* Escudo parado: terça-feira, 9 de setembro de 2014 12:59:35
* O tempo de execução foi 10 dia(s), 2 hora(s), 41 minuto(s), 41 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do avast!
* Este ficheiro é generado automaticamente
*
* Iniciado em: Donnerstag, 11. September 2014 20:54:44
*
*
* Relatório de verificação do escudo de tempo real do avast!
* Este ficheiro é generado automaticamente
*
* Iniciado em: quinta-feira, 11 de setembro de 2014 21:04:43
*
*
* Escudo parado: Donnerstag, 11. September 2014 21:15:11
* O tempo de execução foi 10 minuto(s), 10 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do avast!
* Este ficheiro é generado automaticamente
*
* Iniciado em: quinta-feira, 11 de setembro de 2014 21:15:51
*
*
* Relatório de verificação do escudo de tempo real do avast!
* Este ficheiro é generado automaticamente
*
* Iniciado em: domingo, 14 de setembro de 2014 13:36:42
*
*
* Escudo parado: sábado, 27 de setembro de 2014 13:39:37
* O tempo de execução foi 13 dia(s), 2 minuto(s), 2 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do avast!
* Este ficheiro é generado automaticamente
*
* Iniciado em: sábado, 27 de setembro de 2014 13:40:15
*
*
* Escudo parado: Dienstag, 30. September 2014 10:53:13
* O tempo de execução foi 2 dia(s), 21 hora(s), 12 minuto(s), 12 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do avast!
* Este ficheiro é generado automaticamente
*
* Iniciado em: terça-feira, 30 de setembro de 2014 11:23:47
*
*
* Relatório de verificação do escudo de tempo real do avast!
* Este ficheiro é generado automaticamente
*
* Iniciado em: quarta-feira, 8 de outubro de 2014 15:16:16
*
*
* Relatório de verificação do escudo de tempo real do avast!
* Este ficheiro é generado automaticamente
*
* Iniciado em: domingo, 12 de outubro de 2014 18:48:29
*
*
* Escudo parado: sexta-feira, 17 de outubro de 2014 03:05:51
* O tempo de execução foi 4 dia(s), 8 hora(s), 17 minuto(s), 17 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do avast!
* Este ficheiro é generado automaticamente
*
* Iniciado em: sexta-feira, 17 de outubro de 2014 03:06:51
*
*
* Relatório de verificação do escudo de tempo real do avast!
* Este ficheiro é generado automaticamente
*
* Iniciado em: sexta-feira, 17 de outubro de 2014 12:43:56
*
*
* Relatório de verificação do escudo de tempo real do avast!
* Este ficheiro é generado automaticamente
*
* Iniciado em: terça-feira, 28 de outubro de 2014 11:42:57
*
*
* Escudo parado: Mittwoch, 29. Oktober 2014 11:51:25
* O tempo de execução foi 1 dia(s), 8 minuto(s), 8 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do avast!
* Este ficheiro é generado automaticamente
*
* Iniciado em: quarta-feira, 29 de outubro de 2014 11:52:13
*
*
* Relatório de verificação do escudo de tempo real do avast!
* Este ficheiro é generado automaticamente
*
* Iniciado em: quarta-feira, 29 de outubro de 2014 12:42:25
*
*
* Relatório de verificação do escudo de tempo real do avast!
* Este ficheiro é generado automaticamente
*
* Iniciado em: segunda-feira, 3 de novembro de 2014 20:39:47
*
*
* Escudo parado: quinta-feira, 13 de novembro de 2014 20:38:16
* O tempo de execução foi 9 dia(s), 23 hora(s), 58 minuto(s), 58 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do avast!
* Este ficheiro é generado automaticamente
*
* Iniciado em: quinta-feira, 13 de novembro de 2014 20:39:07
*
*
* Escudo parado: domingo, 16 de novembro de 2014 15:24:52
* O tempo de execução foi 2 dia(s), 18 hora(s), 45 minuto(s), 45 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do avast!
* Este ficheiro é generado automaticamente
*
* Iniciado em: domingo, 16 de novembro de 2014 15:25:51
*
*
* Escudo parado: Samstag, 22. November 2014 20:10:16
* O tempo de execução foi 6 dia(s), 4 hora(s), 44 minuto(s), 44 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do avast!
* Este ficheiro é generado automaticamente
*
* Iniciado em: sábado, 22 de novembro de 2014 20:10:56
*
*
* Escudo parado: Sonntag, 7. Dezember 2014 12:59:13
* O tempo de execução foi 14 dia(s), 16 hora(s), 48 minuto(s), 48 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do avast!
* Este ficheiro é generado automaticamente
*
* Iniciado em: domingo, 7 de dezembro de 2014 13:00:13
*
*
* Relatório de verificação do escudo de tempo real do avast!
* Este ficheiro é generado automaticamente
*
* Iniciado em: segunda-feira, 8 de dezembro de 2014 21:20:09
*
*
* Escudo parado: Montag, 8. Dezember 2014 21:20:35
* O tempo de execução foi 0 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do avast!
* Este ficheiro é generado automaticamente
*
* Iniciado em: segunda-feira, 8 de dezembro de 2014 21:21:30
*
*
* Escudo parado: Dienstag, 16. Dezember 2014 20:57:22
* O tempo de execução foi 7 dia(s), 23 hora(s), 35 minuto(s), 35 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do avast!
* Este ficheiro é generado automaticamente
*
* Iniciado em: terça-feira, 16 de dezembro de 2014 20:58:16
*
*
* Relatório de verificação do escudo de tempo real do avast!
* Este ficheiro é generado automaticamente
*
* Iniciado em: sexta-feira, 19 de dezembro de 2014 14:36:00
*
*
* Escudo parado: Sonntag, 21. Dezember 2014 16:32:30
* O tempo de execução foi 2 dia(s), 1 hora(s), 56 minuto(s), 56 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do avast!
* Este ficheiro é generado automaticamente
*
* Iniciado em: domingo, 21 de dezembro de 2014 16:33:22
*
*
* Escudo parado: Dienstag, 23. Dezember 2014 15:36:04
* O tempo de execução foi 1 dia(s), 23 hora(s), 2 minuto(s), 2 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do avast!
* Este ficheiro é generado automaticamente
*
* Iniciado em: terça-feira, 23 de dezembro de 2014 15:36:55
*
*
* Escudo parado: sábado, 3 de janeiro de 2015 11:24:55
* O tempo de execução foi 10 dia(s), 19 hora(s), 48 minuto(s), 48 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: sábado, 3 de janeiro de 2015 11:26:04
*
*
* Escudo parado: quarta-feira, 14 de janeiro de 2015 13:34:50
* O tempo de execução foi 11 dia(s), 2 hora(s), 8 minuto(s), 8 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: quarta-feira, 14 de janeiro de 2015 13:35:39
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: domingo, 18 de janeiro de 2015 14:11:23
*
*
* Escudo parado: Dienstag, 20. Januar 2015 12:29:31
* O tempo de execução foi 1 dia(s), 22 hora(s), 18 minuto(s), 18 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: terça-feira, 20 de janeiro de 2015 15:14:31
*
*
* Escudo parado: Dienstag, 20. Januar 2015 22:28:05
* O tempo de execução foi 7 hora(s), 13 minuto(s), 13 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: terça-feira, 20 de janeiro de 2015 22:28:57
*
*
* Escudo parado: Dienstag, 20. Januar 2015 22:38:49
* O tempo de execução foi 9 minuto(s), 9 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: quarta-feira, 21 de janeiro de 2015 13:11:35
*
*
* Escudo parado: Freitag, 23. Januar 2015 21:41:26
* O tempo de execução foi 2 dia(s), 8 hora(s), 29 minuto(s), 29 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: sexta-feira, 23 de janeiro de 2015 21:42:34
*
*
* Escudo parado: Samstag, 31. Januar 2015 17:47:59
* O tempo de execução foi 7 dia(s), 20 hora(s), 5 minuto(s), 5 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: sábado, 31 de janeiro de 2015 17:49:16
*
07.02.2015 18:45:45 hxxp://c.gltrkk.net/?a=29527&c=62051&s1=&s2=15020718_05_1388_54d64f47d15299e&s5=&E=amJzTYm0tNc%3d [L] URL:Mal (0)
*
* Escudo parado: Mittwoch, 11. Februar 2015 00:21:33
* O tempo de execução foi 10 dia(s), 6 hora(s), 32 minuto(s), 32 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: quarta-feira, 11 de fevereiro de 2015 10:51:39
*
*
* Escudo parado: quarta-feira, 18 de fevereiro de 2015 13:43:33
* O tempo de execução foi 7 dia(s), 2 hora(s), 51 minuto(s), 51 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: quarta-feira, 18 de fevereiro de 2015 13:44:42
*
*
* Escudo parado: domingo, 22 de fevereiro de 2015 13:27:05
* O tempo de execução foi 3 dia(s), 23 hora(s), 42 minuto(s), 42 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: domingo, 22 de fevereiro de 2015 13:27:52
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: sábado, 28 de fevereiro de 2015 17:50:33
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: segunda-feira, 2 de março de 2015 15:27:58
*
*
* Escudo parado: Samstag, 7. März 2015 11:41:11
* O tempo de execução foi 4 dia(s), 20 hora(s), 13 minuto(s), 13 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: sábado, 7 de março de 2015 11:41:56
*
*
* Escudo parado: quinta-feira, 12 de março de 2015 18:52:33
* O tempo de execução foi 5 dia(s), 7 hora(s), 10 minuto(s), 10 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: quinta-feira, 12 de março de 2015 18:53:36
*
*
* Escudo parado: Montag, 16. März 2015 18:09:40
* O tempo de execução foi 3 dia(s), 23 hora(s), 16 minuto(s), 16 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: segunda-feira, 16 de março de 2015 18:10:38
*
*
* Escudo parado: Donnerstag, 26. März 2015 19:39:16
* O tempo de execução foi 10 dia(s), 1 hora(s), 28 minuto(s), 28 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: quinta-feira, 26 de março de 2015 19:40:42
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: domingo, 12 de abril de 2015 23:08:16
*
*
* Escudo parado: Sonntag, 12. April 2015 23:32:39
* O tempo de execução foi 24 minuto(s), 24 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: domingo, 12 de abril de 2015 23:33:34
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: segunda-feira, 13 de abril de 2015 11:16:15
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: terça-feira, 14 de abril de 2015 20:47:50
*
*
* Escudo parado: quinta-feira, 16 de abril de 2015 13:03:44
* O tempo de execução foi 1 dia(s), 16 hora(s), 15 minuto(s), 15 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: quinta-feira, 16 de abril de 2015 13:04:49
*
*
* Escudo parado: Donnerstag, 16. April 2015 13:05:35
* O tempo de execução foi 0 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: quinta-feira, 16 de abril de 2015 13:06:31
*
*
* Escudo parado: sábado, 18 de abril de 2015 20:00:33
* O tempo de execução foi 2 dia(s), 6 hora(s), 54 minuto(s), 54 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: sábado, 18 de abril de 2015 20:01:43
*
*
* Escudo parado: Samstag, 25. April 2015 05:50:04
* O tempo de execução foi 6 dia(s), 9 hora(s), 48 minuto(s), 48 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: sábado, 25 de abril de 2015 12:27:04
*
*
* Escudo parado: Samstag, 25. April 2015 12:32:06
* O tempo de execução foi 5 minuto(s), 5 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: sábado, 25 de abril de 2015 12:33:34
*
26.04.2015 13:03:15 hxxp://onclickads.net/afu.php?id=274940&pbk2=e4a3fd8841890283ce689e6512248e2f6142001434849595019|>{gzip} [L] JS:ScriptIP-inf [Trj] (0)
30.04.2015 12:26:58 hxxp://origin.binarydistrict.net/OptionFair/DE/TradingForNewbies/?offer_id=772&aff_id=2333&aff_sub=whiskey-pia-2QvUz9GU&aff_sub2=p,p.adprimary.com&aff_sub3=OptionFair-TFNB-DE&aff_sub4=p.adprimary.com&aff_sub5=OptionFair_TradingForNewbies_DE&source=SOURCE&url_id= [L] URL:Mal (0)
*
* Escudo parado: quinta-feira, 7 de maio de 2015 19:22:56
* O tempo de execução foi 12 dia(s), 6 hora(s), 49 minuto(s), 49 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: quinta-feira, 7 de maio de 2015 20:12:23
*
*
* Escudo parado: quinta-feira, 7 de maio de 2015 20:32:34
* O tempo de execução foi 20 minuto(s), 20 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: quinta-feira, 7 de maio de 2015 20:39:18
*
*
* Escudo parado: Sonntag, 10. Mai 2015 21:57:52
* O tempo de execução foi 3 dia(s), 1 hora(s), 18 minuto(s), 18 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: segunda-feira, 11 de maio de 2015 18:52:53
*
*
* Escudo parado: segunda-feira, 11 de maio de 2015 23:06:21
* O tempo de execução foi 4 hora(s), 13 minuto(s), 13 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: terça-feira, 12 de maio de 2015 10:44:09
*
*
* Escudo parado: terça-feira, 12 de maio de 2015 15:08:17
* O tempo de execução foi 4 hora(s), 24 minuto(s), 24 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: terça-feira, 12 de maio de 2015 15:09:32
*
*
* Escudo parado: Dienstag, 12. Mai 2015 17:05:55
* O tempo de execução foi 1 hora(s), 56 minuto(s), 56 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: terça-feira, 12 de maio de 2015 17:06:53
*
15.05.2015 09:25:11 hxxp://onclickads.net/afu.php?zoneid=38411 [L] URL:Mal (0)
15.05.2015 12:53:39 hxxp://onclickads.net/afu.php?zoneid=38411 [L] URL:Mal (0)
*
* Escudo parado: Samstag, 16. Mai 2015 11:37:07
* O tempo de execução foi 3 dia(s), 18 hora(s), 30 minuto(s), 30 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: sábado, 16 de maio de 2015 11:38:11
*
*
* Escudo parado: quinta-feira, 21 de maio de 2015 22:47:35
* O tempo de execução foi 5 dia(s), 11 hora(s), 9 minuto(s), 9 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: quinta-feira, 21 de maio de 2015 22:48:48
*
*
* Escudo parado: Donnerstag, 21. Mai 2015 22:57:04
* O tempo de execução foi 8 minuto(s), 8 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: quinta-feira, 21 de maio de 2015 22:57:53
*
*
* Escudo parado: Samstag, 23. Mai 2015 10:44:28
* O tempo de execução foi 1 dia(s), 11 hora(s), 46 minuto(s), 46 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: sábado, 23 de maio de 2015 10:47:24
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: sábado, 23 de maio de 2015 10:50:32
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: domingo, 24 de maio de 2015 21:24:05
*
*
* Escudo parado: Sonntag, 24. Mai 2015 21:47:11
* O tempo de execução foi 23 minuto(s), 23 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: domingo, 24 de maio de 2015 21:48:16
*
24.05.2015 22:10:05 hxxp://d1mdi78qyff344.cloudfront.net/ConvertAdSetup.exe [L] Win32:Adware-gen [Adw] (0)
24.05.2015 22:11:11 hxxp://d1mdi78qyff344.cloudfront.net/SFSetup.exe [L] Win32:Malware-gen (0)
24.05.2015 22:22:47 hxxp://csdi-dlstatic.clean-navigate.com/dl/pch/12/mgeo/MaxComputerCleaner.exe [L] FileRepMetagen [Malware] (0)
24.05.2015 22:23:49 hxxp://storage.googleapis.com/finalinstaller/bundle/setup_362.exe [L] FileRepMalware (0)
24.05.2015 22:26:12 hxxp://secured.westsecurecdn.us/Advertisers/WindeskWinsearch_silent_s3.exe [L] Win32:Malware-gen (0)
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: domingo, 24 de maio de 2015 22:28:38
*
24.05.2015 22:31:46 hxxp://storage.googleapis.com/finalinstaller/bundle/setup_362.exe [L] FileRepMalware (0)
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: domingo, 24 de maio de 2015 23:09:10
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: domingo, 31 de maio de 2015 18:33:41
*
*
* Escudo parado: domingo, 31 de maio de 2015 20:22:58
* O tempo de execução foi 1 hora(s), 49 minuto(s), 49 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: segunda-feira, 1 de junho de 2015 12:47:16
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: quinta-feira, 4 de junho de 2015 23:05:30
*
*
* Escudo parado: sábado, 6 de junho de 2015 11:15:54
* O tempo de execução foi 1 dia(s), 12 hora(s), 10 minuto(s), 10 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: sábado, 6 de junho de 2015 11:16:47
*
13.06.2015 19:10:16 hxxp://opticguardzip.net/4242/SustainerPlus_142669299621631.dll [L] URL:Mal (0)
13.06.2015 19:10:16 hxxp://opticguardzip.net/4242/SustainerPlus_142669299621631.dll [L] URL:Mal (0)
13.06.2015 19:10:16 hxxp://opticguardzip.net/4141/CutterGeneration_142669028204835.dll [L] URL:Mal (0)
13.06.2015 19:10:16 hxxp://opticguardzip.net/4141/CutterGeneration_142669028204835.dll [L] URL:Mal (0)
*
* Escudo parado: Samstag, 13. Juni 2015 19:31:56
* O tempo de execução foi 7 dia(s), 8 hora(s), 15 minuto(s), 15 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: sábado, 13 de junho de 2015 19:33:08
*
13.06.2015 19:35:09 hxxp://bestdriverstar.net/4141/TroubleFix_142669689980043.dll [L] URL:Mal (0)
13.06.2015 19:35:09 hxxp://anythicago.com/4242/TrimModule_142668815534206.dll [L] URL:Mal (0)
13.06.2015 19:35:09 hxxp://anythicago.com/4242/TrimModule_142668815534206.dll [L] URL:Mal (0)
13.06.2015 19:35:09 hxxp://bestdriverstar.net/4141/TroubleFix_142669689980043.dll [L] URL:Mal (0)
13.06.2015 21:19:51 hxxp://opticguardzip.net/4141/RelayTurbo_142668814326659.dll [L] URL:Mal (0)
13.06.2015 21:19:51 hxxp://anythicago.com/4242/bugwatcher_142668877703207.dll [L] URL:Mal (0)
13.06.2015 21:19:51 hxxp://opticguardzip.net/4141/RelayTurbo_142668814326659.dll [L] URL:Mal (0)
13.06.2015 21:19:51 hxxp://anythicago.com/4242/bugwatcher_142668877703207.dll [L] URL:Mal (0)
13.06.2015 21:29:40 hxxp://opticguardzip.net/4141/RelayTurbo_142668814326659.dll [L] URL:Mal (0)
13.06.2015 21:29:40 hxxp://opticguardzip.net/4141/RelayTurbo_142668814326659.dll [L] URL:Mal (0)
13.06.2015 21:30:05 hxxp://alwaysisobar.com/4242/CutterGeneration_142669100050066.dll [L] URL:Mal (0)
13.06.2015 21:30:05 hxxp://alwaysisobar.com/4242/CutterGeneration_142669100050066.dll [L] URL:Mal (0)
14.06.2015 12:40:03 hxxp://bestdriverstar.net/4141/IncrementInstance_142668869335444.dll [L] URL:Mal (0)
14.06.2015 12:40:03 hxxp://simplesitescan.net/4242/TerminusTurbo_142669035170726.dll [L] URL:Mal (0)
14.06.2015 12:40:03 hxxp://bestdriverstar.net/4141/IncrementInstance_142668869335444.dll [L] URL:Mal (0)
14.06.2015 12:40:03 hxxp://simplesitescan.net/4242/TerminusTurbo_142669035170726.dll [L] URL:Mal (0)
*
* Escudo parado: domingo, 14 de junho de 2015 13:00:07
* O tempo de execução foi 17 hora(s), 26 minuto(s), 26 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: domingo, 14 de junho de 2015 13:01:12
*
14.06.2015 13:03:33 hxxp://alwaysisobar.com/4141/CutterGeneration_142669028252041.dll [L] URL:Mal (0)
14.06.2015 13:03:33 hxxp://anythicago.com/4242/SystemElevate_142652389727270.dll [L] URL:Mal (0)
14.06.2015 13:03:36 hxxp://alwaysisobar.com/4141/CutterGeneration_142669028252041.dll [L] URL:Mal (0)
14.06.2015 13:03:36 hxxp://anythicago.com/4242/SystemElevate_142652389727270.dll [L] URL:Mal (0)
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: domingo, 14 de junho de 2015 13:17:17
*
14.06.2015 13:19:24 hxxp://anythicago.com/4141/IncrementInstance_142668869348146.dll [L] URL:Mal (0)
14.06.2015 13:19:24 hxxp://alwaysisobar.com/4242/CutterGeneration_142667110942761.dll [L] URL:Mal (0)
14.06.2015 13:19:25 hxxp://anythicago.com/4141/IncrementInstance_142668869348146.dll [L] URL:Mal (0)
14.06.2015 13:19:25 hxxp://alwaysisobar.com/4242/CutterGeneration_142667110942761.dll [L] URL:Mal (0)
14.06.2015 13:23:37 hxxp://simplesitescan.net/4242/TerminusTurbo_142669035170726.dll [L] URL:Mal (0)
14.06.2015 13:23:37 hxxp://simplesitescan.net/4141/SystemMove_142666920387742.dll [L] URL:Mal (0)
14.06.2015 13:23:37 hxxp://simplesitescan.net/4141/SystemMove_142666920387742.dll [L] URL:Mal (0)
14.06.2015 13:23:37 hxxp://simplesitescan.net/4242/TerminusTurbo_142669035170726.dll [L] URL:Mal (0)
*
* Escudo parado: Sonntag, 14. Juni 2015 13:30:23
* O tempo de execução foi 13 minuto(s), 13 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: domingo, 14 de junho de 2015 13:31:17
*
14.06.2015 14:07:19 hxxp://bestdriverstar.net/4242/BocaInstance_142667076073630.dll [L] URL:Mal (0)
14.06.2015 14:07:19 hxxp://bestdriverstar.net/4242/BocaInstance_142667076073630.dll [L] URL:Mal (0)
14.06.2015 14:07:19 hxxp://anythicago.com/4141/CutterGeneration_142669028225838.dll [L] URL:Mal (0)
14.06.2015 14:07:19 hxxp://anythicago.com/4141/CutterGeneration_142669028225838.dll [L] URL:Mal (0)
*
* Escudo parado: domingo, 14 de junho de 2015 14:56:17
* O tempo de execução foi 1 hora(s), 25 minuto(s), 25 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: domingo, 14 de junho de 2015 15:30:40
*
14.06.2015 15:32:59 hxxp://opticguardzip.net/4141/BorderlineRunner_142669490042733.dll [L] URL:Mal (0)
14.06.2015 15:32:59 hxxp://opticguardzip.net/4242/CutterEdit_142652929262942.dll [L] URL:Mal (0)
14.06.2015 15:32:59 hxxp://opticguardzip.net/4141/BorderlineRunner_142669490042733.dll [L] URL:Mal (0)
14.06.2015 15:32:59 hxxp://opticguardzip.net/4242/CutterEdit_142652929262942.dll [L] URL:Mal (0)
*
* Escudo parado: Sonntag, 14. Juni 2015 15:53:55
* O tempo de execução foi 23 minuto(s), 23 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: domingo, 14 de junho de 2015 15:54:41
*
14.06.2015 15:56:49 hxxp://anythicago.com/4141/CutterRunner_142667232751542.dll [L] URL:Mal (0)
14.06.2015 15:56:49 hxxp://anythicago.com/4141/CutterRunner_142667232751542.dll [L] URL:Mal (0)
14.06.2015 15:56:49 hxxp://opticguardzip.net/4242/CutterEdit_142652929262942.dll [L] URL:Mal (0)
14.06.2015 15:56:49 hxxp://opticguardzip.net/4242/CutterEdit_142652929262942.dll [L] URL:Mal (0)
*
* Escudo parado: Sonntag, 14. Juni 2015 16:03:19
* O tempo de execução foi 8 minuto(s), 8 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: domingo, 14 de junho de 2015 19:04:53
*
14.06.2015 19:07:20 hxxp://opticguardzip.net/4242/LighterProc_142669697044441.dll [L] URL:Mal (0)
14.06.2015 19:07:20 hxxp://opticguardzip.net/4242/LighterProc_142669697044441.dll [L] URL:Mal (0)
14.06.2015 19:07:22 hxxp://anythicago.com/4141/afterguard_142667076317268.dll [L] URL:Mal (0)
14.06.2015 19:07:22 hxxp://anythicago.com/4141/afterguard_142667076317268.dll [L] URL:Mal (0)
14.06.2015 20:01:39 hxxp://anythicago.com/4242/SustainerPlus_142669299589827.dll [L] URL:Mal (0)
14.06.2015 20:01:39 hxxp://alwaysisobar.com/4141/RelayTurbo_142668814309250.dll [L] URL:Mal (0)
14.06.2015 20:01:39 hxxp://alwaysisobar.com/4141/RelayTurbo_142668814309250.dll [L] URL:Mal (0)
14.06.2015 20:01:40 hxxp://anythicago.com/4242/SustainerPlus_142669299589827.dll [L] URL:Mal (0)
*
* Escudo parado: domingo, 14 de junho de 2015 20:03:37
* O tempo de execução foi 58 minuto(s), 58 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: domingo, 14 de junho de 2015 20:04:24
*
14.06.2015 20:07:00 hxxp://alwaysisobar.com/4141/RelayTurbo_142668814309250.dll [L] URL:Mal (0)
14.06.2015 20:07:00 hxxp://simplesitescan.net/4242/CutterGeneration_142669100055867.dll [L] URL:Mal (0)
14.06.2015 20:07:00 hxxp://alwaysisobar.com/4141/RelayTurbo_142668814309250.dll [L] URL:Mal (0)
14.06.2015 20:07:00 hxxp://simplesitescan.net/4242/CutterGeneration_142669100055867.dll [L] URL:Mal (0)
*
* Escudo parado: Sonntag, 14. Juni 2015 21:03:12
* O tempo de execução foi 58 minuto(s), 58 segundo(s)
*
*
* Relatório de verificação do escudo de tempo real do Avast
* Este ficheiro é generado automaticamente
*
* Iniciado em: domingo, 14 de junho de 2015 21:04:00
*
14.06.2015 21:06:26 hxxp://bestdriverstar.net/4141/SystemVisual_142669159173081.dll [L] URL:Mal (0)
14.06.2015 21:06:26 hxxp://simplesitescan.net/4242/SustainerPlus_142669299621631.dll [L] URL:Mal (0)
14.06.2015 21:06:26 hxxp://simplesitescan.net/4242/SustainerPlus_142669299621631.dll [L] URL:Mal (0)
14.06.2015 21:06:26 hxxp://bestdriverstar.net/4141/SystemVisual_142669159173081.dll [L] URL:Mal (0)
14.06.2015 22:24:49 hxxp://bestdriverstar.net/4242/PragmaGeneration_142666936865939.dll [L] URL:Mal (0)
14.06.2015 22:24:49 hxxp://bestdriverstar.net/4141/TrimModule_142669093043876.dll [L] URL:Mal (0)
14.06.2015 22:24:49 hxxp://bestdriverstar.net/4242/PragmaGeneration_142666936865939.dll [L] URL:Mal (0)
14.06.2015 22:24:49 hxxp://bestdriverstar.net/4141/TrimModule_142669093043876.dll [L] URL:Mal (0)
14.06.2015 22:28:47 hxxp://opticguardzip.net/4242/TerminusTurbo_142669035179222.dll [L] URL:Mal (0)
14.06.2015 22:28:48 hxxp://anythicago.com/4141/PragmaEngine_142669353208041.dll [L] URL:Mal (0)
14.06.2015 22:28:48 hxxp://anythicago.com/4141/PragmaEngine_142669353208041.dll [L] URL:Mal (0)
14.06.2015 22:28:48 hxxp://opticguardzip.net/4242/TerminusTurbo_142669035179222.dll [L] URL:Mal (0)
ist die avast datei ok so? |
|
14.06.2015, 22:12
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | svchost.exe Avast geblockt Adware/Junkware/Toolbars entfernen 1. Schritt: Malwarebytes Downloade Dir bitte  Malwarebytes Anti-Malware
(alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!) 2. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
3. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
4. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ --> svchost.exe Avast geblockt |
|
14.06.2015, 22:51
| #7 |
| | svchost.exe Avast geblocktCode:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 14.06.2015 Suchlauf-Zeit: 23:15:28 Logdatei: mbam.txt Administrator: Ja Version: 2.01.6.1022 Malware Datenbank: v2015.06.14.05 Rootkit Datenbank: v2015.06.02.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x86 Dateisystem: NTFS Benutzer: Luiza Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 308182 Verstrichene Zeit: 9 Min, 37 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente gefunden) Module: 0 (Keine schädliche Elemente gefunden) Registrierungsschlüssel: 0 (Keine schädliche Elemente gefunden) Registrierungswerte: 0 (Keine schädliche Elemente gefunden) Registrierungsdaten: 0 (Keine schädliche Elemente gefunden) Ordner: 0 (Keine schädliche Elemente gefunden) Dateien: 0 (Keine schädliche Elemente gefunden) Physische Sektoren: 0 (Keine schädliche Elemente gefunden) (end) Code:
ATTFilter # AdwCleaner v4.206 - Logfile created 14/06/2015 at 23:31:21
# Updated 01/06/2015 by Xplode
# Database : 2015-06-14.1 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x86)
# Username : Luiza - LUIZA-PC
# Running from : C:\Users\Luiza\Downloads\adwcleaner_4.206.exe
# Option : Cleaning
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17840
-\\ Mozilla Firefox v38.0.5 (x86 de)
-\\ Google Chrome v43.0.2357.124
-\\ Opera v0.0.0.0
*************************
AdwCleaner[R0].txt - [8501 bytes] - [14/06/2015 13:26:54]
AdwCleaner[R1].txt - [8560 bytes] - [14/06/2015 13:28:55]
AdwCleaner[R2].txt - [993 bytes] - [14/06/2015 15:51:52]
AdwCleaner[R3].txt - [1111 bytes] - [14/06/2015 23:30:03]
AdwCleaner[S0].txt - [8321 bytes] - [14/06/2015 13:30:04]
AdwCleaner[S1].txt - [1056 bytes] - [14/06/2015 15:53:39]
AdwCleaner[S2].txt - [1037 bytes] - [14/06/2015 23:31:21]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1096 bytes] ##########
JRT Logfile: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.9.6 (06.14.2015:2)
OS: Windows 7 Ultimate x86
Ran by Luiza on 14.06.2015 at 23:36:57,94
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update Edu App
~~~ Files
~~~ Folders
Successfully deleted: [Folder] C:\Users\Luiza\appdata\locallow\company
Successfully deleted: [Folder] C:\Users\Luiza\local settings\application data\crashrpt
~~~ FireFox
~~~ Chrome
[C:\Users\Luiza\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Luiza\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\Luiza\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Luiza\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14.06.2015 at 23:42:08,06
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[/CODE] FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-06-2015
Ran by Luiza (administrator) on LUIZA-PC on 14-06-2015 23:45:17
Running from C:\Users\Luiza\Downloads
Loaded Profiles: Luiza (Available Profiles: Luiza)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Inglês (Estados Unidos)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [287800 2009-11-11] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-23] (Avast Software s.r.o.)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1183744 2007-02-21] (Analog Devices, Inc.)
HKLM\...\Run: [SynTPStart] => C:\Program Files\Synaptics\SynTP\SynTPStart.exe [102400 2007-09-15] (Synaptics, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-21-3946875533-3410000714-2897456997-1001\...\Run: [*LABAL*] => [X]
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-08-06] (Microsoft Corporation)
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-05-23] (Avast Software s.r.o.)
BootExecute: autocheck autochk * sdnclean.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-3946875533-3410000714-2897456997-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-3946875533-3410000714-2897456997-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3946875533-3410000714-2897456997-1001 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = https://www.google.de/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-06-13] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-23] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-13] (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Luiza\AppData\Roaming\Mozilla\Firefox\Profiles\dgoy43gq.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_160.dll [2015-06-14] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-13] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-13] (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-14] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-14] (Google Inc.)
FF Extension: Português Portugal Language Pack - C:\Users\Luiza\AppData\Roaming\Mozilla\Firefox\Profiles\dgoy43gq.default\Extensions\langpack-pt-PT@firefox.mozilla.org.xpi [2014-08-05]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-06-04]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-08]
Chrome:
=======
CHR Profile: C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-14]
CHR Extension: (Google Docs) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-14]
CHR Extension: (Google Drive) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-14]
CHR Extension: (YouTube) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-14]
CHR Extension: (Google Search) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-14]
CHR Extension: (Google Sheets) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-14]
CHR Extension: (Avast Online Security) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-06-14]
CHR Extension: (Google Wallet) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-14]
CHR Extension: (Gmail) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-14]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-23]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AAV UpdateService; C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-23] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-05-23] (Avast Software)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S2 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2012-01-18] (Logitech Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-05-23] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-05-23] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-05-23] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-05-23] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-05-23] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427992 2015-05-23] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-05-23] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-05-23] ()
R3 GTIPCI21; C:\Windows\System32\DRIVERS\gtipci21.sys [97280 2007-05-09] (Texas Instruments)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-06-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-05-23] (Avast Software)
S3 cpuz136; \??\C:\Users\Luiza\AppData\Local\Temp\cpuz136\cpuz136_x32.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 WinRing0_1_2_0; \??\C:\Users\Luiza\AppData\Local\Temp\Rar$EXa0.252\WinRing0.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-14 23:42 - 2015-06-14 23:42 - 00001366 _____ C:\Users\Luiza\Desktop\JRT.txt
2015-06-14 23:36 - 2015-06-14 23:36 - 02945697 _____ (Thisisu) C:\Users\Luiza\Downloads\JRT.exe
2015-06-14 23:36 - 2015-06-14 23:36 - 00000207 _____ C:\Windows\tweaking.com-regbackup-LUIZA-PC-Windows-7-Ultimate-(32-bit).dat
2015-06-14 23:36 - 2015-06-14 23:36 - 00000000 ____D C:\RegBackup
2015-06-14 23:26 - 2015-06-14 23:26 - 00001208 _____ C:\Users\Luiza\Desktop\mbam.txt
2015-06-14 21:11 - 2015-06-14 22:44 - 00025586 _____ C:\Users\Luiza\Downloads\Addition.txt
2015-06-14 21:10 - 2015-06-14 23:45 - 00011884 _____ C:\Users\Luiza\Downloads\FRST.txt
2015-06-14 21:09 - 2015-06-14 23:45 - 00000000 ____D C:\FRST
2015-06-14 21:09 - 2015-06-14 21:09 - 01148416 _____ (Farbar) C:\Users\Luiza\Downloads\FRST.exe
2015-06-14 21:07 - 2015-06-14 21:07 - 00000115 _____ C:\Users\Luiza\Desktop\Fixlist.txt
2015-06-14 21:02 - 2015-06-14 21:02 - 00003672 _____ C:\Users\Luiza\Documents\viren.txt
2015-06-14 20:31 - 2015-06-14 20:31 - 00000000 ____D C:\Program Files\ESET
2015-06-14 20:30 - 2015-06-14 20:30 - 02870984 _____ (ESET) C:\Users\Luiza\Downloads\esetsmartinstaller_deu.exe
2015-06-14 15:56 - 2015-06-14 15:56 - 00017618 _____ C:\Users\Luiza\Desktop\dds.txt
2015-06-14 15:56 - 2015-06-14 15:56 - 00002594 _____ C:\Users\Luiza\Desktop\attach.txt
2015-06-14 15:49 - 2015-06-14 15:49 - 00688992 ____R (Swearware) C:\Users\Luiza\Downloads\dds.exe
2015-06-14 14:29 - 2015-06-14 14:29 - 00007605 _____ C:\Users\Luiza\AppData\Local\Resmon.ResmonCfg
2015-06-14 13:26 - 2015-06-14 23:31 - 00000000 ____D C:\AdwCleaner
2015-06-14 13:26 - 2015-06-14 13:26 - 02231296 _____ C:\Users\Luiza\Downloads\adwcleaner_4.206.exe
2015-06-14 12:48 - 2015-06-14 12:48 - 00002201 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-14 12:48 - 2015-06-14 12:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-14 12:47 - 2015-06-14 23:32 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-14 12:47 - 2015-06-14 22:57 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-14 12:47 - 2015-06-14 12:48 - 00000000 ____D C:\Users\Luiza\AppData\Local\Google
2015-06-14 12:47 - 2015-06-14 12:48 - 00000000 ____D C:\Program Files\Google
2015-06-13 19:43 - 2015-06-13 19:43 - 00000000 ____D C:\ProgramData\Sun
2015-06-13 19:43 - 2015-06-13 19:43 - 00000000 ____D C:\Program Files\Common Files\Java
2015-06-13 19:43 - 2015-06-13 19:42 - 00096352 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-06-13 19:42 - 2015-06-13 19:46 - 00000000 ____D C:\ProgramData\Oracle
2015-06-13 19:42 - 2015-06-13 19:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-06-13 19:42 - 2015-06-13 19:42 - 00000000 ____D C:\Program Files\Java
2015-06-13 19:41 - 2015-05-09 05:14 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-13 19:41 - 2015-05-09 05:13 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-13 19:41 - 2015-05-09 05:13 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-13 19:41 - 2015-05-09 05:12 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-13 19:41 - 2015-05-09 05:08 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 03:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 03:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 03:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-13 19:41 - 2015-05-09 03:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-13 19:39 - 2015-06-13 19:39 - 00561248 _____ (Oracle Corporation) C:\Users\Luiza\Downloads\jxpiinstall.exe
2015-06-10 17:24 - 2015-06-02 21:35 - 00342728 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 17:24 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 17:24 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-06-10 17:24 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 17:24 - 2015-05-25 20:07 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 17:24 - 2015-05-25 20:07 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 17:24 - 2015-05-25 20:04 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 17:24 - 2015-05-25 20:01 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 17:24 - 2015-05-25 20:01 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 17:24 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 17:24 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 17:24 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 17:24 - 2015-05-25 20:01 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 17:24 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 17:24 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 17:24 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 17:24 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 17:24 - 2015-05-25 20:01 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 17:24 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 17:24 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 17:24 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 17:24 - 2015-05-25 20:01 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 17:24 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 17:24 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 17:24 - 2015-05-25 20:01 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 17:24 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 17:24 - 2015-05-25 20:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 17:24 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 17:24 - 2015-05-25 20:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 17:24 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 17:24 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 17:24 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 17:24 - 2015-05-25 20:00 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 17:24 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 17:24 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 17:24 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 17:24 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 17:24 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 17:24 - 2015-05-25 19:00 - 02384384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 17:24 - 2015-05-25 18:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 17:24 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 17:24 - 2015-05-23 05:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 17:24 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 17:24 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 17:24 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 17:24 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 17:24 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 17:24 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 17:24 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 17:24 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 17:24 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 17:24 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 17:24 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 17:24 - 2015-05-23 05:05 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 17:24 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 17:24 - 2015-05-23 05:00 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 17:24 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 17:24 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 17:24 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 17:24 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 17:24 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 17:24 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 17:24 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 17:24 - 2015-05-23 04:38 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 17:24 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 17:24 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 17:24 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 17:24 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 17:24 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 17:24 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 17:23 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 17:23 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 17:23 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 17:23 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 17:23 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 17:23 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-05 13:45 - 2015-05-22 20:03 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-05 13:45 - 2015-05-22 20:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-05 13:45 - 2015-05-22 20:02 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-05 13:45 - 2015-05-22 20:02 - 00333824 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-05 13:45 - 2015-05-22 20:02 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-05 13:45 - 2015-05-22 20:02 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-05 13:45 - 2015-05-22 19:58 - 00901120 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-05 13:45 - 2015-05-21 15:20 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-04 23:05 - 2015-06-04 23:05 - 00000000 ____D C:\Users\Luiza\AppData\Local\GWX
2015-06-04 12:16 - 2015-06-04 23:04 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-05-24 22:35 - 2015-05-24 22:35 - 00000000 ____D C:\Windows\system32\Flash
2015-05-24 22:24 - 2015-05-24 22:28 - 00000004 _____ C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
2015-05-24 22:08 - 2015-05-24 22:08 - 00000000 ____D C:\Users\Luiza\AppData\Roaming\Opera Software
2015-05-24 22:08 - 2015-05-24 22:08 - 00000000 ____D C:\Users\Luiza\AppData\Local\Opera Software
2015-05-24 22:04 - 2015-05-24 22:41 - 00000000 ____D C:\Program Files\Opera
2015-05-23 10:51 - 2015-05-23 10:51 - 00001404 _____ C:\Users\Luiza\Desktop\Windows Live Mail.lnk
2015-05-23 10:48 - 2015-05-23 10:48 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-05-23 10:48 - 2015-05-23 10:48 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-05-23 10:45 - 2015-05-23 10:45 - 00000000 ____D C:\Users\Luiza\AppData\Roaming\Windows Live Writer
2015-05-23 10:40 - 2015-05-23 10:40 - 00001404 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2015-05-23 10:40 - 2015-05-23 10:40 - 00000000 ____D C:\Windows\PCHEALTH
2015-05-23 10:40 - 2015-05-23 10:40 - 00000000 ____D C:\Program Files\Windows Live
2015-05-21 22:56 - 2015-04-11 05:07 - 00054656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-05-21 22:56 - 2015-03-14 05:04 - 01372160 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-05-21 22:56 - 2015-03-14 05:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-05-21 21:02 - 2015-06-14 12:51 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-14 23:44 - 2009-07-14 06:34 - 00020192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-14 23:44 - 2009-07-14 06:34 - 00020192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-14 23:32 - 2015-04-13 11:16 - 00001960 _____ C:\Windows\setupact.log
2015-06-14 23:32 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-14 23:31 - 2014-08-05 20:34 - 02071839 _____ C:\Windows\WindowsUpdate.log
2015-06-14 23:15 - 2015-04-12 23:21 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-14 23:02 - 2014-08-05 22:25 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-14 21:08 - 2014-08-05 19:36 - 00720822 _____ C:\Windows\system32\prfh0816.dat
2015-06-14 21:08 - 2014-08-05 19:36 - 00152774 _____ C:\Windows\system32\prfc0816.dat
2015-06-14 21:08 - 2014-08-05 17:55 - 02492380 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-14 20:01 - 2014-08-05 22:56 - 00000000 ____D C:\Users\Luiza\AppData\Roaming\Skype
2015-06-14 14:48 - 2015-02-10 21:33 - 00000000 ____D C:\Michael SSD
2015-06-14 13:30 - 2015-04-13 11:16 - 00340024 _____ C:\Windows\PFRO.log
2015-06-14 13:16 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system
2015-06-14 13:00 - 2014-08-05 18:27 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-06-14 12:53 - 2014-08-05 22:55 - 00000000 ____D C:\ProgramData\Skype
2015-06-14 12:51 - 2014-08-07 19:28 - 00001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2015-06-14 12:51 - 2014-08-07 19:28 - 00001159 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2015-06-14 12:47 - 2014-08-05 22:25 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-06-14 12:47 - 2014-08-05 22:25 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-06-13 19:32 - 2009-07-14 06:33 - 00287072 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-13 19:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pt-PT
2015-06-13 19:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2015-06-13 19:15 - 2014-08-05 18:19 - 00000000 ____D C:\Windows\system32\MRT
2015-06-13 19:11 - 2014-08-05 18:19 - 136900096 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-10 19:55 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2015-06-08 11:59 - 2009-07-14 06:52 - 00000000 ____D C:\Windows\system32\WinBioDatabase
2015-06-06 11:15 - 2014-12-16 21:57 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-06 11:15 - 2014-08-05 19:14 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-04 12:04 - 2014-08-05 22:55 - 00000000 ___RD C:\Program Files\Skype
2015-05-24 23:08 - 2014-08-05 18:11 - 00000000 ____D C:\Windows\tiinst
2015-05-24 23:06 - 2009-07-14 04:04 - 00000505 _____ C:\Windows\win.ini
2015-05-24 22:36 - 2014-08-05 19:39 - 00001121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-05-24 22:36 - 2014-08-05 19:39 - 00001109 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-05-24 22:36 - 2014-08-05 17:49 - 00001417 _____ C:\Users\Luiza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-24 22:13 - 2015-04-12 23:20 - 00001064 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-05-24 22:13 - 2015-04-12 23:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-05-24 22:13 - 2015-04-12 23:20 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware
2015-05-23 10:48 - 2014-08-08 15:46 - 00787760 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-05-23 10:48 - 2014-08-08 15:46 - 00427992 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-05-23 10:48 - 2014-08-08 15:46 - 00209048 _____ C:\Windows\system32\Drivers\aswVmm.sys
2015-05-23 10:48 - 2014-08-08 15:46 - 00106912 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-05-23 10:48 - 2014-08-08 15:46 - 00081728 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-05-23 10:48 - 2014-08-08 15:46 - 00074976 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-05-23 10:48 - 2014-08-08 15:46 - 00049904 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2015-05-23 10:48 - 2014-08-08 15:46 - 00024144 _____ C:\Windows\system32\Drivers\aswHwid.sys
2015-05-23 10:46 - 2014-08-06 20:54 - 00000000 ____D C:\Users\Luiza\AppData\Local\Windows Live
2015-05-23 10:40 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-05-21 22:53 - 2015-01-20 23:04 - 00000000 ____D C:\Users\Luiza\AppData\Local\Adobe
2015-05-21 12:13 - 2015-04-05 12:26 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-18 13:19 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-05-16 11:36 - 2009-07-14 09:50 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-16 11:36 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
==================== Files in the root of some directories =======
2015-03-09 22:36 - 2015-03-09 22:36 - 1231328 _____ (CPUID) C:\Users\Luiza\AppData\Roaming\siw_sdk.dll
2014-08-05 19:15 - 2014-08-05 19:15 - 0000000 _____ () C:\Users\Luiza\AppData\Local\AtStart.txt
2014-08-05 19:15 - 2014-08-05 19:15 - 0000000 _____ () C:\Users\Luiza\AppData\Local\DSwitch.txt
2014-08-05 19:15 - 2014-08-05 19:15 - 0000000 _____ () C:\Users\Luiza\AppData\Local\QSwitch.txt
2015-06-14 14:29 - 2015-06-14 14:29 - 0007605 _____ () C:\Users\Luiza\AppData\Local\Resmon.ResmonCfg
Some files in TEMP:
====================
C:\Users\Luiza\AppData\Local\Temp\Quarantine.exe
C:\Users\Luiza\AppData\Local\Temp\sqlite3.dll
C:\Users\Luiza\AppData\Local\Temp\Uninstall.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-06 11:46
==================== End of log ============================
welche addtion.txt soll ich kopieren? die erste die ich bereit einmal hereingestellt habe das wäre dann diese FRST Additions Logfile: [CODE]Additional FRST Logfile: Code:
ATTFilter scan result of Farbar Recovery Scan Tool (x86) Version: 13-06-2015
Ran by Luiza at 2015-06-14 22:41:44
Running from C:\Users\Luiza\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3946875533-3410000714-2897456997-500 - Administrator - Disabled)
Guest (S-1-5-21-3946875533-3410000714-2897456997-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3946875533-3410000714-2897456997-1002 - Limited - Enabled)
Luiza (S-1-5-21-3946875533-3410000714-2897456997-1001 - Administrator - Enabled) => C:\Users\Luiza
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AAVUpdateManager (HKLM\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.160 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.2.2218 - AVAST Software)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11b Network Adapter) (Version: - )
Canon MG5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series) (Version: - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
globalupdate Helper (Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ATTENTION
Google Chrome (HKLM\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Update Helper (Version: 1.3.27.5 - Google Inc.) Hidden
HP Quick Launch Buttons (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.14.1 - Hewlett-Packard Company)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Junk Mail filter update (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Português) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 2070) (Version: 4.5.51209 - Microsoft Corporation)
Mozilla Firefox 38.0.5 (x86 de) (HKLM\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)
Mozilla Thunderbird 38.0.1 (x86 pt-PT) (HKLM\...\Mozilla Thunderbird 38.0.1 (x86 pt-PT)) (Version: 38.0.1 - Mozilla)
OpenOffice 4.1.0 (HKLM\...\{3A0489C9-BEF9-4A62-BF79-8383F24CEC1A}) (Version: 4.10.9764 - Apache Software Foundation)
QLBCASL (Version: 6.40.17.2 - Hewlett-Packard) Hidden
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.5 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
SteuerSparErklärung 2015 (HKLM\...\{312C0E08-8F94-4536-AAF6-3413F784AC5F}) (Version: 20.30.147 - Akademische Arbeitsgemeinschaft)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 10.0.13.2 - Synaptics)
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.31064 - TeamViewer)
Texas Instruments PCIxx21/x515/xx12 drivers. (HKLM\...\InstallShield_{767B964C-D9B4-422D-802B-F7ACBE2D310A}) (Version: 2.00.0004 - Texas Instruments Inc.)
TIPCI (Version: 2.00.0004 - Texas Instruments Inc.) Hidden
VoipConnect (HKLM\...\VoipConnect_is1) (Version: 4.14 build 762 - Finarea S.A. Switzerland)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
14-06-2015 22:38:13 avast! antivirus system restore point
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2014-09-27 18:34 - 00450709 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
There are 1000 more lines.
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0274C13A-F490-4764-86C6-4B090F54534F} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {0B4276C0-8FE6-4D83-BBC3-D21EB34332E4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-06-14] (Google Inc.)
Task: {13D9CE0C-3DA8-46F4-8E17-19F27403B671} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {47594560-8CE2-4F42-B58D-520A0E730C03} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-14] (Adobe Systems Incorporated)
Task: {4B6479D2-EA12-47ED-AE18-23693BF8AADA} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {6478C7E0-C68D-4B43-9DB5-FC3CDC5EE466} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {732F20F4-7650-44D5-817D-5E834C2EFAA2} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {930C2C3B-207B-4379-A829-A584FA1BC2AD} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {981472AF-848D-4848-AF88-308F40DE1BDB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {B443E700-8E20-488A-9575-817DFB1ACF5F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-06-14] (Google Inc.)
Task: {FAB311F9-A3E4-41E1-9F77-AE978183D175} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-23] (Avast Software s.r.o.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2015-05-23 10:48 - 2015-05-23 10:48 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-23 10:48 - 2015-05-23 10:48 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-06-14 20:05 - 2015-06-14 20:05 - 02954752 _____ () C:\Program Files\AVAST Software\Avast\defs\15061401\algo.dll
2015-05-23 10:48 - 2015-05-23 10:48 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2008-10-24 17:35 - 2008-10-24 17:35 - 00128296 _____ () C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
There are 7865 more restricted sites.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3946875533-3410000714-2897456997-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Luiza\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: VoipConnect => "C:\Program Files\VoipConnect.com\VoipConnect\VoipConnect.exe" -nosplash -minimized
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{FFA5C05E-6D6A-4FED-95DA-63E2835DC8F0}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{85B8A795-DFEC-424E-883B-076C9DAC34CE}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{A25BF6DF-1ED2-4903-BF06-C7AF1DA2BC76}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{7B0EAE30-289D-4F34-8DAA-DC32C4783A0B}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{506EFCFA-4C91-42F7-8D7E-C3CFF7197298}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{E94D37B1-9230-42D6-9697-5C417FFC31B3}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{5A34989C-F0EF-4334-B9D7-BE378FCF6186}] => (Allow) C:\Program Files\VoipConnect.com\VoipConnect\VoipConnect.exe
FirewallRules: [{2D3E4F40-C879-47ED-9599-6BDC1243D835}] => (Allow) C:\Program Files\VoipConnect.com\VoipConnect\VoipConnect.exe
FirewallRules: [TCP Query User{50B6997F-6FBD-443D-B4AB-E9F618894D88}C:\program files\voipconnect.com\voipconnect\voipconnect.exe] => (Allow) C:\program files\voipconnect.com\voipconnect\voipconnect.exe
FirewallRules: [UDP Query User{397952BD-0BA8-4893-B37F-422585C75A3B}C:\program files\voipconnect.com\voipconnect\voipconnect.exe] => (Allow) C:\program files\voipconnect.com\voipconnect\voipconnect.exe
FirewallRules: [{D7BFA842-2DA2-43AC-86C1-67EB3C27BE81}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3E78C5DF-C0B0-4660-934B-2DA82972FE92}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{3F45FE91-272D-48F8-B671-5862400F07D2}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{A5257A0A-06FF-440D-8483-CC6D2512965E}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{1703990C-59C7-4D2A-82C7-9D6F2DAB2F1E}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{54D62771-06C6-4926-AFB9-0CE829B5C710}] => (Allow) LPort=2869
FirewallRules: [{0B6D3DE2-E66C-488B-A7A3-C28DBF4FFBE3}] => (Allow) LPort=1900
FirewallRules: [{29B8616D-D8C4-40F6-B8DA-68D9C2524EAA}] => (Allow) C:\Program Files\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
FirewallRules: [{B677D45D-CB0B-4DC2-82BC-3A5C19843600}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{1EBC0B7E-77B5-428D-B993-E31C92852500}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{894B8189-1791-47E6-BC19-A314133B489A}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de Túnel Teredo da Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/14/2015 10:38:12 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Erro do Serviço de Cópia Sombra de Volumes: erro inesperado ao consultar a interface IVssWriterCallback. hr = 0x80070005, Access is denied.
.
Este é muitas vezes causado por definições de segurança incorrectas no processo do escritor ou requerente.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {417d0080-8a24-4e14-b69f-0ba1d802a992}
Error: (06/14/2015 00:52:01 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Error 1316. The specified account already exists.
Error: (06/14/2015 00:39:22 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Não foi possível criar o ponto de restauro (Processo = C:\Windows\system32\svchost.exe -k netsvcs; Descrição = Windows Update; Erro = 0x81000101).
Error: (05/24/2015 10:39:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome da aplicação com falha: plugin-container.exe, versão: 38.0.1.5611, carimbo de data/hora: 0x55541a90
Nome do módulo com falha: mozalloc.dll, versão: 38.0.1.5611, carimbo de data/hora: 0x55540a1e
Código de excepção: 0x80000003
Desvio de falha: 0x00001aa1
ID do processo com falha: 0x15ac
Data/hora de início da aplicação com falha: 0xplugin-container.exe0
Caminho da aplicação com falha: plugin-container.exe1
Caminho do módulo com falha: plugin-container.exe2
ID do Relatório: plugin-container.exe3
Error: (05/24/2015 10:20:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome da aplicação com falha: plugin-container.exe, versão: 38.0.1.5611, carimbo de data/hora: 0x55541a90
Nome do módulo com falha: mozalloc.dll, versão: 38.0.1.5611, carimbo de data/hora: 0x55540a1e
Código de excepção: 0x80000003
Desvio de falha: 0x00001aa1
ID do processo com falha: 0x16b0
Data/hora de início da aplicação com falha: 0xplugin-container.exe0
Caminho da aplicação com falha: plugin-container.exe1
Caminho do módulo com falha: plugin-container.exe2
ID do Relatório: plugin-container.exe3
Error: (05/23/2015 10:39:02 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Erro do Serviço de Cópia Sombra de Volumes: erro inesperado ao consultar a interface IVssWriterCallback. hr = 0x80070005, Access is denied.
.
Este é muitas vezes causado por definições de segurança incorrectas no processo do escritor ou requerente.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {13b0da11-dc7e-42c5-b02e-7eb3fdbeb93d}
Error: (05/21/2015 00:12:26 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Não foi possível criar o ponto de restauro (Processo = C:\Windows\system32\svchost.exe -k netsvcs; Descrição = Windows Update; Erro = 0x81000101).
Error: (04/18/2015 08:02:06 PM) (Source: SDFSSvc.exe) (EventID: 0) (User: )
Description: The service process could not connect to the service controller
Error: (03/12/2015 07:54:09 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Não foi possível inicializar o índice.
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (03/12/2015 07:54:09 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Não foi possível inicializar a aplicação.
Context: Windows Application
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
System errors:
=============
Error: (06/14/2015 09:04:25 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falhou o carregamento dos seguintes controladores de início de arranque ou de início do sistema:
cdrom
Error: (06/14/2015 08:04:51 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falhou o carregamento dos seguintes controladores de início de arranque ou de início do sistema:
cdrom
Error: (06/14/2015 07:05:18 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falhou o carregamento dos seguintes controladores de início de arranque ou de início do sistema:
cdrom
Error: (06/14/2015 03:54:47 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falhou o carregamento dos seguintes controladores de início de arranque ou de início do sistema:
cdrom
Error: (06/14/2015 03:53:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Volume Shadow Copy terminou inesperadamente. Isto aconteceu 1 vez(es).
Error: (06/14/2015 03:53:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Com4QLBEx terminou inesperadamente. Isto aconteceu 1 vez(es).
Error: (06/14/2015 03:53:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Windows Media Player Network Sharing Service terminou inesperadamente. Já o fez 1 vez(es). Será efectuada a seguinte acção correctiva em 30000 milissegundos: Restart the service.
Error: (06/14/2015 03:53:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço hpqwmiex terminou inesperadamente. Isto aconteceu 1 vez(es).
Error: (06/14/2015 03:53:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Windows Search terminou inesperadamente. Já o fez 1 vez(es). Será efectuada a seguinte acção correctiva em 30000 milissegundos: Restart the service.
Error: (06/14/2015 03:53:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Windows Live ID Sign-in Assistant terminou inesperadamente. Já o fez 1 vez(es). Será efectuada a seguinte acção correctiva em 10000 milissegundos: Restart the service.
Microsoft Office:
=========================
Error: (06/14/2015 10:38:12 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Access is denied.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {417d0080-8a24-4e14-b69f-0ba1d802a992}
Error: (06/14/2015 00:52:01 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Error 1316. The specified account already exists.
(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (06/14/2015 00:39:22 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x81000101
Error: (05/24/2015 10:39:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe38.0.1.561155541a90mozalloc.dll38.0.1.561155540a1e8000000300001aa115ac01d09661761f34a8C:\Program Files\Mozilla Firefox\plugin-container.exeC:\Program Files\Mozilla Firefox\mozalloc.dll049c188e-0255-11e5-a4f3-0016d4c5861b
Error: (05/24/2015 10:20:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe38.0.1.561155541a90mozalloc.dll38.0.1.561155540a1e8000000300001aa116b001d0965f0f42710cC:\Program Files\Mozilla Firefox\plugin-container.exeC:\Program Files\Mozilla Firefox\mozalloc.dll4f71a12e-0252-11e5-87c4-f574ce380b02
Error: (05/23/2015 10:39:02 AM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Access is denied.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {13b0da11-dc7e-42c5-b02e-7eb3fdbeb93d}
Error: (05/21/2015 00:12:26 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x81000101
Error: (04/18/2015 08:02:06 PM) (Source: SDFSSvc.exe) (EventID: 0) (User: )
Description: The service process could not connect to the service controller
Error: (03/12/2015 07:54:09 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description:
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (03/12/2015 07:54:09 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Context: Windows Application
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 CPU T5500 @ 1.66GHz
Percentage of memory in use: 44%
Total physical RAM: 3447.43 MB
Available physical RAM: 1922.05 MB
Total Pagefile: 6893.17 MB
Available Pagefile: 5502.77 MB
Total Virtual: 2047.88 MB
Available Virtual: 1904.72 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.69 GB) (Free:76.4 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 9AE11EB2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)
==================== End of log ============================
--- --- --- |
|
15.06.2015, 08:14
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | svchost.exe Avast geblockt FRST-Fix Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKU\S-1-5-21-3946875533-3410000714-2897456997-1001\...\Run: [*LABAL*] => [X]
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
EmptyTemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.06.2015, 17:08
| #9 |
| | svchost.exe Avast geblocktCode:
ATTFilter Fix result of Farbar Recovery Scan Tool (x86) Version: 13-06-2015
Ran by Luiza at 2015-06-15 18:02:24 Run:1
Running from C:\Users\Luiza\Downloads
Loaded Profiles: Luiza (Available Profiles: Luiza)
Boot Mode: Normal
==============================================
fixlist content:
*****************
HKU\S-1-5-21-3946875533-3410000714-2897456997-1001\...\Run: [*LABAL*] => [X]
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
EmptyTemp:
*****************
HKU\S-1-5-21-3946875533-3410000714-2897456997-1001\Software\Microsoft\Windows\CurrentVersion\Run\\*LABAL* => value removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\volaro" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\vonteera" => key removed successfully.
C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7 => moved successfully.
EmptyTemp: => 525.3 MB temporary data Removed.
The system needed a reboot.
==== End of Fixlog 18:03:09 ====
|
|
16.06.2015, 08:35
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | svchost.exe Avast geblockt Okay, dann Kontrollscans mit ESET und SC bitte: ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.06.2015, 21:19
| #11 |
| | svchost.exe Avast geblockt ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=c9231232da91ba46a50f41bb00d63ba2 # end=init # utc_time=2015-06-16 07:18:44 # local_time=2015-06-16 09:18:44 (+0100, Hora de Verão da Europa Oeste) # country="Germany" # osver=6.1.7601 NT Service Pack 1 Update Init Update Download Update Init Update Download esets_scanner_update returned -1 esets_gle=45315 Update Finalize Updated modules version: 0 Old modules - leave modules Update Init Update Download Update Init Update Download Update Finalize Updated modules version: 24359 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=c9231232da91ba46a50f41bb00d63ba2 # end=updated # utc_time=2015-06-16 07:31:04 # local_time=2015-06-16 09:31:04 (+0100, Hora de Verão da Europa Oeste) # country="Germany" # osver=6.1.7601 NT Service Pack 1 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7777 # api_version=3.1.1 # EOSSerial=c9231232da91ba46a50f41bb00d63ba2 # engine=24359 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2015-06-16 07:59:21 # local_time=2015-06-16 09:59:21 (+0100, Hora de Verão da Europa Oeste) # country="Germany" # lang=1031 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode_1='avast! Antivirus' # compatibility_mode=783 16777213 71 95 170403 26979178 0 0 # compatibility_mode_1='' # compatibility_mode=5893 16776573 100 94 18441 186115952 0 0 # scanned=141819 # found=1 # cleaned=0 # scan_time=1696 sh=171D0DFAD4ABC8BFCFC3DE6AD9EB03DBA9CB60AC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Luiza\AppData\Roaming\C6h80tPKvNoKikjSPXZ1qi.vir" Code:
ATTFilter Results of screen317's Security Check version 1.002
Windows 7 Service Pack 1 x86 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus
Antivirus out of date!
`````````Anti-malware/Other Utilities Check:`````````
MVPS Hosts File
CCleaner
Java 8 Update 45
Adobe Flash Player 18.0.0.160
Mozilla Firefox (38.0.5)
Mozilla Thunderbird (38.0.1)
````````Process Check: objlist.exe by Laurent````````
ESET ESET Online Scanner OnlineScannerApp.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
AVAST Software Avast ng vbox\AvastVBoxSVC.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
|
|
16.06.2015, 22:11
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | svchost.exe Avast geblockt Nur ein Fund in der Q. Sieht soweit ok aus  Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) empfehle ich die Erweiterung Ghostery, diese verhindert weitgehend Usertracking bzw. das Anzeigen von Werbebannern. Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.06.2015, 22:30
| #13 |
| | svchost.exe Avast geblockt Hallo Cosinus. Alles läuft perfekt... Was soll ich da noch sagen ..? 1000 Dank für deine super Hilfe.. |
|
16.06.2015, 23:50
| #14 | ||||||||||
| /// Winkelfunktion /// TB-Süch-Tiger™ | svchost.exe Avast geblockt Dann wären wir durch! Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.  Abschließend müssen wir noch ein paar Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.  Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde:  Combofix deinstallieren
Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.  Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:
Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional:  NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden. Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu svchost.exe Avast geblockt |
| .exe, ausprobiert, avast, erneute, geblockt, launch, melde, meldet, neustart, svchost.exe, virusmeldung, vonteera |
+ R Taste und schreibe Combofix /Uninstall in das 
Linear-Darstellung
