Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Pc stürzt seit Tagen dauernd ab. (https://www.trojaner-board.de/148073-pc-stuerzt-seit-tagen-dauernd-ab.html)

Lionight 16.01.2014 21:52
Pc stürzt seit Tagen dauernd ab.
 
Liebes Trojaner-board Team,

in letzter Zeit habe ich häufiger das Problem, dass mein PC einfach ohne Vorwarnung, einen
Neustart erzwingt. Es kommt keine Meldung sondern der PC stürzt einfach ab. Was mir aufgefallen ist, dass ich jedes mal, wenn er abgestürzt ist, am Skypen war und nebenbei entweder im Google Chrome Browser unterwegs war oder ihn auch nur offen hatte ohne etwas in ihm zu machen. Zu letzt ist er innerhalb einer Zeitspanne von 5 Minuten 2 mal abgestürzt.

Ich könnte mir vorstellen, dass das Problem aufgrund eines eingefangen Virus auftritt, und komme deswegen zu euch, um um Rat zu fragen.

PS:
Betriebssystem: Windows 7
Offene Programme (während des Absturzes): Skype und Google Chrome

Ich hoffe ihr könnt mir helfen, vielen Dank schonmal im Vorraus.

Lg Lionight

schrauber 17.01.2014 08:16
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Lionight 22.01.2014 21:41
Danke schon mal für deine Antwort und tut mir leid für die späte Rückmeldung :/


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-01-2014 02
Ran by Fabio (administrator) on FABIO-PC on 22-01-2014 21:37:48
Running from C:\Users\Fabio\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Akamai Technologies, Inc.) C:\Users\Fabio\AppData\Local\Akamai\netsession_win.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Dropbox, Inc.) C:\Users\Fabio\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Akamai Technologies, Inc.) C:\Users\Fabio\AppData\Local\Akamai\netsession_win.exe
(Hauppauge Computer Works, Inc.) C:\Program Files (x86)\Hauppauge\DeviceCentral\HcwDCTrayTool.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Hauppauge Computer Works, Inc.) C:\Program Files (x86)\Hauppauge\DeviceCentral\HcwDevCentralService.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7468784 2013-02-28] (Logitech Inc.)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-08] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1064224 2013-11-08] (NVIDIA Corporation)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [ArcSoft Connection Service] - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
HKLM-x32\...\Run: [LWS] - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-12] (Logitech Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3806544 2013-11-29] (LogMeIn Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1815464 2014-01-07] (Valve Corporation)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKCU\...\Run: [EADM] - C:\Program Files (x86)\Origin\Origin.exe [3551576 2013-11-22] (Electronic Arts)
HKCU\...\Run: [SandboxieControl] - C:\Program Files\Sandboxie\SbieCtrl.exe [759496 2013-10-16] (Sandboxie Holdings, LLC)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Fabio\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
Startup: C:\Users\Fabio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Fabio\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Fabio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hauppauge Device Properties.lnk
ShortcutTarget: Hauppauge Device Properties.lnk -> C:\Program Files (x86)\Hauppauge\DeviceCentral\HcwDCTrayTool.exe (Hauppauge Computer Works, Inc.)
Startup: C:\Users\Fabio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
ShortcutTarget: Logitech . Produktregistrierung.lnk -> C:\Program Files (x86)\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x64BDD92DF1E2CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D26723D363439&st={searchTerms}&clid=7c2dcca5-0b05-4a50-b86c-56f336dfad42&pid=chipde&k=0
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D26723D363439&st={searchTerms}&clid=7c2dcca5-0b05-4a50-b86c-56f336dfad42&pid=chipde&k=0
SearchScopes: HKCU - {5510C1BC-D425-400F-BEA4-DAA0D9DBBAA1} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=7c2dcca5-0b05-4a50-b86c-56f336dfad42&pid=chipde&mode=bounce&k=0
SearchScopes: HKCU - {AEFF98F7-6107-437E-8189-5BF176D79CD5} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=7c2dcca5-0b05-4a50-b86c-56f336dfad42&pid=chipde&mode=bounce&k=0
SearchScopes: HKCU - {C21949E4-FF99-4721-9E7B-D79ACF72B247} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=7c2dcca5-0b05-4a50-b86c-56f336dfad42&pid=chipde&mode=bounce&k=0
SearchScopes: HKCU - {DD54D9B5-6928-43EB-B164-321F13322A31} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=7c2dcca5-0b05-4a50-b86c-56f336dfad42&pid=chipde&mode=bounce&k=0
SearchScopes: HKCU - {EED5A400-ED06-4F8D-ABB5-F562532DF3D9} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=7c2dcca5-0b05-4a50-b86c-56f336dfad42&pid=chipde&mode=bounce&k=0
SearchScopes: HKCU - {F552348E-D10E-4CE7-9A06-DC56FE7FBB14} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=7c2dcca5-0b05-4a50-b86c-56f336dfad42&pid=chipde&mode=bounce&k=0
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.76\npchrome_frame.dll (Google Inc.)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} -  No File
Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.76\npchrome_frame.dll (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\q3r8j6nq.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.40.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Check4Change - C:\Users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\q3r8j6nq.default\Extensions\check4change-owner@mozdev.org.xpi [2013-09-16]
FF Extension: Simple New Tab - C:\Users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\q3r8j6nq.default\Extensions\snt@dotlabs.co.xpi [2013-11-13]
FF Extension: Adblock Plus - C:\Users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\q3r8j6nq.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-09]
FF Extension: No Name - C:\Users\Fabio\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2013-08-02]
FF Extension: No Name - C:\Users\Fabio\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins [2013-07-11]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-05-14]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-05-14]

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll No File
CHR Extension: (FlashFree) - C:\Users\Fabio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebmieckllmmifjjbipnppinpiohpfahm [2013-12-03]
CHR Extension: (AdBlock) - C:\Users\Fabio\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-11-11]
CHR Extension: (Linkclump) - C:\Users\Fabio\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfpjkncokllnfokkgpkobnkbkmelfefj [2013-08-02]
CHR Extension: (Google Wallet) - C:\Users\Fabio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]

==================== Services (Whitelisted) =================

S3 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88424 2013-10-10] (Perfect World Entertainment Inc)
R3 HcwDevCentralService; C:\Program Files (x86)\Hauppauge\DeviceCentral\HcwDevCentralService.exe [401232 2013-02-07] (Hauppauge Computer Works, Inc.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377104 2013-10-11] (LogMeIn, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15125280 2013-11-08] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-08-16] ()
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [186056 2013-10-16] (Sandboxie Holdings, LLC)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
S2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [x]

==================== Drivers (Whitelisted) ====================

R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31968 2012-10-08] (Wondershare)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
S3 hcwE5bda; C:\Windows\System32\drivers\hcwE5bda.sys [945136 2013-02-12] (Hauppauge Computer Work, Inc.)
S3 hxsyol; C:\AeriaGames\AuraKingdom\avital\hxsy64.sys [86352 2013-11-27] ()
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66800 2013-01-17] (Logitech Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-09-28] (NVIDIA Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [200552 2013-10-16] (Sandboxie Holdings, LLC)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [x]
S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [x]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [x]
S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-22 21:37 - 2014-01-22 21:38 - 00022439 _____ C:\Users\Fabio\Downloads\FRST.txt
2014-01-22 21:37 - 2014-01-22 21:37 - 02077696 _____ (Farbar) C:\Users\Fabio\Downloads\FRST64.exe
2014-01-22 21:37 - 2014-01-22 21:37 - 00000000 ____D C:\FRST
2014-01-22 21:29 - 2014-01-22 21:29 - 00262144 ____N C:\Windows\Minidump\012214-20607-01.dmp
2014-01-22 08:55 - 2014-01-22 08:55 - 00000866 _____ C:\Users\Fabio\AppData\Local\recently-used.xbel
2014-01-22 08:55 - 2014-01-22 08:55 - 00000000 ____D C:\Users\Fabio\.thumbnails
2014-01-21 16:03 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-21 16:03 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-21 16:03 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-21 16:03 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-21 16:01 - 2014-01-21 16:03 - 00005327 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-21 15:52 - 2014-01-21 15:52 - 00262144 ____N C:\Windows\Minidump\012114-15880-01.dmp
2014-01-19 01:43 - 2014-01-19 01:43 - 00262144 ____N C:\Windows\Minidump\011914-17706-01.dmp
2014-01-17 23:30 - 2014-01-17 23:30 - 00262144 ____N C:\Windows\Minidump\011714-17815-01.dmp
2014-01-17 21:58 - 2014-01-17 21:58 - 00262144 ____N C:\Windows\Minidump\011714-19546-01.dmp
2014-01-16 22:35 - 2014-01-16 22:35 - 00000000 ____D C:\Users\Fabio\AppData\Roaming\MMFApplications
2014-01-16 22:34 - 2014-01-16 22:34 - 15511182 _____ (                                                                                                    ) C:\Users\Fabio\Downloads\manos_windows_1386702035.exe
2014-01-16 21:33 - 2014-01-16 21:33 - 00262144 ____N C:\Windows\Minidump\011614-20794-01.dmp
2014-01-16 21:26 - 2014-01-16 21:26 - 00262144 ____N C:\Windows\Minidump\011614-21980-01.dmp
2014-01-16 14:43 - 2014-01-16 14:44 - 00000000 ____D C:\Users\Fabio\AppData\Roaming\ultrastardx
2014-01-16 14:43 - 2014-01-16 14:43 - 00000000 ____D C:\Program Files (x86)\UltraStar Deluxe
2014-01-16 14:09 - 2014-01-16 14:42 - 00000000 ____D C:\Users\Fabio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UltraStar
2014-01-15 20:24 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 20:24 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 20:24 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 20:24 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 20:24 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 20:24 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 20:24 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 20:24 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 20:24 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-09 22:06 - 2014-01-09 22:06 - 00521714 _____ C:\Users\Fabio\Desktop\Versuch 2.rar
2014-01-02 21:44 - 2014-01-02 21:44 - 00435303 _____ C:\Users\Fabio\Desktop\pokemon.rar
2014-01-02 20:48 - 2014-01-02 20:48 - 00000000 ____D C:\Users\Fabio\AppData\Roaming\Aeria Games & Entertainment
2014-01-01 00:36 - 2014-01-01 00:36 - 00000000 ____D C:\Users\Fabio\AppData\Roaming\XMedia Recode
2013-12-31 21:12 - 2013-12-31 21:13 - 00000000 ____D C:\Program Files (x86)\XMedia Recode
2013-12-31 21:10 - 2013-12-31 21:10 - 00000000 ____D C:\Users\Fabio\AppData\Roaming\vlc
2013-12-31 21:08 - 2013-12-31 21:08 - 00000000 ____D C:\Program Files\VideoLAN
2013-12-27 18:01 - 2013-12-27 18:01 - 00000000 ____D C:\Users\Fabio\AppData\Roaming\LolClient
2013-12-27 15:40 - 2014-01-12 14:22 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2013-12-27 15:40 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2013-12-27 15:40 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2013-12-27 15:40 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2013-12-27 15:39 - 2013-12-27 15:39 - 00001808 _____ C:\Users\Fabio\Desktop\League of Legends.lnk
2013-12-27 15:39 - 2013-12-27 15:39 - 00000000 ____D C:\Riot Games
2013-12-27 15:37 - 2014-01-21 18:44 - 00000000 ____D C:\Users\Fabio\AppData\Local\PMB Files
2013-12-27 15:37 - 2014-01-21 18:44 - 00000000 ____D C:\ProgramData\PMB Files
2013-12-27 15:37 - 2013-12-27 15:37 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2013-12-27 15:36 - 2013-12-27 15:36 - 00000000 ____D C:\Users\Fabio\AppData\Roaming\Riot Games
2013-12-25 16:46 - 2013-12-25 16:46 - 00001016 _____ C:\Users\Fabio\Desktop\Pokemon InfernoRot.txt
2013-12-25 15:29 - 2013-12-25 16:40 - 00000000 ____D C:\Users\Fabio\Downloads\Feuerrot

==================== One Month Modified Files and Folders =======

2014-01-22 21:38 - 2014-01-22 21:37 - 00022439 _____ C:\Users\Fabio\Downloads\FRST.txt
2014-01-22 21:38 - 2013-04-23 16:58 - 00000000 ____D C:\Users\Fabio\AppData\Roaming\Skype
2014-01-22 21:37 - 2014-01-22 21:37 - 02077696 _____ (Farbar) C:\Users\Fabio\Downloads\FRST64.exe
2014-01-22 21:37 - 2014-01-22 21:37 - 00000000 ____D C:\FRST
2014-01-22 21:36 - 2009-07-14 05:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-22 21:36 - 2009-07-14 05:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-22 21:33 - 2013-04-23 16:27 - 01673373 _____ C:\Windows\WindowsUpdate.log
2014-01-22 21:31 - 2013-05-19 20:55 - 00000000 ___RD C:\Users\Fabio\Dropbox
2014-01-22 21:31 - 2013-05-19 20:50 - 00000000 ____D C:\Users\Fabio\AppData\Roaming\Dropbox
2014-01-22 21:31 - 2013-04-26 15:37 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-22 21:30 - 2013-08-15 17:02 - 00000000 ____D C:\Program Files (x86)\Origin
2014-01-22 21:30 - 2013-04-23 19:45 - 00000000 ____D C:\Users\Fabio\AppData\Local\LogMeIn Hamachi
2014-01-22 21:29 - 2014-01-22 21:29 - 00262144 ____N C:\Windows\Minidump\012214-20607-01.dmp
2014-01-22 21:29 - 2013-06-23 22:03 - 00000000 ____D C:\Windows\Minidump
2014-01-22 21:29 - 2013-06-07 14:08 - 00048457 _____ C:\Windows\setupact.log
2014-01-22 21:29 - 2013-04-23 17:27 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-22 21:29 - 2013-04-23 16:47 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-22 21:29 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-22 21:25 - 2013-11-22 23:56 - 00001702 _____ C:\Windows\Sandboxie.ini
2014-01-22 21:17 - 2013-04-23 16:47 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-22 21:00 - 2013-04-23 18:16 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-22 08:57 - 2013-06-13 16:28 - 00000000 ____D C:\Users\Fabio\.gimp-2.8
2014-01-22 08:55 - 2014-01-22 08:55 - 00000866 _____ C:\Users\Fabio\AppData\Local\recently-used.xbel
2014-01-22 08:55 - 2014-01-22 08:55 - 00000000 ____D C:\Users\Fabio\.thumbnails
2014-01-22 08:55 - 2013-04-23 16:27 - 00000000 ____D C:\Users\Fabio
2014-01-21 21:33 - 2013-04-23 18:58 - 00000000 ____D C:\Users\Fabio\AppData\Roaming\TS3Client
2014-01-21 18:44 - 2013-12-27 15:37 - 00000000 ____D C:\Users\Fabio\AppData\Local\PMB Files
2014-01-21 18:44 - 2013-12-27 15:37 - 00000000 ____D C:\ProgramData\PMB Files
2014-01-21 16:03 - 2014-01-21 16:01 - 00005327 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-21 16:03 - 2013-10-08 15:19 - 00000000 ____D C:\ProgramData\Oracle
2014-01-21 16:03 - 2013-10-08 15:19 - 00000000 ____D C:\Program Files (x86)\Java
2014-01-21 15:52 - 2014-01-21 15:52 - 00262144 ____N C:\Windows\Minidump\012114-15880-01.dmp
2014-01-19 18:56 - 2013-08-26 21:45 - 00000000 ____D C:\Users\Fabio\AppData\Roaming\.minecraft
2014-01-19 08:33 - 2010-11-21 04:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-19 01:46 - 2013-05-08 19:18 - 00000000 ____D C:\Users\Fabio\AppData\Local\CrashDumps
2014-01-19 01:43 - 2014-01-19 01:43 - 00262144 ____N C:\Windows\Minidump\011914-17706-01.dmp
2014-01-17 23:30 - 2014-01-17 23:30 - 00262144 ____N C:\Windows\Minidump\011714-17815-01.dmp
2014-01-17 21:58 - 2014-01-17 21:58 - 00262144 ____N C:\Windows\Minidump\011714-19546-01.dmp
2014-01-16 22:35 - 2014-01-16 22:35 - 00000000 ____D C:\Users\Fabio\AppData\Roaming\MMFApplications
2014-01-16 22:34 - 2014-01-16 22:34 - 15511182 _____ (                                                                                                    ) C:\Users\Fabio\Downloads\manos_windows_1386702035.exe
2014-01-16 21:33 - 2014-01-16 21:33 - 00262144 ____N C:\Windows\Minidump\011614-20794-01.dmp
2014-01-16 21:26 - 2014-01-16 21:26 - 00262144 ____N C:\Windows\Minidump\011614-21980-01.dmp
2014-01-16 21:02 - 2013-11-16 16:58 - 00000000 ____D C:\Users\Fabio\Desktop\Pkmn-Ptc
2014-01-16 21:02 - 2013-09-17 20:56 - 00000000 ____D C:\Users\Fabio\Desktop\Bilder x3
2014-01-16 21:01 - 2013-06-24 09:22 - 00000000 ____D C:\Users\Fabio\Desktop\Minecraft Allgemein
2014-01-16 19:25 - 2013-05-03 16:18 - 00000000 ____D C:\Users\Fabio\AppData\Roaming\Audacity
2014-01-16 14:44 - 2014-01-16 14:43 - 00000000 ____D C:\Users\Fabio\AppData\Roaming\ultrastardx
2014-01-16 14:43 - 2014-01-16 14:43 - 00000000 ____D C:\Program Files (x86)\UltraStar Deluxe
2014-01-16 14:42 - 2014-01-16 14:09 - 00000000 ____D C:\Users\Fabio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UltraStar
2014-01-16 13:15 - 2009-07-14 05:45 - 00297024 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-15 22:28 - 2013-08-15 01:08 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 22:25 - 2013-04-28 17:30 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-12 14:22 - 2013-12-27 15:40 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2014-01-12 13:46 - 2013-04-23 16:27 - 00000000 ___RD C:\Users\Fabio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-10 16:01 - 2013-10-14 17:50 - 00000000 ____D C:\Users\Fabio\Desktop\Informatik Kurs
2014-01-09 22:06 - 2014-01-09 22:06 - 00521714 _____ C:\Users\Fabio\Desktop\Versuch 2.rar
2014-01-09 12:02 - 2013-05-19 20:52 - 00000000 ____D C:\Users\Fabio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-03 22:02 - 2013-10-29 18:07 - 00000000 ____D C:\Users\Fabio\AppData\Local\Daedalic Entertainment
2014-01-02 21:44 - 2014-01-02 21:44 - 00435303 _____ C:\Users\Fabio\Desktop\pokemon.rar
2014-01-02 20:57 - 2013-06-15 01:02 - 00000000 ___HD C:\Windows\msdownld.tmp
2014-01-02 20:57 - 2013-06-15 01:02 - 00000000 ____D C:\Windows\SysWOW64\directx
2014-01-02 20:49 - 2013-09-02 19:06 - 00000000 ____D C:\AeriaGames
2014-01-02 20:48 - 2014-01-02 20:48 - 00000000 ____D C:\Users\Fabio\AppData\Roaming\Aeria Games & Entertainment
2014-01-02 20:01 - 2013-06-15 00:46 - 00000000 ____D C:\Users\Fabio\AppData\Local\Akamai
2014-01-01 00:36 - 2014-01-01 00:36 - 00000000 ____D C:\Users\Fabio\AppData\Roaming\XMedia Recode
2013-12-31 23:00 - 2011-04-12 08:43 - 00699416 _____ C:\Windows\system32\perfh007.dat
2013-12-31 23:00 - 2011-04-12 08:43 - 00149556 _____ C:\Windows\system32\perfc007.dat
2013-12-31 23:00 - 2009-07-14 06:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-31 21:13 - 2013-12-31 21:12 - 00000000 ____D C:\Program Files (x86)\XMedia Recode
2013-12-31 21:10 - 2013-12-31 21:10 - 00000000 ____D C:\Users\Fabio\AppData\Roaming\vlc
2013-12-31 21:08 - 2013-12-31 21:08 - 00000000 ____D C:\Program Files\VideoLAN
2013-12-27 18:01 - 2013-12-27 18:01 - 00000000 ____D C:\Users\Fabio\AppData\Roaming\LolClient
2013-12-27 15:39 - 2013-12-27 15:39 - 00001808 _____ C:\Users\Fabio\Desktop\League of Legends.lnk
2013-12-27 15:39 - 2013-12-27 15:39 - 00000000 ____D C:\Riot Games
2013-12-27 15:37 - 2013-12-27 15:37 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2013-12-27 15:36 - 2013-12-27 15:36 - 00000000 ____D C:\Users\Fabio\AppData\Roaming\Riot Games
2013-12-27 13:08 - 2013-06-07 14:08 - 00197994 _____ C:\Windows\PFRO.log
2013-12-25 16:46 - 2013-12-25 16:46 - 00001016 _____ C:\Users\Fabio\Desktop\Pokemon InfernoRot.txt
2013-12-25 16:40 - 2013-12-25 15:29 - 00000000 ____D C:\Users\Fabio\Downloads\Feuerrot
2013-12-25 16:40 - 2013-05-04 21:13 - 00609500 _____ C:\Users\Fabio\Desktop\VisualBoyAdvance-1.7.2.zip
2013-12-23 22:58 - 2013-07-16 19:05 - 00000000 ____D C:\Program Files (x86)\osu!
2013-12-23 12:32 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD

Files to move or delete:
====================
C:\Users\Fabio\Application.exe


Some content of TEMP:
====================
C:\Users\Fabio\AppData\Local\Temp\dxwebsetup.exe
C:\Users\Fabio\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Fabio\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Fabio\AppData\Local\Temp\nvStInst.exe
C:\Users\Fabio\AppData\Local\Temp\Quarantine.exe
C:\Users\Fabio\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Fabio\AppData\Local\Temp\sfamcc00002.dll
C:\Users\Fabio\AppData\Local\Temp\sfamcc00003.dll
C:\Users\Fabio\AppData\Local\Temp\sfareca00001.dll
C:\Users\Fabio\AppData\Local\Temp\sfareca00002.dll
C:\Users\Fabio\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Fabio\AppData\Local\Temp\vcredist_x86.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-20 16:16

==================== End Of Log ============================
--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-01-2014 02
Ran by Fabio at 2014-01-22 21:38:35
Running from C:\Users\Fabio\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

4500_G510gm_Help (x32 Version: 000.0.440.000 - Hewlett-Packard) Hidden
4500G510gm (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510gm_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
A New Beginning - Final Cut (x32 Version:  - Daedalic Entertainment)
Ace of Spades (x32 Version:  - Jagex Limited)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKCU Version:  - Akamai Technologies, Inc)
Apple Software Update (x32 Version: 2.0.2.92 - Apple Inc.)
Arc (x32 Version: 1.0.0.5510 - Perfect World Entertainment)
ArcSoft ShowBiz (x32 Version:  - ArcSoft)
Asmedia ASM104x USB 3.0 Host Controller Driver (x32 Version: 1.14.3.0 - Asmedia Technology)
ATI Catalyst Install Manager (Version: 3.0.762.0 - ATI Technologies, Inc.)
Audacity 2.0.3 (x32 Version: 2.0.3 - Audacity Team)
Aura Kingdom (x32 Version:  - )
Battlefield 3™ (x32 Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (x32 Version: 2.1.7 - EA Digital Illusions CE AB)
BlueJ (x32 Version: 3.1.0 - BlueJ Team)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
Camtasia Studio 8 (x32 Version: 8.1.2.1327 - TechSmith Corporation)
Crysis 2 Maximum Edition (x32 Version:  - Crytek Studios)
Cube World version 0.0.1 (x32 Version: 0.0.1 - Picroma)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Deponia (x32 Version:  - Daedalic Entertainment)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
Die Sims™ 3 (x32 Version: 1.55.4 - Electronic Arts)
Die Sims™ 3 Late Night (x32 Version: 6.5.1 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (x32 Version: 3.0.38 - Electronic Arts)
DocMgr (x32 Version: 130.0.000.000 - Ihr Firmenname) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Don't Starve (x32 Version:  - Klei Entertainment)
Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.)
Edna & Harvey: Harvey's New Eyes (x32 Version:  - Daedalic Entertainment)
EPU-4 Engine (x32 Version: 1.02.01 - )
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESN Sonar (x32 Version: 0.70.4 - ESN Social Software AB)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Fiesta Online DE 1.04.113 (x32 Version: 1.04.113 - Gamigo games)
FINAL FANTASY VII (x32 Version:  - Square Enix)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fraps (remove only) (x32 Version:  - )
Garry's Mod (x32 Version:  - Garry)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GIMP 2.8.4 (Version: 2.8.4 - The GIMP Team)
Google Chrome (x32 Version: 32.0.1700.76 - Google Inc.)
Google Chrome Frame (x32 Version: 65.119.71 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hauppauge Device Central (x32 Version: 1.1.31038 - Hauppauge Computer Works, Inc.)
HP Customer Participation Program 13.0 (Version: 13.0 - HP)
HP Document Manager 2.0 (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (Version: 13.0 - HP)
HP Officejet 4500 G510g-m (Version: 13.0 - HP)
HP Smart Web Printing 4.5 (Version: 4.5 - HP)
HP Solution Center 13.0 (Version: 13.0 - HP)
HP Update (x32 Version: 4.000.011.006 - Hewlett-Packard)
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Java 7 Update 40 (64-bit) (Version: 7.0.400 - Oracle)
Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 40 (64-bit) (Version: 1.7.0.400 - Oracle)
Journey of a Roach (x32 Version:  - Koboldgames)
LAME v3.99.3 (for Windows) (x32 Version:  - )
League of Legends (x32 Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (x32 Version:  - Valve)
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.45 (Version: 8.45.88 - Logitech Inc.)
Logitech Webcam-Software (x32 Version: 2.51 - Logitech Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.109 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.109 - LogMeIn, Inc.) Hidden
LWS Facebook (x32 Version: 13.50.854.0 - Logitech) Hidden
LWS Gallery (x32 Version: 13.51.827.0 - Logitech) Hidden
LWS Help_main (x32 Version: 13.51.828.0 - Logitech) Hidden
LWS Launcher (x32 Version: 13.51.828.0 - Logitech) Hidden
LWS Motion Detection (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS Pictures And Video (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS Twitter (x32 Version: 13.30.1346.0 - Logitech) Hidden
LWS Webcam Software (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS WLM Plugin (x32 Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (x32 Version: 13.31.1038.0 - Logitech) Hidden
Magicka (x32 Version:  - Arrowhead Game Studios)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (x32 Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 3.1 (x32 Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (x32 Version: 4.0.20823.0 - Microsoft Corporation)
Mirror's Edge (x32 Version:  - DICE)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1 - Mozilla)
Mozilla Maintenance Service (x32 Version: 23.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
Multimedia Fusion 2 (x32 Version:  - )
Natural Selection 2 (x32 Version:  - Unknown Worlds Entertainment)
Network64 (Version: 130.0.550.000 - Hewlett-Packard) Hidden
Notepad++ (x32 Version: 6.3.2 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 331.82 (Version: 331.82 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 331.82 (Version: 331.82 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.7.1 (Version: 1.7.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.82 (Version: 331.82 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.141.953 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA ShadowPlay 9.3.21 (Version: 9.3.21 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3182 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 331.82 (Version: 331.82 - NVIDIA Corporation) Hidden
NVIDIA Update 9.3.21 (Version: 9.3.21 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 9.3.21 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.9 (Version: 1.2.9 - NVIDIA Corporation)
OCR Software by I.R.I.S. 13.0 (Version: 13.0 - HP)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593 - Apache Software Foundation)
Orcs Must Die! 2 (x32 Version:  - Robot Entertainment)
Origin (x32 Version: 9.3.1.4482 - Electronic Arts, Inc.)
osu! (x32 Version: 0.0.0.0 - peppy)
Paint.NET v3.5.10 (Version: 3.60.0 - dotPDN LLC)
Pando Media Booster (x32 Version: 2.6.0.7 - Pando Networks Inc.)
Path of Exile (x32 Version:  - Grinding Gear Games)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Portal 2 (x32 Version:  - Valve)
PSPad editor (x32 Version: 4.5.7.2450 - Jan Fiala)
PunkBuster Services (x32 Version: 0.991 - Even Balance, Inc.)
QuickTime (x32 Version: 7.4.1.14 - Apple Inc.)
Realtek Ethernet Controller Driver (x32 Version: 7.52.203.2012 - Realtek)
RGSS-RTP Standard (x32 Version: 1.0.0 - Enterbrain)
RPGXP (x32 Version: 1.0.0 - Enterbrain)
S4 League_EU (x32 Version: 1.00.0000 - )
Sandboxie 4.06 (64-bit) (Version: 4.06 - Sandboxie Holdings, LLC)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Serious Sam 3: BFE (x32 Version:  - Croteam)
SHIELD Streaming (Version: 1.6.53 - NVIDIA Corporation) Hidden
Shop for HP Supplies (Version: 13.0 - HP)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sonic Generations (x32 Version:  - Devil's Details)
SpeedFan (remove only) (x32 Version:  - )
Spybot - Search & Destroy (x32 Version: 2.1.21 - Safer-Networking Ltd.)
Starbound (x32 Version:  - )
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
Steam Trading Card Beta Access (x32 Version:  - )
Streaming Video Recorder V4.3.4 (Version: 4.3.4 - Apowersoft)
Synthesia (x32 Version: 8.5 - Synthesia LLC)
TeamSpeak 3 Client (HKCU Version: 3.0.13.1 - TeamSpeak Systems GmbH)
TeamViewer 8 (x32 Version: 8.0.19617 - TeamViewer)
Terraria (x32 Version:  - Re-Logic)
The Binding of Isaac (x32 Version:  - )
The Dark Eye: Chains of Satinav (x32 Version:  - Daedalic Entertainment)
Tiled - Tiled Map Editor (x32 Version:  - )
Tinypic 3.18 (x32 Version: Tinypic 3.18 - E. Fiedler)
Toki Tori 2+ (x32 Version:  - Two Tribes)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
UltraStar Deluxe (x32 Version: 1.1 - USDX Team)
Vegas Pro 12.0 (64-bit) (Version: 12.0.670 - Sony)
VLC media player 2.1.2 (Version: 2.1.2 - VideoLAN)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinRAR 4.20 (64-Bit) (Version: 4.20.0 - win.rar GmbH)
XMedia Recode Version 3.1.7.7 (x32 Version: 3.1.7.7 - XMedia Recode)
YGOPro DevPro Version 1.9.7 r2 (x32 Version: 1.9.7 r2 - YGOPro DevPro Online)

==================== Restore Points  =========================

08-01-2014 14:46:22 Windows Update
10-01-2014 13:00:37 Removed Aeria Ignite
11-01-2014 17:02:53 Windows Update
12-01-2014 13:15:34 Removed Aeria Ignite
15-01-2014 21:25:00 Windows Update
19-01-2014 00:55:55 Windows Update
21-01-2014 15:00:22 Installed Java 7 Update 51

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0D6EA92C-3C2A-4300-AE9A-F37058E14B17} - System32\Tasks\{7F948C6B-FCF2-430E-A2A3-B5F5CB5A20BA} => C:\Program Files (x86)\TechSmith\Camtasia Studio 8\CamtasiaStudio.exe [2013-07-19] (TechSmith Corporation)
Task: {15BDB095-144C-40F5-83A8-4FFCCADBB0B8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: {1785CAD4-18EA-444A-ABB8-D0664DD336AB} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {5D4C1132-3678-4FF9-81DE-9E1C567B9491} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {780F1D87-FAF8-4EAA-B374-3A14CB8A981D} - System32\Tasks\{EFD1FA81-6965-438F-902B-EAAD4B237947} => C:\Program Files (x86)\TechSmith\Camtasia Studio 8\CamtasiaStudio.exe [2013-07-19] (TechSmith Corporation)
Task: {8F170027-CE36-4D2B-97DB-398C7EFD8CC6} - System32\Tasks\Wettbewerbsanmeldung und Prüfung
Task: {CA4E05B6-820C-4901-A5BB-DE13E6AFE5F7} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {CC12DB1D-1064-41E9-BB1A-0CD84C11313C} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe [2010-02-03] (ASUSTeK Computer Inc.)
Task: {E4B5F108-63B7-409C-9270-45CE49D96207} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {F6765F7D-EBD0-4876-8641-9778590355A0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-23] (Google Inc.)
Task: {F70C37A9-B3BF-4FC1-93DD-A21BF126ACE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-23] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-11-16 16:42 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-11-16 16:42 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-11-16 16:42 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-11-16 16:42 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-11-16 16:42 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-04-24 16:58 - 2009-03-19 21:35 - 00208896 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\AiNap.dll
2013-04-24 16:58 - 2009-03-19 21:35 - 00008704 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\vvc.dll
2013-04-24 16:58 - 2009-01-15 13:55 - 00565248 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll
2014-01-08 15:37 - 2013-12-12 23:19 - 00142848 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-01-08 15:37 - 2013-11-05 02:12 - 00890592 _____ () C:\Program Files (x86)\Steam\libavutil-52.dll
2013-03-25 13:23 - 2013-12-12 23:04 - 00716800 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2013-04-19 12:10 - 2014-01-07 22:00 - 01138088 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-03-26 15:16 - 2013-12-12 23:04 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2012-12-11 08:51 - 2013-06-15 00:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2012-12-11 08:51 - 2013-06-15 00:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2012-12-11 08:51 - 2013-06-15 00:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\Fabio\AppData\Roaming\Dropbox\bin\libcef.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 02144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 07955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 00341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 00028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 00127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2012-09-12 23:39 - 2012-09-12 23:39 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2014-01-15 18:23 - 2014-01-11 11:28 - 00715544 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\libglesv2.dll
2014-01-15 18:23 - 2014-01-11 11:28 - 00100120 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\libegl.dll
2014-01-15 18:23 - 2014-01-11 11:29 - 04055320 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll
2014-01-15 18:23 - 2014-01-11 11:29 - 00399640 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll
2014-01-15 18:23 - 2014-01-11 11:28 - 01634584 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/22/2014 09:29:50 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/22/2014 01:58:52 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/22/2014 08:28:38 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/21/2014 06:30:20 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/21/2014 03:52:53 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/21/2014 00:23:37 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/20/2014 01:04:57 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/19/2014 06:04:14 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/19/2014 09:51:15 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/19/2014 01:45:52 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: SDTray.exe, Version: 2.1.21.129, Zeitstempel: 0x51f0ed9e
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0x80000004
Fehleroffset: 0x003b9006
ID des fehlerhaften Prozesses: 0x8c4
Startzeit der fehlerhaften Anwendung: 0xSDTray.exe0
Pfad der fehlerhaften Anwendung: SDTray.exe1
Pfad des fehlerhaften Moduls: SDTray.exe2
Berichtskennung: SDTray.exe3


System errors:
=============
Error: (01/22/2014 09:29:51 PM) (Source: Microsoft-Windows-WHEA-Logger) (User: NT-AUTORITÄT)
Description: Schwerwiegender Hardwarefehler.

Komponente: AMD Northbridge
Fehlerquelle: 3
Fehlertyp: 7
Prozessor-ID: 0

Die Detailansicht dieses Eintrags beinhaltet weitere Informationen.

Error: (01/22/2014 09:29:27 PM) (Source: BugCheck) (User: )
Description: 0x00000124 (0x0000000000000000, 0xfffffa80050138f8, 0x0000000000000000, 0x0000000000000000)C:\Windows\Minidump\012214-20607-01.dmp012214-20607-01

Error: (01/22/2014 09:29:26 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎22.‎01.‎2014 um 21:28:24 unerwartet heruntergefahren.

Error: (01/21/2014 06:30:48 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80004005

Error: (01/21/2014 03:52:55 PM) (Source: Microsoft-Windows-WHEA-Logger) (User: NT-AUTORITÄT)
Description: Schwerwiegender Hardwarefehler.

Komponente: AMD Northbridge
Fehlerquelle: 3
Fehlertyp: 7
Prozessor-ID: 0

Die Detailansicht dieses Eintrags beinhaltet weitere Informationen.

Error: (01/21/2014 03:52:27 PM) (Source: BugCheck) (User: )
Description: 0x00000124 (0x0000000000000000, 0xfffffa80050028f8, 0x0000000000000000, 0x0000000000000000)C:\Windows\Minidump\012114-15880-01.dmp012114-15880-01

Error: (01/21/2014 03:52:26 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎21.‎01.‎2014 um 15:51:07 unerwartet heruntergefahren.

Error: (01/20/2014 01:10:26 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (01/20/2014 01:05:58 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (01/20/2014 01:05:57 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.


Microsoft Office Sessions:
=========================
Error: (01/22/2014 09:29:50 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/22/2014 01:58:52 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/22/2014 08:28:38 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/21/2014 06:30:20 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/21/2014 03:52:53 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/21/2014 00:23:37 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/20/2014 01:04:57 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/19/2014 06:04:14 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/19/2014 09:51:15 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/19/2014 01:45:52 AM) (Source: Application Error)(User: )
Description: SDTray.exe2.1.21.12951f0ed9eunknown0.0.0.00000000080000004003b90068c401cf14afb0e6cc65C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exeunknown0bf2f240-80a3-11e3-8d67-08606e7a981c

schrauber 23.01.2014 19:21
F8 drücken beim Hochfahren als wenn du in den Safe Mode willst. Wähle

Automatischen Neustart bei Systemfehler deaktivieren.

Jetzt sollte beim nächsten mal ein bluescreen kommen.

Lionight 01.02.2014 18:55
Irgendwie klappt das mit F8 nicht, ich lande nur auf einer Auswahl von wo ich booten möchte :/

schrauber 02.02.2014 07:18
Dann wähle Festplatte und drück direkt wieder mehrfach F8 :)

Lionight 08.02.2014 19:40
Okay habs jetzt öfters versucht.

Dann hat sich mein Pc nen anderen Weg gesucht er macht zwar kein Neustart mehr, aber er reagiert nicht mehr und fährt weder herunter noch bekomm ich ein Bluescreen.

Jetzt vor paar Minuten ist der PC komplett ausgegangen und ging nicht mehr bis ich ihn von Strom genommen habe und wieder angeschlossen habe.

Beim Booten ist er dann nochmals abgestürtzt und dabei kam diese Nachricht:

Power empty surges detected during the previous power on
ASUS Anti-Surge was triggered to protect system from unstable power
Press F1 to Run SETUP
Press F2 to load default values and continue.

ich hab dann F2 gedrückt.

schrauber 09.02.2014 16:37
Schau mal in den Ordner C:\Windows\Minidump ob dort Dumpfiles liegen.

Lionight 09.02.2014 19:16
Ja da sind 37 dumpfiles in dem Ordner

schrauber 10.02.2014 16:24
das aktuellste bitte zippen und anhängen.

Lionight 10.02.2014 17:20
So die aktuellste die ich gefunden habe ist vom 8.2.14
und ist im Anhang

schrauber 11.02.2014 11:49
Bitte schick mir heut Abend ne PM, ich kann auf Arbeit keine Anhänge öffnen.

Lionight 13.02.2014 12:12
So hab mal jetzt nen weiteren Dmp file
Dieses mal von vor 2 Tagen. Hoffe es klappt.

Lg Lionight

schrauber 14.02.2014 10:54
Schalt mal bitte noch den automatischen NEustart bei Systemfehler ab.


Alle Zeitangaben in WEZ +1. Es ist jetzt 21:16 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131