CPU Auslastung sehr hoch

neodace · 13.07.2015, 15:48

[CODE]Additional
FRST Logfile:

Code:

ATTFilter

scan result of Farbar Recovery Scan Tool (x86) Version: 12-07-2015
Ran by Noname at 2015-07-13 16:47:04
Running from C:\Users\Noname\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4277079510-974402927-3430589439-500 - Administrator - Disabled)
Gast (S-1-5-21-4277079510-974402927-3430589439-501 - Limited - Disabled)
Noname (S-1-5-21-4277079510-974402927-3430589439-1000 - Administrator - Enabled) => C:\Users\Noname

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.191 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.203 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AIDA64 Extreme Edition v3.00 (HKLM\...\AIDA64 Extreme Edition_is1) (Version: 3.00 - FinalWire Ltd.)
Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.2.2218 - AVAST Software)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Configuration DivX (HKLM\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-4277079510-974402927-3430589439-1000\...\CopyTrans Suite) (Version: 3.003 - WindSolutions)
CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
devolo dLAN-Konfigurationsassistent (HKLM\...\dlanconf) (Version: 9.0.0.0 - devolo AG)
EPSON BX935FWD Series Printer Uninstall (HKLM\...\EPSON BX935FWD Series) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
EVEREST Home Edition v2.20 (HKLM\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
K-Lite Mega Codec Pack 11.0.0 (HKLM\...\KLiteCodecPack_is1) (Version: 11.0.0 - )
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Minecraft (HKLM\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 39.0 (x86 de) (HKLM\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NVIDIA Grafiktreiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: 1.90 - Ghostgum Software Pty Ltd)
Secunia PSI (3.0.0.10004) (HKLM\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version:  - )
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VCRedistSetup (Version: 1.0.0 - Nero AG) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.10 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
YGOPro DevPro Version 1.9.6 r0 (HKLM\...\{3CF2634F-3F38-4DD3-9201-CB2FE6B5FF23}_is1) (Version: 1.9.6 r0 - YGOPro DevPro Online)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

27-05-2015 13:45:56 Ende der Bereinigung
04-06-2015 21:45:49 Geplanter Prüfpunkt
10-06-2015 17:28:00 Windows Update
18-06-2015 14:02:28 Geplanter Prüfpunkt
26-06-2015 22:54:49 Geplanter Prüfpunkt
04-07-2015 10:18:06 Geplanter Prüfpunkt
11-07-2015 08:55:45 Windows Update
12-07-2015 14:55:21 NVIDIA PhysX wird entfernt
12-07-2015 15:24:37 avast! antivirus system restore point
12-07-2015 15:46:07 Removed Java 8 Update 45
12-07-2015 16:16:10 NVIDIA PhysX wird entfernt
12-07-2015 16:39:47 Windows Update
12-07-2015 18:46:17 Removed Java 8 Update 45
12-07-2015 18:48:20 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {29685E1F-2228-4284-9DC9-FAEFF9BB948A} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {2DA4BF16-C382-4ECD-BC90-D4EB064848F3} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-12] (Avast Software s.r.o.)
Task: {39DDFCC5-E8AC-4F5B-97A1-B24E438B9DC8} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {42CFF66B-FAA9-4A2F-835A-E27393A0A8C6} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {58047848-E115-4783-A426-B8BF351EDBF6} - System32\Tasks\klcp_update => C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-02-18] ()
Task: {6BD417A8-55DA-4A68-A3F4-18673D05CB17} - System32\Tasks\{7D875AB7-3E75-497C-AB92-4FB7316BA69B} => pcalua.exe -a C:\NVIDIA\SystemTools\6.08\NVMonitor\setup.exe -d C:\NVIDIA\SystemTools\6.08\NVMonitor
Task: {792E9B8B-3FB4-4AB8-911A-D351030994BD} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {D0312B56-C217-411B-9D8F-279D5554DE17} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-12] (Adobe Systems Incorporated)
Task: {EC094005-C3EB-4024-9B3F-749E08A80221} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {FA0A119B-0531-4F26-BB07-9319C2D3A3D0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2015-05-06 20:36 - 2015-05-06 20:36 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-06 20:36 - 2015-05-06 20:36 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-12 19:15 - 2015-07-12 19:15 - 02956288 _____ () C:\Program Files\AVAST Software\Avast\defs\15071201\algo.dll
2015-07-13 10:50 - 2015-07-13 10:50 - 02956288 _____ () C:\Program Files\AVAST Software\Avast\defs\15071300\algo.dll
2015-03-08 11:45 - 2015-06-17 08:51 - 00106128 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2006-12-04 01:25 - 2006-12-04 01:25 - 00022723 _____ () C:\Windows\System32\sugs2l3.dll
2015-03-08 21:39 - 2015-03-08 21:40 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-12-13 00:24 - 2014-12-13 00:24 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4277079510-974402927-3430589439-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Noname\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1 - 193.189.244.202

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: Nero BackItUp Scheduler 3 => 2
MSCONFIG\Services: NMIndexingService => 3
MSCONFIG\Services: Secunia PSI Agent => 3
MSCONFIG\Services: Secunia Update Agent => 2
MSCONFIG\startupreg: 20150107 => C:\Program Files\AVAST Software\Avast\setup\emupdate\0c77843d-45d3-4614-b019-2825c352d570.exe /check
MSCONFIG\startupreg: Adobe Speed Launcher => 1429258026

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{715EE703-F93C-4A44-8433-4487EAA472BB}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{0E62E5B5-D95D-4C74-9672-067A8283FB31}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{343CF004-505E-43E0-B5C5-64A5342A5BCE}C:\program files\devpro\devpro.dll] => (Allow) C:\program files\devpro\devpro.dll
FirewallRules: [UDP Query User{5882E574-3AB9-4943-9427-290DFD43AE43}C:\program files\devpro\devpro.dll] => (Allow) C:\program files\devpro\devpro.dll
FirewallRules: [TCP Query User{8D830128-61A4-4C27-83DC-98C026C9FEAB}C:\program files\devpro\devpro.dll] => (Allow) C:\program files\devpro\devpro.dll
FirewallRules: [UDP Query User{9F3417D6-7FBA-4577-869E-CE5F3EF6B507}C:\program files\devpro\devpro.dll] => (Allow) C:\program files\devpro\devpro.dll
FirewallRules: [TCP Query User{92CFA8D8-52E0-4E0E-A205-336FA9B4287E}C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\launcher.exe] => (Allow) C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\launcher.exe
FirewallRules: [UDP Query User{995C1756-466E-4FE5-95FD-F12A5A59A412}C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\launcher.exe] => (Allow) C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\launcher.exe
FirewallRules: [{AC67BA12-D3E1-46DB-993F-DC19E2F8F34B}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{BFFDA09B-DAF9-4A8B-877B-7E0A8C8018F0}C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\gamedata\game.exe] => (Allow) C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\gamedata\game.exe
FirewallRules: [UDP Query User{66319B40-A6D3-4DA1-AA0F-C2107234B2BC}C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\gamedata\game.exe] => (Allow) C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\gamedata\game.exe
FirewallRules: [{96BFA00F-1B66-42E5-A3AF-A50384CB2563}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7144E11B-5FFA-4FF8-B747-B77002728DAF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9795B38A-E7EB-44D8-830E-73B27CA72A50}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{9C7E7BD3-D018-495B-BA7E-CCFA05089F0A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{0CE973D5-AF1B-40B6-A222-E1C510502349}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{8B262E26-295F-4326-AA3A-16FDE0F1BC86}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{D26899A5-6F3E-4DDF-A679-AA009B13BC63}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{4E341B75-8D2A-4D7C-800C-2DF4C81B18FF}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{D483C699-5F8E-466F-B3AA-2EAF0B521B5C}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe

==================== Faulty Device Manager Devices =============

Name: VIA USB erweiterter Hostcontroller
Description: VIA USB erweiterter Hostcontroller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: VIA Technologies
Service: usbehci
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Standard PCI-zu-USB universeller Hostcontroller
Description: Standard PCI-zu-USB universeller Hostcontroller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: usbuhci
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Standard PCI-zu-USB universeller Hostcontroller
Description: Standard PCI-zu-USB universeller Hostcontroller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: usbuhci
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/13/2015 10:49:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/13/2015 08:05:50 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/13/2015 08:05:50 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/13/2015 08:05:50 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/13/2015 08:05:50 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)

Error: (07/13/2015 08:05:46 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/13/2015 08:05:46 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Die Eigenschaftenspeicherdaten können von Windows Search nicht geladen werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (07/13/2015 08:05:46 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/13/2015 08:05:46 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=4700} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/13/2015 08:05:46 AM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: Der Jet-Eigenschaftenspeicher kann von Windows Search nicht geöffnet werden.


Details:
	0x%08x (0xc0041800 - Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800))


System errors:
=============
Error: (07/13/2015 08:05:50 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/13/2015 08:05:50 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1073473535.

Error: (07/13/2015 12:26:12 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/12/2015 06:48:50 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (07/12/2015 04:00:00 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (07/12/2015 03:41:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Installer" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (07/12/2015 03:41:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Installer erreicht.

Error: (07/12/2015 03:39:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Druckwarteschlange" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (07/12/2015 03:39:36 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "Spooler" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%50

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (07/12/2015 03:39:08 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056


Microsoft Office:
=========================
Error: (07/13/2015 10:49:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/13/2015 08:05:50 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: 
Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/13/2015 08:05:50 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kontext: Windows Anwendung


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/13/2015 08:05:50 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/13/2015 08:05:50 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (07/13/2015 08:05:46 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (07/13/2015 08:05:46 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (07/13/2015 08:05:46 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: 
Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (07/13/2015 08:05:46 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: 
Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
4700

Error: (07/13/2015 08:05:46 AM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: 
Details:
	0x%08x (0xc0041800 - Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800))


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz
Percentage of memory in use: 53%
Total physical RAM: 2047.37 MB
Available physical RAM: 957.14 MB
Total Virtual: 4094.73 MB
Available Virtual: 2732.37 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.79 GB) (Free:174.55 GB) NTFS
Drive e: (Neo`s Daten) (Fixed) (Total:232.88 GB) (Free:225.82 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 04170417)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 232.9 GB) (Disk ID: 0ACB0595)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

==================== End of log ============================

--- --- ---

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-07-2015
Ran by Noname (administrator) on NONAME-PC on 13-07-2015 16:46:04
Running from C:\Users\Noname\Desktop
Loaded Profiles: Noname (Available Profiles: Noname)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\Noname\Desktop\FRST(1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-23] (Avast Software s.r.o.)
HKU\S-1-5-21-4277079510-974402927-3430589439-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5489944 2014-12-12] (Piriform Ltd)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-05-06] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4277079510-974402927-3430589439-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4277079510-974402927-3430589439-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://mega.co.nz/#login
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-23] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-23] (Avast Software s.r.o.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-23] (Oracle Corporation)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 193.189.244.202 193.189.244.194
Tcpip\..\Interfaces\{34305B66-F253-4571-9EEB-B9B40B89F740}: [DhcpNameServer] 192.168.1.1 193.189.244.202 193.189.244.194
Tcpip\..\Interfaces\{8DE3437E-5FB7-493F-8CF5-EE9202094B83}: [DhcpNameServer] 192.168.1.1 193.189.244.202 193.189.244.194

FireFox:
========
FF ProfilePath: C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587
FF Homepage: hxxp://www.facebook.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_203.dll [2015-07-12] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-23] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-07-03] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: Flash Video Downloader - YouTube HD Downloader [4K] - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\artur.dubovoy@gmail.com [2015-05-30]
FF Extension: WOT - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-10-24]
FF Extension: MEGA - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\firefox@mega.co.nz.xpi [2014-10-24]
FF Extension: Stylish - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2014-10-24]
FF Extension: Video DownloadHelper - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-07-12]
FF Extension: Adblock Plus - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-24]
FF Extension: Adblock Edge - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2014-10-24]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-08]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-08]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-06] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-05-06] (Avast Software)
S4 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S4 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)
S4 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-05-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-05-06] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-05-06] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-05-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-05-06] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [428120 2015-07-12] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-05-06] (Avast Software s.r.o.)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [38472 2013-11-06] (The OpenVPN Project)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-05-06] ()
R2 giveio; C:\Windows\system32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
R2 PLCNDIS5; C:\Windows\system32\plcndis5.sys [17280 2004-05-17] (Intellon, Inc.) [File not signed]
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2014-11-28] (Secunia)
R2 speedfan; C:\Windows\system32\speedfan.sys [24184 2012-12-29] (Almico Software)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-05-06] (Avast Software)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
S3 Andbus; system32\DRIVERS\lgandbus.sys [X]
S3 AndDiag; system32\DRIVERS\lganddiag.sys [X]
S3 AndGps; system32\DRIVERS\lgandgps.sys [X]
S3 ANDModem; system32\DRIVERS\lgandmodem.sys [X]
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem.sys [X]
S3 andnetndis; system32\DRIVERS\lgandnetndis.sys [X]
S3 catchme; \??\C:\Users\Noname\AppData\Local\Temp\catchme.sys [X]
S3 crliycos; \SystemRoot\system32\drivers\ngiodriver_x86 [X]
S3 eapihdrv; \??\C:\Users\Noname\AppData\Local\Temp\ehdrv.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad32v.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-13 08:04 - 2015-07-13 10:49 - 00000112 _____ C:\Windows\setupact.log
2015-07-13 08:04 - 2015-07-13 08:04 - 00000352 _____ C:\Windows\PFRO.log
2015-07-13 08:04 - 2015-07-13 08:04 - 00000000 _____ C:\Windows\setuperr.log
2015-07-12 19:13 - 2015-07-13 08:04 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-07-12 19:13 - 2015-07-12 19:13 - 01947216 _____ (InstallX, LLC) C:\Windows\system32\coretemp_d7632790.exe
2015-07-12 19:12 - 2015-07-12 19:12 - 00516632 _____ ( ) C:\Users\Noname\Downloads\coretemp_d7632790_CB-DL-Manager.exe
2015-07-12 19:08 - 2015-07-12 19:08 - 00000000 ____D C:\Users\Noname\AppData\Roaming\NVIDIA
2015-07-12 18:31 - 2015-07-12 18:31 - 00852662 _____ C:\Users\Noname\Downloads\SecurityCheck.exe
2015-07-12 16:57 - 2015-07-12 16:57 - 02870984 _____ (ESET) C:\Users\Noname\Downloads\esetsmartinstaller_deu.exe
2015-07-12 16:39 - 2015-06-02 21:35 - 00342728 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-12 16:39 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-12 16:39 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-12 16:39 - 2015-05-23 05:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-12 16:39 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-12 16:39 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-12 16:39 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-12 16:39 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-12 16:39 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-12 16:39 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-12 16:39 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-12 16:39 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-12 16:39 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-12 16:39 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-12 16:39 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-12 16:39 - 2015-05-23 05:05 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-12 16:39 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-12 16:39 - 2015-05-23 05:00 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-12 16:39 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-12 16:39 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-12 16:39 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-12 16:39 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-12 16:39 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-12 16:39 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-12 16:39 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-12 16:39 - 2015-05-23 04:38 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-12 16:39 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-12 16:39 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-12 16:39 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-12 16:39 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-12 16:39 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-12 16:39 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-12 16:38 - 2015-07-09 19:44 - 00015808 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-12 16:38 - 2015-07-09 19:43 - 00587264 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-12 16:38 - 2015-07-09 19:42 - 00924160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-12 16:38 - 2015-07-09 19:42 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-12 16:38 - 2015-07-09 19:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-12 16:38 - 2015-07-09 19:42 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-12 16:38 - 2015-07-09 19:42 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-12 16:38 - 2015-07-09 19:34 - 00932864 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-12 16:38 - 2015-06-03 22:17 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-07-12 16:38 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-07-12 16:38 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-07-12 16:38 - 2015-05-25 20:07 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-12 16:38 - 2015-05-25 20:07 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-12 16:38 - 2015-05-25 20:04 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-07-12 16:38 - 2015-05-25 20:01 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-12 16:38 - 2015-05-25 20:01 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-07-12 16:38 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-07-12 16:38 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-12 16:38 - 2015-05-25 20:01 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-07-12 16:38 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-12 16:38 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-12 16:38 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-12 16:38 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-12 16:38 - 2015-05-25 20:01 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-12 16:38 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-07-12 16:38 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-12 16:38 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-07-12 16:38 - 2015-05-25 20:01 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-07-12 16:38 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-12 16:38 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-12 16:38 - 2015-05-25 20:01 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-12 16:38 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-07-12 16:38 - 2015-05-25 20:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-07-12 16:38 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-07-12 16:38 - 2015-05-25 20:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-07-12 16:38 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-12 16:38 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-07-12 16:38 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-07-12 16:38 - 2015-05-25 20:00 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-12 16:38 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-07-12 16:38 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-12 16:38 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-12 16:38 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-12 16:38 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-07-12 16:38 - 2015-05-25 19:00 - 02384384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-12 16:38 - 2015-05-25 18:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-07-12 16:34 - 2015-05-09 05:14 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-07-12 16:34 - 2015-05-09 05:13 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-07-12 16:34 - 2015-05-09 05:13 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-07-12 16:34 - 2015-05-09 05:12 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-07-12 16:34 - 2015-05-09 05:08 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-07-12 16:34 - 2015-05-09 05:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-07-12 16:34 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-07-12 16:34 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-07-12 16:34 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-07-12 16:34 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-07-12 16:34 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-07-12 16:34 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-07-12 16:34 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-07-12 16:34 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-07-12 16:34 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-07-12 16:34 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-07-12 16:34 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-07-12 16:34 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-07-12 16:34 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-07-12 16:34 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-07-12 16:34 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-07-12 16:34 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-07-12 16:34 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-07-12 16:34 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-07-12 16:34 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-07-12 16:34 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-07-12 16:34 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-07-12 16:34 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-07-12 16:34 - 2015-05-09 03:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-07-12 16:34 - 2015-05-09 03:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-07-12 16:34 - 2015-05-09 03:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-07-12 16:34 - 2015-05-09 03:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-07-12 16:34 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-07-12 16:34 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-07-12 16:34 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-07-12 16:34 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-07-12 16:33 - 2015-06-26 19:56 - 02943488 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-12 16:33 - 2015-06-26 19:56 - 02057216 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-12 16:33 - 2015-06-26 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-12 16:33 - 2015-06-26 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-12 16:33 - 2015-06-26 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-12 16:33 - 2015-06-26 19:56 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-12 16:33 - 2015-06-26 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-12 16:33 - 2015-06-26 19:55 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-12 16:33 - 2015-06-26 19:55 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-12 16:33 - 2015-06-26 19:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-12 16:33 - 2015-06-26 19:55 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-12 16:33 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-07-12 16:32 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-12 16:32 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-12 16:32 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-12 16:32 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-12 16:30 - 2015-05-09 20:09 - 00715200 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-07-12 16:11 - 2015-06-17 11:06 - 37748880 _____ C:\Windows\system32\nvcompiler.dll
2015-07-12 16:11 - 2015-06-17 11:06 - 22947144 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2015-07-12 16:11 - 2015-06-17 11:06 - 13263248 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-07-12 16:11 - 2015-06-17 11:06 - 11831856 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-07-12 16:11 - 2015-06-17 11:06 - 09129800 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-07-12 16:11 - 2015-06-17 11:06 - 02997544 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll
2015-07-12 16:11 - 2015-06-17 11:06 - 02599568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-07-12 16:11 - 2015-06-17 11:06 - 01049232 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3235330.dll
2015-07-12 16:11 - 2015-06-17 11:06 - 00982856 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR.dll
2015-07-12 16:11 - 2015-06-17 11:06 - 00974992 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC.dll
2015-07-12 16:11 - 2015-06-17 11:06 - 00938568 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshim.dll
2015-07-12 16:11 - 2015-06-17 11:06 - 00912528 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3235330.dll
2015-07-12 16:11 - 2015-06-17 11:06 - 00155280 _____ (NVIDIA Corporation) C:\Windows\system32\nvinit.dll
2015-07-12 16:11 - 2015-06-17 11:06 - 00128696 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim32.dll
2015-07-12 15:57 - 2015-07-12 16:08 - 227885392 _____ (NVIDIA Corporation) C:\Users\Noname\Downloads\353.30-desktop-win8-win7-winvista-32bit-international-whql.exe
2015-07-12 15:37 - 2015-07-12 15:37 - 01634816 _____ (Farbar) C:\Users\Noname\Downloads\FRST.exe
2015-07-12 15:26 - 2015-05-06 20:36 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-07-12 14:55 - 2015-07-12 16:16 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-12 14:51 - 2015-07-12 16:12 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-07-12 09:19 - 2015-07-12 09:19 - 00000000 ____D C:\RegBackup
2015-07-11 18:17 - 2015-07-11 18:17 - 00016381 _____ C:\ComboFix.txt
2015-07-11 18:00 - 2015-07-11 18:17 - 00000000 ____D C:\Qoobox
2015-07-11 12:17 - 2015-07-13 16:46 - 00000000 ____D C:\FRST
2015-07-11 01:12 - 2015-07-11 01:22 - 229292641 _____ C:\Users\Noname\Downloads\[clips4sale.com]makayla's throat mp4.mp4
2015-07-03 19:51 - 2015-07-12 09:00 - 00000000 ____D C:\AdwCleaner
2015-07-03 14:15 - 2015-03-07 15:37 - 00000987 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2015-07-02 21:00 - 2015-07-02 21:00 - 00000000 ____D C:\Program Files\ESET
2015-07-02 20:07 - 2015-07-02 20:07 - 647608542 _____ C:\Users\Noname\Downloads\[clips4sale.com]053015fish_WMV V9.wmv
2015-07-02 19:35 - 2015-07-02 19:36 - 525086220 _____ C:\Users\Noname\Downloads\[clips4sale.com]Vac-Vore Garbage and Roommate Recycling - MP4 1280x720.mp4
2015-07-02 19:21 - 2015-07-02 19:22 - 306744878 _____ C:\Users\Noname\Downloads\(Clips4sale) Witch vore .wmv
2015-07-02 19:21 - 2015-07-02 19:21 - 84458329 _____ C:\Users\Noname\Downloads\[clips4sale.com]QD - Devoured By Jasmine Mendez HD.mkv
2015-07-01 23:13 - 2015-07-01 23:13 - 00000000 ____D C:\Users\Noname\Downloads\Neuer Ordner (4)
2015-07-01 23:12 - 2015-07-01 23:13 - 00000000 ____D C:\Users\Noname\Downloads\Neuer Ordner (3)

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-13 15:47 - 2014-05-07 23:11 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-13 15:27 - 2013-08-22 12:47 - 01395533 _____ C:\Windows\WindowsUpdate.log
2015-07-13 11:19 - 2009-07-14 06:34 - 00031104 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-13 11:19 - 2009-07-14 06:34 - 00031104 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-13 11:19 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2015-07-13 10:49 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-13 08:04 - 2013-10-01 08:37 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-07-12 19:18 - 2015-03-09 00:15 - 00000000 ____D C:\Program Files\SpeedFan
2015-07-12 18:49 - 2015-04-04 17:39 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-12 18:45 - 2014-03-21 20:26 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-07-12 18:45 - 2014-03-21 20:26 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-07-12 18:45 - 2013-09-06 00:00 - 00000000 ____D C:\Users\Noname\AppData\Local\Adobe
2015-07-12 17:02 - 2010-11-20 23:01 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-12 16:54 - 2009-07-14 06:33 - 00287344 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-12 16:52 - 2014-12-11 19:56 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-12 16:52 - 2014-04-23 09:01 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-12 16:52 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2015-07-12 16:48 - 2013-09-05 21:20 - 00000000 ____D C:\Windows\system32\MRT
2015-07-12 16:41 - 2013-09-05 21:20 - 136900096 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-12 16:17 - 2013-09-05 21:10 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-07-12 16:12 - 2013-09-05 21:11 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-07-12 16:10 - 2015-01-02 16:46 - 00000000 ____D C:\Windows\erdnt
2015-07-12 16:10 - 2014-09-25 00:39 - 00000000 ____D C:\Users\Noname\AppData\Local\SlimWare Utilities Inc
2015-07-12 16:10 - 2014-09-25 00:38 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2015-07-12 16:10 - 2013-09-21 20:48 - 00000000 ____D C:\Program Files\DevPro
2015-07-12 16:10 - 2013-09-05 23:58 - 00000000 ____D C:\Program Files\CCleaner
2015-07-12 16:10 - 2013-09-05 19:01 - 00000000 ____D C:\Windows\system32\Macromed
2015-07-12 16:10 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\wfp
2015-07-12 16:10 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Help
2015-07-12 16:10 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-07-12 16:09 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\registration
2015-07-12 16:07 - 2015-04-07 23:04 - 00000000 ____D C:\Users\Noname\AppData\Roaming\.minecraft
2015-07-12 16:07 - 2014-06-28 19:33 - 00000000 ____D C:\Users\Noname\AppData\Roaming\LiveSnap
2015-07-12 15:40 - 2009-07-14 06:53 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-12 15:26 - 2015-03-08 21:40 - 00428120 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswsp.sys
2015-07-12 15:23 - 2013-08-22 12:57 - 00000000 ____D C:\Users\Noname
2015-06-27 13:56 - 2015-02-10 20:46 - 00000089 _____ C:\Users\Noname\AppData\Roaming\chk.ag
2015-06-17 11:06 - 2015-03-08 11:44 - 00105104 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-06-17 11:06 - 2015-03-08 11:41 - 15224784 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll
2015-06-17 11:06 - 2015-03-08 11:41 - 12855224 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dum.dll
2015-06-17 11:06 - 2015-03-08 11:41 - 00026142 _____ C:\Windows\system32\nvinfo.pb
2015-06-17 08:51 - 2015-03-08 11:45 - 04385608 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-06-17 08:51 - 2015-03-08 11:45 - 03019920 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc.dll
2015-06-17 08:51 - 2015-03-08 11:45 - 02554512 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-06-17 08:51 - 2015-03-08 11:45 - 00670864 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-06-17 08:51 - 2015-03-08 11:45 - 00374928 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-06-17 08:51 - 2015-03-08 11:45 - 00061584 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll

==================== Files in the root of some directories =======

2013-12-22 18:28 - 2013-12-22 18:28 - 0000000 _____ () C:\Program Files\Web Data
2015-02-10 20:46 - 2015-06-27 13:56 - 0000089 _____ () C:\Users\Noname\AppData\Roaming\chk.ag
2011-01-24 00:21 - 2015-05-07 00:17 - 0001127 _____ () C:\Users\Noname\AppData\Roaming\neo.ini
2011-01-24 00:21 - 2014-07-26 20:12 - 0001112 _____ () C:\Users\Noname\AppData\Roaming\neo98.ini
2014-07-10 08:56 - 2014-07-10 08:56 - 0000017 _____ () C:\Users\Noname\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-13 11:11

==================== End of log ============================

--- --- ---

M-K-D-B · 13.07.2015, 16:49

Reste entfernen
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

start
CloseProcesses:
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Die Fixlog von FRST gleich posten, da diese sonst mit DelFix (siehe weiter unten) automatisch entfernt wird!

Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.

Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.

Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren

Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
Klicke auf OK.
Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte

DelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...

und/oder das Forum mit einer kleinen Spende unterstützen.

Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:

	Emsisoft	Avast	MSE

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:

Adblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren.

NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.

Ghostery Erkennt und blockiert Tracker, Web Bugs, Pixel und Beacons und weitere Scripte, die das Surfverhalten ausspähen/beobachten.

Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.

Lade Software von einem sauberen Portal wie

.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .

Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.

neodace · 13.07.2015, 20:42

Code:

ATTFilter

Fix result of Farbar Recovery Scan Tool (x86) Version: 12-07-2015
Ran by Noname at 2015-07-13 21:33:19 Run:3
Running from C:\Users\Noname\Desktop
Loaded Profiles: Noname (Available Profiles: Noname)
Boot Mode: Normal

==============================================

fixlist content:
*****************
start
CloseProcesses:
EmptyTemp:
end
*****************

Processes closed successfully.
EmptyTemp: => 104 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 21:33:31 ====

die überhitzung ist immernoch da, bin froh das die maleware erstmal weg ist.
aber denke es ist dann wohl ein hardware problem.
schaue mir die tage mal den lüfter/kühler an. ewentuel hat sich da staub angesetzt.
anderst kann ich mir das auch net erklären warum er von heut auf morgen so heis wird und die cpu so ausschlägt wenn ich etwas merh arbeite am pc.

M-K-D-B · 14.07.2015, 11:28

Scheint in der Tag wohl ein Hardwareproblem zu sein.

Ich bin froh, dass wir helfen konnten

In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest:
Lob, Kritik und Wünsche
Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank!

Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen.

CPU Auslastung sehr hoch

Plagegeister aller Art und deren Bekämpfung: CPU Auslastung sehr hoch