| |
| |||||||
Log-Analyse und Auswertung: Firefox öfnnet mehrer Tabs, Downloads schlagen fehl, Microsoft Security hat keine VerbindungWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
17.03.2014, 23:09
| #1 |
 |  Firefox öfnnet mehrer Tabs, Downloads schlagen fehl, Microsoft Security hat keine Verbindung Guten Abend. Habe mich gerade erst hier registriert und schon fange ich an euch zu quälen :S. Vorweg muss ich gleich zu beginn gestehen dass ich ein Computerbanause bin. Habe mir hier mal durchgelesen was es zu tun gibt bevor ich ein Problem melde und hoffe, dass ich dem zu genüge nachkomme. Ich habe seit heute Vormittag das Problem, dass sich permanent neue Tabs im Firefox öffnen. Dachte mir da anfangs noch nichts bis mir dann auffiehl, dass auch häufig downloads fehlschlagen. zudem kommt noch hinzu dass mein Microsoft Security Center nicht mehr standartmößig startet und wenn ich es dann starte, hat es keine Verbindung zu "Viren und Malewarescan". Auf meinem PC läuft Windows 7 und es ist ein 64bit System. Intel i5 und nutze eine Lan Verbindung. Keine Ahnung ob ich sowas angeben soll, aber schaden wird es hoffentlich nicht. Hier die 3 Log-Files: defogger_disable by jpshortstuff (23.02.10.1) Log created at 22:47 on 17/03/2014 (Patrick) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... -=E.O.F=- Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014 Ran by Patrick at 2014-03-17 22:48:49 Running from E:\Benutzer\Patrick\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} ==================== Installed Programs ====================== 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated) Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated) Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated) Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated) Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version: - DownloadHelper) Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) DDS Thumbnail Viewer (HKLM-x32\...\{2205B8AE-490E-43F2-AB43-C13C2BEC86A7}) (Version: 1.00.000 - ) Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BED39C88-768C-4345-BF11-58436C984F2A}) (Version: - Microsoft) ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB) GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden GRID 2 Incl. All DLCs MULTI-8 v.1.0.85.8679 (HKLM-x32\...\GRID 2 Incl. All DLCs MULTI-8 v.1.0.85.8679) (Version: - ) GTR 2 1.0.0.0 (HKLM-x32\...\{D560A981-FEB3-42F0-A61A-13E9528E0C51}_is1) (Version: v1.0.0.0 - 10tacle Studios Publishing AG) GTR Evolution (HKLM-x32\...\GTR Evolution_1.1.1.2_is1) (Version: - SimBin) HLSW v1.4.0.2 (HKLM-x32\...\HLSW_is1) (Version: - Stripf Software) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.30.1349 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation) Intel® Trusted Connect Service Client (Version: 1.27.757.1 - Intel Corporation) Hidden iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.) Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH) KaloMa 5.00beta20100607 (HKLM-x32\...\KaloMa_is1) (Version: - Frank Böpple) Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Access MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft DCF MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Excel MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Groove MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Lync MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft OneNote MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Outlook MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Publisher MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.4.304.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Word MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden MoTeC i2 Pro (HKLM-x32\...\{D5ABB8E2-2417-43C2-AB32-911697B5E00A}) (Version: 2.00.0994 - MoTeC) Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla) NVIDIA 3D Vision Controller-Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 334.89 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 334.89 - NVIDIA Corporation) NVIDIA DDS Utilities (HKLM-x32\...\{64963F0E-03F2-4B59-8D1B-1806545E7092}) (Version: 1.0 - ) NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation) NVIDIA Grafiktreiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 334.89 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Photoshop Plug-ins (HKLM-x32\...\{23F79416-CAD1-41BF-99A3-040F6C814AAA}) (Version: 8.50 - ) NVIDIA Photoshop Plug-ins 64 bit (HKLM-x32\...\{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}) (Version: 8.50 - ) NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA ShadowPlay 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3489 - NVIDIA Corporation) Hidden NVIDIA Systemsteuerung 334.89 (Version: 334.89 - NVIDIA Corporation) Hidden NVIDIA Texture Tools 2 - 64 bit (HKLM-x32\...\{65C967FA-29D8-4A5F-99C5-BC9AF1F8F9D2}) (Version: 2.0 - ) NVIDIA Update 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden NVIDIA Update Core (Version: 11.10.11 - NVIDIA Corporation) Hidden NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation) OTPService (HKLM-x32\...\{B05F7750-8800-4520-9732-9C841246C8E2}_is1) (Version: 1.0.004 - MSI) Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.208 - Qualcomm Atheros Communications) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.67.1226.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6823 - Realtek Semiconductor Corp.) Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{17528CE4-C333-48FB-A9E4-D841E795CDCE}) (Version: 3.0.23.0 - Renesas Electronics Corporation) Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 3.0.23.0 - Renesas Electronics Corporation) Hidden SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.) SkyTest® Trainingssoftware für Fluglotsen-Eignungstests (HKLM-x32\...\SkyTest® Trainingssoftware für Fluglotsen-Eignungstests_is1) (Version: - SkyTest®) Source SDK Base 2006 (HKLM-x32\...\Steam App 215) (Version: - Valve) Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH) TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.24951 - TeamViewer) TrackMania United (HKLM-x32\...\Steam App 7200) (Version: - Nadeo) UltraISO Premium V9.6 (HKLM-x32\...\UltraISO_is1) (Version: - ) Update for Microsoft Access 2013 (KB2768008) 64-Bit Edition (HKLM\...\{90150000-0015-0407-1000-0000000FF1CE}_Office15.PROPLUS_{47F15B72-AB15-4B81-BDB8-28B204596EB7}) (Version: - Microsoft) Update for Microsoft Access 2013 (KB2827233) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{614E655F-A0ED-435A-8E0C-A81EE4BA7BC7}) (Version: - Microsoft) Update for Microsoft InfoPath 2013 (KB2837648) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5E759A69-FA72-4B3C-BE2F-D1194764D31E}) (Version: - Microsoft) Update for Microsoft Lync 2013 (KB2817678) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{237834D6-FA98-44E1-8739-ABD56DDADC59}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{43EB1F58-DAA0-4F61-A4EE-C5651F85A047}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{43EB1F58-DAA0-4F61-A4EE-C5651F85A047}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{76CACE05-7A19-4EAC-87D7-5BFF63AF7CDF}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{76CACE05-7A19-4EAC-87D7-5BFF63AF7CDF}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{79469196-F138-4CF0-8681-F1889D53B56B}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2738038) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{FEFF9FF6-FF61-455E-A8CC-3A1311A657AD}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3FF4EA9F-3505-4726-A974-6593A968FFCC}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2760242) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9406D70B-2D9C-4613-A75A-F35B66BA8AFA}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2760267) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CA390537-AA88-450F-A240-5FB4648A124A}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2760539) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C8D57F4A-0824-4043-89E7-3C6280B67A47}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2760553) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AC4470FB-8011-4F16-B5D4-E0A34DE10C87}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D8B3D175-48B8-413F-8484-4D81E744B51C}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{526C9E5A-A734-4DC0-B829-ED1CDE793C6B}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8587E5B1-6279-4396-B9AC-20B334F4FF88}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{30C13416-B124-46AB-9E44-96CEFFA893F9}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2817314) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C809B1D6-BD31-4496-BCFE-4567E0854F5F}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{4FD8F672-3206-469C-B9F0-D6E72F7ACAB2}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{1A789784-5825-4B26-BB57-71FF7D3484CB}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{856D47BC-036C-4692-8702-D6CCA8F428D0}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CA0554C4-62FE-4F66-BC87-1EE1EAC675EF}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CA0554C4-62FE-4F66-BC87-1EE1EAC675EF}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2817626) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F33ABF6A-3007-47E8-8E38-506A18E54641}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2826004) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{B38036CB-BAF6-41D4-8810-FD016453ABB9}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2827225) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{2A286156-257B-4528-9DB5-B4D4D53211BC}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}_Office15.PROPLUS_{B5E3E636-7913-4775-BC9B-E4B56F4ED73B}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{92833C80-DC88-4A22-8630-407F810EF57B}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{602346D6-8E2F-4B0E-820A-CD62AC5B0DC9}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-0410-1000-0000000FF1CE}_Office15.PROPLUS_{869B93B9-E75A-44DE-8AC5-A030A7A21FDD}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2827230) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F2187E8D-C68A-4655-8551-1932878A5581}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9353CD85-4B19-45C4-8DBA-1391926351F6}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9353CD85-4B19-45C4-8DBA-1391926351F6}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2837626) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6EE51F51-57B1-4DC7-96C2-857DB7F0BE93}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2837637) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0A90C645-3F9A-4CF9-BF62-2609602E3DAB}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2837638) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3A48DE63-607B-4FEA-A862-B52669C4433C}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C4B559C7-AA71-4B77-ACA3-50BEA8B4241B}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{34F51E79-0110-4B49-A245-81319F58453E}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C4B559C7-AA71-4B77-ACA3-50BEA8B4241B}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2850066) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{000791D2-642D-418E-A3E9-96E72D8C67B8}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2850066) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{000791D2-642D-418E-A3E9-96E72D8C67B8}) (Version: - Microsoft) Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CF6FBF49-BE22-4B98-9D7D-CB2A3236BC44}) (Version: - Microsoft) Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (HKLM\...\{90150000-00A1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{05D8C7F6-9A93-4925-B2B3-7D6507AD2FC9}) (Version: - Microsoft) Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CF6FBF49-BE22-4B98-9D7D-CB2A3236BC44}) (Version: - Microsoft) Update for Microsoft Outlook 2013 (KB2863911) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{DF3798F3-F45C-44DA-83B7-229A9EBC9654}) (Version: - Microsoft) Update for Microsoft Outlook 2013 (KB2863911) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUS_{DAEE93F9-D258-45E4-AFD3-12AC5ED04693}) (Version: - Microsoft) Update for Microsoft PowerPoint 2013 (KB2767850) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6FF949A3-1C3F-41C2-9464-933E885ECB53}) (Version: - Microsoft) Update for Microsoft PowerPoint 2013 (KB2767850) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUS_{CA014CB4-B26F-4D27-BF26-C994CC3428E5}) (Version: - Microsoft) Update for Microsoft Project 2013 (KB2727085) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BBD4F4CE-65D4-4CEB-AE19-E5296A57AA6C}) (Version: - Microsoft) Update for Microsoft Publisher 2013 (KB2837635) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{2837C624-A972-43CF-BCE5-0AE2EFED72E3}) (Version: - Microsoft) Update for Microsoft Publisher 2013 (KB2837635) 64-Bit Edition (HKLM\...\{90150000-0019-0407-1000-0000000FF1CE}_Office15.PROPLUS_{E9172003-60C1-447B-9569-7AA9FADE26B0}) (Version: - Microsoft) Update for Microsoft SkyDrive Pro (KB2817495) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A3417E9E-5B94-4BFF-AAA4-933B1AE46306}) (Version: - Microsoft) Update for Microsoft SkyDrive Pro (KB2817495) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A3417E9E-5B94-4BFF-AAA4-933B1AE46306}) (Version: - Microsoft) Update for Microsoft SkyDrive Pro (KB2837652) 64-Bit Edition (HKLM\...\{90150000-00BA-0407-1000-0000000FF1CE}_Office15.PROPLUS_{AAB7E20E-E896-495E-AD19-1A0EF515DCED}) (Version: - Microsoft) Update for Microsoft SkyDrive Pro (KB2837652) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{AAB7E20E-E896-495E-AD19-1A0EF515DCED}) (Version: - Microsoft) Update for Microsoft Visio 2013 (KB2817306) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F16E7B82-23FE-4054-AB73-EAE53965251C}) (Version: - Microsoft) Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D1F1940B-94DF-4DCB-BF82-9530D7FBB1BF}) (Version: - Microsoft) Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUS_{A96FBD56-0376-465E-8A60-7E73B9C51658}) (Version: - Microsoft) Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{A96FBD56-0376-465E-8A60-7E73B9C51658}) (Version: - Microsoft) Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{A96FBD56-0376-465E-8A60-7E73B9C51658}) (Version: - Microsoft) VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN) Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation) WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) ==================== Restore Points ========================= 12-03-2014 20:56:15 Windows Update 12-03-2014 21:58:14 Windows Update 13-03-2014 17:32:57 Installed MoTeC i2 Pro. 13-03-2014 17:52:31 Windows Update 17-03-2014 09:43:10 Windows Modules Installer 17-03-2014 10:41:47 DirectX wurde installiert 17-03-2014 13:25:37 Windows Update ==================== Scheduled Tasks (whitelisted) ============= Task: {0ADD71A4-93DE-45DD-8593-CEB1811C3362} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Patrick-PC-Patrick Patrick-PC => E:\Program Files\Microsoft Office\Office15\MsoSync.exe [2013-09-10] (Microsoft Corporation) Task: {983B36C0-7AEE-4374-83C5-FA4BB9062996} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-17] (Adobe Systems Incorporated) Task: {B51570BD-7BC5-4F7A-A900-7BFE55BA71D6} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============= 2013-12-21 10:24 - 2014-02-08 18:42 - 00117024 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2013-12-18 05:12 - 2012-04-12 19:59 - 00252432 _____ () C:\Program Files (x86)\MSI\OTPService\OTPService.exe 2013-12-20 14:29 - 2013-12-20 14:29 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2014-03-17 09:53 - 2014-02-13 01:52 - 05861376 _____ () C:\{$7093-3599-3146-6724$}\winreg.exe 2012-08-31 16:44 - 2012-08-31 16:44 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll 2012-08-31 16:38 - 2012-08-31 16:38 - 00020992 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\de-DE\BtTray.de-DE.dll 2013-09-13 19:51 - 2013-09-13 19:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2013-09-13 19:51 - 2013-09-13 19:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2014-02-14 13:52 - 2014-02-14 13:52 - 03578992 _____ () E:\Program Files (x86)\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\ProgramData\TEMP:373E1720 ==================== Safe Mode (whitelisted) =================== ==================== Disabled items from MSCONFIG ============== ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Atheros AR9271 Wireless Network Adapter Description: Atheros AR9271 Wireless Network Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Atheros Communications Inc. Service: athur Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (03/17/2014 10:48:46 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/17/2014 10:35:21 PM) (Source: System Restore) (User: ) Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\Setup.exe Files\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\Setup.exe" -Embedding; Beschreibung = Configured Microsoft Office Professional Plus 2013; Fehler = 0x8007043c). Error: (03/17/2014 10:35:03 PM) (Source: System Restore) (User: ) Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\Setup.exe Files\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\Setup.exe" -Embedding; Beschreibung = Configured Microsoft Office Professional Plus 2013; Fehler = 0x8007043c). Error: (03/17/2014 10:31:12 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/17/2014 10:20:45 PM) (Source: Windows Search Service) (User: ) Description: Fehler beim Erstellen des neuen Suchindex durch Windows Search. Interner Fehler <4, 0xc0041800, Fehler beim Hinzufügen des Projekts: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>. Error: (03/17/2014 10:20:45 PM) (Source: Windows Search Service) (User: ) Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet. Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (03/17/2014 10:20:45 PM) (Source: Windows Search Service) (User: ) Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=4700} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben. Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (03/17/2014 10:20:45 PM) (Source: Windows Search Service) (User: ) Description: Der Jet-Eigenschaftenspeicher kann von Windows Search nicht geöffnet werden. Details: 0x%08x (0xc0041800 - Die Inhaltsindexdatenbank ist fehlerhaft. (HRESULT : 0xc0041800)) Error: (03/17/2014 10:20:45 PM) (Source: ESENT) (User: ) Description: Windows (4284) Windows: Neue Protokolldatei konnte nicht erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1811. Error: (03/17/2014 10:20:45 PM) (Source: ESENT) (User: ) Description: Windows (4284) Windows: Versuch, Datei "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSStmp.log" nach "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log" zu verschieben, ist mit Systemfehler 2 (0x00000002): "Das System kann die angegebene Datei nicht finden. " fehlgeschlagen. Fehler -1811 (0xfffff8ed) beim Verschieben von Dateien. System errors: ============= Error: (03/17/2014 10:46:58 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT) Description: Fehler beim Lesen der Datei für lokale Hosts. Error: (03/17/2014 10:46:58 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT) Description: Fehler beim Lesen der Datei für lokale Hosts. Error: (03/17/2014 10:46:57 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT) Description: Fehler beim Lesen der Datei für lokale Hosts. Error: (03/17/2014 10:46:55 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT) Description: Fehler beim Lesen der Datei für lokale Hosts. Error: (03/17/2014 10:46:54 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Microsoft-Netzwerkinspektion" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (03/17/2014 10:46:54 PM) (Source: Microsoft Antimalware) (User: ) Description: Vom Echtzeitschutz-Feature von %%860 wurde ein Fehler festgestellt Feature: %%886 Fehlercode: 0x80070002 Fehlerbeschreibung: Das System kann die angegebene Datei nicht finden. Grund: %%892 Error: (03/17/2014 10:46:53 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT) Description: Fehler beim Lesen der Datei für lokale Hosts. Error: (03/17/2014 10:46:52 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT) Description: Fehler beim Lesen der Datei für lokale Hosts. Error: (03/17/2014 10:39:19 PM) (Source: Microsoft Antimalware) (User: ) Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt. Neue Signaturversion: Vorherige Signaturversion: 1.167.2092.0 Aktualisierungsquelle: %NT-AUTORITÄT59 Aktualisierungsphase: 4.4.0304.00 Quellpfad: 4.4.0304.01 Signaturtyp: %NT-AUTORITÄT602 Aktualisierungstyp: %NT-AUTORITÄT604 Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: %NT-AUTORITÄT605 Vorherige Modulversion: %NT-AUTORITÄT606 Fehlercode: %NT-AUTORITÄT607 Fehlerbeschreibung: %NT-AUTORITÄT608 Error: (03/17/2014 10:35:03 PM) (Source: DCOM) (User: ) Description: 1084MSIServer{000C101C-0000-0000-C000-000000000046} Microsoft Office Sessions: ========================= Error: (03/17/2014 10:48:46 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/17/2014 10:35:21 PM) (Source: System Restore)(User: ) Description: C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\Setup.exe Files\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\Setup.exe" -EmbeddingConfigured Microsoft Office Professional Plus 20130x8007043c Error: (03/17/2014 10:35:03 PM) (Source: System Restore)(User: ) Description: C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\Setup.exe Files\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\Setup.exe" -EmbeddingConfigured Microsoft Office Professional Plus 20130x8007043c Error: (03/17/2014 10:31:12 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/17/2014 10:20:45 PM) (Source: Windows Search Service)(User: ) Description: 40xc0041800Fehler beim Hinzufügen des Projekts: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects Error: (03/17/2014 10:20:45 PM) (Source: Windows Search Service)(User: ) Description: Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) The catalog is corrupt Error: (03/17/2014 10:20:45 PM) (Source: Windows Search Service)(User: ) Description: Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) 4700 Error: (03/17/2014 10:20:45 PM) (Source: Windows Search Service)(User: ) Description: Details: 0x%08x (0xc0041800 - Die Inhaltsindexdatenbank ist fehlerhaft. (HRESULT : 0xc0041800)) Error: (03/17/2014 10:20:45 PM) (Source: ESENT)(User: ) Description: Windows4284Windows: -1811 Error: (03/17/2014 10:20:45 PM) (Source: ESENT)(User: ) Description: Windows4284Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSStmp.logC:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log-1811 (0xfffff8ed)2 (0x00000002)Das System kann die angegebene Datei nicht finden. ==================== Memory info =========================== Percentage of memory in use: 12% Total physical RAM: 16329.78 MB Available physical RAM: 14262.54 MB Total Pagefile: 32657.73 MB Available Pagefile: 30406.89 MB Total Virtual: 8192 MB Available Virtual: 8191.79 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:111.69 GB) (Free:48.47 GB) NTFS Drive e: () (Fixed) (Total:372.61 GB) (Free:85.63 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 86E2C739) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=112 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 373 GB) (Disk ID: 00000001) Partition 1: (Not Active) - (Size=373 GB) - (Type=42) ==================== End Of Log ============================ Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 Ran by Patrick (administrator) on PATRICK-PC on 17-03-2014 22:48:33 Running from E:\Benutzer\Patrick\Downloads Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 8 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe () C:\Program Files (x86)\MSI\OTPService\OTPService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe (TeamViewer GmbH) E:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\{$7093-3599-3146-6724$}\winreg.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe (Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe (Apple Inc.) E:\Program Files (x86)\iTunes\iTunesHelper.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Microsoft Corporation) C:\Windows\SysWOW64\WScript.exe (Mozilla Corporation) E:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) c:\Program Files\Microsoft Security Client\MpCmdRun.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6963272 2013-01-15] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation) HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation) HKLM\...\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-31] (Atheros Communications) HKLM\...\Run: [BtTray] - C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764544 2012-08-31] (Qualcomm Atheros) HKLM\...\Run: [Start WingMan Profiler] - C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.) HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation) HKLM-x32\...\Run: [RUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [115048 2011-09-20] (Renesas Electronics Corporation) HKLM-x32\...\Run: [iTunesHelper] - E:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.) HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Windows Registry] - C:\{$7093-3599-3146-6724$}\winreg.exe -rundll32 /SYSTEM32 "C:\Windows\System32\taskmgr.exe" "C:\Program Files\Microsoft\Windows" HKU\S-1-5-21-3464895135-2213791737-1334037653-1000\...\Run: [AdobeBridge] - [X] HKU\S-1-5-21-3464895135-2213791737-1334037653-1000\...\CurrentVersion\Windows: [Load] C:\{$7093-3599-3146-6724$}\winreg.exe <===== ATTENTION HKU\S-1-5-21-3464895135-2213791737-1334037653-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 IFEO\avcenter.exe: [Debugger] nsjw.exe IFEO\avguard.exe: [Debugger] nsjw.exe IFEO\avp.exe: [Debugger] nsjw.exe IFEO\bdagent.exe: [Debugger] nsjw.exe IFEO\ccuac.exe: [Debugger] nsjw.exe IFEO\ComboFix.exe: [Debugger] nsjw.exe IFEO\egui.exe: [Debugger] nsjw.exe IFEO\hijackthis.exe: [Debugger] nsjw.exe IFEO\keyscrambler.exe: [Debugger] nsjw.exe IFEO\mbam.exe: [Debugger] nsjw.exe IFEO\NisSrv.exe: [Debugger] nsjw.exe IFEO\spybotsd.exe: [Debugger] nsjw.exe IFEO\wireshark.exe: [Debugger] nsjw.exe IFEO\zlclient.exe: [Debugger] nsjw.exe InternetURL: C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Windows Registry.url -> 0 ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7F8DFD71A9FBCE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKLM - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKLM-x32 - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKLM-x32 - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKCU - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKCU - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKCU - {4FC8E392-66B7-44FC-8F7D-618CE89C1E88} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=10871 SearchScopes: HKCU - {6776F026-253B-48A8-BE22-897FA4886E8B} URL = hxxp://search.findwide.com/serp?guid={666B3E8C-58E8-4170-BD1F-EA97304322A3}&action=default_search&serpv=22&k={searchTerms} BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - E:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKCU - No Name - {E8166F43-08B6-4CD6-A9AD-2416AE687F4E} - No File DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - E:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Hosts: Hosts file not detected in the default directory Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\ofu6ir9g.default FF user.js: detected! => C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\ofu6ir9g.default\user.js FF NewTab: user_pref("browser.newtab.url", ""); FF SearchEngineOrder.1: Google FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 - E:\PROGRA~4\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.1.1 - E:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.2 - E:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.3 - E:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.4 - E:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - E:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - E:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - E:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation) FF Extension: DownloadHelper [AU] - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\ofu6ir9g.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-01-19] FF Extension: YouTube High Definition - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\ofu6ir9g.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2014-01-26] FF Extension: Adblock Plus - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\ofu6ir9g.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-20] FF StartMenuInternet: FIREFOX.EXE - e:\program files (x86)\mozilla firefox\firefox.exe ==================== Services (Whitelisted) ================= R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [216192 2012-08-31] (Qualcomm Atheros Commnucations) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165336 2013-01-14] (Intel Corporation) R2 MSI_OTPService; C:\Program Files (x86)\MSI\OTPService\OTPService.exe [252432 2012-04-12] () R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation) S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-12-20] () R2 TeamViewer9; E:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [5341536 2013-12-17] (TeamViewer GmbH) S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X] ==================== Drivers (Whitelisted) ==================== R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2012-08-31] (Qualcomm Atheros) S3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46016 2012-08-16] () R1 ISODrive; E:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation) S3 NPF; C:\Windows\System32\drivers\npf.sys [40464 2009-08-05] (CACE Technologies) S3 NPF; C:\Windows\SysWOW64\drivers\npf.sys [34064 2009-08-05] (CACE Technologies) R3 NTIOLib_1_0_T; C:\Program Files (x86)\MSI\OTPService\NTIOLib_X64.sys [14136 2009-10-06] (MSI) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation) R3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation) R3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation) S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X] S3 MSICDSetup; \??\D:\CDriver64.sys [X] S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-03-17 22:48 - 2014-03-17 22:48 - 00000000 ____D () C:\FRST 2014-03-17 22:47 - 2014-03-17 22:47 - 00000000 ___RD () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2014-03-17 22:47 - 2014-03-17 22:47 - 00000000 _____ () C:\Users\Patrick\defogger_reenable 2014-03-17 14:24 - 2014-03-17 14:35 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\Sony 2014-03-17 11:45 - 2014-02-24 16:59 - 12296192 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-03-17 11:45 - 2014-02-24 16:59 - 09075712 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-03-17 11:45 - 2014-02-24 16:59 - 02458112 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-03-17 11:45 - 2014-02-24 16:59 - 01495040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-03-17 11:45 - 2014-02-24 16:59 - 01188864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-03-17 11:45 - 2014-02-24 16:59 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-03-17 11:45 - 2014-02-24 16:59 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-03-17 11:45 - 2014-02-24 16:59 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-03-17 11:45 - 2014-02-24 16:59 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-03-17 11:45 - 2014-02-24 16:59 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-03-17 11:45 - 2014-02-24 16:35 - 11020800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-03-17 11:45 - 2014-02-24 16:35 - 06041088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-03-17 11:45 - 2014-02-24 16:35 - 02078208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-03-17 11:45 - 2014-02-24 16:35 - 01232896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-03-17 11:45 - 2014-02-24 16:35 - 00981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-03-17 11:45 - 2014-02-24 16:35 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-03-17 11:45 - 2014-02-24 16:35 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-03-17 11:45 - 2014-02-24 16:35 - 00132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2014-03-17 11:45 - 2014-02-24 16:35 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-03-17 11:45 - 2014-02-24 16:35 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-03-17 11:45 - 2014-02-24 15:01 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-03-17 11:45 - 2014-02-24 14:39 - 01638912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-03-17 11:45 - 2013-12-10 03:28 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-03-17 11:45 - 2013-12-10 03:02 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-03-17 10:48 - 2012-06-16 06:15 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-03-17 10:48 - 2012-06-16 05:26 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2014-03-17 10:44 - 2014-03-17 10:44 - 00001421 _____ () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk 2014-03-17 09:55 - 2014-03-17 09:55 - 00000519 _____ () C:\Users\Patrick\AppData\Roaming\setting.ini 2014-03-17 09:54 - 2014-03-17 22:48 - 00139456 _____ () C:\Users\Patrick\AppData\Roaming\msconfig.ini 2014-03-17 09:54 - 2014-03-17 10:11 - 00000000 ___HD () C:\{$7093-3599-3146-6724$} 2014-03-17 09:54 - 2014-03-17 09:54 - 07651328 _____ (GetFLV) C:\Users\Patrick\AppData\Roaming\GetFLV.exe 2014-03-17 09:54 - 2014-03-17 09:54 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\tmp 2014-03-17 09:53 - 2014-02-13 01:52 - 05861376 __RSH (Apple Inc.) C:\ProgramData\575533705.exe 2014-03-17 09:47 - 2014-03-17 09:47 - 00000000 ____D () C:\Users\Patrick\Documents\Wondershare Player 2014-03-17 09:46 - 2014-03-17 09:46 - 00000000 ____D () C:\Users\Patrick\Documents\Wondershare Streaming Video Recorder 2014-03-17 09:46 - 2009-08-05 17:30 - 00240248 _____ (CACE Technologies) C:\Windows\SysWOW64\wpcap.dll 2014-03-17 09:46 - 2009-08-05 17:30 - 00240248 _____ (CACE Technologies) C:\Windows\system32\wpcap.dll 2014-03-17 09:46 - 2009-08-05 17:30 - 00088704 _____ (CACE Technologies) C:\Windows\SysWOW64\Packet.dll 2014-03-17 09:46 - 2009-08-05 17:30 - 00088704 _____ (CACE Technologies) C:\Windows\system32\Packet.dll 2014-03-17 09:46 - 2009-08-05 17:30 - 00053299 _____ () C:\Windows\SysWOW64\pthreadVC.dll 2014-03-17 09:46 - 2009-08-05 17:30 - 00053299 _____ () C:\Windows\system32\pthreadVC.dll 2014-03-17 09:46 - 2009-08-05 17:30 - 00040464 _____ (CACE Technologies) C:\Windows\system32\Drivers\npf.sys 2014-03-17 09:46 - 2009-08-05 17:30 - 00034064 _____ (CACE Technologies) C:\Windows\SysWOW64\Drivers\npf.sys 2014-03-15 15:47 - 2014-03-15 15:47 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 2014-03-13 21:41 - 2014-03-13 21:41 - 00000000 ____D () C:\Program Files\MoTeC 2014-03-13 21:39 - 2014-03-13 21:39 - 00000000 ____D () C:\ProgramData\MoTeC 2014-03-13 21:39 - 2014-03-13 21:39 - 00000000 ____D () C:\MoTeC 2014-03-13 18:32 - 2014-03-13 18:32 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Downloaded Installations 2014-03-13 09:15 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-03-13 09:15 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2014-03-13 09:15 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2014-03-13 09:15 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2014-03-13 09:14 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-03-13 09:14 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-03-13 09:14 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2014-03-13 09:14 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-03-09 20:25 - 2014-03-09 20:25 - 00000000 ____D () C:\Program Files\Logitech 2014-03-09 20:13 - 2014-03-09 20:13 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Logitech 2014-03-09 20:07 - 2014-03-09 20:07 - 00000000 ____D () C:\Program Files\Common Files\Logitech 2014-03-08 15:36 - 2014-03-08 15:36 - 00098304 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt.dll 2014-03-08 10:32 - 2014-03-08 10:32 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies 2014-03-08 10:32 - 2014-02-08 17:18 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2014-03-08 10:31 - 2014-02-08 19:34 - 31432480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2014-03-08 10:31 - 2014-02-08 19:34 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2014-03-08 10:31 - 2014-02-08 19:34 - 23683360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2014-03-08 10:31 - 2014-02-08 19:34 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2014-03-08 10:31 - 2014-02-08 19:34 - 12324640 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2014-03-08 10:31 - 2014-02-08 19:34 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2014-03-08 10:31 - 2014-02-08 19:34 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2014-03-08 10:31 - 2014-02-08 19:34 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2014-03-08 10:31 - 2014-02-08 19:34 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2014-03-08 10:31 - 2014-02-08 19:34 - 03142432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2014-03-08 10:31 - 2014-02-08 19:34 - 02956576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2014-03-08 10:31 - 2014-02-08 19:34 - 02782496 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2014-03-08 10:31 - 2014-02-08 19:34 - 02410784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2014-03-08 10:31 - 2014-02-08 19:34 - 00892192 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2014-03-08 10:31 - 2014-02-08 19:34 - 00875296 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2014-03-08 10:31 - 2014-02-08 19:34 - 00863520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2014-03-08 10:31 - 2014-02-08 19:34 - 00844576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2014-03-08 10:31 - 2014-02-08 19:34 - 00832424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2014-03-08 10:31 - 2014-02-08 19:34 - 00483104 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2014-03-08 10:31 - 2014-02-08 19:34 - 00408352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2014-03-08 10:31 - 2014-02-08 19:34 - 00378656 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2014-03-08 10:31 - 2014-02-08 19:34 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2014-03-08 10:31 - 2014-02-08 19:34 - 00333600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2014-03-08 10:31 - 2014-02-08 19:34 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2014-03-08 10:31 - 2014-02-08 19:34 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2014-03-08 10:31 - 2014-02-08 19:34 - 00148528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2014-03-05 21:22 - 2014-03-05 21:22 - 00053248 _____ () C:\Windows\SysWOW64\nvTextureToolsUtil.dll 2014-03-04 16:08 - 2014-03-05 21:22 - 00151552 _____ () C:\Windows\SysWOW64\nvRegDev.dll 2014-03-04 16:08 - 2014-03-05 21:22 - 00040960 _____ () C:\Windows\SysWOW64\nvISWOW64.dll 2014-03-04 16:08 - 2014-03-05 21:20 - 00061440 _____ () C:\Windows\SysWOW64\nvPhotoshopUtil.dll 2014-03-04 16:07 - 2002-08-15 10:11 - 00344064 ____R (Microsoft Corporation) C:\Windows\SysWOW64\msvcr70.dll 2014-03-04 16:07 - 2002-01-05 03:40 - 00487424 ____R (Microsoft Corporation) C:\Windows\SysWOW64\msvcp70.dll 2014-02-26 23:47 - 2014-02-26 23:49 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grid 2 2014-02-26 15:00 - 2014-02-27 10:58 - 00000000 ____D () C:\ProgramData\Steam 2014-02-26 15:00 - 2014-02-26 15:00 - 00000000 ____D () C:\Users\Patrick\Documents\My Games 2014-02-26 15:00 - 2014-02-26 15:00 - 00000000 ____D () C:\ProgramData\Codemasters 2014-02-26 14:56 - 2014-03-17 11:44 - 00052767 _____ () C:\Windows\DirectX.log 2014-02-24 10:47 - 2014-02-08 19:34 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433489.dll 2014-02-24 10:47 - 2014-02-08 19:34 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433489.dll 2014-02-19 10:53 - 2014-03-17 10:52 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\SkyTestATC1 2014-02-19 10:53 - 2008-02-06 19:31 - 01019904 _____ (Conaito) C:\Windows\SysWOW64\EvoVoIP.ocx 2014-02-19 10:53 - 2004-08-04 05:00 - 01355776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVBVM50.DLL 2014-02-19 10:53 - 2004-08-04 05:00 - 01227264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dx8vb.dll 2014-02-19 10:53 - 2002-12-20 15:02 - 01066176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL.OCX 2014-02-19 10:53 - 2000-10-02 00:00 - 00125712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6DE.DLL 2014-02-19 10:53 - 2000-05-23 22:45 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSSTDFMT.DLL 2014-02-19 10:53 - 1999-05-07 00:00 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.OCX 2014-02-19 10:53 - 1999-01-25 20:30 - 00026624 _____ (Jan Krumsiek) C:\Windows\SysWOW64\JKJoystick2.ocx 2014-02-19 10:53 - 1998-07-06 00:00 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCMCDE.DLL 2014-02-19 10:53 - 1998-06-24 01:00 - 00609584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COMCTL32.OCX 2014-02-19 10:53 - 1998-06-24 01:00 - 00108336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSWINSCK.OCX 2014-02-18 01:48 - 2014-03-17 09:26 - 00005088 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Patrick-PC-Patrick Patrick-PC 2014-02-15 10:47 - 2014-03-17 22:47 - 00028818 _____ () C:\Windows\setupact.log 2014-02-15 10:47 - 2014-03-17 10:11 - 00002128 _____ () C:\Windows\PFRO.log 2014-02-15 10:47 - 2014-02-15 10:47 - 00000000 _____ () C:\Windows\setuperr.log 2014-02-15 10:35 - 2014-02-15 10:35 - 00000000 ____D () C:\Windows\system32\log 2014-02-15 10:35 - 2014-02-15 10:35 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\eCyber 2014-02-15 10:34 - 2014-02-15 10:45 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\iSafe ==================== One Month Modified Files and Folders ======= 2014-03-17 22:48 - 2014-03-17 22:48 - 00000000 ____D () C:\FRST 2014-03-17 22:48 - 2014-03-17 09:54 - 00139456 _____ () C:\Users\Patrick\AppData\Roaming\msconfig.ini 2014-03-17 22:47 - 2014-03-17 22:47 - 00000000 ___RD () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2014-03-17 22:47 - 2014-03-17 22:47 - 00000000 _____ () C:\Users\Patrick\defogger_reenable 2014-03-17 22:47 - 2014-02-15 10:47 - 00028818 _____ () C:\Windows\setupact.log 2014-03-17 22:47 - 2013-12-18 04:56 - 00000000 ___RD () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-03-17 22:47 - 2013-12-18 04:56 - 00000000 ____D () C:\Users\Patrick 2014-03-17 22:46 - 2013-12-21 10:25 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-03-17 22:39 - 2013-12-18 04:56 - 01744473 _____ () C:\Windows\WindowsUpdate.log 2014-03-17 22:35 - 2013-12-19 12:11 - 00000000 ____D () C:\Users\Patrick\Documents\Outlook-Dateien 2014-03-17 22:33 - 2011-04-12 08:43 - 00703092 _____ () C:\Windows\system32\perfh007.dat 2014-03-17 22:33 - 2011-04-12 08:43 - 00150676 _____ () C:\Windows\system32\perfc007.dat 2014-03-17 22:33 - 2009-07-14 06:13 - 01629572 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-03-17 14:42 - 2009-07-14 05:45 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-03-17 14:42 - 2009-07-14 05:45 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-03-17 14:36 - 2013-12-19 17:04 - 00000000 ____D () C:\Users\Patrick\AppData\Local\CrashDumps 2014-03-17 14:35 - 2014-03-17 14:24 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\Sony 2014-03-17 13:52 - 2014-01-04 23:13 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\vlc 2014-03-17 11:44 - 2014-02-26 14:56 - 00052767 _____ () C:\Windows\DirectX.log 2014-03-17 11:01 - 2013-12-19 12:57 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-03-17 11:01 - 2013-12-19 12:57 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-03-17 11:01 - 2013-12-19 12:57 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-03-17 10:52 - 2014-02-19 10:53 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\SkyTestATC1 2014-03-17 10:44 - 2014-03-17 10:44 - 00001421 _____ () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk 2014-03-17 10:44 - 2013-12-18 04:56 - 00001455 _____ () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-03-17 10:44 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-03-17 10:11 - 2014-03-17 09:54 - 00000000 ___HD () C:\{$7093-3599-3146-6724$} 2014-03-17 10:11 - 2014-02-15 10:47 - 00002128 _____ () C:\Windows\PFRO.log 2014-03-17 09:55 - 2014-03-17 09:55 - 00000519 _____ () C:\Users\Patrick\AppData\Roaming\setting.ini 2014-03-17 09:54 - 2014-03-17 09:54 - 07651328 _____ (GetFLV) C:\Users\Patrick\AppData\Roaming\GetFLV.exe 2014-03-17 09:54 - 2014-03-17 09:54 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\tmp 2014-03-17 09:47 - 2014-03-17 09:47 - 00000000 ____D () C:\Users\Patrick\Documents\Wondershare Player 2014-03-17 09:46 - 2014-03-17 09:46 - 00000000 ____D () C:\Users\Patrick\Documents\Wondershare Streaming Video Recorder 2014-03-17 09:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Resources 2014-03-17 09:26 - 2014-02-18 01:48 - 00005088 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Patrick-PC-Patrick Patrick-PC 2014-03-17 09:05 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-03-15 15:47 - 2014-03-15 15:47 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 2014-03-15 15:47 - 2013-12-18 23:01 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\Adobe 2014-03-13 21:41 - 2014-03-13 21:41 - 00000000 ____D () C:\Program Files\MoTeC 2014-03-13 21:39 - 2014-03-13 21:39 - 00000000 ____D () C:\ProgramData\MoTeC 2014-03-13 21:39 - 2014-03-13 21:39 - 00000000 ____D () C:\MoTeC 2014-03-13 21:31 - 2009-07-14 05:45 - 04985656 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-03-13 18:52 - 2013-12-19 12:02 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-03-13 18:52 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini 2014-03-13 18:32 - 2014-03-13 18:32 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Downloaded Installations 2014-03-13 09:10 - 2014-02-11 15:43 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-03-13 09:10 - 2014-02-11 15:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-03-12 13:05 - 2013-12-19 12:57 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-03-09 20:25 - 2014-03-09 20:25 - 00000000 ____D () C:\Program Files\Logitech 2014-03-09 20:13 - 2014-03-09 20:13 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Logitech 2014-03-09 20:07 - 2014-03-09 20:07 - 00000000 ____D () C:\Program Files\Common Files\Logitech 2014-03-08 15:36 - 2014-03-08 15:36 - 00098304 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt.dll 2014-03-08 10:32 - 2014-03-08 10:32 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies 2014-03-08 10:32 - 2013-12-18 05:20 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-03-08 10:28 - 2013-12-20 09:36 - 00000000 ____D () C:\ProgramData\Origin 2014-03-05 22:28 - 2013-12-18 05:18 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-03-05 22:28 - 2013-12-18 05:04 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-03-05 21:22 - 2014-03-05 21:22 - 00053248 _____ () C:\Windows\SysWOW64\nvTextureToolsUtil.dll 2014-03-05 21:22 - 2014-03-04 16:08 - 00151552 _____ () C:\Windows\SysWOW64\nvRegDev.dll 2014-03-05 21:22 - 2014-03-04 16:08 - 00040960 _____ () C:\Windows\SysWOW64\nvISWOW64.dll 2014-03-05 21:20 - 2014-03-04 16:08 - 00061440 _____ () C:\Windows\SysWOW64\nvPhotoshopUtil.dll 2014-02-27 10:58 - 2014-02-26 15:00 - 00000000 ____D () C:\ProgramData\Steam 2014-02-26 23:49 - 2014-02-26 23:47 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grid 2 2014-02-26 15:00 - 2014-02-26 15:00 - 00000000 ____D () C:\Users\Patrick\Documents\My Games 2014-02-26 15:00 - 2014-02-26 15:00 - 00000000 ____D () C:\ProgramData\Codemasters 2014-02-24 16:59 - 2014-03-17 11:45 - 12296192 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-02-24 16:59 - 2014-03-17 11:45 - 09075712 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-02-24 16:59 - 2014-03-17 11:45 - 02458112 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-02-24 16:59 - 2014-03-17 11:45 - 01495040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-02-24 16:59 - 2014-03-17 11:45 - 01188864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-02-24 16:59 - 2014-03-17 11:45 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-02-24 16:59 - 2014-03-17 11:45 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-02-24 16:59 - 2014-03-17 11:45 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-02-24 16:59 - 2014-03-17 11:45 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-02-24 16:59 - 2014-03-17 11:45 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-02-24 16:35 - 2014-03-17 11:45 - 11020800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-02-24 16:35 - 2014-03-17 11:45 - 06041088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-02-24 16:35 - 2014-03-17 11:45 - 02078208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-02-24 16:35 - 2014-03-17 11:45 - 01232896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-02-24 16:35 - 2014-03-17 11:45 - 00981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-02-24 16:35 - 2014-03-17 11:45 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-02-24 16:35 - 2014-03-17 11:45 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-02-24 16:35 - 2014-03-17 11:45 - 00132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2014-02-24 16:35 - 2014-03-17 11:45 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-02-24 16:35 - 2014-03-17 11:45 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-02-24 15:01 - 2014-03-17 11:45 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-02-24 14:39 - 2014-03-17 11:45 - 01638912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-02-17 16:55 - 2013-12-21 10:31 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-02-17 16:55 - 2013-12-21 10:31 - 00000000 ____D () C:\Windows\system32\MRT 2014-02-15 10:47 - 2014-02-15 10:47 - 00000000 _____ () C:\Windows\setuperr.log 2014-02-15 10:45 - 2014-02-15 10:34 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\iSafe 2014-02-15 10:35 - 2014-02-15 10:35 - 00000000 ____D () C:\Windows\system32\log 2014-02-15 10:35 - 2014-02-15 10:35 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\eCyber 2014-02-15 10:25 - 2013-12-19 11:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service Files to move or delete: ==================== C:\ProgramData\575533705.exe C:\Users\Patrick\AppData\Roaming\msconfig.ini Some content of TEMP: ==================== C:\Users\Patrick\AppData\Local\Temp\drm_dialogs.dll C:\Users\Patrick\AppData\Local\Temp\NVI2_29.DLL C:\Users\Patrick\AppData\Local\Temp\nvSCPAPI.dll C:\Users\Patrick\AppData\Local\Temp\nvSCPAPI64.dll C:\Users\Patrick\AppData\Local\Temp\nvStInst.exe C:\Users\Patrick\AppData\Local\Temp\vlc-2.1.3-win64.exe C:\Users\Patrick\AppData\Local\Temp\vlc-2.1.4-win64.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-03-10 17:13 ==================== End Of Log ============================ GMER 2.1.19357 - hxxp://www.gmer.net Rootkit scan 2014-03-17 22:55:18 Windows 6.1.7601 Service Pack 1 x64 Running: Gmer-19357.exe ---- Registry - GMER 2.1 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\2cd05a920cc1 Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\2cd05a920cc1@c88447117f1f 0x12 0x4C 0xD5 0x99 ... Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\2cd05a920cc1@28e7cf5050c9 0x81 0xB8 0x1F 0x01 ... Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\2cd05a920cc1 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\2cd05a920cc1@c88447117f1f 0x12 0x4C 0xD5 0x99 ... Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\2cd05a920cc1@28e7cf5050c9 0x81 0xB8 0x1F 0x01 ... ---- EOF - GMER 2.1 ---- Ich bin echt Ratlos und wäre euch sehr verbunden wenn ihr mir da weiterhelfen könnt :/. Bedanke mich im Vorraus für eure Anstregung und wünsche noch einen schönen Abend. LG Slater |
| Themen zu Firefox öfnnet mehrer Tabs, Downloads schlagen fehl, Microsoft Security hat keine Verbindung |
| 4d36e972-e325-11ce-bfc1-08002be10318, administrator, browser, defender, excel, explorer, fehler, firefox, flash player, helper, hijack, iexplore.exe, installation, newtab, outlook 2013, photoshop, problem, prozess, registry, security, services.exe, software, svchost.exe, temp, usb, viren, windows, winlogon.exe |
Baum-Darstellung