|
Plagegeister aller Art und deren Bekämpfung: CPU Auslastung sehr hochWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
13.07.2015, 15:48 | #16 |
| CPU Auslastung sehr hoch [CODE]Additional FRST Logfile: Code:
ATTFilter scan result of Farbar Recovery Scan Tool (x86) Version: 12-07-2015 Ran by Noname at 2015-07-13 16:47:04 Running from C:\Users\Noname\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-4277079510-974402927-3430589439-500 - Administrator - Disabled) Gast (S-1-5-21-4277079510-974402927-3430589439-501 - Limited - Disabled) Noname (S-1-5-21-4277079510-974402927-3430589439-1000 - Administrator - Enabled) => C:\Users\Noname ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.191 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.203 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) AIDA64 Extreme Edition v3.00 (HKLM\...\AIDA64 Extreme Edition_is1) (Version: 3.00 - FinalWire Ltd.) Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.) Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Avast Free Antivirus (HKLM\...\Avast) (Version: 10.2.2218 - AVAST Software) Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform) Configuration DivX (HKLM\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC) CopyTrans Control Center deinstallieren (HKU\S-1-5-21-4277079510-974402927-3430589439-1000\...\CopyTrans Suite) (Version: 3.003 - WindSolutions) CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) devolo dLAN-Konfigurationsassistent (HKLM\...\dlanconf) (Version: 9.0.0.0 - devolo AG) EPSON BX935FWD Series Printer Uninstall (HKLM\...\EPSON BX935FWD Series) (Version: - SEIKO EPSON Corporation) EPSON Scan (HKLM\...\EPSON Scanner) (Version: - Seiko Epson Corporation) ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - ) EVEREST Home Edition v2.20 (HKLM\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc) iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.) Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation) K-Lite Mega Codec Pack 11.0.0 (HKLM\...\KLiteCodecPack_is1) (Version: 11.0.0 - ) Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation) Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation) Minecraft (HKLM\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) Mozilla Firefox 39.0 (x86 de) (HKLM\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) NVIDIA Grafiktreiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) OpenOffice 4.1.1 (HKLM\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation) RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: 1.90 - Ghostgum Software Pty Ltd) Secunia PSI (3.0.0.10004) (HKLM\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia) SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - ) VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden VCRedistSetup (Version: 1.0.0 - Nero AG) Hidden VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN) WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies) WinRAR 5.10 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH) YGOPro DevPro Version 1.9.6 r0 (HKLM\...\{3CF2634F-3F38-4DD3-9201-CB2FE6B5FF23}_is1) (Version: 1.9.6 r0 - YGOPro DevPro Online) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= 27-05-2015 13:45:56 Ende der Bereinigung 04-06-2015 21:45:49 Geplanter Prüfpunkt 10-06-2015 17:28:00 Windows Update 18-06-2015 14:02:28 Geplanter Prüfpunkt 26-06-2015 22:54:49 Geplanter Prüfpunkt 04-07-2015 10:18:06 Geplanter Prüfpunkt 11-07-2015 08:55:45 Windows Update 12-07-2015 14:55:21 NVIDIA PhysX wird entfernt 12-07-2015 15:24:37 avast! antivirus system restore point 12-07-2015 15:46:07 Removed Java 8 Update 45 12-07-2015 16:16:10 NVIDIA PhysX wird entfernt 12-07-2015 16:39:47 Windows Update 12-07-2015 18:46:17 Removed Java 8 Update 45 12-07-2015 18:48:20 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {29685E1F-2228-4284-9DC9-FAEFF9BB948A} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft) Task: {2DA4BF16-C382-4ECD-BC90-D4EB064848F3} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-12] (Avast Software s.r.o.) Task: {39DDFCC5-E8AC-4F5B-97A1-B24E438B9DC8} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation) Task: {42CFF66B-FAA9-4A2F-835A-E27393A0A8C6} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation) Task: {58047848-E115-4783-A426-B8BF351EDBF6} - System32\Tasks\klcp_update => C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-02-18] () Task: {6BD417A8-55DA-4A68-A3F4-18673D05CB17} - System32\Tasks\{7D875AB7-3E75-497C-AB92-4FB7316BA69B} => pcalua.exe -a C:\NVIDIA\SystemTools\6.08\NVMonitor\setup.exe -d C:\NVIDIA\SystemTools\6.08\NVMonitor Task: {792E9B8B-3FB4-4AB8-911A-D351030994BD} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation) Task: {D0312B56-C217-411B-9D8F-279D5554DE17} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-12] (Adobe Systems Incorporated) Task: {EC094005-C3EB-4024-9B3F-749E08A80221} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation) Task: {FA0A119B-0531-4F26-BB07-9319C2D3A3D0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (Whitelisted) ============== 2015-05-06 20:36 - 2015-05-06 20:36 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-05-06 20:36 - 2015-05-06 20:36 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-07-12 19:15 - 2015-07-12 19:15 - 02956288 _____ () C:\Program Files\AVAST Software\Avast\defs\15071201\algo.dll 2015-07-13 10:50 - 2015-07-13 10:50 - 02956288 _____ () C:\Program Files\AVAST Software\Avast\defs\15071300\algo.dll 2015-03-08 11:45 - 2015-06-17 08:51 - 00106128 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll 2006-12-04 01:25 - 2006-12-04 01:25 - 00022723 _____ () C:\Windows\System32\sugs2l3.dll 2015-03-08 21:39 - 2015-03-08 21:40 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-12-13 00:24 - 2014-12-13 00:24 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-4277079510-974402927-3430589439-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Noname\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 - 193.189.244.202 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: Apple Mobile Device => 2 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: iPod Service => 3 MSCONFIG\Services: MBAMService => 2 MSCONFIG\Services: Nero BackItUp Scheduler 3 => 2 MSCONFIG\Services: NMIndexingService => 3 MSCONFIG\Services: Secunia PSI Agent => 3 MSCONFIG\Services: Secunia Update Agent => 2 MSCONFIG\startupreg: 20150107 => C:\Program Files\AVAST Software\Avast\setup\emupdate\0c77843d-45d3-4614-b019-2825c352d570.exe /check MSCONFIG\startupreg: Adobe Speed Launcher => 1429258026 ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{715EE703-F93C-4A44-8433-4487EAA472BB}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{0E62E5B5-D95D-4C74-9672-067A8283FB31}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [TCP Query User{343CF004-505E-43E0-B5C5-64A5342A5BCE}C:\program files\devpro\devpro.dll] => (Allow) C:\program files\devpro\devpro.dll FirewallRules: [UDP Query User{5882E574-3AB9-4943-9427-290DFD43AE43}C:\program files\devpro\devpro.dll] => (Allow) C:\program files\devpro\devpro.dll FirewallRules: [TCP Query User{8D830128-61A4-4C27-83DC-98C026C9FEAB}C:\program files\devpro\devpro.dll] => (Allow) C:\program files\devpro\devpro.dll FirewallRules: [UDP Query User{9F3417D6-7FBA-4577-869E-CE5F3EF6B507}C:\program files\devpro\devpro.dll] => (Allow) C:\program files\devpro\devpro.dll FirewallRules: [TCP Query User{92CFA8D8-52E0-4E0E-A205-336FA9B4287E}C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\launcher.exe] => (Allow) C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\launcher.exe FirewallRules: [UDP Query User{995C1756-466E-4FE5-95FD-F12A5A59A412}C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\launcher.exe] => (Allow) C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\launcher.exe FirewallRules: [{AC67BA12-D3E1-46DB-993F-DC19E2F8F34B}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [TCP Query User{BFFDA09B-DAF9-4A8B-877B-7E0A8C8018F0}C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\gamedata\game.exe] => (Allow) C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\gamedata\game.exe FirewallRules: [UDP Query User{66319B40-A6D3-4DA1-AA0F-C2107234B2BC}C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\gamedata\game.exe] => (Allow) C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\gamedata\game.exe FirewallRules: [{96BFA00F-1B66-42E5-A3AF-A50384CB2563}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{7144E11B-5FFA-4FF8-B747-B77002728DAF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{9795B38A-E7EB-44D8-830E-73B27CA72A50}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{9C7E7BD3-D018-495B-BA7E-CCFA05089F0A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{0CE973D5-AF1B-40B6-A222-E1C510502349}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{8B262E26-295F-4326-AA3A-16FDE0F1BC86}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{D26899A5-6F3E-4DDF-A679-AA009B13BC63}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe FirewallRules: [{4E341B75-8D2A-4D7C-800C-2DF4C81B18FF}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{D483C699-5F8E-466F-B3AA-2EAF0B521B5C}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe ==================== Faulty Device Manager Devices ============= Name: VIA USB erweiterter Hostcontroller Description: VIA USB erweiterter Hostcontroller Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: VIA Technologies Service: usbehci Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Microsoft PS/2-Maus Description: Microsoft PS/2-Maus Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Standard PCI-zu-USB universeller Hostcontroller Description: Standard PCI-zu-USB universeller Hostcontroller Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Standard-USB-Hostcontroller) Service: usbuhci Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Standard PCI-zu-USB universeller Hostcontroller Description: Standard PCI-zu-USB universeller Hostcontroller Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Standard-USB-Hostcontroller) Service: usbuhci Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== Error: (07/13/2015 10:49:51 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/13/2015 08:05:50 AM) (Source: Windows Search Service) (EventID: 7010) (User: ) Description: Der Index kann nicht initialisiert werden. Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (07/13/2015 08:05:50 AM) (Source: Windows Search Service) (EventID: 3058) (User: ) Description: Die Anwendung kann nicht initialisiert werden. Kontext: Windows Anwendung Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (07/13/2015 08:05:50 AM) (Source: Windows Search Service) (EventID: 3028) (User: ) Description: Das Gatherer-Objekt kann nicht initialisiert werden. Kontext: Windows Anwendung, SystemIndex Katalog Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (07/13/2015 08:05:50 AM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden. Kontext: Windows Anwendung, SystemIndex Katalog Details: Element nicht gefunden. (HRESULT : 0x80070490) (0x80070490) Error: (07/13/2015 08:05:46 AM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden. Kontext: Windows Anwendung, SystemIndex Katalog Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (07/13/2015 08:05:46 AM) (Source: Windows Search Service) (EventID: 9002) (User: ) Description: Die Eigenschaftenspeicherdaten können von Windows Search nicht geladen werden. Kontext: Windows Anwendung, SystemIndex Katalog Details: Die Inhaltsindexdatenbank ist fehlerhaft. (HRESULT : 0xc0041800) (0xc0041800) Error: (07/13/2015 08:05:46 AM) (Source: Windows Search Service) (EventID: 7042) (User: ) Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet. Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (07/13/2015 08:05:46 AM) (Source: Windows Search Service) (EventID: 7040) (User: ) Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=4700} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben. Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (07/13/2015 08:05:46 AM) (Source: Windows Search Service) (EventID: 9000) (User: ) Description: Der Jet-Eigenschaftenspeicher kann von Windows Search nicht geöffnet werden. Details: 0x%08x (0xc0041800 - Die Inhaltsindexdatenbank ist fehlerhaft. (HRESULT : 0xc0041800)) System errors: ============= Error: (07/13/2015 08:05:50 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts. Error: (07/13/2015 08:05:50 AM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1073473535. Error: (07/13/2015 12:26:12 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (07/12/2015 06:48:50 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen: %%5 Error: (07/12/2015 04:00:00 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen: %%5 Error: (07/12/2015 03:41:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Windows Installer" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (07/12/2015 03:41:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Installer erreicht. Error: (07/12/2015 03:39:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Druckwarteschlange" wurde aufgrund folgenden Fehlers nicht gestartet: %%1069 Error: (07/12/2015 03:39:36 PM) (Source: Service Control Manager) (EventID: 7038) (User: ) Description: Der Dienst "Spooler" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%50 Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC). Error: (07/12/2015 03:39:08 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: %%1056 Microsoft Office: ========================= Error: (07/13/2015 10:49:51 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/13/2015 08:05:50 AM) (Source: Windows Search Service) (EventID: 7010) (User: ) Description: Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (07/13/2015 08:05:50 AM) (Source: Windows Search Service) (EventID: 3058) (User: ) Description: Kontext: Windows Anwendung Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (07/13/2015 08:05:50 AM) (Source: Windows Search Service) (EventID: 3028) (User: ) Description: Kontext: Windows Anwendung, SystemIndex Katalog Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (07/13/2015 08:05:50 AM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: Kontext: Windows Anwendung, SystemIndex Katalog Details: Element nicht gefunden. (HRESULT : 0x80070490) (0x80070490) Search.TripoliIndexer Error: (07/13/2015 08:05:46 AM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: Kontext: Windows Anwendung, SystemIndex Katalog Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Search.JetPropStore Error: (07/13/2015 08:05:46 AM) (Source: Windows Search Service) (EventID: 9002) (User: ) Description: Kontext: Windows Anwendung, SystemIndex Katalog Details: Die Inhaltsindexdatenbank ist fehlerhaft. (HRESULT : 0xc0041800) (0xc0041800) Error: (07/13/2015 08:05:46 AM) (Source: Windows Search Service) (EventID: 7042) (User: ) Description: Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) The catalog is corrupt Error: (07/13/2015 08:05:46 AM) (Source: Windows Search Service) (EventID: 7040) (User: ) Description: Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) 4700 Error: (07/13/2015 08:05:46 AM) (Source: Windows Search Service) (EventID: 9000) (User: ) Description: Details: 0x%08x (0xc0041800 - Die Inhaltsindexdatenbank ist fehlerhaft. (HRESULT : 0xc0041800)) ==================== Memory info =========================== Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz Percentage of memory in use: 53% Total physical RAM: 2047.37 MB Available physical RAM: 957.14 MB Total Virtual: 4094.73 MB Available Virtual: 2732.37 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:232.79 GB) (Free:174.55 GB) NTFS Drive e: (Neo`s Daten) (Fixed) (Total:232.88 GB) (Free:225.82 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 04170417) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 232.9 GB) (Disk ID: 0ACB0595) Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS) ==================== End of log ============================ FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-07-2015 Ran by Noname (administrator) on NONAME-PC on 13-07-2015 16:46:04 Running from C:\Users\Noname\Desktop Loaded Profiles: Noname (Available Profiles: Noname) Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Farbar) C:\Users\Noname\Desktop\FRST(1).exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-23] (Avast Software s.r.o.) HKU\S-1-5-21-4277079510-974402927-3430589439-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5489944 2014-12-12] (Piriform Ltd) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-05-06] (Avast Software s.r.o.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-4277079510-974402927-3430589439-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-4277079510-974402927-3430589439-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://mega.co.nz/#login SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-23] (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-23] (Avast Software s.r.o.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-23] (Oracle Corporation) Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 193.189.244.202 193.189.244.194 Tcpip\..\Interfaces\{34305B66-F253-4571-9EEB-B9B40B89F740}: [DhcpNameServer] 192.168.1.1 193.189.244.202 193.189.244.194 Tcpip\..\Interfaces\{8DE3437E-5FB7-493F-8CF5-EE9202094B83}: [DhcpNameServer] 192.168.1.1 193.189.244.202 193.189.244.194 FireFox: ======== FF ProfilePath: C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587 FF Homepage: hxxp://www.facebook.com/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_203.dll [2015-07-12] () FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.) FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-23] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-23] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-07-03] (Microsoft Corporation) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF Extension: Flash Video Downloader - YouTube HD Downloader [4K] - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\artur.dubovoy@gmail.com [2015-05-30] FF Extension: WOT - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-10-24] FF Extension: MEGA - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\firefox@mega.co.nz.xpi [2014-10-24] FF Extension: Stylish - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2014-10-24] FF Extension: Video DownloadHelper - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-07-12] FF Extension: Adblock Plus - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-24] FF Extension: Adblock Edge - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2014-10-24] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-08] Chrome: ======= CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-08] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-06] (Avast Software s.r.o.) R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-05-06] (Avast Software) S4 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation) S4 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia) S4 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-05-06] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-05-06] (Avast Software s.r.o.) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-05-06] (Avast Software s.r.o.) R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-05-06] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-05-06] (Avast Software s.r.o.) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [428120 2015-07-12] (Avast Software s.r.o.) S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-05-06] (Avast Software s.r.o.) S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [38472 2013-11-06] (The OpenVPN Project) R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-05-06] () R2 giveio; C:\Windows\system32\giveio.sys [5248 1996-04-03] () [File not signed] S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation) R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.) R2 PLCNDIS5; C:\Windows\system32\plcndis5.sys [17280 2004-05-17] (Intellon, Inc.) [File not signed] S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2014-11-28] (Secunia) R2 speedfan; C:\Windows\system32\speedfan.sys [24184 2012-12-29] (Almico Software) R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-05-06] (Avast Software) R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] () S3 Andbus; system32\DRIVERS\lgandbus.sys [X] S3 AndDiag; system32\DRIVERS\lganddiag.sys [X] S3 AndGps; system32\DRIVERS\lgandgps.sys [X] S3 ANDModem; system32\DRIVERS\lgandmodem.sys [X] S3 AndNetDiag; system32\DRIVERS\lgandnetdiag.sys [X] S3 ANDNetModem; system32\DRIVERS\lgandnetmodem.sys [X] S3 andnetndis; system32\DRIVERS\lgandnetndis.sys [X] S3 catchme; \??\C:\Users\Noname\AppData\Local\Temp\catchme.sys [X] S3 crliycos; \SystemRoot\system32\drivers\ngiodriver_x86 [X] S3 eapihdrv; \??\C:\Users\Noname\AppData\Local\Temp\ehdrv.sys [X] S4 nvvad_WaveExtensible; system32\drivers\nvvad32v.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-13 08:04 - 2015-07-13 10:49 - 00000112 _____ C:\Windows\setupact.log 2015-07-13 08:04 - 2015-07-13 08:04 - 00000352 _____ C:\Windows\PFRO.log 2015-07-13 08:04 - 2015-07-13 08:04 - 00000000 _____ C:\Windows\setuperr.log 2015-07-12 19:13 - 2015-07-13 08:04 - 00000000 ____D C:\Program Files\Mozilla Firefox 2015-07-12 19:13 - 2015-07-12 19:13 - 01947216 _____ (InstallX, LLC) C:\Windows\system32\coretemp_d7632790.exe 2015-07-12 19:12 - 2015-07-12 19:12 - 00516632 _____ ( ) C:\Users\Noname\Downloads\coretemp_d7632790_CB-DL-Manager.exe 2015-07-12 19:08 - 2015-07-12 19:08 - 00000000 ____D C:\Users\Noname\AppData\Roaming\NVIDIA 2015-07-12 18:31 - 2015-07-12 18:31 - 00852662 _____ C:\Users\Noname\Downloads\SecurityCheck.exe 2015-07-12 16:57 - 2015-07-12 16:57 - 02870984 _____ (ESET) C:\Users\Noname\Downloads\esetsmartinstaller_deu.exe 2015-07-12 16:39 - 2015-06-02 21:35 - 00342728 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-07-12 16:39 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-07-12 16:39 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-07-12 16:39 - 2015-05-23 05:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-07-12 16:39 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-07-12 16:39 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-07-12 16:39 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-07-12 16:39 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-07-12 16:39 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-07-12 16:39 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-07-12 16:39 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-07-12 16:39 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-07-12 16:39 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-07-12 16:39 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-07-12 16:39 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-07-12 16:39 - 2015-05-23 05:05 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-07-12 16:39 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-07-12 16:39 - 2015-05-23 05:00 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-07-12 16:39 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-07-12 16:39 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-07-12 16:39 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-07-12 16:39 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-07-12 16:39 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-07-12 16:39 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-07-12 16:39 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-07-12 16:39 - 2015-05-23 04:38 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-07-12 16:39 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-07-12 16:39 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-07-12 16:39 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-07-12 16:39 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-07-12 16:39 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-07-12 16:39 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-07-12 16:38 - 2015-07-09 19:44 - 00015808 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2015-07-12 16:38 - 2015-07-09 19:43 - 00587264 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-07-12 16:38 - 2015-07-09 19:42 - 00924160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-07-12 16:38 - 2015-07-09 19:42 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-07-12 16:38 - 2015-07-09 19:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-07-12 16:38 - 2015-07-09 19:42 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-07-12 16:38 - 2015-07-09 19:42 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-07-12 16:38 - 2015-07-09 19:34 - 00932864 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-07-12 16:38 - 2015-06-03 22:17 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-07-12 16:38 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2015-07-12 16:38 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-07-12 16:38 - 2015-05-25 20:07 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-07-12 16:38 - 2015-05-25 20:07 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-07-12 16:38 - 2015-05-25 20:04 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-07-12 16:38 - 2015-05-25 20:01 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-07-12 16:38 - 2015-05-25 20:01 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2015-07-12 16:38 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2015-07-12 16:38 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-07-12 16:38 - 2015-05-25 20:01 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-07-12 16:38 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-07-12 16:38 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-07-12 16:38 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-07-12 16:38 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-07-12 16:38 - 2015-05-25 20:01 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-07-12 16:38 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll 2015-07-12 16:38 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-07-12 16:38 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-07-12 16:38 - 2015-05-25 20:01 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-07-12 16:38 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-07-12 16:38 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-07-12 16:38 - 2015-05-25 20:01 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-07-12 16:38 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe 2015-07-12 16:38 - 2015-05-25 20:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-07-12 16:38 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe 2015-07-12 16:38 - 2015-05-25 20:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-07-12 16:38 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-07-12 16:38 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe 2015-07-12 16:38 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe 2015-07-12 16:38 - 2015-05-25 20:00 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-07-12 16:38 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe 2015-07-12 16:38 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-07-12 16:38 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-07-12 16:38 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-07-12 16:38 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-07-12 16:38 - 2015-05-25 19:00 - 02384384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-07-12 16:38 - 2015-05-25 18:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll 2015-07-12 16:34 - 2015-05-09 05:14 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2015-07-12 16:34 - 2015-05-09 05:13 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2015-07-12 16:34 - 2015-05-09 05:13 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2015-07-12 16:34 - 2015-05-09 05:12 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2015-07-12 16:34 - 2015-05-09 05:08 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-07-12 16:34 - 2015-05-09 05:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-07-12 16:34 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-07-12 16:34 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-07-12 16:34 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-07-12 16:34 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-07-12 16:34 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-07-12 16:34 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-07-12 16:34 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-07-12 16:34 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-07-12 16:34 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-07-12 16:34 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-07-12 16:34 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-07-12 16:34 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-07-12 16:34 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-07-12 16:34 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-07-12 16:34 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-07-12 16:34 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-07-12 16:34 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-07-12 16:34 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-07-12 16:34 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-07-12 16:34 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-07-12 16:34 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-07-12 16:34 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-07-12 16:34 - 2015-05-09 03:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-07-12 16:34 - 2015-05-09 03:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-07-12 16:34 - 2015-05-09 03:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-07-12 16:34 - 2015-05-09 03:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-07-12 16:34 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2015-07-12 16:34 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2015-07-12 16:34 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2015-07-12 16:34 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2015-07-12 16:33 - 2015-06-26 19:56 - 02943488 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-07-12 16:33 - 2015-06-26 19:56 - 02057216 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-07-12 16:33 - 2015-06-26 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-07-12 16:33 - 2015-06-26 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-07-12 16:33 - 2015-06-26 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-07-12 16:33 - 2015-06-26 19:56 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-07-12 16:33 - 2015-06-26 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-07-12 16:33 - 2015-06-26 19:55 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-07-12 16:33 - 2015-06-26 19:55 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-07-12 16:33 - 2015-06-26 19:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-07-12 16:33 - 2015-06-26 19:55 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2015-07-12 16:33 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2015-07-12 16:32 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2015-07-12 16:32 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2015-07-12 16:32 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2015-07-12 16:32 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2015-07-12 16:30 - 2015-05-09 20:09 - 00715200 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll 2015-07-12 16:11 - 2015-06-17 11:06 - 37748880 _____ C:\Windows\system32\nvcompiler.dll 2015-07-12 16:11 - 2015-06-17 11:06 - 22947144 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll 2015-07-12 16:11 - 2015-06-17 11:06 - 13263248 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2015-07-12 16:11 - 2015-06-17 11:06 - 11831856 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2015-07-12 16:11 - 2015-06-17 11:06 - 09129800 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2015-07-12 16:11 - 2015-06-17 11:06 - 02997544 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll 2015-07-12 16:11 - 2015-06-17 11:06 - 02599568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2015-07-12 16:11 - 2015-06-17 11:06 - 01049232 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3235330.dll 2015-07-12 16:11 - 2015-06-17 11:06 - 00982856 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR.dll 2015-07-12 16:11 - 2015-06-17 11:06 - 00974992 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC.dll 2015-07-12 16:11 - 2015-06-17 11:06 - 00938568 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshim.dll 2015-07-12 16:11 - 2015-06-17 11:06 - 00912528 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3235330.dll 2015-07-12 16:11 - 2015-06-17 11:06 - 00155280 _____ (NVIDIA Corporation) C:\Windows\system32\nvinit.dll 2015-07-12 16:11 - 2015-06-17 11:06 - 00128696 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim32.dll 2015-07-12 15:57 - 2015-07-12 16:08 - 227885392 _____ (NVIDIA Corporation) C:\Users\Noname\Downloads\353.30-desktop-win8-win7-winvista-32bit-international-whql.exe 2015-07-12 15:37 - 2015-07-12 15:37 - 01634816 _____ (Farbar) C:\Users\Noname\Downloads\FRST.exe 2015-07-12 15:26 - 2015-05-06 20:36 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe 2015-07-12 14:55 - 2015-07-12 16:16 - 00000000 ____D C:\ProgramData\NVIDIA 2015-07-12 14:51 - 2015-07-12 16:12 - 00000000 ____D C:\ProgramData\boost_interprocess 2015-07-12 09:19 - 2015-07-12 09:19 - 00000000 ____D C:\RegBackup 2015-07-11 18:17 - 2015-07-11 18:17 - 00016381 _____ C:\ComboFix.txt 2015-07-11 18:00 - 2015-07-11 18:17 - 00000000 ____D C:\Qoobox 2015-07-11 12:17 - 2015-07-13 16:46 - 00000000 ____D C:\FRST 2015-07-11 01:12 - 2015-07-11 01:22 - 229292641 _____ C:\Users\Noname\Downloads\[clips4sale.com]makayla's throat mp4.mp4 2015-07-03 19:51 - 2015-07-12 09:00 - 00000000 ____D C:\AdwCleaner 2015-07-03 14:15 - 2015-03-07 15:37 - 00000987 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk 2015-07-02 21:00 - 2015-07-02 21:00 - 00000000 ____D C:\Program Files\ESET 2015-07-02 20:07 - 2015-07-02 20:07 - 647608542 _____ C:\Users\Noname\Downloads\[clips4sale.com]053015fish_WMV V9.wmv 2015-07-02 19:35 - 2015-07-02 19:36 - 525086220 _____ C:\Users\Noname\Downloads\[clips4sale.com]Vac-Vore Garbage and Roommate Recycling - MP4 1280x720.mp4 2015-07-02 19:21 - 2015-07-02 19:22 - 306744878 _____ C:\Users\Noname\Downloads\(Clips4sale) Witch vore .wmv 2015-07-02 19:21 - 2015-07-02 19:21 - 84458329 _____ C:\Users\Noname\Downloads\[clips4sale.com]QD - Devoured By Jasmine Mendez HD.mkv 2015-07-01 23:13 - 2015-07-01 23:13 - 00000000 ____D C:\Users\Noname\Downloads\Neuer Ordner (4) 2015-07-01 23:12 - 2015-07-01 23:13 - 00000000 ____D C:\Users\Noname\Downloads\Neuer Ordner (3) ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-13 15:47 - 2014-05-07 23:11 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-07-13 15:27 - 2013-08-22 12:47 - 01395533 _____ C:\Windows\WindowsUpdate.log 2015-07-13 11:19 - 2009-07-14 06:34 - 00031104 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-07-13 11:19 - 2009-07-14 06:34 - 00031104 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-07-13 11:19 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache 2015-07-13 10:49 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-07-13 08:04 - 2013-10-01 08:37 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2015-07-12 19:18 - 2015-03-09 00:15 - 00000000 ____D C:\Program Files\SpeedFan 2015-07-12 18:49 - 2015-04-04 17:39 - 00000000 ___SD C:\Windows\system32\GWX 2015-07-12 18:45 - 2014-03-21 20:26 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2015-07-12 18:45 - 2014-03-21 20:26 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2015-07-12 18:45 - 2013-09-06 00:00 - 00000000 ____D C:\Users\Noname\AppData\Local\Adobe 2015-07-12 17:02 - 2010-11-20 23:01 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI 2015-07-12 16:54 - 2009-07-14 06:33 - 00287344 _____ C:\Windows\system32\FNTCACHE.DAT 2015-07-12 16:52 - 2014-12-11 19:56 - 00000000 ____D C:\Windows\system32\appraiser 2015-07-12 16:52 - 2014-04-23 09:01 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-07-12 16:52 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE 2015-07-12 16:48 - 2013-09-05 21:20 - 00000000 ____D C:\Windows\system32\MRT 2015-07-12 16:41 - 2013-09-05 21:20 - 136900096 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-07-12 16:17 - 2013-09-05 21:10 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2015-07-12 16:12 - 2013-09-05 21:11 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2015-07-12 16:10 - 2015-01-02 16:46 - 00000000 ____D C:\Windows\erdnt 2015-07-12 16:10 - 2014-09-25 00:39 - 00000000 ____D C:\Users\Noname\AppData\Local\SlimWare Utilities Inc 2015-07-12 16:10 - 2014-09-25 00:38 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers 2015-07-12 16:10 - 2013-09-21 20:48 - 00000000 ____D C:\Program Files\DevPro 2015-07-12 16:10 - 2013-09-05 23:58 - 00000000 ____D C:\Program Files\CCleaner 2015-07-12 16:10 - 2013-09-05 19:01 - 00000000 ____D C:\Windows\system32\Macromed 2015-07-12 16:10 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\wfp 2015-07-12 16:10 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Help 2015-07-12 16:10 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2015-07-12 16:09 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\registration 2015-07-12 16:07 - 2015-04-07 23:04 - 00000000 ____D C:\Users\Noname\AppData\Roaming\.minecraft 2015-07-12 16:07 - 2014-06-28 19:33 - 00000000 ____D C:\Users\Noname\AppData\Roaming\LiveSnap 2015-07-12 15:40 - 2009-07-14 06:53 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2015-07-12 15:26 - 2015-03-08 21:40 - 00428120 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswsp.sys 2015-07-12 15:23 - 2013-08-22 12:57 - 00000000 ____D C:\Users\Noname 2015-06-27 13:56 - 2015-02-10 20:46 - 00000089 _____ C:\Users\Noname\AppData\Roaming\chk.ag 2015-06-17 11:06 - 2015-03-08 11:44 - 00105104 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2015-06-17 11:06 - 2015-03-08 11:41 - 15224784 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll 2015-06-17 11:06 - 2015-03-08 11:41 - 12855224 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dum.dll 2015-06-17 11:06 - 2015-03-08 11:41 - 00026142 _____ C:\Windows\system32\nvinfo.pb 2015-06-17 08:51 - 2015-03-08 11:45 - 04385608 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2015-06-17 08:51 - 2015-03-08 11:45 - 03019920 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc.dll 2015-06-17 08:51 - 2015-03-08 11:45 - 02554512 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2015-06-17 08:51 - 2015-03-08 11:45 - 00670864 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2015-06-17 08:51 - 2015-03-08 11:45 - 00374928 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2015-06-17 08:51 - 2015-03-08 11:45 - 00061584 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll ==================== Files in the root of some directories ======= 2013-12-22 18:28 - 2013-12-22 18:28 - 0000000 _____ () C:\Program Files\Web Data 2015-02-10 20:46 - 2015-06-27 13:56 - 0000089 _____ () C:\Users\Noname\AppData\Roaming\chk.ag 2011-01-24 00:21 - 2015-05-07 00:17 - 0001127 _____ () C:\Users\Noname\AppData\Roaming\neo.ini 2011-01-24 00:21 - 2014-07-26 20:12 - 0001112 _____ () C:\Users\Noname\AppData\Roaming\neo98.ini 2014-07-10 08:56 - 2014-07-10 08:56 - 0000017 _____ () C:\Users\Noname\AppData\Local\resmon.resmoncfg ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-07-13 11:11 ==================== End of log ============================ |
13.07.2015, 16:49 | #17 | ||||||||||
/// TB-Ausbilder | CPU Auslastung sehr hoch Reste entfernen
__________________Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start CloseProcesses: EmptyTemp: end Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Die Fixlog von FRST gleich posten, da diese sonst mit DelFix (siehe weiter unten) automatisch entfernt wird! Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber. Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern. Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde: Combofix deinstallieren
Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen. Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank: Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional: Adblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren. NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Ghostery Erkennt und blockiert Tracker, Web Bugs, Pixel und Beacons und weitere Scripte, die das Surfverhalten ausspähen/beobachten. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen. Lade Software von einem sauberen Portal wie . Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden. Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann. |
13.07.2015, 20:42 | #18 |
| CPU Auslastung sehr hochCode:
ATTFilter Fix result of Farbar Recovery Scan Tool (x86) Version: 12-07-2015 Ran by Noname at 2015-07-13 21:33:19 Run:3 Running from C:\Users\Noname\Desktop Loaded Profiles: Noname (Available Profiles: Noname) Boot Mode: Normal ============================================== fixlist content: ***************** start CloseProcesses: EmptyTemp: end ***************** Processes closed successfully. EmptyTemp: => 104 MB temporary data Removed. The system needed a reboot. ==== End of Fixlog 21:33:31 ==== die überhitzung ist immernoch da, bin froh das die maleware erstmal weg ist. aber denke es ist dann wohl ein hardware problem. schaue mir die tage mal den lüfter/kühler an. ewentuel hat sich da staub angesetzt. anderst kann ich mir das auch net erklären warum er von heut auf morgen so heis wird und die cpu so ausschlägt wenn ich etwas merh arbeite am pc. |
14.07.2015, 11:28 | #19 |
/// TB-Ausbilder | CPU Auslastung sehr hoch Scheint in der Tag wohl ein Hardwareproblem zu sein. Ich bin froh, dass wir helfen konnten In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest: Lob, Kritik und Wünsche Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank! Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM. Jeder andere bitte hier klicken und einen eigenen Thread erstellen. |
Themen zu CPU Auslastung sehr hoch |
auslastung, befinden, ccleaner, cpu, cpu auslastung, cpu auslastung sehr hoch, einfach, gemerkt, hoffe, löschenden, momentan, problem, registry, sache, sachen, tan, verlauf, woche, wochen |