Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   windows 7 stürzt ab bzw reagiert langsam (https://www.trojaner-board.de/144739-windows-7-stuerzt-ab-bzw-reagiert-langsam.html)

mobert 17.11.2013 18:06
windows 7 stürzt ab bzw reagiert langsam
 
als erstes muss ich mal etwas ausholen um euch einen überblick zu geben. ich hab insgesammt 3 pc´s (netbook(win7 32bit) und 2 desktop-pc´s).
weil pc1(win7 64bit) ständig bluescreens macht hab ich schon alle möglichen komponenten getauscht formatiert, neu aufgesetzt usw. (momentan ist der prozessoer gerade auf garantie zurück geschickt worden und kommt im laufe der woche zurück). die cpu war der letzte teil des pc´s der noch nicht getauscht wurde.
während pc1 nicht benutzbar war hab ich per usb-stick wichtige daten aufs netbook geschoben um dort arbeiten zu können. weil dieses nun aber öfter als sonst probleme macht bin ich auf pc2 ausgewichen.
pc2(win8.1 64bit) ist ein kürzlich neu gekaufter fertig-pc meines vaters. lief anfangs gut mit win8, dann machte er win8.1 update und nun geht der drucker nicht mehr UND seit heute nacht hängt er sich verdammt oft auf und sagt mom.exe fehlt oder so ähnlich. google ergab das es ein ati treiber sei.
weil inzwischen aber 3 von3 pc´s nicht mehr ordentlich funktionieren vermute ich das der usb-stick viren/trojaner oä. von einem pc zu den anderen verteilt hat.

aus diesem grund würde ich gerne mal für´s erste das netbook checken bzw den stick. (antivir und microsoft security essentials wurden auf den pc´s netbook verwendet und haben nie angeschlagen)

FRST hab ich schonmal gemacht.

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 17-11-2013 02
Ran by cs (administrator) on PCS on 17-11-2013 17:47:34
Running from C:\Users\cs\Desktop
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Sentelic Corporation) C:\Program Files\FSP\FspUip.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Dritek System Inc.) C:\Program Files\Hotkey OSD Driver\HotKeyOSD.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Apple Inc.) C:\iTunes\iTunesHelper.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [fspuip] - C:\Program Files\FSP\FspUip.exe [3354624 2010-01-06] (Sentelic Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8493600 2010-01-29] (Realtek Semiconductor)
HKLM\...\Run: [HotKeyOSD] - C:\Program Files\Hotkey OSD Driver\HotKeyOSD.exe [232528 2010-01-18] (Dritek System Inc.)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [iTunesHelper] - C:\iTunes\iTunesHelper.exe [421160 2010-12-13] (Apple Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe [35736 2011-01-30] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-10] (Adobe Systems Incorporated)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [hpqSRMon] - C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-17] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [2296600 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\LBTWlgn: C:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE6EC1D52750FCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Skype Plug-In - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\cs\AppData\Roaming\Mozilla\Firefox\Profiles\o6tbtyxx.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: nasanightlaunch - C:\Users\cs\AppData\Roaming\Mozilla\Firefox\Profiles\o6tbtyxx.default\Extensions\nasanightlaunch@example.com.xpi
FF Extension: Adblock Plus - C:\Users\cs\AppData\Roaming\Mozilla\Firefox\Profiles\o6tbtyxx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Skype extension - C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-09-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-17] (Avira Operations GmbH & Co. KG)
R2 HPSLPSVC; C:\Users\cs\AppData\Local\Temp\7zS302C\hpslpsvc32.dll [701288 2012-11-14] (Hewlett-Packard Co.)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [88840 2013-09-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136672 2013-09-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-04-05] (Avira Operations GmbH & Co. KG)
S3 RTLWUSB; C:\Windows\System32\DRIVERS\wg111v2.sys [167808 2006-03-27] (NETGEAR Inc.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-04-05] (Avira GmbH)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-17 17:47 - 2013-11-17 17:48 - 00009348 _____ C:\Users\cs\Desktop\FRST.txt
2013-11-17 17:47 - 2013-11-17 17:47 - 00000000 ____D C:\FRST
2013-11-17 17:46 - 2013-11-17 17:47 - 01090935 _____ (Farbar) C:\Users\cs\Desktop\FRST.exe
2013-11-17 17:14 - 2013-11-17 17:14 - 00791552 _____ (AMD) C:\Users\cs\Desktop\amddriverdownloader.exe
2013-11-17 15:46 - 2013-11-17 15:46 - 104695876 _____ C:\Windows\system32\Î㹟᭄i
2013-11-17 15:11 - 2013-11-17 16:18 - 204292011 _____ C:\Users\cs\Downloads\KnK 20121018 Cambria_xo with MarleyyXoXo multi-toy lez and bath show-1.rar
2013-11-17 14:17 - 2013-11-17 14:17 - 00000098 _____ C:\Users\cs\Downloads\KnK 20121018 Cambria_xo with MarleyyXoXo multi-toy lez and bath show.rar
2013-11-16 09:15 - 2013-11-16 09:16 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-15 09:11 - 2013-10-12 08:04 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-15 09:11 - 2013-10-12 08:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-15 09:11 - 2013-10-12 08:03 - 01138176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-15 09:11 - 2013-10-12 08:02 - 14355968 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-15 09:11 - 2013-10-12 08:02 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-15 09:11 - 2013-10-12 08:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-15 09:11 - 2013-10-12 08:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-15 09:11 - 2013-10-12 08:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-15 09:11 - 2013-10-12 08:02 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-15 09:11 - 2013-10-12 08:02 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-15 09:11 - 2013-10-12 08:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-15 09:11 - 2013-10-12 08:02 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-15 09:11 - 2013-10-12 08:02 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-15 09:11 - 2013-10-12 08:02 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-15 09:11 - 2013-10-12 07:08 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-15 09:11 - 2013-10-12 06:15 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-15 09:02 - 2013-11-15 09:02 - 104371820 _____ C:\Windows\system32\蛾᭄j
2013-11-14 10:49 - 2013-11-14 10:49 - 00002479 _____ C:\Users\Public\Desktop\Safari.lnk
2013-11-14 10:49 - 2013-11-14 10:49 - 00000000 ____D C:\Program Files\Safari
2013-11-14 10:47 - 2013-11-14 10:47 - 00000000 ____D C:\Program Files\Bonjour
2013-11-14 10:46 - 2013-11-14 10:47 - 38494576 _____ (Apple Inc.) C:\Users\cs\Desktop\SafariSetup-5.1.7.exe
2013-11-14 09:31 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-14 09:31 - 2013-10-12 03:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-14 09:31 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-14 09:31 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-14 09:31 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-14 09:31 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-14 09:31 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-14 09:31 - 2013-10-03 02:58 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-14 09:31 - 2013-09-25 03:01 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-14 09:31 - 2013-09-25 03:01 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-14 09:31 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-14 09:31 - 2013-09-25 02:57 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-14 09:31 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-14 09:31 - 2013-09-25 02:56 - 01038848 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-14 09:31 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-14 09:31 - 2013-09-25 01:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-14 09:31 - 2013-09-25 01:49 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-14 09:31 - 2013-07-04 13:16 - 00369848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-14 09:22 - 2013-11-14 09:22 - 104179408 _____ C:\Windows\system32\뜒毗᭄h
2013-11-13 16:10 - 2013-11-13 16:10 - 00915680 _____ C:\Windows\Minidump\111313-19234-01.dmp
2013-11-13 12:17 - 2013-11-13 12:17 - 104010312 _____ C:\Windows\system32\̵ࢋ᭄v
2013-11-10 19:25 - 2013-11-10 19:25 - 00000000 ____D C:\Program Files\Common Files\Java
2013-11-10 19:25 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-11-10 19:24 - 2013-11-10 19:24 - 00004874 _____ C:\Windows\system32\jupdate-1.7.0_45-b18.log
2013-11-10 19:24 - 2013-10-08 07:50 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-11-10 19:24 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-11-10 19:24 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-11-10 19:19 - 2013-11-17 09:43 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-10 19:19 - 2013-11-10 19:19 - 00000000 ____D C:\ProgramData\Mozilla
2013-11-10 19:13 - 2013-11-10 19:13 - 00283104 _____ (Mozilla) C:\Users\cs\Desktop\Firefox Setup Stub 25.0.exe
2013-11-09 20:18 - 2013-11-14 09:47 - 00000000 ____D C:\stick
2013-11-08 21:58 - 2013-11-10 21:30 - 00000000 ____D C:\Users\cs\AppData\Roaming\TS3Client
2013-11-08 21:19 - 2013-11-08 21:19 - 00000000 ____D C:\Users\cs\AppData\Local\Logishrd
2013-11-08 21:17 - 2013-11-08 21:17 - 00000000 ____D C:\Program Files\Logitech
2013-11-08 21:08 - 2013-11-08 21:15 - 79732624 _____ (Logitech Inc.) C:\Users\cs\Desktop\setpoint6.61.15_32.exe
2013-11-08 20:51 - 2009-12-14 12:33 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\system32\CSVer.dll
2013-11-04 10:42 - 2013-09-04 02:15 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-11-04 10:42 - 2013-09-04 02:14 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-11-04 10:42 - 2013-09-04 02:14 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-11-04 10:42 - 2013-09-04 02:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-11-04 10:42 - 2013-09-04 02:14 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-11-04 10:42 - 2013-09-04 02:14 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-11-04 10:42 - 2013-09-04 02:14 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-11-02 17:29 - 2013-11-02 17:29 - 00274640 _____ C:\Windows\Minidump\110213-19297-01.dmp
2013-11-01 17:28 - 2013-11-10 19:25 - 00000000 ____D C:\ProgramData\Oracle
2013-10-30 14:59 - 2013-10-30 14:59 - 104158698 _____ C:\Windows\system32\�⊺᭄^

==================== One Month Modified Files and Folders =======

2013-11-17 17:48 - 2013-11-17 17:47 - 00009348 _____ C:\Users\cs\Desktop\FRST.txt
2013-11-17 17:47 - 2013-11-17 17:47 - 00000000 ____D C:\FRST
2013-11-17 17:47 - 2013-11-17 17:46 - 01090935 _____ (Farbar) C:\Users\cs\Desktop\FRST.exe
2013-11-17 17:37 - 2009-07-14 05:34 - 00014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-17 17:37 - 2009-07-14 05:34 - 00014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-17 17:33 - 2010-11-10 15:13 - 02018548 _____ C:\Windows\WindowsUpdate.log
2013-11-17 17:29 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-17 17:29 - 2009-07-14 05:39 - 00055467 _____ C:\Windows\setupact.log
2013-11-17 17:28 - 2010-12-16 21:05 - 00000000 ____D C:\Users\cs\AppData\Roaming\Skype
2013-11-17 17:14 - 2013-11-17 17:14 - 00791552 _____ (AMD) C:\Users\cs\Desktop\amddriverdownloader.exe
2013-11-17 16:18 - 2013-11-17 15:11 - 204292011 _____ C:\Users\cs\Downloads\KnK 20121018 Cambria_xo with MarleyyXoXo multi-toy lez and bath show-1.rar
2013-11-17 16:04 - 2010-12-16 21:15 - 00000000 ____D C:\Users\cs\AppData\Roaming\skypePM
2013-11-17 15:46 - 2013-11-17 15:46 - 104695876 _____ C:\Windows\system32\Î㹟᭄i
2013-11-17 14:17 - 2013-11-17 14:17 - 00000098 _____ C:\Users\cs\Downloads\KnK 20121018 Cambria_xo with MarleyyXoXo multi-toy lez and bath show.rar
2013-11-17 09:43 - 2013-11-10 19:19 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-16 17:45 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2013-11-16 09:16 - 2013-11-16 09:15 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-16 09:04 - 2010-12-16 18:37 - 00000000 ____D C:\Users\cs\AppData\Local\Mozilla
2013-11-15 13:39 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-11-15 09:11 - 2013-09-09 16:41 - 00000000 ____D C:\Windows\system32\MRT
2013-11-15 09:06 - 2010-11-10 15:29 - 80340640 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-15 09:02 - 2013-11-15 09:02 - 104371820 _____ C:\Windows\system32\蛾᭄j
2013-11-14 14:44 - 2012-05-29 17:08 - 00000000 ____D C:\Users\cs\AppData\Local\PMB Files
2013-11-14 14:25 - 2010-12-17 13:49 - 00000000 ____D C:\Users\cs\AppData\Roaming\Apple Computer
2013-11-14 10:49 - 2013-11-14 10:49 - 00002479 _____ C:\Users\Public\Desktop\Safari.lnk
2013-11-14 10:49 - 2013-11-14 10:49 - 00000000 ____D C:\Program Files\Safari
2013-11-14 10:49 - 2010-12-17 13:49 - 00000000 ____D C:\Users\cs\AppData\Local\Apple Computer
2013-11-14 10:47 - 2013-11-14 10:47 - 00000000 ____D C:\Program Files\Bonjour
2013-11-14 10:47 - 2013-11-14 10:46 - 38494576 _____ (Apple Inc.) C:\Users\cs\Desktop\SafariSetup-5.1.7.exe
2013-11-14 09:47 - 2013-11-09 20:18 - 00000000 ____D C:\stick
2013-11-14 09:22 - 2013-11-14 09:22 - 104179408 _____ C:\Windows\system32\뜒毗᭄h
2013-11-13 16:52 - 2012-05-29 17:08 - 00000000 ____D C:\ProgramData\PMB Files
2013-11-13 16:10 - 2013-11-13 16:10 - 00915680 _____ C:\Windows\Minidump\111313-19234-01.dmp
2013-11-13 16:10 - 2011-03-13 11:27 - 183021526 _____ C:\Windows\MEMORY.DMP
2013-11-13 16:10 - 2011-03-13 11:27 - 00000000 ____D C:\Windows\Minidump
2013-11-13 12:17 - 2013-11-13 12:17 - 104010312 _____ C:\Windows\system32\̵ࢋ᭄v
2013-11-13 11:12 - 2010-11-10 15:21 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-11 08:51 - 2011-06-30 11:27 - 00019780 _____ C:\Windows\PFRO.log
2013-11-10 21:30 - 2013-11-08 21:58 - 00000000 ____D C:\Users\cs\AppData\Roaming\TS3Client
2013-11-10 19:25 - 2013-11-10 19:25 - 00000000 ____D C:\Program Files\Common Files\Java
2013-11-10 19:25 - 2013-11-01 17:28 - 00000000 ____D C:\ProgramData\Oracle
2013-11-10 19:24 - 2013-11-10 19:24 - 00004874 _____ C:\Windows\system32\jupdate-1.7.0_45-b18.log
2013-11-10 19:24 - 2013-04-10 16:06 - 00000000 ____D C:\Program Files\Java
2013-11-10 19:19 - 2013-11-10 19:19 - 00000000 ____D C:\ProgramData\Mozilla
2013-11-10 19:19 - 2010-12-16 18:37 - 00001116 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-11-10 19:13 - 2013-11-10 19:13 - 00283104 _____ (Mozilla) C:\Users\cs\Desktop\Firefox Setup Stub 25.0.exe
2013-11-09 09:19 - 2009-07-14 05:53 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-08 22:51 - 2012-06-02 17:19 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2013-11-08 21:19 - 2013-11-08 21:19 - 00000000 ____D C:\Users\cs\AppData\Local\Logishrd
2013-11-08 21:19 - 2012-06-02 17:16 - 00016890 _____ C:\Windows\LDPINST.LOG
2013-11-08 21:19 - 2012-06-02 17:16 - 00016400 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2013-11-08 21:19 - 2012-06-02 17:16 - 00000707 _____ C:\Windows\LkmdfCoInst.log
2013-11-08 21:19 - 2012-06-02 17:15 - 00000000 ____D C:\Program Files\Common Files\Logishrd
2013-11-08 21:18 - 2012-06-02 17:16 - 00000000 ____D C:\ProgramData\Logishrd
2013-11-08 21:17 - 2013-11-08 21:17 - 00000000 ____D C:\Program Files\Logitech
2013-11-08 21:15 - 2013-11-08 21:08 - 79732624 _____ (Logitech Inc.) C:\Users\cs\Desktop\setpoint6.61.15_32.exe
2013-11-08 20:51 - 2010-11-11 15:45 - 00000000 ____D C:\Program Files\Intel
2013-11-02 17:29 - 2013-11-02 17:29 - 00274640 _____ C:\Windows\Minidump\110213-19297-01.dmp
2013-11-02 13:45 - 2010-12-16 17:24 - 00000000 ____D C:\Users\cs
2013-11-02 13:43 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\wfp
2013-11-02 13:43 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\registration
2013-11-02 13:40 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\LogFiles
2013-10-30 14:59 - 2013-10-30 14:59 - 104158698 _____ C:\Windows\system32\�⊺᭄^

Some content of TEMP:
====================
C:\Users\cs\AppData\Local\Temp\AskSLib.dll
C:\Users\cs\AppData\Local\Temp\contentDATs.exe
C:\Users\cs\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe
C:\Users\cs\AppData\Local\Temp\HPInstaller.exe
C:\Users\cs\AppData\Local\Temp\jre-6u30-windows-i586-iftw-rv.exe
C:\Users\cs\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\cs\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\cs\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\cs\AppData\Local\Temp\LMkRstPt.exe
C:\Users\cs\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\cs\AppData\Local\Temp\SkypeSetup.exe
C:\Users\cs\AppData\Local\Temp\swt-win32-3349.dll


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-10 16:09

==================== End Of Log ============================
--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 17-11-2013 02
Ran by cs at 2013-11-17 17:49:44
Running from C:\Users\cs\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

32 Bit HP CIO Components Installer (Version: 6.1.1)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Adobe Reader X (10.0.1) - Deutsch (Version: 10.0.1)
AIO_CDB_Software (Version: 130.0.365.000)
AIO_Scan (Version: 130.0.421.000)
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 3.3.0.69)
Apple Software Update (Version: 2.1.3.127)
Avira Free Antivirus (Version: 13.0.0.4052)
Bonjour (Version: 3.0.0.10)
BufferChm (Version: 130.0.331.000)
Compatibility Pack for the 2007 Office system (Version: 12.0.6514.5001)
Copy (Version: 130.0.428.000)
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.465.000)
DocProc (Version: 13.0.0.0)
eReg (Version: 1.20.138.34)
Fax (Version: 130.0.418.000)
Finger Sensing Pad Driver (Version: 8.5.7.2)
Hotkey OSD Driver (Version: 1.0.03)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (Version: 13.0)
HP Smart Web Printing 4.51 (Version: 4.51)
HPPhotoGadget (Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPSSupply (Version: 130.0.371.000)
Intel® Matrix Storage Manager
iTunes (Version: 10.1.1.4)
Java 7 Update 45 (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.8)
JDownloader
JMicron Flash Media Controller Driver (Version: 1.0.37.3)
League of Legends (Version: 1.02.0000)
Logitech SetPoint 6.61 (Version: 6.61.15)
MarketResearch (Version: 130.0.374.000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Office Word Viewer 2003 (Version: 11.0.8173.0)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 25.0.1 (x86 de) (Version: 25.0.1)
Mozilla Maintenance Service (Version: 25.0.1)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Network (Version: 130.0.572.000)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
Pando Media Booster (Version: 2.6.0.7)
QuickTime (Version: 7.74.80.86)
Realtek High Definition Audio Driver (Version: 6.0.1.6037)
Safari (Version: 5.34.57.2)
Scan (Version: 13.0.0.0)
Shop for HP Supplies (Version: 13.0)
Skype Toolbars (Version: 5.0.4137)
Skype™ 5.0 (Version: 5.0.156)
SmartWebPrinting (Version: 130.0.457.000)
Status (Version: 130.0.469.000)
TeamSpeak 3 Client (Version: 3.0.13.1)
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.422.000)
UnloadSupport (Version: 11.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (Version: 3)
VLC media player 1.1.7 (Version: 1.1.7)
WebReg (Version: 130.0.132.017)
WinRAR 4.00 (32-Bit) (Version: 4.00.0)
Wireless Manager (Version: 6.1.12.3)

==================== Restore Points  =========================

30-10-2013 17:40:06 Geplanter Prüfpunkt
01-11-2013 16:25:29 Installed Java 7 Update 45
05-11-2013 00:42:28 Windows Update
10-11-2013 18:23:07 Installed Java 7 Update 45
14-11-2013 09:48:05 Installed Safari
15-11-2013 08:05:40 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {13745656-AC44-4A31-B175-E2503D5B37EE} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-11] (Microsoft Corporation)
Task: {49E24026-F4A4-4BE1-BF0C-6D1F7C809509} - System32\Tasks\{B25BB4F4-35A1-4F0E-9655-91FF95E67CAE} => C:\Program Files\Skype\\Phone\Skype.exe [2010-12-03] (Skype Technologies S.A.)
Task: {C042526F-DE5B-4F29-AC7B-5AC0B865C635} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

==================== Loaded Modules (whitelisted) =============

2010-08-06 10:02 - 2010-01-06 23:52 - 00053248 _____ () C:\Program Files\FSP\KbdHook.dll
2010-08-06 10:02 - 2010-01-06 23:52 - 00077824 _____ () C:\Program Files\FSP\FspLib.dll
2013-04-21 20:44 - 2013-04-21 20:44 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 20:44 - 2013-04-21 20:44 - 01242952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-11-16 09:15 - 2013-11-16 09:16 - 03363952 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2013-10-14 19:57 - 2013-10-14 19:57 - 16233864 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:8C35AEA7

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/17/2013 00:37:00 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4774

Error: (11/17/2013 00:37:00 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4774

Error: (11/17/2013 00:37:00 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/17/2013 00:36:59 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3682

Error: (11/17/2013 00:36:59 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3682

Error: (11/17/2013 00:36:59 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/17/2013 00:36:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1529

Error: (11/17/2013 00:36:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1529

Error: (11/17/2013 00:36:57 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/17/2013 00:27:38 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


System errors:
=============
Error: (11/17/2013 05:29:32 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎17.‎11.‎2013 um 17:28:38 unerwartet heruntergefahren.

Error: (11/15/2013 01:40:43 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎15.‎11.‎2013 um 13:38:34 unerwartet heruntergefahren.

Error: (11/14/2013 03:08:52 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎14.‎11.‎2013 um 15:06:38 unerwartet heruntergefahren.

Error: (11/14/2013 03:05:40 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎14.‎11.‎2013 um 15:02:36 unerwartet heruntergefahren.

Error: (11/14/2013 02:45:49 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎14.‎11.‎2013 um 14:44:03 unerwartet heruntergefahren.

Error: (11/13/2013 04:10:30 PM) (Source: BugCheck) (User: )
Description: 0x00000116 (0x8739b510, 0x9104a630, 0xc0000001, 0x00000003)C:\Windows\MEMORY.DMP111313-19234-01

Error: (11/13/2013 04:10:17 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎13.‎11.‎2013 um 16:07:18 unerwartet heruntergefahren.

Error: (11/13/2013 11:11:44 AM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden.

Error: (11/13/2013 11:11:44 AM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden.

Error: (11/13/2013 11:11:42 AM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden.


Microsoft Office Sessions:
=========================
Error: (11/17/2013 00:37:00 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4774

Error: (11/17/2013 00:37:00 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4774

Error: (11/17/2013 00:37:00 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/17/2013 00:36:59 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3682

Error: (11/17/2013 00:36:59 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3682

Error: (11/17/2013 00:36:59 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/17/2013 00:36:58 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1529

Error: (11/17/2013 00:36:58 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1529

Error: (11/17/2013 00:36:57 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/17/2013 00:27:38 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\common files\Logishrd\sp6_uninstall\tools\64\AddBrowsers.exe


==================== Memory info ===========================

Percentage of memory in use: 58%
Total physical RAM: 1979.04 MB
Available physical RAM: 825.86 MB
Total Pagefile: 3958.07 MB
Available Pagefile: 2347.74 MB
Total Virtual: 2047.88 MB
Available Virtual: 1875.03 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:465.47 GB) (Free:403.19 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 0E8D5DD6)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber 17.11.2013 18:10
hi,

Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.


So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

mobert 17.11.2013 19:47
bei einer formatierung werde ich ja jeglichen schädling los oder muss ich selbst das mit speziellen programmen machen umsicher zu gehen?
ich frage nur weil ich schwerst davon ausgehe, dass pc1 wirklich "nur" ein prozessor problem hat.
bei pc2 gehe ich aber von schadsoftware aus, kann aber nicht sagen woher da es wie gesagt der pc meines vaters ist und dieser sich gerade im urlaub befindet. probleme gab es soweit mir bekannt ist aber zuvor keine.

bei pc2, hab ich gerade ein gpu treiber update gemacht um zu prüfen ob er dann wieder funktioniert ohne zu "freezen". mal sehen was passiert

habe hier den test am pc2 gemacht:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-11-2013 02
Ran by Philipp at 2013-11-17 19:43:26
Running from E:\erstintal
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

1310 (x32 Version: 140.0.425.000)
1310_Help (x32 Version: 82.0.58.000)
1310Trb (x32 Version: 82.0.242.000)
64 Bit HP CIO Components Installer (Version: 7.2.8)
Adobe AIR (x32 Version: 3.9.0.1030)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05)
AIO_CDB_ProductContext (x32 Version: 140.0.425.000)
AIO_CDB_Software (x32 Version: 140.0.428.000)
AIO_Scan (x32 Version: 130.0.421.000)
AMD Catalyst Install Manager (Version: 8.0.915.0)
Ashampoo AppLauncher (Medion) v.1.0.0 (x32 Version: 1.0.0)
Avira Free Antivirus (x32 Version: 13.0.0.4052)
Avira SearchFree Toolbar (x32 Version: 12.6.0.1898)
Bing Bar (x32 Version: 7.2.241.0)
BufferChm (x32 Version: 140.0.298.000)
Catalyst Control Center InstallProxy (x32 Version: 2013.1008.932.15229)
Copy (x32 Version: 140.0.298.000)
CyberLink Home Cinema (x32 Version: 1.1.7717)
CyberLink LabelPrint 2.5 (x32 Version: 2.5.5415)
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3807_46074)
CyberLink PhotoDirector 3 (x32 Version: 3.0.3925)
CyberLink Power2Go 8 (x32 Version: 8.0.0.2426b)
CyberLink PowerDirector (Version: 9.0.0.4911)
CyberLink PowerDVD 10 (x32 Version: 10.0.5108.02)
CyberLink PowerDVD Copy 1.5 (x32 Version: 1.5.0.3725)
CyberLink PowerRecover (Version: 5.7.0.0913)
CyberLink PowerRecover (x32 Version: 5.7.0.0913)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Destinations (x32 Version: 140.0.253.000)
DeviceDiscovery (x32 Version: 140.0.298.000)
DocProc (x32 Version: 140.0.185.000)
Document_Installer (x32 Version: 1.00.0000)
DVBT Driver (x32 Version: 1.1.3.1)
eReg (x32 Version: 1.20.138.34)
EWA net (x32)
EWA_net_Admin (x32 Version: 1.00.0000)
EWA_net_Client_Applications (x32 Version: 1.00.0000)
EWA_net_Core (x32 Version: 1.00.0000)
EWA_net_EPC (x32 Version: 1.00.0000)
EWA_net_Server (x32 Version: 1.00.0000)
EWA_net_WIS (x32 Version: 1.00.0000)
EWA_net_WIS_CaseOnline_Importer (x32 Version: 1.00.0000)
Fax (x32 Version: 140.0.307.000)
Fotogalerie (x32 Version: 16.4.3505.0912)
Fotogalerija (x32 Version: 16.4.3505.0912)
Fotogalleri (x32 Version: 16.4.3505.0912)
Fotogalleriet (x32 Version: 16.4.3505.0912)
Fotoğraf Galerisi (x32 Version: 16.4.3505.0912)
Fotótár (x32 Version: 16.4.3505.0912)
Galeria de Fotografias (x32 Version: 16.4.3505.0912)
Galería de fotos (x32 Version: 16.4.3505.0912)
Galeria fotografii (x32 Version: 16.4.3505.0912)
Galerie de photos (x32 Version: 16.4.3505.0912)
Google Earth (x32 Version: 7.1.1.1888)
Google Update Helper (x32 Version: 1.3.21.165)
GPBaseService2 (x32 Version: 140.0.297.000)
HP Customer Participation Program 14.0 (Version: 14.0)
HP IDF Software (x32 Version: 11.15.1000)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Photosmart Officejet and Deskjet All-In-One Driver Software (Version: 14.0)
HP Solution Center 14.0 (Version: 14.0)
HP Update (x32 Version: 5.002.006.003)
HPPhotoGadget (x32 Version: 140.0.524.000)
HPProductAssistant (x32 Version: 140.0.298.000)
HPSSupply (x32 Version: 140.0.297.000)
League of Legends (x32 Version: 3.0.1)
Logitech SetPoint 6.61 (Version: 6.61.15)
MarketResearch (x32 Version: 140.0.299.000)
Mediathek (x32 Version: 1.4.0)
Medion Home Cinema 10 (x32 Version: 10.0)
Medion Home Cinema 10 (x32 Version: 10.2419)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office (x32 Version: 15.0.4454.1510)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (x32 Version: 11.0.50727.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727)
Movie Maker (x32 Version: 16.4.3505.0912)
Mozilla Firefox 25.0.1 (x86 de) (x32 Version: 25.0.1)
Mozilla Maintenance Service (x32 Version: 25.0.1)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
Network64 (Version: 140.0.306.000)
OCR Software by I.R.I.S. 14.0 (Version: 14.0)
Photo Common (x32 Version: 16.4.3505.0912)
Photo Gallery (x32 Version: 16.4.3505.0912)
Podstawowe programy Windows Live (x32 Version: 16.4.3505.0912)
Raccolta foto (x32 Version: 16.4.3505.0912)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6777)
Scan (x32 Version: 140.0.253.000)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32)
Shop for HP Supplies (Version: 14.0)
SolutionCenter (x32 Version: 140.0.299.000)
Status (x32 Version: 140.0.342.000)
Toolbox (x32 Version: 140.0.596.000)
TrayApp (x32 Version: 140.0.297.000)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition (x32)
Valokuvavalikoima (x32 Version: 16.4.3505.0912)
WebReg (x32 Version: 140.0.297.017)
Windows Live (x32 Version: 16.4.3505.0912)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912)
Windows Live Essentials (x32 Version: 16.4.3505.0912)
Windows Live Installer (x32 Version: 16.4.3505.0912)
Windows Live Photo Common (x32 Version: 16.4.3505.0912)
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912)
Windows Live SOXE (x32 Version: 16.4.3505.0912)
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912)
Windows Live Temel Parçalar (x32 Version: 16.4.3505.0912)
Windows Live UX Platform (x32 Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912)
Windows Liven peruspaketti (x32 Version: 16.4.3505.0912)
WinRAR 5.00 (64-bit) (Version: 5.00.0)
Συλλογή φωτογραφιών (x32 Version: 16.4.3505.0912)

==================== Restore Points  =========================

04-11-2013 10:11:14 Windows Update
06-11-2013 19:53:40 Windows Modules Installer
09-11-2013 14:33:57 Microsoft Visual C++ 2005 Redistributable (x64) wird installiert
14-11-2013 15:31:42 Windows Update
17-11-2013 16:23:35 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
17-11-2013 16:24:02 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727

==================== Hosts content: ==========================

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {333F9219-0B58-41DF-A6EC-7E59B6B65403} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-27] (Google Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\System32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4A531460-4C8A-4F40-B339-AEBB984611D2} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {676F633D-723A-412A-BFF2-088E4AF419C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-27] (Google Inc.)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => C:\Windows\System32\AppXDeploymentClient.dll [2013-09-30] (Microsoft Corporation)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {AE95C9E4-DA30-4DD7-88A6-BF2A871F1CD1} - System32\Tasks\DealPly => C:\Users\Josef\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe [2013-04-23] ()
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E166EE0D-0151-43FC-8CF3-FF7D90695214} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2013-08-22] (Microsoft Corporation)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F7791105-100D-4A29-B1E4-1D2CEBC37529} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\System32\MRT.exe [2013-11-07] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-09-29 09:34 - 2013-09-29 09:32 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Josef\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Fax
Description: Lokale Druckwarteschlange
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: An OneNote 2010 senden
Description: Lokale Druckwarteschlange
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer:
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/17/2013 07:40:47 PM) (Source: EWA net Server) (User: )
Description: The Java Virtual Machine has exited with a code of 1, the service is being stopped.

Error: (11/17/2013 05:32:02 PM) (Source: EWA net Server) (User: )
Description: The Java Virtual Machine has exited with a code of 1, the service is being stopped.

Error: (11/17/2013 05:20:54 PM) (Source: EWA net Server) (User: )
Description: The Java Virtual Machine has exited with a code of 1, the service is being stopped.

Error: (11/17/2013 05:18:22 PM) (Source: .NET Runtime) (User: )
Description: Anwendung: CLI.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Reflection.TargetInvocationException
Stapel:
  bei System.RuntimeMethodHandle.InvokeMethod(System.Object, System.Object[], System.Signature, Boolean)
  bei System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(System.Object, System.Object[], System.Object[])
  bei System.Reflection.RuntimeMethodInfo.Invoke(System.Object, System.Reflection.BindingFlags, System.Reflection.Binder, System.Object[], System.Globalization.CultureInfo)
  bei System.RuntimeType.InvokeMember(System.String, System.Reflection.BindingFlags, System.Reflection.Binder, System.Object, System.Object[], System.Reflection.ParameterModifier[], System.Globalization.CultureInfo, System.String[])
  bei ATI.ACE.CLI.EXE.CLI.Main(System.String[])

Error: (11/17/2013 05:16:24 PM) (Source: EWA net Server) (User: )
Description: The Java Virtual Machine has exited with a code of 1, the service is being stopped.

Error: (11/17/2013 05:07:07 PM) (Source: .NET Runtime) (User: )
Description: Anwendung: MOM.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Reflection.TargetInvocationException
Stapel:
  bei System.RuntimeMethodHandle.InvokeMethod(System.Object, System.Object[], System.Signature, Boolean)
  bei System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(System.Object, System.Object[], System.Object[])
  bei System.Reflection.RuntimeMethodInfo.Invoke(System.Object, System.Reflection.BindingFlags, System.Reflection.Binder, System.Object[], System.Globalization.CultureInfo)
  bei System.RuntimeType.InvokeMember(System.String, System.Reflection.BindingFlags, System.Reflection.Binder, System.Object, System.Object[], System.Reflection.ParameterModifier[], System.Globalization.CultureInfo, System.String[])
  bei ATI.ACE.MOM.EXE.MOM.Main(System.String[])

Error: (11/17/2013 05:04:43 PM) (Source: EWA net Server) (User: )
Description: The Java Virtual Machine has exited with a code of 1, the service is being stopped.

Error: (11/17/2013 04:51:45 PM) (Source: EWA net Server) (User: )
Description: The Java Virtual Machine has exited with a code of 1, the service is being stopped.

Error: (11/16/2013 10:36:46 PM) (Source: .NET Runtime) (User: )
Description: Anwendung: MOM.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Reflection.TargetInvocationException
Stapel:
  bei System.RuntimeMethodHandle.InvokeMethod(System.Object, System.Object[], System.Signature, Boolean)
  bei System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(System.Object, System.Object[], System.Object[])
  bei System.Reflection.RuntimeMethodInfo.Invoke(System.Object, System.Reflection.BindingFlags, System.Reflection.Binder, System.Object[], System.Globalization.CultureInfo)
  bei System.RuntimeType.InvokeMember(System.String, System.Reflection.BindingFlags, System.Reflection.Binder, System.Object, System.Object[], System.Reflection.ParameterModifier[], System.Globalization.CultureInfo, System.String[])
  bei ATI.ACE.MOM.EXE.MOM.Main(System.String[])

Error: (11/16/2013 10:18:02 PM) (Source: EWA net Server) (User: )
Description: The Java Virtual Machine has exited with a code of 1, the service is being stopped.


System errors:
=============
Error: (11/17/2013 07:43:39 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (11/17/2013 07:41:39 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -Embedding193{10DA4F3C-CC99-4190-BE4D-58330754E882}

Error: (11/17/2013 07:41:38 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -Embedding193{10DA4F3C-CC99-4190-BE4D-58330754E882}

Error: (11/17/2013 07:41:38 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -Embedding193{10DA4F3C-CC99-4190-BE4D-58330754E882}

Error: (11/17/2013 07:41:36 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -Embedding193{10DA4F3C-CC99-4190-BE4D-58330754E882}

Error: (11/17/2013 07:41:36 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -Embedding193{10DA4F3C-CC99-4190-BE4D-58330754E882}

Error: (11/17/2013 07:41:36 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -Embedding193{10DA4F3C-CC99-4190-BE4D-58330754E882}

Error: (11/17/2013 07:41:04 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -Embedding193{10DA4F3C-CC99-4190-BE4D-58330754E882}

Error: (11/17/2013 07:41:04 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -Embedding193{10DA4F3C-CC99-4190-BE4D-58330754E882}

Error: (11/17/2013 07:41:02 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -Embedding193{10DA4F3C-CC99-4190-BE4D-58330754E882}


Microsoft Office Sessions:
=========================
Error: (11/17/2013 07:40:47 PM) (Source: EWA net Server)(User: )
Description: The Java Virtual Machine has exited with a code of 1, the service is being stopped.

Error: (11/17/2013 05:32:02 PM) (Source: EWA net Server)(User: )
Description: The Java Virtual Machine has exited with a code of 1, the service is being stopped.

Error: (11/17/2013 05:20:54 PM) (Source: EWA net Server)(User: )
Description: The Java Virtual Machine has exited with a code of 1, the service is being stopped.

Error: (11/17/2013 05:18:22 PM) (Source: .NET Runtime)(User: )
Description: Anwendung: CLI.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Reflection.TargetInvocationException
Stapel:
  bei System.RuntimeMethodHandle.InvokeMethod(System.Object, System.Object[], System.Signature, Boolean)
  bei System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(System.Object, System.Object[], System.Object[])
  bei System.Reflection.RuntimeMethodInfo.Invoke(System.Object, System.Reflection.BindingFlags, System.Reflection.Binder, System.Object[], System.Globalization.CultureInfo)
  bei System.RuntimeType.InvokeMember(System.String, System.Reflection.BindingFlags, System.Reflection.Binder, System.Object, System.Object[], System.Reflection.ParameterModifier[], System.Globalization.CultureInfo, System.String[])
  bei ATI.ACE.CLI.EXE.CLI.Main(System.String[])

Error: (11/17/2013 05:16:24 PM) (Source: EWA net Server)(User: )
Description: The Java Virtual Machine has exited with a code of 1, the service is being stopped.

Error: (11/17/2013 05:07:07 PM) (Source: .NET Runtime)(User: )
Description: Anwendung: MOM.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Reflection.TargetInvocationException
Stapel:
  bei System.RuntimeMethodHandle.InvokeMethod(System.Object, System.Object[], System.Signature, Boolean)
  bei System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(System.Object, System.Object[], System.Object[])
  bei System.Reflection.RuntimeMethodInfo.Invoke(System.Object, System.Reflection.BindingFlags, System.Reflection.Binder, System.Object[], System.Globalization.CultureInfo)
  bei System.RuntimeType.InvokeMember(System.String, System.Reflection.BindingFlags, System.Reflection.Binder, System.Object, System.Object[], System.Reflection.ParameterModifier[], System.Globalization.CultureInfo, System.String[])
  bei ATI.ACE.MOM.EXE.MOM.Main(System.String[])

Error: (11/17/2013 05:04:43 PM) (Source: EWA net Server)(User: )
Description: The Java Virtual Machine has exited with a code of 1, the service is being stopped.

Error: (11/17/2013 04:51:45 PM) (Source: EWA net Server)(User: )
Description: The Java Virtual Machine has exited with a code of 1, the service is being stopped.

Error: (11/16/2013 10:36:46 PM) (Source: .NET Runtime)(User: )
Description: Anwendung: MOM.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Reflection.TargetInvocationException
Stapel:
  bei System.RuntimeMethodHandle.InvokeMethod(System.Object, System.Object[], System.Signature, Boolean)
  bei System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(System.Object, System.Object[], System.Object[])
  bei System.Reflection.RuntimeMethodInfo.Invoke(System.Object, System.Reflection.BindingFlags, System.Reflection.Binder, System.Object[], System.Globalization.CultureInfo)
  bei System.RuntimeType.InvokeMember(System.String, System.Reflection.BindingFlags, System.Reflection.Binder, System.Object, System.Object[], System.Reflection.ParameterModifier[], System.Globalization.CultureInfo, System.String[])
  bei ATI.ACE.MOM.EXE.MOM.Main(System.String[])

Error: (11/16/2013 10:18:02 PM) (Source: EWA net Server)(User: )
Description: The Java Virtual Machine has exited with a code of 1, the service is being stopped.


==================== Memory info ===========================

Percentage of memory in use: 35%
Total physical RAM: 3542.76 MB
Available physical RAM: 2295.88 MB
Total Pagefile: 4182.76 MB
Available Pagefile: 2756.71 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:869.46 GB) (Free:744.69 GB) NTFS
Drive d: (Recover) (Fixed) (Total:60 GB) (Free:41.97 GB) NTFS
Drive e: (KINGSTON) (Removable) (Total:14.88 GB) (Free:0.11 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 00000000)

Partition: GPT Partition Type
========================================================
Disk: 2 (Size: 15 GB) (Disk ID: 5F966045)
Partition 1: (Active) - (Size=15 GB) - (Type=0B)

==================== End Of Log ============================

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-11-2013 02
Ran by Philipp (administrator) on GÖRNY on 17-11-2013 19:42:25
Running from E:\erstintal
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\WINDOWS\system32\atiesrxx.exe
(AMD) C:\WINDOWS\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Transaction Software, D 81737 Munich) C:\Program Files (x86)\EWA net\database\TransBase EWA\tbmux32.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Transaction Software, D 81737 Munich) C:\Program Files (x86)\EWA net\database\TransBase EPC\tbmux32.exe
(Transaction Software, D 81737 Munich) C:\Program Files (x86)\EWA net\database\TransBase WIS\tbmux32.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Microsoft Corporation) C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.16384_none_fa1dc1539b4180d8\TiWorker.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13219984 2012-11-07] (Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
Winlogon\Notify\LBTWlgn: C:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
MountPoints2: {e42e40f2-49f1-11e3-bea6-d43d7e6caba0} - "E:\pushinst.exe"
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110144 2013-03-05] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [492248 2012-12-26] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-11] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-29] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ApnTBMon] - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1673680 2013-10-23] (APN)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
Startup: C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
ShortcutTarget: Logitech . Produktregistrierung.lnk -> C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
SearchScopes: HKCU - {F8A7760F-2711-4182-80CF-B27EA5860E2F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\6hy44hka.default
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: HP Detect - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\6hy44hka.default\Extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}
FF HKLM-x32\...\Firefox\Extensions: [OKitSpace@Vittalia.es] - C:\Users\Josef\AppData\Roaming\okitspace\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-29] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-29] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [815160 2013-09-29] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-10-23] (APN LLC.)
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [74712 2013-03-11] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [316376 2013-03-11] (CyberLink)
R2 EWA net DB Core; C:\Program Files (x86)\EWA net\database\TransBase EWA\tbmux32.exe [176128 2003-11-05] (Transaction Software, D 81737 Munich)
R2 EWA net DB EPC; C:\Program Files (x86)\EWA net\database\TransBase EPC\tbmux32.exe [176128 2003-11-05] (Transaction Software, D 81737 Munich)
R2 EWA net DB WIS; C:\Program Files (x86)\EWA net\database\TransBase WIS\tbmux32.exe [176128 2003-11-05] (Transaction Software, D 81737 Munich)
S2 EWA net Server; C:\Program Files (x86)\EWA net\server\bin\tomcat.exe [65536 2003-07-31] (Alexandria Software Consulting)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-29] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132088 2013-09-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-09-29] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [82136 2013-09-29] (Avira Operations GmbH & Co. KG)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-09-30] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1975000 2013-07-31] (Realtek Semiconductor Corporation                          )
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146272 2013-08-22] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [56672 2013-08-22] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-17 19:42 - 2013-11-17 19:42 - 00000000 ____D C:\FRST
2013-11-17 17:25 - 2013-11-17 17:25 - 00066765 _____ C:\WINDOWS\SysWOW64\CCCInstall_201311171725577425.log
2013-11-17 17:25 - 2013-11-17 17:25 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2013-11-17 17:23 - 2013-11-17 17:25 - 00000000 ____D C:\Program Files\ATI Technologies
2013-11-17 17:23 - 2013-11-17 17:24 - 00000000 ____D C:\ProgramData\Package Cache
2013-11-17 17:22 - 2013-11-17 17:22 - 00000000 ____D C:\AMD
2013-11-17 16:52 - 2013-11-17 16:52 - 104695876 _____ C:\WINDOWS\SysWOW64\֞枣LĆ
2013-11-16 23:27 - 2013-11-16 23:27 - 104637397 _____ C:\WINDOWS\SysWOW64\稲ⷅL‘
2013-11-15 19:11 - 2013-11-15 19:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-15 18:01 - 2013-11-15 18:01 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\HpUpdate
2013-11-15 17:45 - 2013-11-16 17:27 - 104559818 _____ C:\WINDOWS\SysWOW64\迭쇾L—
2013-11-14 16:00 - 2013-10-19 09:08 - 23212544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-11-14 16:00 - 2013-10-19 07:37 - 17142784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-11-14 16:00 - 2013-10-19 07:02 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-11-14 16:00 - 2013-10-19 06:37 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2013-11-14 16:00 - 2013-10-19 06:19 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-11-14 16:00 - 2013-10-19 06:10 - 05765120 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-11-14 16:00 - 2013-10-19 05:52 - 02166272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-11-14 16:00 - 2013-10-19 05:44 - 04240384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-11-14 16:00 - 2013-10-19 05:37 - 12995584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-11-14 16:00 - 2013-10-19 05:31 - 01993728 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-11-14 16:00 - 2013-10-19 04:56 - 11220992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-11-14 16:00 - 2013-10-19 04:55 - 01926656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2013-11-14 16:00 - 2013-10-19 04:53 - 02332160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-11-14 16:00 - 2013-10-19 04:23 - 01394176 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-11-14 16:00 - 2013-10-19 04:09 - 01818112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-11-14 16:00 - 2013-10-19 04:02 - 01156608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-11-14 16:00 - 2013-10-13 03:48 - 00136536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2013-11-14 16:00 - 2013-10-12 22:48 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2013-11-14 16:00 - 2013-10-12 22:34 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2013-11-14 16:00 - 2013-10-05 15:21 - 01341288 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2013-11-14 16:00 - 2013-10-05 09:39 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2013-11-14 15:59 - 2013-11-14 15:59 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2013-11-14 15:59 - 2013-11-14 15:59 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2013-11-14 15:59 - 2013-10-16 16:58 - 01943536 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2013-11-14 15:59 - 2013-10-16 14:54 - 01581968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2013-11-12 19:11 - 2013-11-12 19:11 - 00000000 ____D C:\Users\Philipp\Downloads\Screenshots
2013-11-12 16:09 - 2013-11-12 16:09 - 00002028 _____ C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2013-11-12 16:08 - 2013-11-12 16:09 - 06110144 _____ C:\Users\Philipp\Downloads\HPPSdr.exe
2013-11-12 16:05 - 2013-11-12 16:05 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2013-11-12 13:45 - 2013-11-12 13:45 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\HP
2013-11-12 12:55 - 2013-11-12 13:24 - 432790328 _____ C:\Users\Philipp\Downloads\AIO_CDB_NonNet_Full_Win_WW_140_408.exe
2013-11-10 19:28 - 2013-11-10 19:28 - 00000000 ____D C:\Users\Josef\AppData\Roaming\Logitech
2013-11-10 12:05 - 2013-11-12 15:11 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2013-11-10 12:05 - 2013-11-12 15:11 - 00000576 _____ C:\WINDOWS\LkmdfCoInst.log
2013-11-10 12:05 - 2013-11-10 12:05 - 00000000 ____D C:\Users\Public\Documents\Logishrd
2013-11-10 12:05 - 2013-11-10 12:05 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Leadertech
2013-11-10 12:04 - 2013-11-10 12:05 - 00006540 _____ C:\WINDOWS\LDPINST.LOG
2013-11-10 12:04 - 2013-11-10 12:05 - 00000000 ____D C:\ProgramData\Logishrd
2013-11-10 12:04 - 2013-11-10 12:05 - 00000000 ____D C:\Program Files\Common Files\Logishrd
2013-11-10 12:04 - 2013-11-10 12:04 - 00000000 ____D C:\Program Files\Logitech
2013-11-10 12:02 - 2013-11-10 12:05 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Logitech
2013-11-10 12:02 - 2013-11-10 12:02 - 03672832 _____ (Logitech Inc.) C:\Users\Philipp\Downloads\setpoint6.61.15_smart.exe
2013-11-10 12:02 - 2013-11-10 12:02 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Logishrd
2013-11-10 11:30 - 2013-11-10 11:30 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\LolClient
2013-11-09 20:15 - 2013-11-09 20:15 - 00001714 _____ C:\Users\Public\Desktop\Play League of Legends.lnk
2013-11-09 20:14 - 2013-11-09 20:14 - 00000000 ____D C:\Users\Philipp\AppData\Local\Adobe
2013-11-09 20:14 - 2013-11-09 20:14 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-11-09 20:14 - 2013-11-09 20:14 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-11-09 20:13 - 2013-11-09 20:14 - 18080872 _____ (Adobe Systems Inc.) C:\Users\Philipp\Downloads\AdobeAIRInstaller.exe
2013-11-09 15:35 - 2013-11-17 17:35 - 00000000 ____D C:\Users\Philipp\Downloads\RADS
2013-11-09 15:35 - 2013-11-09 20:15 - 00000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin
2013-11-09 15:35 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2013-11-09 15:35 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2013-11-09 15:35 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2013-11-09 15:35 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2013-11-09 15:35 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2013-11-09 15:33 - 2013-11-09 15:33 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2013-11-09 11:48 - 2013-11-09 15:33 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Riot Games
2013-11-09 11:47 - 2013-11-09 11:48 - 34888568 _____ (Riot Games) C:\Users\Philipp\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe
2013-11-06 20:54 - 2013-11-06 21:01 - 00000000 ___RD C:\WINDOWS\BrowserChoice
2013-11-04 11:00 - 2013-11-04 11:00 - 00001454 _____ C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-04 10:59 - 2013-11-09 15:32 - 00000660 __RSH C:\Users\Philipp\ntuser.pol
2013-11-04 10:59 - 2013-11-04 10:59 - 00000020 ___SH C:\Users\Philipp\ntuser.ini
2013-11-01 18:33 - 2013-11-12 20:43 - 00000000 __RDO C:\Users\Josef\SkyDrive
2013-11-01 18:30 - 2013-11-01 18:30 - 00001454 _____ C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-01 18:30 - 2013-11-01 18:30 - 00000656 __RSH C:\Users\Josef\ntuser.pol
2013-11-01 18:30 - 2013-11-01 18:30 - 00000020 ___SH C:\Users\Josef\ntuser.ini
2013-11-01 14:14 - 2013-11-17 19:42 - 01994371 _____ C:\WINDOWS\WindowsUpdate.log
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Programme
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-11-01 14:13 - 2013-11-01 14:13 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2013-11-01 14:03 - 2013-11-01 14:03 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-11-01 14:03 - 2013-11-01 14:03 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-11-01 13:59 - 2013-11-01 13:59 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2013-11-01 13:58 - 2013-11-17 17:32 - 00000000 ____D C:\Users\Philipp
2013-11-01 13:58 - 2013-11-01 18:33 - 00000000 ____D C:\Users\Josef
2013-11-01 13:58 - 2013-11-01 14:13 - 00036198 _____ C:\WINDOWS\diagwrn.xml
2013-11-01 13:58 - 2013-11-01 14:13 - 00036198 _____ C:\WINDOWS\diagerr.xml
2013-11-01 13:58 - 2013-11-01 13:59 - 00000000 ___RD C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-11-01 13:58 - 2013-11-01 13:59 - 00000000 ___RD C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Philipp\Vorlagen
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Philipp\Startmenü
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Philipp\Netzwerkumgebung
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Philipp\Lokale Einstellungen
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Philipp\Eigene Dateien
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Philipp\Druckumgebung
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Philipp\Documents\Eigene Musik
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Philipp\Documents\Eigene Bilder
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Philipp\AppData\Local\Verlauf
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Philipp\AppData\Local\Anwendungsdaten
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Philipp\Anwendungsdaten
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Josef\Vorlagen
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Josef\Startmenü
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Josef\Netzwerkumgebung
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Josef\Lokale Einstellungen
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Josef\Eigene Dateien
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Josef\Druckumgebung
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Josef\Documents\Eigene Musik
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Josef\Documents\Eigene Bilder
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Josef\AppData\Local\Verlauf
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Josef\AppData\Local\Anwendungsdaten
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Josef\Anwendungsdaten
2013-11-01 13:58 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-11-01 13:58 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-11-01 13:58 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-11-01 13:58 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-11-01 13:58 - 2013-08-22 16:36 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-11-01 13:58 - 2013-08-22 16:36 - 00000000 ____D C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-11-01 13:54 - 2013-11-01 13:54 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-11-01 13:54 - 2013-11-01 13:54 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2013-11-01 13:54 - 2013-11-01 13:54 - 00000000 ____D C:\Program Files\Realtek
2013-11-01 13:54 - 2013-11-01 13:54 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2013-11-01 13:54 - 2013-11-01 13:54 - 00000000 ____D C:\Program Files\AMD
2013-11-01 13:54 - 2013-11-01 13:54 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2013-11-01 13:52 - 2013-11-01 18:30 - 00000000 ___DC C:\WINDOWS\Panther
2013-11-01 13:52 - 2013-11-01 13:52 - 00000000 __SHD C:\Recovery
2013-11-01 13:51 - 2013-11-01 13:51 - 00872840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2013-11-01 13:51 - 2013-11-01 13:51 - 00698232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2013-11-01 13:50 - 2013-11-01 13:50 - 02144768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-11-01 13:50 - 2013-11-01 13:50 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2013-11-01 13:50 - 2013-11-01 13:50 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2013-11-01 13:50 - 2013-11-01 13:50 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2013-11-01 13:50 - 2013-11-01 13:50 - 01537880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-11-01 13:50 - 2013-11-01 13:50 - 01286552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2013-11-01 13:50 - 2013-11-01 13:50 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2013-11-01 13:50 - 2013-11-01 13:50 - 01018960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2013-11-01 13:50 - 2013-11-01 13:50 - 00977408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2013-11-01 13:50 - 2013-11-01 13:50 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2013-11-01 13:50 - 2013-11-01 13:50 - 00837120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2013-11-01 13:50 - 2013-11-01 13:50 - 00698880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2013-11-01 13:50 - 2013-11-01 13:50 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2013-11-01 13:50 - 2013-11-01 13:50 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2013-11-01 13:50 - 2013-11-01 13:50 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2013-11-01 13:50 - 2013-11-01 13:50 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2013-11-01 13:50 - 2013-11-01 13:50 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2013-11-01 13:50 - 2013-11-01 13:50 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2013-11-01 13:50 - 2013-11-01 13:50 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-11-01 13:50 - 2013-11-01 13:50 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2013-11-01 13:50 - 2013-11-01 13:50 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-11-01 13:48 - 2013-11-01 14:06 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-11-01 13:48 - 2013-11-01 14:02 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2013-11-01 13:48 - 2013-11-01 13:48 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-11-01 13:48 - 2013-11-01 13:48 - 00000000 ____D C:\Program Files\MSBuild
2013-11-01 13:48 - 2013-11-01 13:48 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2013-11-01 13:48 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2013-11-01 13:48 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2013-11-01 13:48 - 2013-08-03 05:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2013-11-01 13:48 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2013-11-01 13:48 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-11-01 13:48 - 2013-08-03 05:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2013-11-01 13:17 - 2013-11-01 14:13 - 00006611 _____ C:\WINDOWS\comsetup.log
2013-10-31 11:48 - 2013-11-09 20:14 - 00000000 ____D C:\ProgramData\Adobe
2013-10-31 11:48 - 2013-11-09 20:14 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-10-31 11:47 - 2013-10-31 11:53 - 00000000 ____D C:\Users\Josef\AppData\Local\Adobe
2013-10-24 16:35 - 2013-10-31 11:26 - 104264581 _____ C:\WINDOWS\SysWOW64\Àn

==================== One Month Modified Files and Folders =======

2013-11-17 19:42 - 2013-11-17 19:42 - 00000000 ____D C:\FRST
2013-11-17 19:42 - 2013-11-01 14:14 - 01994371 _____ C:\WINDOWS\WindowsUpdate.log
2013-11-17 19:41 - 2013-09-27 19:07 - 00001116 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-17 19:40 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-11-17 17:38 - 2013-09-29 13:37 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-769679036-298574570-2757043422-1003
2013-11-17 17:35 - 2013-11-09 15:35 - 00000000 ____D C:\Users\Philipp\Downloads\RADS
2013-11-17 17:32 - 2013-11-01 13:58 - 00000000 ____D C:\Users\Philipp
2013-11-17 17:25 - 2013-11-17 17:25 - 00066765 _____ C:\WINDOWS\SysWOW64\CCCInstall_201311171725577425.log
2013-11-17 17:25 - 2013-11-17 17:25 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2013-11-17 17:25 - 2013-11-17 17:23 - 00000000 ____D C:\Program Files\ATI Technologies
2013-11-17 17:25 - 2013-08-22 15:46 - 00327860 _____ C:\WINDOWS\setupact.log
2013-11-17 17:25 - 2013-04-04 13:05 - 00000000 ____D C:\ProgramData\AMD
2013-11-17 17:24 - 2013-11-17 17:23 - 00000000 ____D C:\ProgramData\Package Cache
2013-11-17 17:23 - 2013-09-30 05:14 - 00005426 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-11-17 17:23 - 2013-09-30 04:56 - 00778714 _____ C:\WINDOWS\system32\perfh007.dat
2013-11-17 17:23 - 2013-09-30 04:56 - 00163510 _____ C:\WINDOWS\system32\perfc007.dat
2013-11-17 17:22 - 2013-11-17 17:22 - 00000000 ____D C:\AMD
2013-11-17 17:18 - 2013-09-27 19:07 - 00001120 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-17 16:52 - 2013-11-17 16:52 - 104695876 _____ C:\WINDOWS\SysWOW64\֞枣LĆ
2013-11-17 16:41 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2013-11-16 23:27 - 2013-11-16 23:27 - 104637397 _____ C:\WINDOWS\SysWOW64\稲ⷅL‘
2013-11-16 22:17 - 2013-09-27 16:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-16 17:27 - 2013-11-15 17:45 - 104559818 _____ C:\WINDOWS\SysWOW64\迭쇾L—
2013-11-15 19:15 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2013-11-15 19:11 - 2013-11-15 19:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-15 18:01 - 2013-11-15 18:01 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\HpUpdate
2013-11-14 16:35 - 2013-09-29 11:24 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-14 16:34 - 2013-09-28 20:01 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-11-14 15:59 - 2013-11-14 15:59 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2013-11-14 15:59 - 2013-11-14 15:59 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2013-11-12 20:43 - 2013-11-01 18:33 - 00000000 __RDO C:\Users\Josef\SkyDrive
2013-11-12 19:11 - 2013-11-12 19:11 - 00000000 ____D C:\Users\Philipp\Downloads\Screenshots
2013-11-12 16:09 - 2013-11-12 16:09 - 00002028 _____ C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2013-11-12 16:09 - 2013-11-12 16:08 - 06110144 _____ C:\Users\Philipp\Downloads\HPPSdr.exe
2013-11-12 16:09 - 2013-09-27 18:05 - 00000000 ____D C:\Program Files (x86)\HP
2013-11-12 16:05 - 2013-11-12 16:05 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2013-11-12 15:28 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2013-11-12 15:11 - 2013-11-10 12:05 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2013-11-12 15:11 - 2013-11-10 12:05 - 00000576 _____ C:\WINDOWS\LkmdfCoInst.log
2013-11-12 14:30 - 2013-08-22 14:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2013-11-12 13:57 - 2013-09-28 22:33 - 00000000 ___RD C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-12 13:45 - 2013-11-12 13:45 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\HP
2013-11-12 13:45 - 2013-09-27 17:58 - 00218037 _____ C:\WINDOWS\hpoins19.dat
2013-11-12 13:45 - 2013-09-27 17:58 - 00001608 _____ C:\ProgramData\hpzinstall.log
2013-11-12 13:24 - 2013-11-12 12:55 - 432790328 _____ C:\Users\Philipp\Downloads\AIO_CDB_NonNet_Full_Win_WW_140_408.exe
2013-11-11 16:48 - 2013-09-27 18:55 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-769679036-298574570-2757043422-1002
2013-11-10 19:28 - 2013-11-10 19:28 - 00000000 ____D C:\Users\Josef\AppData\Roaming\Logitech
2013-11-10 12:05 - 2013-11-10 12:05 - 00000000 ____D C:\Users\Public\Documents\Logishrd
2013-11-10 12:05 - 2013-11-10 12:05 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Leadertech
2013-11-10 12:05 - 2013-11-10 12:04 - 00006540 _____ C:\WINDOWS\LDPINST.LOG
2013-11-10 12:05 - 2013-11-10 12:04 - 00000000 ____D C:\ProgramData\Logishrd
2013-11-10 12:05 - 2013-11-10 12:04 - 00000000 ____D C:\Program Files\Common Files\Logishrd
2013-11-10 12:05 - 2013-11-10 12:02 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Logitech
2013-11-10 12:04 - 2013-11-10 12:04 - 00000000 ____D C:\Program Files\Logitech
2013-11-10 12:02 - 2013-11-10 12:02 - 03672832 _____ (Logitech Inc.) C:\Users\Philipp\Downloads\setpoint6.61.15_smart.exe
2013-11-10 12:02 - 2013-11-10 12:02 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Logishrd
2013-11-10 11:30 - 2013-11-10 11:30 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\LolClient
2013-11-10 10:28 - 2013-09-28 21:16 - 00000000 ___RD C:\Bilder1
2013-11-09 20:15 - 2013-11-09 20:15 - 00001714 _____ C:\Users\Public\Desktop\Play League of Legends.lnk
2013-11-09 20:15 - 2013-11-09 15:35 - 00000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin
2013-11-09 20:14 - 2013-11-09 20:14 - 00000000 ____D C:\Users\Philipp\AppData\Local\Adobe
2013-11-09 20:14 - 2013-11-09 20:14 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-11-09 20:14 - 2013-11-09 20:14 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-11-09 20:14 - 2013-11-09 20:13 - 18080872 _____ (Adobe Systems Inc.) C:\Users\Philipp\Downloads\AdobeAIRInstaller.exe
2013-11-09 20:14 - 2013-10-31 11:48 - 00000000 ____D C:\ProgramData\Adobe
2013-11-09 20:14 - 2013-10-31 11:48 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-11-09 20:14 - 2013-09-28 22:33 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Adobe
2013-11-09 19:49 - 2013-10-04 08:25 - 00000000 ____D C:\Users\Philipp\AppData\Local\Mozilla
2013-11-09 15:44 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2013-11-09 15:33 - 2013-11-09 15:33 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2013-11-09 15:33 - 2013-11-09 11:48 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Riot Games
2013-11-09 15:32 - 2013-11-04 10:59 - 00000660 __RSH C:\Users\Philipp\ntuser.pol
2013-11-09 11:48 - 2013-11-09 11:47 - 34888568 _____ (Riot Games) C:\Users\Philipp\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe
2013-11-08 16:55 - 2013-09-27 16:00 - 00000000 ____D C:\Users\Josef\AppData\Local\Packages
2013-11-07 16:00 - 2013-01-07 18:56 - 82896128 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-11-06 21:01 - 2013-11-06 20:54 - 00000000 ___RD C:\WINDOWS\BrowserChoice
2013-11-06 21:01 - 2013-09-28 22:32 - 00000000 ____D C:\Users\Philipp\AppData\Local\Packages
2013-11-06 20:55 - 2013-09-29 08:04 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-11-06 20:55 - 2013-09-29 08:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-11-06 00:31 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2013-11-06 00:31 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-04 11:11 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\restore
2013-11-04 11:00 - 2013-11-04 11:00 - 00001454 _____ C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-04 11:00 - 2013-09-28 22:33 - 00000000 ___RD C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-11-04 10:59 - 2013-11-04 10:59 - 00000020 ___SH C:\Users\Philipp\ntuser.ini
2013-11-01 18:33 - 2013-11-01 13:58 - 00000000 ____D C:\Users\Josef
2013-11-01 18:30 - 2013-11-01 18:30 - 00001454 _____ C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-01 18:30 - 2013-11-01 18:30 - 00000656 __RSH C:\Users\Josef\ntuser.pol
2013-11-01 18:30 - 2013-11-01 18:30 - 00000020 ___SH C:\Users\Josef\ntuser.ini
2013-11-01 18:30 - 2013-11-01 13:52 - 00000000 ___DC C:\WINDOWS\Panther
2013-11-01 18:30 - 2013-09-27 16:01 - 00000000 ___RD C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-01 18:30 - 2013-09-27 16:01 - 00000000 ___RD C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Programme
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-11-01 14:14 - 2013-11-01 14:14 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-11-01 14:14 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows NT
2013-11-01 14:14 - 2013-08-22 14:36 - 00000000 __RHD C:\Users\Default
2013-11-01 14:13 - 2013-11-01 14:13 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2013-11-01 14:13 - 2013-11-01 13:58 - 00036198 _____ C:\WINDOWS\diagwrn.xml
2013-11-01 14:13 - 2013-11-01 13:58 - 00036198 _____ C:\WINDOWS\diagerr.xml
2013-11-01 14:13 - 2013-11-01 13:17 - 00006611 _____ C:\WINDOWS\comsetup.log
2013-11-01 14:13 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Registration
2013-11-01 14:09 - 2013-08-22 16:36 - 00000000 __RSD C:\WINDOWS\Media
2013-11-01 14:09 - 2013-08-22 16:36 - 00000000 __RHD C:\Users\Public\Libraries
2013-11-01 14:07 - 2013-08-22 15:44 - 00505304 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-11-01 14:06 - 2013-11-01 13:48 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-11-01 14:06 - 2013-09-30 04:59 - 00000000 ____D C:\WINDOWS\ShellNew
2013-11-01 14:06 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2013-11-01 14:06 - 2013-08-22 14:25 - 00008192 ___SH C:\WINDOWS\system32\config\ELAM
2013-11-01 14:06 - 2013-01-08 10:44 - 00000000 ____D C:\WINDOWS\fi
2013-11-01 14:06 - 2013-01-08 10:27 - 00000000 ____D C:\WINDOWS\tr
2013-11-01 14:06 - 2013-01-08 10:27 - 00000000 ____D C:\WINDOWS\sv
2013-11-01 14:06 - 2013-01-08 10:27 - 00000000 ____D C:\WINDOWS\sl
2013-11-01 14:06 - 2013-01-08 10:27 - 00000000 ____D C:\WINDOWS\pl
2013-11-01 14:06 - 2013-01-08 10:27 - 00000000 ____D C:\WINDOWS\nl
2013-11-01 14:06 - 2013-01-08 10:27 - 00000000 ____D C:\WINDOWS\it
2013-11-01 14:06 - 2013-01-08 10:27 - 00000000 ____D C:\WINDOWS\hu
2013-11-01 14:06 - 2013-01-08 10:27 - 00000000 ____D C:\WINDOWS\fr
2013-11-01 14:06 - 2013-01-08 10:27 - 00000000 ____D C:\WINDOWS\es
2013-11-01 14:06 - 2013-01-08 10:27 - 00000000 ____D C:\WINDOWS\da
2013-11-01 14:06 - 2013-01-08 10:26 - 00000000 ____D C:\WINDOWS\el
2013-11-01 14:06 - 2013-01-08 10:26 - 00000000 ____D C:\WINDOWS\de
2013-11-01 14:06 - 2012-07-26 10:43 - 00000000 ____D C:\WINDOWS\en-GB
2013-11-01 14:03 - 2013-11-01 14:03 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-11-01 14:03 - 2013-11-01 14:03 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-11-01 14:03 - 2013-08-22 16:37 - 00004893 _____ C:\WINDOWS\DtcInstall.log
2013-11-01 14:03 - 2012-07-26 06:37 - 00000000 ____D C:\Users\Default.migrated
2013-11-01 14:02 - 2013-11-01 13:48 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2013-11-01 14:02 - 2013-09-30 04:56 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2013-11-01 14:02 - 2013-09-30 04:56 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2013-11-01 14:02 - 2013-09-30 04:56 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2013-11-01 14:02 - 2013-09-30 04:56 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2013-11-01 14:02 - 2013-09-30 04:56 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2013-11-01 14:02 - 2013-09-30 04:56 - 00000000 ____D C:\WINDOWS\system32\winrm
2013-11-01 14:02 - 2013-09-30 04:56 - 00000000 ____D C:\WINDOWS\system32\WCN
2013-11-01 14:02 - 2013-09-30 04:56 - 00000000 ____D C:\WINDOWS\system32\slmgr
2013-11-01 14:02 - 2013-09-30 04:56 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2013-11-01 14:02 - 2013-09-27 18:19 - 00000000 ____D C:\WINDOWS\SysWOW64\spool
2013-11-01 14:02 - 2013-08-22 16:43 - 00000000 ____D C:\WINDOWS\DigitalLocker
2013-11-01 14:02 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2013-11-01 14:02 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\WinStore
2013-11-01 14:02 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2013-11-01 14:02 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2013-11-01 14:02 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2013-11-01 14:02 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2013-11-01 14:02 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2013-11-01 14:02 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\spool
2013-11-01 14:02 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\MUI
2013-11-01 14:02 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\IME
2013-11-01 14:02 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2013-11-01 14:02 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\IME
2013-11-01 14:02 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Help
2013-11-01 14:02 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2013-11-01 14:02 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2013-11-01 14:02 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2013-11-01 14:02 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\system32\oobe
2013-11-01 14:02 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\system32\Dism
2013-11-01 14:02 - 2013-01-07 15:54 - 00000000 ____D C:\ProgramData\PRICache
2013-11-01 14:01 - 2013-09-30 04:59 - 00000000 ____D C:\Program Files\Windows Journal
2013-11-01 14:01 - 2013-08-22 16:36 - 00000000 __SHD C:\Program Files\Windows Sidebar
2013-11-01 14:01 - 2013-08-22 16:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2013-11-01 14:01 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-11-01 14:01 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\System
2013-11-01 14:01 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-11-01 14:01 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-11-01 13:59 - 2013-11-01 13:59 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2013-11-01 13:59 - 2013-11-01 13:58 - 00000000 ___RD C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-11-01 13:59 - 2013-11-01 13:58 - 00000000 ___RD C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-11-01 13:59 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\Recovery
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Philipp\Vorlagen
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Philipp\Startmenü
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Philipp\Netzwerkumgebung
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Philipp\Lokale Einstellungen
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Philipp\Eigene Dateien
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Philipp\Druckumgebung
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Philipp\Documents\Eigene Musik
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Philipp\Documents\Eigene Bilder
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Philipp\AppData\Local\Verlauf
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Philipp\AppData\Local\Anwendungsdaten
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Philipp\Anwendungsdaten
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Josef\Vorlagen
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Josef\Startmenü
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Josef\Netzwerkumgebung
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Josef\Lokale Einstellungen
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Josef\Eigene Dateien
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Josef\Druckumgebung
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Josef\Documents\Eigene Musik
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Josef\Documents\Eigene Bilder
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Josef\AppData\Local\Verlauf
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Josef\AppData\Local\Anwendungsdaten
2013-11-01 13:58 - 2013-11-01 13:58 - 00000000 _SHDL C:\Users\Josef\Anwendungsdaten
2013-11-01 13:54 - 2013-11-01 13:54 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-11-01 13:54 - 2013-11-01 13:54 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2013-11-01 13:54 - 2013-11-01 13:54 - 00000000 ____D C:\Program Files\Realtek
2013-11-01 13:54 - 2013-11-01 13:54 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2013-11-01 13:54 - 2013-11-01 13:54 - 00000000 ____D C:\Program Files\AMD
2013-11-01 13:54 - 2013-11-01 13:54 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2013-11-01 13:53 - 2013-09-29 20:04 - 00000800 _____ C:\WINDOWS\PFRO.log
2013-11-01 13:52 - 2013-11-01 13:52 - 00000000 __SHD C:\Recovery
2013-11-01 13:51 - 2013-11-01 13:51 - 00872840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2013-11-01 13:51 - 2013-11-01 13:51 - 00698232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2013-11-01 13:51 - 2013-08-22 16:36 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template
2013-11-01 13:50 - 2013-11-01 13:50 - 02144768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-11-01 13:50 - 2013-11-01 13:50 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2013-11-01 13:50 - 2013-11-01 13:50 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2013-11-01 13:50 - 2013-11-01 13:50 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2013-11-01 13:50 - 2013-11-01 13:50 - 01537880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-11-01 13:50 - 2013-11-01 13:50 - 01286552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2013-11-01 13:50 - 2013-11-01 13:50 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2013-11-01 13:50 - 2013-11-01 13:50 - 01018960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2013-11-01 13:50 - 2013-11-01 13:50 - 00977408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2013-11-01 13:50 - 2013-11-01 13:50 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2013-11-01 13:50 - 2013-11-01 13:50 - 00837120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2013-11-01 13:50 - 2013-11-01 13:50 - 00698880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2013-11-01 13:50 - 2013-11-01 13:50 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2013-11-01 13:50 - 2013-11-01 13:50 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2013-11-01 13:50 - 2013-11-01 13:50 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2013-11-01 13:50 - 2013-11-01 13:50 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2013-11-01 13:50 - 2013-11-01 13:50 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2013-11-01 13:50 - 2013-11-01 13:50 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2013-11-01 13:50 - 2013-11-01 13:50 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-11-01 13:50 - 2013-11-01 13:50 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2013-11-01 13:50 - 2013-11-01 13:50 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-11-01 13:50 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Camera
2013-11-01 13:48 - 2013-11-01 13:48 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-11-01 13:48 - 2013-11-01 13:48 - 00000000 ____D C:\Program Files\MSBuild
2013-11-01 13:48 - 2013-11-01 13:48 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2013-11-01 13:43 - 2013-09-27 16:00 - 01560582 _____ C:\WINDOWS\WindowsUpdate (1).log
2013-11-01 12:53 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2013-11-01 11:33 - 2013-01-07 16:49 - 00730346 _____ C:\WINDOWS\system32\perfh00E.dat
2013-11-01 11:33 - 2013-01-07 16:49 - 00173820 _____ C:\WINDOWS\system32\perfc00E.dat
2013-10-31 11:53 - 2013-10-31 11:47 - 00000000 ____D C:\Users\Josef\AppData\Local\Adobe
2013-10-31 11:49 - 2013-09-27 16:01 - 00000000 ____D C:\Users\Josef\AppData\Roaming\Adobe
2013-10-31 11:26 - 2013-10-24 16:35 - 104264581 _____ C:\WINDOWS\SysWOW64\Àn
2013-10-27 12:12 - 2013-09-27 19:07 - 00004092 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-27 12:12 - 2013-09-27 19:07 - 00003856 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-24 16:38 - 2013-09-29 13:29 - 00067072 _____ C:\Users\Josef\Desktop\Zug.Dat.xls.xls
2013-10-19 09:08 - 2013-11-14 16:00 - 23212544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-10-19 07:37 - 2013-11-14 16:00 - 17142784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-10-19 07:02 - 2013-11-14 16:00 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-10-19 06:37 - 2013-11-14 16:00 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2013-10-19 06:19 - 2013-11-14 16:00 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-10-19 06:10 - 2013-11-14 16:00 - 05765120 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-10-19 05:52 - 2013-11-14 16:00 - 02166272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-10-19 05:44 - 2013-11-14 16:00 - 04240384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-10-19 05:37 - 2013-11-14 16:00 - 12995584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-10-19 05:31 - 2013-11-14 16:00 - 01993728 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-10-19 04:56 - 2013-11-14 16:00 - 11220992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-10-19 04:55 - 2013-11-14 16:00 - 01926656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2013-10-19 04:53 - 2013-11-14 16:00 - 02332160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-10-19 04:23 - 2013-11-14 16:00 - 01394176 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-10-19 04:09 - 2013-11-14 16:00 - 01818112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-10-19 04:02 - 2013-11-14 16:00 - 01156608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

Some content of TEMP:
====================
C:\Users\Philipp\AppData\Local\Temp\LMkRstPt.exe
C:\Users\Philipp\AppData\Local\Temp\swt-win32-3349.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-17 00:25

==================== End Of Log ============================
--- --- ---

--- --- ---

schrauber 18.11.2013 10:15
Zitat:
bei einer formatierung werde ich ja jeglichen schädling los oder muss ich selbst das mit speziellen programmen machen umsicher zu gehen?
Formatieren ist formatieren, da bleibt nix übrig. Sollen wir jetzt PC 2 reinigen oder willste formatieren?

mobert 18.11.2013 10:59
der pc1 ist bereits formatiert worden, demnach also sauber (die frage zum formatieren war nur aus interesse)
die ersten beiden logs sind vom netbook und zweiten vom pc(pc2) meines vaters.
netbook und pc2 hätte ich schon gerne bereinigt falls sie befallen sind.

schrauber 19.11.2013 08:58
Logs von den beiden sehen gut aus :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 01:58 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19