Trojaner-Board
Seite 3 von 3 12 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   TaskMgr,Windows Sicherheitsdient, Firewall lassen sich nicht starten und hohe CPU-Auslastung. (https://www.trojaner-board.de/149657-taskmgr-windows-sicherheitsdient-firewall-lassen-starten-hohe-cpu-auslastung.html)

sunjojo 22.03.2014 11:43
Zitat:
Ich konnte wegen Internet Problemen bisher nicht antworten.
Tritt das Problem noch genauso häufig auf?

Zitat:
Ich bin mir sicher, das alle Treiber aktuell sind.
Laut dem Test gab es keine Probleme mit dem Arbeitsspeicher.
Alles klar.

Zitat:
Reicht das, oder brauchst du nochmehr Information?
Kannst du mal genauer die Hardwarekomponenten deines Rechners aufzählen? Überprüfe außerdem dein Netzteil, kannst du vll. zum Test ein anderes Netzteil nehmen und gucken, ob die Abstürze noch auftreten?

Und ich hätte noch gerne ein frisches FRST Logfile :).

Redblood 24.03.2014 14:16
Ja sie treten weiterhin auf. Nicht häufig, sondern immer. Es gibt ein bestimmtes System.

1. Ich mach den Pc an
2.Nach 10-15 Min stürtzt er plötzlich ab und startet neu
3. Nach dem Neustart, gibt es keinen Absturz mehr.

Hardware:
Motherboard: ASUS M5A78L-M LE
Prozessor: AMD Bulldozer Fx 6100 6x3.6 GHz
System: Windows 7 Enterprise 64 bit
Arbeitsspeicher: 8192 MB DDR3 Pc-1333 MEMSeven
Festplatte: 1000GB SATA II Value
Laufwerk: 22x Dual Layer DVD +/- R/RW DVD Brenner
Grafikkarte: ATI RADEON HD 6870 1024MB DDR5 Speicher
Keine Ahnung...: PC-Case 22
Netzteil: 600W 12 cm LC-Power Silent-Deluxe ATX Marken Netzteil
Lüfter: Silent

Ich habe zurzeit kein anderes Netzteil rumliegen. Ich glaube aber nicht, das es am Netzteil liegt. Das Problem ähnelt mehr einem Virus, da es sehr systematisch ist.


FRST:
FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Pc (administrator) on PC-PC on 24-03-2014 14:16:01
Running from C:\Users\Pc\Desktop
Windows 7 Enterprise Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
() C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraMD.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Spotify Ltd) C:\Users\Pc\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraMD64.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\Turbo Key\TurboKey.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
() C:\Windows\SysWOW64\WinMsgBalloonServer.exe
() C:\Windows\SysWOW64\WinMsgBalloonClient.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7560296 2011-12-12] (Realtek Semiconductor)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Cpu Level Up help] - C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe [887936 2009-12-28] ()
HKLM-x32\...\Run: [Turbo Key] - C:\Program Files\ASUS\Turbo Key\TurboKey.exe [1874432 2009-11-24] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\.DEFAULT\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\.DEFAULT\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-3424378060-3098743664-1317459497-1000\...\Run: [HydraVisionMDEngine] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraMD.exe [569344 2011-07-07] (AMD)
HKU\S-1-5-21-3424378060-3098743664-1317459497-1000\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-07-07] (AMD)
HKU\S-1-5-21-3424378060-3098743664-1317459497-1000\...\Run: [Spotify Web Helper] - C:\Users\Pc\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-23] (Spotify Ltd)
HKU\S-1-5-21-3424378060-3098743664-1317459497-1000\...\Run: [Raptr] - C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2014-02-18] (Raptr, Inc)
HKU\S-1-5-21-3424378060-3098743664-1317459497-1000\...\Policies\Explorer: [TaskbarNoNotification] 0

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xEA5B1E2628BDCD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {E6F480FC-BD44-4CBA-B74A-89AF7842937D} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\hxtwke4k.default-1377615578566
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @soe.sony.com/installer,version=1.0.3 - C:\Users\Pc\AppData\LocalLow\Sony Online Entertainment\npsoe.dll ()
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: thehappycloud.com/HappyCloudPlugin - C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\hxtwke4k.default-1377615578566\searchplugins\ividi.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\hxtwke4k.default-1377615578566\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-03]

==================== Services (Whitelisted) =================

R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-01] (Akamai Technologies, Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [910416 2014-03-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [96896 2009-12-29] (ASUSTeK Computer Inc.)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64112 2014-01-16] (CyberGhost S.R.L)
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [496232 2010-01-21] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4521720 2012-09-26] (INCA Internet Co., Ltd.)
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [209000 2010-01-21] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-01-24] ()
S4 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [745368 2012-11-26] (Tunngle.net GmbH)
S3 ArcService; C:\Users\Pc\Desktop\ArcService.exe [X]

==================== Drivers (Whitelisted) ====================

R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-19] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-25] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-07] ()
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [303616 2013-05-13] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [39768 2013-04-14] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [84720 2013-12-09] (Avira Operations GmbH & Co. KG)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-12-30] (Disc Soft Ltd)
R3 hxctlflt; C:\Windows\System32\Drivers\hxctlflt.sys [111104 2009-02-08] (Guillemot Corporation)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2013-05-13] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 RT73; C:\Windows\System32\DRIVERS\Dr71WU.sys [610816 2008-01-16] (Ralink Technology, Corp.)
S3 RTL85n64; C:\Windows\System32\DRIVERS\RTL85n64.sys [378368 2009-06-10] (Realtek)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 sfdrv01; C:\Windows\System32\drivers\sfdrv01.sys [75384 2009-02-03] (Protection Technology (StarForce))
R0 sfdrv01a; C:\Windows\System32\drivers\sfdrv01a.sys [77432 2009-02-03] (Protection Technology (StarForce))
R0 sfsync04; C:\Windows\System32\drivers\sfsync04.sys [79800 2012-06-19] (Protection Technology (StarForce))
R0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [107384 2007-02-08] (Protection Technology (StarForce))
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3552384 2009-04-22] ()
S3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]
S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-24 14:16 - 2014-03-24 14:16 - 00015568 _____ () C:\Users\Pc\Desktop\FRST.txt
2014-03-24 14:02 - 2014-03-24 14:02 - 00001114 _____ () C:\Users\Pc\Desktop\EVEREST Home Edition.lnk
2014-03-24 14:02 - 2014-03-24 14:02 - 00000000 ____D () C:\Program Files (x86)\Lavalys
2014-03-24 14:01 - 2014-03-24 14:01 - 04179293 _____ (Lavalys, Inc. ) C:\Users\Pc\Downloads\everesthome220.exe
2014-03-24 13:48 - 2014-03-24 13:48 - 00262144 ____N () C:\Windows\Minidump\032414-23680-01.dmp
2014-03-24 13:37 - 2014-03-24 13:38 - 00275704 _____ () C:\Windows\Minidump\032414-32229-01.dmp
2014-03-23 19:09 - 2014-03-23 19:09 - 00007334 _____ () C:\Users\Pc\Desktop\OpenDocument Text (neu).odt
2014-03-23 14:34 - 2014-03-23 14:34 - 00262144 ____N () C:\Windows\Minidump\032314-46753-01.dmp
2014-03-22 18:14 - 2014-03-22 18:14 - 00275704 _____ () C:\Windows\Minidump\032214-30186-01.dmp
2014-03-21 21:41 - 2014-03-21 21:41 - 00275704 _____ () C:\Windows\Minidump\032114-44023-01.dmp
2014-03-20 15:20 - 2014-03-20 15:20 - 00262144 ____N () C:\Windows\Minidump\032014-29016-01.dmp
2014-03-19 19:08 - 2014-03-19 19:08 - 00262144 ____N () C:\Windows\Minidump\031914-31184-01.dmp
2014-03-18 13:25 - 2014-03-18 13:25 - 00262144 ____N () C:\Windows\Minidump\031814-26223-01.dmp
2014-03-16 16:22 - 2014-03-16 16:22 - 00275704 _____ () C:\Windows\Minidump\031614-32744-01.dmp
2014-03-15 11:31 - 2014-03-15 11:41 - 325970352 _____ (Microsoft Corporation) C:\Users\Pc\Downloads\X16-32698.exe
2014-03-15 10:46 - 2014-03-15 10:46 - 00262144 ____N () C:\Windows\Minidump\031514-30123-01.dmp
2014-03-15 10:42 - 2014-03-15 10:42 - 00299280 _____ (Appsinstaller) C:\Users\Pc\Downloads\Microsoft%20PowerPoint.exe
2014-03-14 17:20 - 2014-03-14 17:20 - 00262144 ____N () C:\Windows\Minidump\031414-34304-01.dmp
2014-03-13 12:26 - 2014-03-13 12:26 - 00262144 ____N () C:\Windows\Minidump\031314-64740-01.dmp
2014-03-12 11:37 - 2014-03-12 11:37 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FlorensiaEN
2014-03-12 11:33 - 2014-03-12 11:37 - 00000000 ____D () C:\AHA Entertainment
2014-03-12 11:05 - 2014-03-12 11:05 - 01173504 _____ (ProSiebenSat.1 Games) C:\Users\Pc\Downloads\florensia-dlm.exe
2014-03-12 11:05 - 2014-03-12 11:05 - 00000000 ____D () C:\ProgramData\Solid State Networks
2014-03-12 10:16 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 10:16 - 2014-03-01 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 10:16 - 2014-03-01 06:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-12 10:16 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 10:16 - 2014-03-01 05:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 10:16 - 2014-03-01 05:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-12 10:16 - 2014-03-01 05:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 10:16 - 2014-03-01 05:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 10:16 - 2014-03-01 05:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-12 10:16 - 2014-03-01 05:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-12 10:16 - 2014-03-01 05:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-12 10:16 - 2014-03-01 05:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-12 10:16 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-12 10:16 - 2014-03-01 05:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-12 10:16 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 10:16 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-12 10:16 - 2014-03-01 05:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 10:16 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 10:16 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-12 10:16 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-12 10:16 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-12 10:16 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-12 10:16 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-12 10:16 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 10:16 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-12 10:16 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-12 10:16 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-12 10:16 - 2014-03-01 04:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-12 10:16 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 10:16 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-12 10:16 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-12 10:16 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 10:16 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-12 10:16 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-12 10:16 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-12 10:16 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 10:16 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-12 10:16 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-12 10:16 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-12 10:16 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-12 10:16 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 10:16 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 10:16 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-12 10:16 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-12 10:15 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-12 10:15 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 10:15 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-12 10:15 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-12 10:03 - 2014-03-12 10:03 - 00275704 _____ () C:\Windows\Minidump\031214-35911-01.dmp
2014-03-11 14:02 - 2014-03-11 14:02 - 00262144 ____N () C:\Windows\Minidump\031114-34679-01.dmp
2014-03-11 12:03 - 2014-03-11 12:03 - 00262144 ____N () C:\Windows\Minidump\031114-32744-01.dmp
2014-03-10 10:27 - 2014-03-10 10:28 - 00275704 _____ () C:\Windows\Minidump\031014-32370-01.dmp
2014-03-09 22:35 - 2014-03-09 22:35 - 00001152 _____ () C:\Users\Public\Desktop\WavePad Audio-Editor.lnk
2014-03-09 22:34 - 2014-03-16 22:35 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2014-03-09 22:34 - 2014-03-09 22:34 - 00001168 _____ () C:\Users\Public\Desktop\VideoPad Video-Editor.lnk
2014-03-09 22:34 - 2014-03-09 22:34 - 00001140 _____ () C:\Users\Public\Desktop\Prism Videodatei-Konverter.lnk
2014-03-09 22:34 - 2014-03-09 22:34 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Videoverwandte Programme
2014-03-09 22:34 - 2014-03-09 22:34 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Produktpalette
2014-03-09 22:32 - 2014-03-16 22:34 - 00000000 ____D () C:\ProgramData\NCH Software
2014-03-09 22:31 - 2014-03-16 22:35 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\NCH Software
2014-03-09 22:31 - 2014-03-09 22:35 - 00000000 ____D () C:\Program Files (x86)\NCH Software
2014-03-09 22:31 - 2014-03-09 22:31 - 00001126 _____ () C:\Users\Public\Desktop\Debut Videorekorder.lnk
2014-03-09 22:30 - 2014-03-09 22:31 - 01579032 _____ (NCH Software) C:\Users\Pc\Downloads\debutpsetup.exe
2014-03-09 22:25 - 2014-03-09 22:25 - 00275704 _____ () C:\Windows\Minidump\030914-24070-01.dmp
2014-03-09 16:24 - 2014-03-09 16:24 - 00262144 ____N () C:\Windows\Minidump\030914-26629-01.dmp
2014-03-09 11:22 - 2014-03-09 11:22 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2014-03-09 11:22 - 2014-03-09 11:22 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\library_dir
2014-03-09 11:21 - 2014-03-24 13:49 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\Raptr
2014-03-09 11:20 - 2014-03-09 11:22 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-03-09 11:20 - 2014-03-09 11:20 - 01007930 _____ () C:\Users\Pc\Downloads\amddriverdownload_installer.exe
2014-03-08 14:45 - 2014-03-08 14:45 - 00275704 _____ () C:\Windows\Minidump\030814-21247-01.dmp
2014-03-06 19:46 - 2014-03-06 19:46 - 00002115 _____ () C:\Users\Pc\Desktop\Mount&Blade Dedicated Server [by iMortaluz].lnk
2014-03-06 19:44 - 2014-03-06 19:44 - 170117744 _____ () C:\Users\Pc\Downloads\Warband_Napoleonic_Wars_v1.158+v1.104_UPDATE+CRACKS_by_iMortaluz_v2.exe
2014-03-06 18:10 - 2014-03-06 18:10 - 00262144 ____N () C:\Windows\Minidump\030614-21871-01.dmp
2014-03-05 22:00 - 2014-03-05 22:00 - 00262144 ____N () C:\Windows\Minidump\030514-31917-01.dmp
2014-03-05 21:36 - 2014-03-05 21:36 - 00262144 ____N () C:\Windows\Minidump\030514-27502-01.dmp
2014-03-05 12:21 - 2014-03-05 12:21 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-05 12:21 - 2014-03-05 12:21 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-04 16:23 - 2014-03-04 16:23 - 00262144 ____N () C:\Windows\Minidump\030414-24928-01.dmp
2014-03-04 13:32 - 2014-03-04 13:32 - 00013668 _____ () C:\Users\Pc\Desktop\Result.txt
2014-03-04 13:31 - 2014-03-04 13:31 - 00982016 _____ (Farbar) C:\Users\Pc\Desktop\MiniToolBox.exe
2014-03-04 10:26 - 2014-03-04 10:26 - 00262144 ____N () C:\Windows\Minidump\030414-21871-01.dmp
2014-03-03 19:32 - 2014-03-03 19:32 - 00010522 _____ () C:\Users\Pc\Downloads\030214-23290-01.rar
2014-03-03 19:31 - 2014-03-02 12:31 - 00262144 _____ () C:\Users\Pc\Desktop\030214-23290-01.dmp
2014-03-03 19:20 - 2014-03-03 19:20 - 00275704 _____ () C:\Windows\Minidump\030314-27705-01.dmp
2014-03-02 12:31 - 2014-03-02 12:31 - 00262144 ____N () C:\Windows\Minidump\030214-23290-01.dmp
2014-03-02 01:24 - 2014-03-02 01:24 - 00262144 ____N () C:\Windows\Minidump\030214-22011-01.dmp
2014-03-02 01:21 - 2014-03-02 01:35 - 00000000 ____D () C:\Users\Pc\Desktop\Anwalt
2014-02-28 15:26 - 2014-02-28 15:26 - 00262144 ____N () C:\Windows\Minidump\022814-26005-01.dmp
2014-02-28 10:18 - 2014-02-28 10:18 - 00262144 ____N () C:\Windows\Minidump\022814-23665-01.dmp
2014-02-28 08:46 - 2014-02-28 08:46 - 00275704 _____ () C:\Windows\Minidump\022814-34226-01.dmp
2014-02-27 18:14 - 2014-02-27 18:14 - 00275704 _____ () C:\Windows\Minidump\022714-24070-01.dmp
2014-02-25 23:18 - 2014-02-25 23:19 - 00275704 _____ () C:\Windows\Minidump\022514-25162-01.dmp
2014-02-25 19:45 - 2014-02-25 19:45 - 01956366 _____ () C:\Users\Pc\Downloads\EasyRootingToolkit_XPERIA-Z_SO-02E_v101-ENGLISH_tkymgr.zip
2014-02-25 19:42 - 2014-02-25 19:43 - 15305933 _____ () C:\Users\Pc\Downloads\Flashtool-drivers.exe
2014-02-25 19:38 - 2014-02-25 19:44 - 00015636 _____ () C:\Windows\DPINST.LOG
2014-02-25 14:20 - 2014-02-25 14:20 - 00275704 _____ () C:\Windows\Minidump\022514-24382-01.dmp
2014-02-22 14:04 - 2014-02-22 14:04 - 00262144 ____N () C:\Windows\Minidump\022214-20467-01.dmp

==================== One Month Modified Files and Folders =======

2014-03-24 14:16 - 2014-03-24 14:16 - 00015568 _____ () C:\Users\Pc\Desktop\FRST.txt
2014-03-24 14:16 - 2014-02-11 22:23 - 00000000 ____D () C:\FRST
2014-03-24 14:15 - 2014-02-13 21:35 - 00000000 ____D () C:\Users\Pc\Desktop\FRST-OlderVersion
2014-03-24 14:15 - 2014-02-11 22:22 - 02157056 _____ (Farbar) C:\Users\Pc\Desktop\FRST64.exe
2014-03-24 14:02 - 2014-03-24 14:02 - 00001114 _____ () C:\Users\Pc\Desktop\EVEREST Home Edition.lnk
2014-03-24 14:02 - 2014-03-24 14:02 - 00000000 ____D () C:\Program Files (x86)\Lavalys
2014-03-24 14:01 - 2014-03-24 14:01 - 04179293 _____ (Lavalys, Inc. ) C:\Users\Pc\Downloads\everesthome220.exe
2014-03-24 13:59 - 2013-10-05 14:34 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-24 13:49 - 2014-03-09 11:21 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\Raptr
2014-03-24 13:49 - 2011-05-15 23:01 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-24 13:48 - 2014-03-24 13:48 - 00262144 ____N () C:\Windows\Minidump\032414-23680-01.dmp
2014-03-24 13:48 - 2014-02-12 21:00 - 00067872 _____ () C:\Windows\setupact.log
2014-03-24 13:48 - 2012-10-18 15:02 - 00000000 ____D () C:\Windows\Minidump
2014-03-24 13:48 - 2012-10-18 00:39 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-24 13:48 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-24 13:43 - 2011-05-10 01:27 - 01818454 _____ () C:\Windows\WindowsUpdate.log
2014-03-24 13:38 - 2014-03-24 13:37 - 00275704 _____ () C:\Windows\Minidump\032414-32229-01.dmp
2014-03-24 13:37 - 2014-02-21 10:01 - 723740025 _____ () C:\Windows\MEMORY.DMP
2014-03-23 21:46 - 2014-02-19 18:25 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\Skype
2014-03-23 21:27 - 2012-10-18 00:39 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-23 19:09 - 2014-03-23 19:09 - 00007334 _____ () C:\Users\Pc\Desktop\OpenDocument Text (neu).odt
2014-03-23 19:04 - 2012-10-20 20:58 - 00000000 ____D () C:\Users\Pc\AppData\Local\PMB Files
2014-03-23 19:04 - 2012-10-20 20:58 - 00000000 ____D () C:\ProgramData\PMB Files
2014-03-23 16:12 - 2012-10-26 14:14 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\TS3Client
2014-03-23 14:34 - 2014-03-23 14:34 - 00262144 ____N () C:\Windows\Minidump\032314-46753-01.dmp
2014-03-22 18:14 - 2014-03-22 18:14 - 00275704 _____ () C:\Windows\Minidump\032214-30186-01.dmp
2014-03-21 21:41 - 2014-03-21 21:41 - 00275704 _____ () C:\Windows\Minidump\032114-44023-01.dmp
2014-03-21 18:45 - 2009-07-14 05:45 - 00010784 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-21 18:45 - 2009-07-14 05:45 - 00010784 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-20 15:20 - 2014-03-20 15:20 - 00262144 ____N () C:\Windows\Minidump\032014-29016-01.dmp
2014-03-19 19:08 - 2014-03-19 19:08 - 00262144 ____N () C:\Windows\Minidump\031914-31184-01.dmp
2014-03-19 16:52 - 2012-10-20 13:46 - 00000000 ____D () C:\Users\Pc\AppData\Local\CrashDumps
2014-03-19 15:32 - 2013-08-14 22:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-19 15:30 - 2012-10-18 05:30 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-18 13:25 - 2014-03-18 13:25 - 00262144 ____N () C:\Windows\Minidump\031814-26223-01.dmp
2014-03-16 23:53 - 2013-02-23 20:05 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-16 22:35 - 2014-03-09 22:34 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2014-03-16 22:35 - 2014-03-09 22:31 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\NCH Software
2014-03-16 22:34 - 2014-03-09 22:32 - 00000000 ____D () C:\ProgramData\NCH Software
2014-03-16 21:32 - 2009-07-14 11:54 - 00710502 _____ () C:\Windows\system32\perfh007.dat
2014-03-16 21:32 - 2009-07-14 11:54 - 00154832 _____ () C:\Windows\system32\perfc007.dat
2014-03-16 21:32 - 2009-07-14 06:13 - 01651686 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-16 16:22 - 2014-03-16 16:22 - 00275704 _____ () C:\Windows\Minidump\031614-32744-01.dmp
2014-03-15 14:52 - 2013-12-27 22:18 - 00000000 ____D () C:\Users\Pc\AppData\Local\Deployment
2014-03-15 11:55 - 2013-12-28 11:49 - 00291128 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-03-15 11:55 - 2013-08-18 17:42 - 00291128 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-03-15 11:54 - 2013-09-07 10:31 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\.minecraft
2014-03-15 11:41 - 2014-03-15 11:31 - 325970352 _____ (Microsoft Corporation) C:\Users\Pc\Downloads\X16-32698.exe
2014-03-15 10:46 - 2014-03-15 10:46 - 00262144 ____N () C:\Windows\Minidump\031514-30123-01.dmp
2014-03-15 10:42 - 2014-03-15 10:42 - 00299280 _____ (Appsinstaller) C:\Users\Pc\Downloads\Microsoft%20PowerPoint.exe
2014-03-14 17:20 - 2014-03-14 17:20 - 00262144 ____N () C:\Windows\Minidump\031414-34304-01.dmp
2014-03-14 11:21 - 2013-08-18 17:42 - 00291128 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-03-13 12:26 - 2014-03-13 12:26 - 00262144 ____N () C:\Windows\Minidump\031314-64740-01.dmp
2014-03-13 12:19 - 2009-07-14 05:45 - 00321600 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-13 12:17 - 2014-02-12 21:18 - 00112644 _____ () C:\Windows\PFRO.log
2014-03-13 12:17 - 2012-10-29 14:03 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-13 12:17 - 2012-10-29 14:03 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-12 18:59 - 2013-10-05 14:34 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 18:59 - 2012-12-10 18:25 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 18:59 - 2012-12-10 18:25 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-12 13:12 - 2013-02-05 20:06 - 00000000 ____D () C:\Users\Pc\Desktop\Spiele
2014-03-12 11:37 - 2014-03-12 11:37 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FlorensiaEN
2014-03-12 11:37 - 2014-03-12 11:33 - 00000000 ____D () C:\AHA Entertainment
2014-03-12 11:37 - 2014-03-12 11:05 - 00000000 ____D () C:\ProgramData\Solid State Networks
2014-03-12 11:05 - 2014-03-12 11:05 - 01173504 _____ (ProSiebenSat.1 Games) C:\Users\Pc\Downloads\florensia-dlm.exe
2014-03-12 10:03 - 2014-03-12 10:03 - 00275704 _____ () C:\Windows\Minidump\031214-35911-01.dmp
2014-03-11 14:02 - 2014-03-11 14:02 - 00262144 ____N () C:\Windows\Minidump\031114-34679-01.dmp
2014-03-11 12:03 - 2014-03-11 12:03 - 00262144 ____N () C:\Windows\Minidump\031114-32744-01.dmp
2014-03-10 10:28 - 2014-03-10 10:27 - 00275704 _____ () C:\Windows\Minidump\031014-32370-01.dmp
2014-03-09 22:35 - 2014-03-09 22:35 - 00001152 _____ () C:\Users\Public\Desktop\WavePad Audio-Editor.lnk
2014-03-09 22:35 - 2014-03-09 22:31 - 00000000 ____D () C:\Program Files (x86)\NCH Software
2014-03-09 22:34 - 2014-03-09 22:34 - 00001168 _____ () C:\Users\Public\Desktop\VideoPad Video-Editor.lnk
2014-03-09 22:34 - 2014-03-09 22:34 - 00001140 _____ () C:\Users\Public\Desktop\Prism Videodatei-Konverter.lnk
2014-03-09 22:34 - 2014-03-09 22:34 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Videoverwandte Programme
2014-03-09 22:34 - 2014-03-09 22:34 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Produktpalette
2014-03-09 22:31 - 2014-03-09 22:31 - 00001126 _____ () C:\Users\Public\Desktop\Debut Videorekorder.lnk
2014-03-09 22:31 - 2014-03-09 22:30 - 01579032 _____ (NCH Software) C:\Users\Pc\Downloads\debutpsetup.exe
2014-03-09 22:26 - 2012-11-02 19:39 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\uTorrent
2014-03-09 22:25 - 2014-03-09 22:25 - 00275704 _____ () C:\Windows\Minidump\030914-24070-01.dmp
2014-03-09 16:24 - 2014-03-09 16:24 - 00262144 ____N () C:\Windows\Minidump\030914-26629-01.dmp
2014-03-09 11:22 - 2014-03-09 11:22 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2014-03-09 11:22 - 2014-03-09 11:22 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\library_dir
2014-03-09 11:22 - 2014-03-09 11:20 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-03-09 11:20 - 2014-03-09 11:20 - 01007930 _____ () C:\Users\Pc\Downloads\amddriverdownload_installer.exe
2014-03-08 14:45 - 2014-03-08 14:45 - 00275704 _____ () C:\Windows\Minidump\030814-21247-01.dmp
2014-03-07 13:50 - 2013-04-19 22:33 - 00000000 ____D () C:\Users\Pc\Documents\Mount&Blade With Fire and Sword
2014-03-06 19:46 - 2014-03-06 19:46 - 00002115 _____ () C:\Users\Pc\Desktop\Mount&Blade Dedicated Server [by iMortaluz].lnk
2014-03-06 19:46 - 2013-04-19 22:33 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\Mount&Blade With Fire and Sword
2014-03-06 19:46 - 2013-04-07 16:20 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\Mount&Blade Warband
2014-03-06 19:46 - 2013-04-07 16:18 - 00000000 ____D () C:\Program Files (x86)\Mount&Blade Warband
2014-03-06 19:44 - 2014-03-06 19:44 - 170117744 _____ () C:\Users\Pc\Downloads\Warband_Napoleonic_Wars_v1.158+v1.104_UPDATE+CRACKS_by_iMortaluz_v2.exe
2014-03-06 18:10 - 2014-03-06 18:10 - 00262144 ____N () C:\Windows\Minidump\030614-21871-01.dmp
2014-03-05 22:00 - 2014-03-05 22:00 - 00262144 ____N () C:\Windows\Minidump\030514-31917-01.dmp
2014-03-05 21:36 - 2014-03-05 21:36 - 00262144 ____N () C:\Windows\Minidump\030514-27502-01.dmp
2014-03-05 12:22 - 2012-10-26 13:14 - 00000000 ____D () C:\ProgramData\Skype
2014-03-05 12:21 - 2014-03-05 12:21 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-05 12:21 - 2014-03-05 12:21 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-04 16:32 - 2013-11-10 13:08 - 00000000 ____D () C:\Program Files (x86)\Europa Universalis IV
2014-03-04 16:23 - 2014-03-04 16:23 - 00262144 ____N () C:\Windows\Minidump\030414-24928-01.dmp
2014-03-04 13:32 - 2014-03-04 13:32 - 00013668 _____ () C:\Users\Pc\Desktop\Result.txt
2014-03-04 13:31 - 2014-03-04 13:31 - 00982016 _____ (Farbar) C:\Users\Pc\Desktop\MiniToolBox.exe
2014-03-04 10:26 - 2014-03-04 10:26 - 00262144 ____N () C:\Windows\Minidump\030414-21871-01.dmp
2014-03-03 20:26 - 2013-09-14 20:24 - 00000424 _____ () C:\Users\Pc\Desktop\Accounts.txt
2014-03-03 19:32 - 2014-03-03 19:32 - 00010522 _____ () C:\Users\Pc\Downloads\030214-23290-01.rar
2014-03-03 19:29 - 2014-02-11 22:27 - 00000000 ____D () C:\Users\Pc\Desktop\Dokus
2014-03-03 19:20 - 2014-03-03 19:20 - 00275704 _____ () C:\Windows\Minidump\030314-27705-01.dmp
2014-03-03 19:10 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-03 15:31 - 2014-02-18 17:55 - 00017758 _____ () C:\Windows\DirectX.log
2014-03-03 15:26 - 2012-11-10 17:56 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\DAEMON Tools Lite
2014-03-03 14:04 - 2013-03-12 15:24 - 00000000 ____D () C:\Program Files (x86)\Total War Shogun 2
2014-03-03 13:45 - 2013-08-15 19:23 - 00000000 ____D () C:\ProgramData\HappyCloud
2014-03-02 12:31 - 2014-03-03 19:31 - 00262144 _____ () C:\Users\Pc\Desktop\030214-23290-01.dmp
2014-03-02 12:31 - 2014-03-02 12:31 - 00262144 ____N () C:\Windows\Minidump\030214-23290-01.dmp
2014-03-02 01:35 - 2014-03-02 01:21 - 00000000 ____D () C:\Users\Pc\Desktop\Anwalt
2014-03-02 01:24 - 2014-03-02 01:24 - 00262144 ____N () C:\Windows\Minidump\030214-22011-01.dmp
2014-03-01 20:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-01 07:05 - 2014-03-12 10:16 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 06:17 - 2014-03-12 10:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 06:16 - 2014-03-12 10:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 05:58 - 2014-03-12 10:16 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 05:52 - 2014-03-12 10:16 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 05:51 - 2014-03-12 10:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 05:42 - 2014-03-12 10:16 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 05:40 - 2014-03-12 10:16 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 05:37 - 2014-03-12 10:16 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 05:33 - 2014-03-12 10:16 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 05:33 - 2014-03-12 10:16 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 05:32 - 2014-03-12 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 05:30 - 2014-03-12 10:16 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 05:23 - 2014-03-12 10:16 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 05:17 - 2014-03-12 10:16 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 05:11 - 2014-03-12 10:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 05:02 - 2014-03-12 10:16 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 04:54 - 2014-03-12 10:16 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 04:52 - 2014-03-12 10:16 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 04:51 - 2014-03-12 10:16 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-01 04:47 - 2014-03-12 10:16 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 04:43 - 2014-03-12 10:16 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 04:43 - 2014-03-12 10:16 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 04:42 - 2014-03-12 10:16 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 04:40 - 2014-03-12 10:16 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 04:38 - 2014-03-12 10:16 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 04:37 - 2014-03-12 10:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-01 04:35 - 2014-03-12 10:16 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 04:18 - 2014-03-12 10:16 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 04:16 - 2014-03-12 10:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 04:14 - 2014-03-12 10:16 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-12 10:16 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 04:03 - 2014-03-12 10:16 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 04:00 - 2014-03-12 10:16 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 03:57 - 2014-03-12 10:16 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-12 10:16 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-12 10:16 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-12 10:16 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-12 10:16 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 03:25 - 2014-03-12 10:16 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-28 22:19 - 2012-12-18 19:29 - 01625030 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-28 15:26 - 2014-02-28 15:26 - 00262144 ____N () C:\Windows\Minidump\022814-26005-01.dmp
2014-02-28 12:17 - 2013-02-25 14:23 - 00000000 ____D () C:\Users\Pc\AppData\Roaming\Spotify
2014-02-28 12:16 - 2013-02-25 14:24 - 00000000 ____D () C:\Users\Pc\AppData\Local\Spotify
2014-02-28 10:18 - 2014-02-28 10:18 - 00262144 ____N () C:\Windows\Minidump\022814-23665-01.dmp
2014-02-28 08:46 - 2014-02-28 08:46 - 00275704 _____ () C:\Windows\Minidump\022814-34226-01.dmp
2014-02-27 18:14 - 2014-02-27 18:14 - 00275704 _____ () C:\Windows\Minidump\022714-24070-01.dmp
2014-02-25 23:19 - 2014-02-25 23:18 - 00275704 _____ () C:\Windows\Minidump\022514-25162-01.dmp
2014-02-25 19:45 - 2014-02-25 19:45 - 01956366 _____ () C:\Users\Pc\Downloads\EasyRootingToolkit_XPERIA-Z_SO-02E_v101-ENGLISH_tkymgr.zip
2014-02-25 19:44 - 2014-02-25 19:38 - 00015636 _____ () C:\Windows\DPINST.LOG
2014-02-25 19:43 - 2014-02-25 19:42 - 15305933 _____ () C:\Users\Pc\Downloads\Flashtool-drivers.exe
2014-02-25 14:20 - 2014-02-25 14:20 - 00275704 _____ () C:\Windows\Minidump\022514-24382-01.dmp
2014-02-22 14:04 - 2014-02-22 14:04 - 00262144 ____N () C:\Windows\Minidump\022214-20467-01.dmp

Some content of TEMP:
====================
C:\Users\Pc\AppData\Local\Temp\avgnt.exe
C:\Users\Pc\AppData\Local\Temp\prismsetup.exe
C:\Users\Pc\AppData\Local\Temp\Quarantine.exe
C:\Users\Pc\AppData\Local\Temp\raptrpatch.exe
C:\Users\Pc\AppData\Local\Temp\vpsetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-20 15:41

==================== End Of Log ============================
--- --- ---

--- --- ---

sunjojo 25.03.2014 18:55
Zitat:
Ich habe zurzeit kein anderes Netzteil rumliegen. Ich glaube aber nicht, das es am Netzteil liegt. Das Problem ähnelt mehr einem Virus, da es sehr systematisch ist.
Ok, aber ich sehe in deinem Log keine Anzeichen für Malware und meiner Meinung nach, liegt das auch an keiner Malware.

Ich werde mal rumfragen, woran das liegen kann und ob einer aus dem Kompetenzteam sowas bereits gesehen/gehört hat.

Kannst du bitte noch die letzen beiden Dumpfiles, die erstellt wurden, anhängen?

Redblood 27.03.2014 14:49
Ich habe das Problem entdeckt. Wie du sagtest, lag es an der Hardware. Ich habe den Computern aufgemacht und festgestellt, dass der Lüfter fast runterhing. Ein Stück vom Modul um den CPU ist abgebrochen, wodurch der Lüfter sich nicht mehr einhaken konnte.

Ich werde demnächst ein neues Modul kaufen gehen und zusätzlich noch neue Wärmeleitpaste, da diese auch nicht mehr richtig ordentlich aussieht.

Die Abstürze kamen vermutlich von der unzureichenden Kühlung.

sunjojo 27.03.2014 16:33
Zitat:
Die Abstürze kamen vermutlich von der unzureichenden Kühlung.
Ok, das wäre mein nächster Punkt gwesen, den du hättest kontrollieren müssen, aber dann hat sich das ja erledigt :).

Hast du noch Fragen?

Redblood 28.03.2014 13:36
Nein. Aber trotzdem großen Dank an dich. Hast mir bei meinem Virenproblem wirklich geholfen. ;)

sunjojo 28.03.2014 16:57
Zitat:
Hast mir bei meinem Virenproblem wirklich geholfen.
Immer wieder gerne :).

Ich lösche dich dann wieder aus meinen Abos.


Alle Zeitangaben in WEZ +1. Es ist jetzt 01:24 Uhr.
Seite 3 von 3 12 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131