| Johannes1098 | 24.01.2014 13:46 |
Ups, die Adminrechte habe ich jetzt glatt vergessen:
FRST:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2014
Ran by Systemadmin (administrator) on JOHANNES on 24-01-2014 13:07:07
Running from C:\Users\Johannes\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Intel Corporation) C:\Program Files (x86)\Intel\AMT\LMS.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Intel Corporation) C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(Logixoft) C:\ProgramData\rvlkl\rvlkl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
==================== Registry (Whitelisted) ==================
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [VirtualCloneDrive] - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Runonce: [musicdownloadcenter] - [x]
HKLM-x32\...\Runonce: [SpUninstallCleanUp] - REG delete HKEY_LOCAL_MACHINE\Software\SearchProtect /f [x]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [CCleaner] - C:\Program Files\CCleaner\CCleaner64.exe [5910296 2013-11-22] (Piriform Ltd)
HKCU\...\Run: [lollipop] - "c:\users\systemadmin\appdata\local\lollipop\lollipop.exe" lollipop
HKCU\...\Run: [Browser Infrastructure Helper] - C:\Users\Systemadmin\AppData\Local\Smartbar\Application\Smartbar.exe startup
Startup: C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Skype.lnk
ShortcutTarget: Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
Startup: C:\Users\Systemadmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=cbbdf588-462a-4dbd-3507-4a12ced88ed9&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=15/01/2014&type=hp1000
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=cbbdf588-462a-4dbd-3507-4a12ced88ed9&searchtype=hp&fr=linkury-tb&installDate=15/01/2014&type=hp1000
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x12ADD64C51D6CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=cbbdf588-462a-4dbd-3507-4a12ced88ed9&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=15/01/2014&type=hp1000
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=cbbdf588-462a-4dbd-3507-4a12ced88ed9&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=15/01/2014&type=hp1000
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=cbbdf588-462a-4dbd-3507-4a12ced88ed9&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=15/01/2014&type=hp1000
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=cbbdf588-462a-4dbd-3507-4a12ced88ed9&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=15/01/2014&type=hp1000
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=cbbdf588-462a-4dbd-3507-4a12ced88ed9&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=15/01/2014&type=hp1000
BHO: Yahoo Community Smartbar (by Linkury)Engine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Yahoo Community Smartbar (by Linkury)Engine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Toolbar: HKLM - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Tcpip\..\Interfaces\{D8BAFAAC-D350-465A-A567-AC7ACA35B438}: [NameServer]192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Systemadmin\AppData\Roaming\Mozilla\Firefox\Profiles\gty2b952.default
FF NewTab: hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=cbbdf588-462a-4dbd-3507-4a12ced88ed9&searchtype=nt&fr=linkury-tb&installDate={installDate}&type=hp1000&q=
FF SelectedSearchEngine: Web Search
FF Homepage: hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=cbbdf588-462a-4dbd-3507-4a12ced88ed9&searchtype=hp&fr=linkury-tb&installDate={installDate}&type=hp1000
FF Keyword.URL: hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=cbbdf588-462a-4dbd-3507-4a12ced88ed9&searchtype=ds&fr=linkury-tb&installDate={installDate}&type=hp1000&p=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-19] (Avira Operations GmbH & Co. KG)
S3 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377104 2013-10-11] (LogMeIn, Inc.)
R2 LMS; C:\Program Files (x86)\Intel\AMT\LMS.exe [174616 2009-07-21] (Intel Corporation)
R2 UNS; C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2066968 2009-07-21] (Intel Corporation)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-10] (Avira Operations GmbH & Co. KG)
R3 GKUPRO2D; C:\Windows\System32\DRIVERS\GKUPRO2D.sys [120320 2012-11-05] (Gemalto)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 ssudobex; C:\Windows\System32\DRIVERS\ssudobex.sys [204568 2013-10-28] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-24 13:07 - 2014-01-24 13:07 - 00012830 _____ C:\Users\Johannes\Desktop\FRST.txt
2014-01-19 12:15 - 2014-01-24 13:06 - 02077696 _____ (Farbar) C:\Users\Johannes\Desktop\FRST64.exe
2014-01-18 17:51 - 2014-01-18 17:51 - 00027758 _____ C:\Users\Johannes\Downloads\MCDocs_v14.4.zip
2014-01-18 11:59 - 2014-01-18 12:00 - 22510653 _____ C:\Users\Johannes\Desktop\spigot.jar
2014-01-18 10:14 - 2014-01-18 10:14 - 00074982 _____ C:\Users\Johannes\2014-01-18-09-14-17.044-VirtualBox.exe-5044.log
2014-01-18 10:11 - 2014-01-18 10:11 - 00072836 _____ C:\Users\Johannes\2014-01-18-09-11-54.024-VirtualBox.exe-1644.log
2014-01-16 18:38 - 2014-01-16 18:30 - 217057322 _____ C:\Users\Johannes\Desktop\pda.tar.md5
2014-01-16 16:20 - 2014-01-17 17:43 - 00000000 ____D C:\Users\Johannes\Desktop\Sounds
2014-01-16 16:10 - 2014-01-16 16:10 - 00000000 ____D C:\Users\Johannes\AppData\Roaming\Pamela
2014-01-16 16:06 - 2014-01-16 16:11 - 00000000 ____D C:\Users\Systemadmin\Documents\Pamela
2014-01-16 16:06 - 2014-01-16 16:11 - 00000000 ____D C:\Users\Systemadmin\AppData\Roaming\Pamela
2014-01-16 16:00 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-16 16:00 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-16 16:00 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-16 16:00 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-16 16:00 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-16 16:00 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-16 16:00 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-16 16:00 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-16 16:00 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-16 15:29 - 2014-01-16 15:29 - 00000967 _____ C:\Users\Systemadmin\Desktop\MagicDisc.lnk
2014-01-16 15:29 - 2014-01-16 15:29 - 00000000 ____D C:\Users\Systemadmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MagicDisc
2014-01-16 15:28 - 2014-01-16 15:29 - 00000000 ____D C:\Program Files (x86)\MagicDisc
2014-01-16 15:28 - 2009-02-24 18:35 - 00255552 _____ (MagicISO, Inc.) C:\Windows\SysWOW64\Drivers\mcdbus.sys
2014-01-16 15:28 - 2009-02-24 18:35 - 00255552 _____ (MagicISO, Inc.) C:\Windows\system32\Drivers\mcdbus.sys
2014-01-15 19:09 - 2014-01-15 19:10 - 00000000 ____D C:\Program Files\Airstrike3D
2014-01-15 19:08 - 2014-01-15 19:08 - 00000000 ____D C:\Program Files\data
2014-01-15 19:05 - 2014-01-15 19:06 - 00000000 ____D C:\Program Files\FlightGear
2014-01-15 18:20 - 2014-01-16 15:05 - 00013214 _____ C:\Windows\PFRO.log
2014-01-15 17:18 - 2014-01-15 17:18 - 00000000 ____D C:\Users\Systemadmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PixCreations
2014-01-15 17:18 - 2014-01-15 17:18 - 00000000 ____D C:\Program Files (x86)\PixCreations
2014-01-15 17:14 - 2014-01-15 17:14 - 04235184 _____ (EZB Systems, Inc. ) C:\Users\Johannes\Downloads\uiso960_pe.exe
2014-01-15 17:12 - 2014-01-15 18:21 - 00000000 ____D C:\Users\Johannes\AppData\Roaming\DAEMON Tools Lite
2014-01-15 17:10 - 2014-01-15 17:10 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2014-01-15 17:07 - 2014-01-15 17:07 - 00002472 _____ C:\Users\Systemadmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-01-15 17:07 - 2014-01-15 17:07 - 00002410 _____ C:\Users\Systemadmin\Desktop\Search.lnk
2014-01-15 17:04 - 2014-01-15 17:07 - 00000000 ____D C:\Users\Systemadmin\AppData\Roaming\DAEMON Tools Lite
2014-01-15 17:03 - 2014-01-15 17:07 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2014-01-15 14:43 - 2014-01-15 14:43 - 00000000 ____D C:\Program Files (x86)\GreenTree Applications
2014-01-15 14:28 - 2014-01-15 14:28 - 00000000 ____D C:\Users\Systemadmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Lollipop
2014-01-15 14:28 - 2014-01-15 14:28 - 00000000 ____D C:\Users\Systemadmin\AppData\Roaming\Lukas Diener
2014-01-15 14:28 - 2014-01-15 14:28 - 00000000 ____D C:\Users\Systemadmin\AppData\Local\Lukas Diener
2014-01-15 14:26 - 2014-01-15 14:27 - 14764768 _____ C:\Users\Johannes\Downloads\mdc_0.6_win32.exe
2014-01-15 14:04 - 2014-01-15 14:04 - 00000000 ____D C:\Users\Johannes\AppData\Local\AlbumArtDownloader
2014-01-15 13:55 - 2014-01-15 14:08 - 00000000 ____D C:\Users\Johannes\AppData\Roaming\Mp3tag
2014-01-15 13:40 - 2014-01-15 13:40 - 00000000 __RHD C:\Users\Public\Libraries
2014-01-14 19:03 - 2008-02-29 03:33 - 03149824 _____ C:\Users\Johannes\Desktop\boot.img
2014-01-14 18:41 - 2014-01-16 18:35 - 00000000 ____D C:\Users\Johannes\VirtualBox VMs
2014-01-14 18:40 - 2014-01-18 11:44 - 00000000 ____D C:\Users\Johannes\.VirtualBox
2014-01-14 18:39 - 2014-01-14 18:39 - 00000000 ____D C:\Program Files\Oracle
2014-01-14 18:39 - 2013-12-18 17:19 - 00252688 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2014-01-14 18:39 - 2013-12-18 17:16 - 00126736 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2014-01-14 18:35 - 2014-01-14 18:38 - 106322704 _____ (Oracle Corporation) C:\Users\Johannes\Downloads\VirtualBox-4.3.6-91406-Win.exe
2014-01-14 18:34 - 2014-01-16 14:49 - 00000000 ____D C:\Program Files (x86)\MagicISO
2014-01-14 18:34 - 2014-01-14 18:34 - 03067400 _____ C:\Users\Johannes\Downloads\Setup_MagicISO.exe
2014-01-14 18:34 - 2014-01-14 18:34 - 00000000 ____D C:\Users\Systemadmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MagicISO
2014-01-14 18:19 - 2014-01-24 12:53 - 00004681 _____ C:\Windows\setupact.log
2014-01-14 18:19 - 2014-01-14 18:19 - 00000000 _____ C:\Windows\setuperr.log
2014-01-14 18:13 - 2009-07-21 14:41 - 00989720 _____ (Intel Corporation) C:\Windows\SysWOW64\heciudlg.exe
2014-01-14 18:13 - 2009-06-23 15:28 - 00056344 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys
2014-01-14 18:12 - 2014-01-14 18:13 - 00000000 ____D C:\Windows\SysWOW64\Lang
2014-01-14 18:12 - 2014-01-14 18:12 - 00000000 ____D C:\Windows\SysWOW64\x64
2014-01-14 18:12 - 2014-01-14 18:12 - 00000000 ____D C:\dell
2014-01-14 18:12 - 2009-07-21 14:40 - 01006104 _____ (Intel Corporation) C:\Windows\SysWOW64\mesoludlg.exe
2014-01-14 18:01 - 2014-01-14 18:01 - 00000000 ____D C:\Users\Systemadmin\AppData\Roaming\WinRAR
2014-01-14 18:01 - 2013-02-22 07:03 - 00063040 _____ C:\Users\Systemadmin\Desktop\comic-sans-ms-1361534617.ttf
2014-01-14 17:51 - 2014-01-14 17:51 - 00000000 ____D C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-01-14 17:51 - 2014-01-14 17:50 - 05065889 _____ C:\Users\Johannes\Downloads\Dafont-Top50-FontPack.zip
2014-01-13 18:44 - 2014-01-13 18:44 - 00000000 ____D C:\Users\Systemadmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blimb Entertainment
2014-01-13 18:43 - 2014-01-13 18:43 - 00000000 ____D C:\Program Files (x86)\Blimb Entertainment
2014-01-13 18:36 - 2014-01-13 18:36 - 00000000 ____D C:\Users\Johannes\AppData\Roaming\fltk.org
2014-01-13 18:34 - 2014-01-15 19:07 - 00419840 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2014-01-13 18:34 - 2014-01-15 19:07 - 00413696 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2014-01-13 18:34 - 2014-01-15 19:07 - 00133632 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2014-01-13 18:34 - 2014-01-15 19:07 - 00110592 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2014-01-13 18:34 - 2014-01-13 18:36 - 00000000 ____D C:\Users\Johannes\AppData\Roaming\flightgear.org
2014-01-13 18:34 - 2014-01-13 18:34 - 00000000 ____D C:\Users\Systemadmin\AppData\Roaming\flightgear.org
2014-01-13 18:34 - 2014-01-13 18:34 - 00000000 ____D C:\Program Files (x86)\OpenAL
2014-01-13 18:21 - 2014-01-24 12:55 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-13 18:21 - 2014-01-19 13:33 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-13 18:21 - 2014-01-13 18:28 - 00004116 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-01-13 18:21 - 2014-01-13 18:28 - 00003864 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-01-13 18:21 - 2014-01-13 18:24 - 00000000 ____D C:\Users\Systemadmin\AppData\Local\Google
2014-01-13 18:21 - 2014-01-13 18:24 - 00000000 ____D C:\Program Files (x86)\Google
2014-01-13 18:21 - 2014-01-13 18:21 - 00000000 ____D C:\Users\Johannes\AppData\Local\Google
2014-01-13 14:35 - 2014-01-15 17:52 - 00000000 ____D C:\adb-tools
2014-01-13 14:33 - 2014-01-13 14:35 - 35844368 _____ C:\Users\Johannes\Downloads\adb-tools.zip
2014-01-07 17:31 - 2014-01-14 17:54 - 00000000 ____D C:\Users\Systemadmin\AppData\Local\LogMeIn Hamachi
2014-01-07 17:31 - 2014-01-07 17:31 - 00000000 ____D C:\Users\Systemadmin\AppData\Local\LogMeIn
2014-01-01 13:15 - 2013-09-30 16:26 - 03050808 _____ C:\Windows\system32\pwNative.exe
2014-01-01 13:15 - 2013-09-30 16:26 - 00019152 ____N C:\Windows\system32\pwdrvio.sys
2014-01-01 13:15 - 2013-09-30 16:26 - 00012504 ____N C:\Windows\system32\pwdspio.sys
2014-01-01 13:14 - 2014-01-01 13:15 - 00000000 ____D C:\Program Files (x86)\MiniTool Partition Wizard Home Edition 8.1.1
2014-01-01 13:14 - 2014-01-01 13:14 - 20772800 _____ (MiniTool Solution Ltd. ) C:\Users\Johannes\Downloads\pwhe811.exe
2014-01-01 09:48 - 2014-01-01 09:48 - 00157234 _____ C:\Users\Johannes\Downloads\RouterReconnect_1.3.zip
2013-12-31 16:33 - 2013-12-31 16:35 - 00000000 ____D C:\Users\Johannes\AppData\Local\download.am-data
2013-12-31 16:32 - 2013-12-31 16:32 - 00000000 ____D C:\Users\Systemadmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Download.am
2013-12-31 15:34 - 2013-12-31 15:34 - 00000000 ___HD C:\Users\Johannes\Documents\samsung
2013-12-31 15:34 - 2013-12-31 15:34 - 00000000 ____D C:\Users\Johannes\AppData\Local\Samsung
2013-12-31 15:33 - 2013-12-31 15:33 - 00000000 ____D C:\Users\Johannes\AppData\Roaming\Samsung
==================== One Month Modified Files and Folders =======
2014-01-24 13:07 - 2014-01-24 13:07 - 00012830 _____ C:\Users\Johannes\Desktop\FRST.txt
2014-01-24 13:06 - 2014-01-19 12:15 - 02077696 _____ (Farbar) C:\Users\Johannes\Desktop\FRST64.exe
2014-01-24 13:06 - 2013-10-26 06:55 - 00000000 ____D C:\Users\Johannes\Documents\Handy
2014-01-24 13:06 - 2013-08-19 10:11 - 00000000 ___HD C:\FRST
2014-01-24 13:02 - 2009-07-14 05:45 - 00021696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-24 13:02 - 2009-07-14 05:45 - 00021696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-24 12:59 - 2013-10-27 07:29 - 01884183 _____ C:\Windows\WindowsUpdate.log
2014-01-24 12:58 - 2013-10-26 09:50 - 00000000 ____D C:\Users\Johannes\AppData\Roaming\Skype
2014-01-24 12:55 - 2014-01-13 18:21 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-24 12:53 - 2014-01-14 18:19 - 00004681 _____ C:\Windows\setupact.log
2014-01-24 12:53 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-19 14:03 - 2013-12-14 11:12 - 00000000 ____D C:\Users\Johannes\AppData\Roaming\.minecraft
2014-01-19 14:02 - 2013-10-26 07:23 - 00000000 ____D C:\Users\Johannes\AppData\Local\Paint.NET
2014-01-19 13:33 - 2014-01-13 18:21 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-19 13:26 - 2013-10-26 05:59 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-18 17:51 - 2014-01-18 17:51 - 00027758 _____ C:\Users\Johannes\Downloads\MCDocs_v14.4.zip
2014-01-18 12:00 - 2014-01-18 11:59 - 22510653 _____ C:\Users\Johannes\Desktop\spigot.jar
2014-01-18 11:44 - 2014-01-14 18:40 - 00000000 ____D C:\Users\Johannes\.VirtualBox
2014-01-18 10:26 - 2011-04-12 08:43 - 00696620 _____ C:\Windows\system32\perfh007.dat
2014-01-18 10:26 - 2011-04-12 08:43 - 00147916 _____ C:\Windows\system32\perfc007.dat
2014-01-18 10:26 - 2009-07-14 06:13 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-18 10:14 - 2014-01-18 10:14 - 00074982 _____ C:\Users\Johannes\2014-01-18-09-14-17.044-VirtualBox.exe-5044.log
2014-01-18 10:14 - 2013-10-26 05:37 - 00000000 ____D C:\Users\Johannes
2014-01-18 10:11 - 2014-01-18 10:11 - 00072836 _____ C:\Users\Johannes\2014-01-18-09-11-54.024-VirtualBox.exe-1644.log
2014-01-17 17:43 - 2014-01-16 16:20 - 00000000 ____D C:\Users\Johannes\Desktop\Sounds
2014-01-17 13:44 - 2009-07-14 05:45 - 00317648 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-16 18:51 - 2013-10-26 08:07 - 00000000 ____D C:\Windows\system32\MRT
2014-01-16 18:49 - 2013-10-26 08:07 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-16 18:35 - 2014-01-14 18:41 - 00000000 ____D C:\Users\Johannes\VirtualBox VMs
2014-01-16 18:30 - 2014-01-16 18:38 - 217057322 _____ C:\Users\Johannes\Desktop\pda.tar.md5
2014-01-16 16:11 - 2014-01-16 16:06 - 00000000 ____D C:\Users\Systemadmin\Documents\Pamela
2014-01-16 16:11 - 2014-01-16 16:06 - 00000000 ____D C:\Users\Systemadmin\AppData\Roaming\Pamela
2014-01-16 16:10 - 2014-01-16 16:10 - 00000000 ____D C:\Users\Johannes\AppData\Roaming\Pamela
2014-01-16 15:29 - 2014-01-16 15:29 - 00000967 _____ C:\Users\Systemadmin\Desktop\MagicDisc.lnk
2014-01-16 15:29 - 2014-01-16 15:29 - 00000000 ____D C:\Users\Systemadmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MagicDisc
2014-01-16 15:29 - 2014-01-16 15:28 - 00000000 ____D C:\Program Files (x86)\MagicDisc
2014-01-16 15:29 - 2013-10-31 16:50 - 00000000 ___RD C:\Users\Systemadmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-16 15:05 - 2014-01-15 18:20 - 00013214 _____ C:\Windows\PFRO.log
2014-01-16 15:05 - 2013-10-26 06:46 - 00000000 ____D C:\Users\Johannes\Documents\Computer
2014-01-16 14:49 - 2014-01-14 18:34 - 00000000 ____D C:\Program Files (x86)\MagicISO
2014-01-15 19:10 - 2014-01-15 19:09 - 00000000 ____D C:\Program Files\Airstrike3D
2014-01-15 19:08 - 2014-01-15 19:08 - 00000000 ____D C:\Program Files\data
2014-01-15 19:07 - 2014-01-13 18:34 - 00419840 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2014-01-15 19:07 - 2014-01-13 18:34 - 00413696 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2014-01-15 19:07 - 2014-01-13 18:34 - 00133632 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2014-01-15 19:07 - 2014-01-13 18:34 - 00110592 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2014-01-15 19:06 - 2014-01-15 19:05 - 00000000 ____D C:\Program Files\FlightGear
2014-01-15 18:21 - 2014-01-15 17:12 - 00000000 ____D C:\Users\Johannes\AppData\Roaming\DAEMON Tools Lite
2014-01-15 17:52 - 2014-01-13 14:35 - 00000000 ____D C:\adb-tools
2014-01-15 17:18 - 2014-01-15 17:18 - 00000000 ____D C:\Users\Systemadmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PixCreations
2014-01-15 17:18 - 2014-01-15 17:18 - 00000000 ____D C:\Program Files (x86)\PixCreations
2014-01-15 17:14 - 2014-01-15 17:14 - 04235184 _____ (EZB Systems, Inc. ) C:\Users\Johannes\Downloads\uiso960_pe.exe
2014-01-15 17:10 - 2014-01-15 17:10 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2014-01-15 17:07 - 2014-01-15 17:07 - 00002472 _____ C:\Users\Systemadmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-01-15 17:07 - 2014-01-15 17:07 - 00002410 _____ C:\Users\Systemadmin\Desktop\Search.lnk
2014-01-15 17:07 - 2014-01-15 17:04 - 00000000 ____D C:\Users\Systemadmin\AppData\Roaming\DAEMON Tools Lite
2014-01-15 17:07 - 2014-01-15 17:03 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2014-01-15 14:43 - 2014-01-15 14:43 - 00000000 ____D C:\Program Files (x86)\GreenTree Applications
2014-01-15 14:28 - 2014-01-15 14:28 - 00000000 ____D C:\Users\Systemadmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Lollipop
2014-01-15 14:28 - 2014-01-15 14:28 - 00000000 ____D C:\Users\Systemadmin\AppData\Roaming\Lukas Diener
2014-01-15 14:28 - 2014-01-15 14:28 - 00000000 ____D C:\Users\Systemadmin\AppData\Local\Lukas Diener
2014-01-15 14:27 - 2014-01-15 14:26 - 14764768 _____ C:\Users\Johannes\Downloads\mdc_0.6_win32.exe
2014-01-15 14:08 - 2014-01-15 13:55 - 00000000 ____D C:\Users\Johannes\AppData\Roaming\Mp3tag
2014-01-15 14:04 - 2014-01-15 14:04 - 00000000 ____D C:\Users\Johannes\AppData\Local\AlbumArtDownloader
2014-01-15 13:40 - 2014-01-15 13:40 - 00000000 __RHD C:\Users\Public\Libraries
2014-01-14 18:39 - 2014-01-14 18:39 - 00000000 ____D C:\Program Files\Oracle
2014-01-14 18:38 - 2014-01-14 18:35 - 106322704 _____ (Oracle Corporation) C:\Users\Johannes\Downloads\VirtualBox-4.3.6-91406-Win.exe
2014-01-14 18:34 - 2014-01-14 18:34 - 03067400 _____ C:\Users\Johannes\Downloads\Setup_MagicISO.exe
2014-01-14 18:34 - 2014-01-14 18:34 - 00000000 ____D C:\Users\Systemadmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MagicISO
2014-01-14 18:20 - 2013-10-26 06:09 - 00078088 _____ C:\Users\Johannes\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-14 18:19 - 2014-01-14 18:19 - 00000000 _____ C:\Windows\setuperr.log
2014-01-14 18:16 - 2013-10-31 18:57 - 00078088 _____ C:\Users\Systemadmin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-14 18:13 - 2014-01-14 18:12 - 00000000 ____D C:\Windows\SysWOW64\Lang
2014-01-14 18:13 - 2013-10-26 07:39 - 00000000 ___HD C:\Program Files (x86)\Intel
2014-01-14 18:12 - 2014-01-14 18:12 - 00000000 ____D C:\Windows\SysWOW64\x64
2014-01-14 18:12 - 2014-01-14 18:12 - 00000000 ____D C:\dell
2014-01-14 18:01 - 2014-01-14 18:01 - 00000000 ____D C:\Users\Systemadmin\AppData\Roaming\WinRAR
2014-01-14 17:54 - 2014-01-07 17:31 - 00000000 ____D C:\Users\Systemadmin\AppData\Local\LogMeIn Hamachi
2014-01-14 17:54 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2014-01-14 17:51 - 2014-01-14 17:51 - 00000000 ____D C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-01-14 17:50 - 2014-01-14 17:51 - 05065889 _____ C:\Users\Johannes\Downloads\Dafont-Top50-FontPack.zip
2014-01-13 18:44 - 2014-01-13 18:44 - 00000000 ____D C:\Users\Systemadmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blimb Entertainment
2014-01-13 18:43 - 2014-01-13 18:43 - 00000000 ____D C:\Program Files (x86)\Blimb Entertainment
2014-01-13 18:36 - 2014-01-13 18:36 - 00000000 ____D C:\Users\Johannes\AppData\Roaming\fltk.org
2014-01-13 18:36 - 2014-01-13 18:34 - 00000000 ____D C:\Users\Johannes\AppData\Roaming\flightgear.org
2014-01-13 18:34 - 2014-01-13 18:34 - 00000000 ____D C:\Users\Systemadmin\AppData\Roaming\flightgear.org
2014-01-13 18:34 - 2014-01-13 18:34 - 00000000 ____D C:\Program Files (x86)\OpenAL
2014-01-13 18:28 - 2014-01-13 18:21 - 00004116 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-01-13 18:28 - 2014-01-13 18:21 - 00003864 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-01-13 18:24 - 2014-01-13 18:21 - 00000000 ____D C:\Users\Systemadmin\AppData\Local\Google
2014-01-13 18:24 - 2014-01-13 18:21 - 00000000 ____D C:\Program Files (x86)\Google
2014-01-13 18:21 - 2014-01-13 18:21 - 00000000 ____D C:\Users\Johannes\AppData\Local\Google
2014-01-13 16:50 - 2013-10-26 05:44 - 00020823 _____ C:\Windows\system32\lvcoinst.log
2014-01-13 15:21 - 2013-10-26 07:13 - 00000000 ____D C:\Users\Johannes\Documents\Sonstiges
2014-01-13 14:35 - 2014-01-13 14:33 - 35844368 _____ C:\Users\Johannes\Downloads\adb-tools.zip
2014-01-08 17:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2014-01-08 14:18 - 2013-10-26 12:00 - 00000000 ____D C:\Users\Johannes\AppData\Local\LogMeIn Hamachi
2014-01-07 17:31 - 2014-01-07 17:31 - 00000000 ____D C:\Users\Systemadmin\AppData\Local\LogMeIn
2014-01-01 13:15 - 2014-01-01 13:14 - 00000000 ____D C:\Program Files (x86)\MiniTool Partition Wizard Home Edition 8.1.1
2014-01-01 13:14 - 2014-01-01 13:14 - 20772800 _____ (MiniTool Solution Ltd. ) C:\Users\Johannes\Downloads\pwhe811.exe
2014-01-01 09:48 - 2014-01-01 09:48 - 00157234 _____ C:\Users\Johannes\Downloads\RouterReconnect_1.3.zip
2013-12-31 16:35 - 2013-12-31 16:33 - 00000000 ____D C:\Users\Johannes\AppData\Local\download.am-data
2013-12-31 16:32 - 2013-12-31 16:32 - 00000000 ____D C:\Users\Systemadmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Download.am
2013-12-31 15:34 - 2013-12-31 15:34 - 00000000 ___HD C:\Users\Johannes\Documents\samsung
2013-12-31 15:34 - 2013-12-31 15:34 - 00000000 ____D C:\Users\Johannes\AppData\Local\Samsung
2013-12-31 15:33 - 2013-12-31 15:33 - 00000000 ____D C:\Users\Johannes\AppData\Roaming\Samsung
2013-12-30 10:35 - 2013-10-26 06:59 - 00000000 ____D C:\Users\Johannes\Documents\Minecraft
2013-12-28 10:26 - 2013-11-09 11:03 - 00000000 ____D C:\Users\Systemadmin\AppData\Roaming\Notepad++
2013-12-28 10:26 - 2013-10-30 16:05 - 00000000 ____D C:\Users\Systemadmin
2013-12-28 10:26 - 2013-10-26 07:22 - 00000000 ____D C:\Program Files (x86)\Notepad++
2013-12-26 20:39 - 2013-10-26 05:44 - 00000000 ____D C:\Program Files\Common Files\logishrd
Some content of TEMP:
====================
C:\Users\Johannes\AppData\Local\Temp\avgnt.exe
C:\Users\Systemadmin\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-14 19:35
==================== End Of Log ============================
--- --- ---
Addition: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2014
Ran by Systemadmin at 2014-01-24 13:07:39
Running from C:\Users\Johannes\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
7.1 uRage Reaper gaming headset (Version: - )
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05 - Adobe Systems Incorporated)
Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
CCleaner (Version: 4.08 - Piriform)
CDBurnerXP (x32 Version: 4.5.2.4291 - CDBurnerXP)
Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
FlightGear v1.9.1 (x32 Version: - The FlightGear Organization)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.14.1022 (x32 Version: 3.12.14.1022 - DVDVideoSoft Ltd.)
GMX MultiMessenger (x32 Version: 3.70.2815 - GMX GmbH)
Google Earth (x32 Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Intel(R) Management Engine Interface (Version: - Intel Corporation)
Intel® Active-Management-Technologie (Version: - Intel Corporation)
IrfanView (x32 Version: 4.36 - Irfan Skiljan)
Java 7 Update 45 (64-bit) (Version: 7.0.450 - Oracle)
Java SE Development Kit 7 Update 45 (64-bit) (Version: 1.7.0.450 - Oracle)
League of Legends (x32 Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Logitech Webcam-Software (x32 Version: 2.51 - Logitech Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.109 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.109 - LogMeIn, Inc.) Hidden
Lollipop (HKCU Version: - Lollipop Network, S.L.) <==== ATTENTION
LWS Facebook (x32 Version: 13.50.854.0 - Logitech) Hidden
LWS Gallery (x32 Version: 13.51.827.0 - Logitech) Hidden
LWS Help_main (x32 Version: 13.51.828.0 - Logitech) Hidden
LWS Launcher (x32 Version: 13.51.828.0 - Logitech) Hidden
LWS Motion Detection (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS Pictures And Video (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS Twitter (x32 Version: 13.30.1346.0 - Logitech) Hidden
LWS Webcam Software (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS WLM Plugin (x32 Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (x32 Version: 13.31.1038.0 - Logitech) Hidden
MAGIX Foto Manager (x32 Version: 2.0.2.516 - MAGIX AG)
MAGIX Music Manager (x32 Version: 1.0.2.413 - MAGIX AG)
MAGIX Online Druck Service (x32 Version: - Silverwire Software GmbH)
MAGIX Video deLuxe 2005 2006 PLUS (x32 Version: 5.0.0.38 - MAGIX AG)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
MediaFire Express (x32 Version: 0.15.4.4888 - MediaFire)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (x32 Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft XML Parser (x32 Version: 8.0.7820.0 - Microsoft Corporation) Hidden
MiniTool Partition Wizard Home Edition 8.1.1 (x32 Version: - MiniTool Solution Ltd.)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
Mozilla Thunderbird 24.2.0 (x86 de) (x32 Version: 24.2.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
No23 Recorder (x32 Version: 2.1.0.3 - No23)
Notepad++ (x32 Version: 6.5.2 - Notepad++ Team)
OpenAL (x32 Version: - )
Oracle VM VirtualBox 4.3.6 (Version: 4.3.6 - Oracle Corporation)
Paint.NET v3.5.11 (Version: 3.61.0 - dotPDN LLC)
Pando Media Booster (x32 Version: 2.6.0.7 - Pando Networks Inc.)
PDFCreator (x32 Version: 1.7.1 - pdfforge)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (x32 Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
SAMSUNG CDMA Modem Driver Set (x32 Version: - )
Samsung Kies (x32 Version: 2.6.1.13105_5 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.1.13105_5 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
TeamViewer 9 (x32 Version: 9.0.24951 - TeamViewer)
TIPP10 Version 2.1.0 (x32 Version: - (c) 2006-2011, Tom Thielicke IT Solutions)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
VirtualCloneDrive (x32 Version: 5.4.7.0 - Elaborate Bytes)
VirtualDJ Home FREE (x32 Version: 7.4 - Atomix Productions)
VLC media player 2.1.0 (Version: 2.1.0 - VideoLAN)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinRAR 5.00 (64-Bit) (Version: 5.00.0 - win.rar GmbH)
Yahoo Community Smartbar (x32 Version: 10.179.66.13636 - Linkury Inc.) Hidden <==== ATTENTION
Yahoo Community Smartbar Engine (HKCU Version: 10.179.66.13636 - Linkury Inc.) <==== ATTENTION
==================== Restore Points =========================
15-01-2014 16:05:06 Gerätetreiber-Paketinstallation: DT Soft Ltd Systemgeräte
15-01-2014 16:10:24 Gerätetreiber-Paketinstallation: Elaborate Bytes AG Speichercontroller
16-01-2014 14:28:56 Gerätetreiber-Paketinstallation: MagicISO, Inc. Speichercontroller
16-01-2014 17:49:21 Windows Update
24-01-2014 11:58:58 Windows Update
==================== Hosts content: ==========================
2013-12-27 17:25 - 2013-12-27 17:26 - 00000820 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
192.168.178.1 fritz.box
==================== Scheduled Tasks (whitelisted) =============
Task: {195126D1-1FF2-4D46-8F0C-27AD797ACCE5} - System32\Tasks\{9A557C94-85B5-4C8F-9DCB-E9A17786DD6B} => Firefox.exe hxxp://ui.skype.com/ui/0/6.9.0.106/de/abandoninstall?source=lightinstaller&page=tsPlugin
Task: {20C3656F-A037-44FC-AB18-9C85639E121E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: {2A586FE1-C0A0-45A1-B1D8-5E590AECB2A3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-13] (Google Inc.)
Task: {6D26B8D9-FA50-4D47-AAB6-788762953C1E} - System32\Tasks\No23 => C:\Users\Johannes\AppData\Local\No23Recorder.exe [2007-01-18] (Ivan Bischof ©2003 - 2005)
Task: {78303DA0-AFB3-4457-8E39-76EFBF31ADF0} - System32\Tasks\{42B8E66A-79B5-49EE-A5FB-54364340A08B} => D:\setup.exe
Task: {87F2120B-E828-4A22-AB5A-FF6E4784ADDD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-13] (Google Inc.)
Task: {882E7510-2A64-484A-802E-0813223EBC39} - System32\Tasks\Microsoft\Windows\RVLKL\RVLKL => C:\ProgramData\rvlkl\rvlkl.exe [2013-10-31] (Logixoft)
Task: {F727A5AF-8D9F-40ED-84B0-99D0E37E8062} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-10-26 06:05 - 2013-10-10 18:14 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2014-01-14 18:12 - 2009-07-16 11:20 - 00077824 _____ () C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\DTMessageLib.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/24/2014 00:54:03 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/19/2014 10:06:53 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/18/2014 04:28:06 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/18/2014 10:19:07 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: VirtualBox.exe, Version: 4.3.6.0, Zeitstempel: 0x52b1cae6
Name des fehlerhaften Moduls: ig4icd64.dll, Version: 8.15.10.2302, Zeitstempel: 0x4d5586e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000586e4
ID des fehlerhaften Prozesses: 0x148c
Startzeit der fehlerhaften Anwendung: 0xVirtualBox.exe0
Pfad der fehlerhaften Anwendung: VirtualBox.exe1
Pfad des fehlerhaften Moduls: VirtualBox.exe2
Berichtskennung: VirtualBox.exe3
Error: (01/17/2014 01:47:21 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/17/2014 01:44:29 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/17/2014 01:42:18 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/16/2014 03:06:54 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/16/2014 02:37:58 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/15/2014 06:58:09 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Game.exe, Version: 0.0.0.0, Zeitstempel: 0x400428f5
Name des fehlerhaften Moduls: Game.exe, Version: 0.0.0.0, Zeitstempel: 0x400428f5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00062ba3
ID des fehlerhaften Prozesses: 0xbc8
Startzeit der fehlerhaften Anwendung: 0xGame.exe0
Pfad der fehlerhaften Anwendung: Game.exe1
Pfad des fehlerhaften Moduls: Game.exe2
Berichtskennung: Game.exe3
System errors:
=============
Error: (01/19/2014 01:18:55 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst lmhosts erreicht.
Error: (01/19/2014 10:06:13 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 18.01.2014 um 19:46:07 unerwartet heruntergefahren.
Error: (01/18/2014 09:53:23 AM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR4 gefunden.
Error: (01/18/2014 08:11:17 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Netman erreicht.
Error: (01/17/2014 05:10:57 PM) (Source: Tcpip) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 192.168.178.170 mit dem Computer mit der
Netzwerkhardwareadresse BC-20-A4-02-C3-B8 ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.
Error: (01/17/2014 01:45:23 PM) (Source: SCardSvr) (User: )
Description: Zugriff verweigertDell Smart Card Reader Keyboard 0
Error: (01/17/2014 01:45:23 PM) (Source: SCardSvr) (User: )
Description: Zugriff verweigert
Error: (01/17/2014 01:45:07 PM) (Source: SCardSvr) (User: )
Description: Zugriff verweigertDell Smart Card Reader Keyboard 0
Error: (01/17/2014 01:45:07 PM) (Source: SCardSvr) (User: )
Description: Zugriff verweigert
Error: (01/15/2014 03:16:28 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden.
Microsoft Office Sessions:
=========================
Error: (01/24/2014 00:54:03 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/19/2014 10:06:53 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/18/2014 04:28:06 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/18/2014 10:19:07 AM) (Source: Application Error)(User: )
Description: VirtualBox.exe4.3.6.052b1cae6ig4icd64.dll8.15.10.23024d5586e7c000000500000000000586e4148c01cf142dbd24e790C:\Program Files\Oracle\VirtualBox\VirtualBox.exeC:\Windows\system32\ig4icd64.dll94af3316-8021-11e3-8a2f-00221931e8d7
Error: (01/17/2014 01:47:21 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/17/2014 01:44:29 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/17/2014 01:42:18 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/16/2014 03:06:54 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/16/2014 02:37:58 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/15/2014 06:58:09 PM) (Source: Application Error)(User: )
Description: Game.exe0.0.0.0400428f5Game.exe0.0.0.0400428f5c000000500062ba3bc801cf121b21b813f5C:\Program Files (x86)\Jetfighter 5\Game.exeC:\Program Files (x86)\Jetfighter 5\Game.exe9776fcdc-7e0e-11e3-9a6e-00221931e8d7
CodeIntegrity Errors:
===================================
Date: 2013-10-31 16:50:59.366
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 33%
Total physical RAM: 3931.61 MB
Available physical RAM: 2618.89 MB
Total Pagefile: 7861.41 MB
Available Pagefile: 6348.74 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (Festplatte) (Fixed) (Total:297.99 GB) (Free:217.88 GB) NTFS
Drive e: (System) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (READYBOOST) (Removable) (Total:0.92 GB) (Free:0.05 GB) FAT
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 8E4F842D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 996 MB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=944 MB) - (Type=0B)
Partition 2: (Active) - (Size=52 MB) - (Type=83)
==================== End Of Log ============================
|
FRST 32-Bit | FRST 64-Bit
So funktioniert es:
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
