laptop samsung serie 5 oft sehr langsam usw....

fritzflegl · 20.08.2013, 15:39

hallo zusammen!

mein samsung laptop war in letzter zeit oft sehr langsam. habe jetzt mal win7 neu drauf gemacht . hat nichts gebracht. im gegenteil. habe das gefühl es kommen immer mehr probleme. konnte avg nicht installieren. beim öffnen vom explorer fehlen .dll dateien. die usb anschlüsse funktionieren nicht mehr. sollte ich nochmal win7 installieren und versuchen mit der anleitung hier direkt ne logfile zu erstellen? direkt nach der win installation konnt ich den explorer nämlich noch öffnen.

nach einem neustart hat er mal scandisk gemacht. da kam die meldung das er manche dateien nicht reparieren könne weil zu wenig speicherplatz da sei.

ich frag mich was ich mir da eingefangen hab. er lief cs 1 jahr schnell und reibungslos. avg war immer installiert und ich war nur auf seiten auf denen ich sonst auch immer war.

danke euch schonmal!

gruss fritz

schrauber · 20.08.2013, 16:28

Hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

fritzflegl · 20.08.2013, 19:26

werde ich jetzt gleich machen! eine erkenntnis habe ich schon

habe win7 wieder neu drauf gemacht, bin nicht online gegangen und siehe da, der usb stick wurde wieder erkannt.

kann das sein das die probleme erst mit bestehender internetverbindung auftreten?

finde das eingabefenster der website nicht

kann ich auch einfach copy paste machen ?

wenn ich auf die raute klicke kommt code/code . was muss ich machen um die logfile zu posten?

FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-08-2013 03
Ran by Fritz at 2013-08-20 18:37:48
Running from C:\Users\Fritz\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
„Windows Live Essentials“ (x32 Version: 15.4.3502.0922)
„Windows Live Mail“ (x32 Version: 15.4.3502.0922)
„Windows Live Messenger“ (x32 Version: 15.4.3538.0513)
„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922)
Absolute Reminder (x32 Version: 2.0.0.17)
Adobe Flash Player 10 ActiveX (x32 Version: 10.3.181.34)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.82)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95)
Bing Bar (x32 Version: 7.0.610.0)
Build-a-lot (x32 Version: 2.2.0.82)
Chuzzle Deluxe (x32 Version: 2.2.0.82)
CyberLink YouCam (x32 Version: 3.1.5016)
D3DX10 (x32 Version: 15.4.2368.0902)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82)
Easy File Share (x32 Version: 1.2.4)
Easy Migration (x32 Version: 1.0)
Easy Settings (x32 Version: 1.1)
Easy Software Manager (x32 Version: 1.2.17.12)
Easy Support Center (Version: 1.2.23)
E-POP (x32 Version: 1.0.1)
ExpressCache (Version: 1.0.80)
Farm Frenzy (x32 Version: 2.2.0.82)
Fast Flash Sleep Resume (x32 Version: 1.0.19)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922)
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922)
Galerie foto Windows Live (x32 Version: 15.4.3502.0922)
Insaniquarium Deluxe (x32 Version: 2.2.0.82)
Intel PROSet Wireless
Intel(R) Manageability Engine Firmware Recovery Agent (x32 Version: 1.0.0.35342)
Intel(R) Management Engine Components (x32 Version: 8.0.2.1410)
Intel(R) OpenCL CPU Runtime (x32)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2618)
Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed (Version: 15.0.0.0059)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (Version: 2.1.0.0140)
Intel(R) Rapid Start Technology (x32 Version: 1.0.0.1021)
Intel(R) Rapid Storage Technology (x32 Version: 11.0.0.1032)
Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.1.209)
Intel(R) WiDi (x32 Version: 3.0.12.0)
Intel(R) Wireless Display
Intel® PROSet/Wireless WiFi Software (Version: 15.00.0000.0642)
Intel® Trusted Connect Service Client (Version: 1.23.605.1)
John Deere Drive Green (x32 Version: 2.2.0.82)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Silverlight (x32 Version: 4.0.50401.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
Multimedia POP (x32 Version: 1.1)
Norton Internet Security (x32 Version: 19.1.0.28)
Norton Online Backup (x32 Version: 2.1.17869)
Peggle (x32 Version: 2.2.0.82)
Penguins! (x32 Version: 2.2.0.82)
Plants vs. Zombies (x32 Version: 2.2.0.82)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922)
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922)
Polar Golfer (x32 Version: 2.2.0.82)
Pošta Windows Live (x32 Version: 15.4.3502.0922)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922)
Realtek Ethernet Controller Driver (x32 Version: 7.50.1123.2011)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6586)
Samsung Recovery Solution 5 (x32 Version: 5.0.2.6)
Skype™ 4.2 (x32 Version: 4.2.169)
Software Launcher (x32 Version: 1.0.2)
User Guide (x32 Version: 1.2)
Ware PS/2-X64 10.7.13.1_WHQL (Version: 10.7.13.1)
WildTangent Games (x32 Version: 1.0.1.5)
WildTangent ORB Game Console (x32)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live fotoattēlu galerija (x32 Version: 15.4.3502.0922)
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live Foto-galerija (x32 Version: 15.4.3502.0922)
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922)
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922)
Windows Live Fotótár (x32 Version: 15.4.3502.0922)
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922)
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Pošta (x32 Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Live 메일 (x32 Version: 15.4.3502.0922)
Windows Live 사진 갤러리 (x32 Version: 15.4.3502.0922)
Windows Live 필수 패키지 (x32 Version: 15.4.3502.0922)
Windows Live 影像中心 (x32 Version: 15.4.3502.0922)
Windows Live 照片库 (x32 Version: 15.4.3502.0922)
Windows Live 程式集 (x32 Version: 15.4.3502.0922)
Windows Live 程式集 (x32 Version: 15.4.3538.0513)
Windows Live 软件包 (x32 Version: 15.4.3502.0922)
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922)
Windows Liven sähköposti (x32 Version: 15.4.3502.0922)
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922)
Xerox PhotoCafe (x32 Version: 1.0.0.6162)
Zuma Deluxe (x32 Version: 2.2.0.95)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922)
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922)
Почта Windows Live (x32 Version: 15.4.3502.0922)
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922)
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922)
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922)
بريد Windows Live (x32 Version: 15.4.3502.0922)
معرض صور Windows Live (x32 Version: 15.4.3502.0922)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {063EF2DE-4097-44B9-897C-160B437E8AB4} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {114B90F0-AF00-4E9D-886F-6E6576AEFDAE} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe [2012-04-03] (Samsung Electronics Co., Ltd.)
Task: {14F500A4-AB0F-4383-BCDE-626C640B8D30} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe [2012-01-31] (Samsung Electronics Co., Ltd.)
Task: {24ECCE66-335B-4BA5-88BA-02254FC97DBD} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {29DF9211-EA57-4BEB-BAC4-BFF7EA8C807F} - System32\Tasks\SuperFetchSetting => C:\Windows\temp\SuperFetchSetting.exe [2011-08-11] (TODO: Samsung Electronics)
Task: {41ADF3CC-A9EE-4806-A9DB-AF8340F82B1F} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {438A964E-FE28-40DA-8E53-F96665E1D8FD} - System32\Tasks\Absolute Reminder => C:\Program Files (x86)\Absolute Software\Absolute Reminder\AbsoluteReminder.exe [2011-07-12] (Absolute Software)
Task: {44CAE063-F5AE-4415-91C0-F854D3F5C938} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\SymErr.exe [2011-08-11] (Symantec Corporation)
Task: {45441369-69EA-47A1-B088-17AC1D4143B8} - System32\Tasks\EasySupportCenter => C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe [2012-04-19] (Samsung Electronics CO., LTD.)
Task: {564DA579-EFE2-45ED-9376-B71944ABB078} - System32\Tasks\WLANStartup => C:\Program Files (x86)\Samsung\Easy Settings\WLANStartup.exe [2012-04-03] (Samsung Electronics)
Task: {6133C906-F3A7-4516-A3C2-4E1DC899CE84} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\Easy Settings\EBM\EasyBatteryMgr4.exe [2011-11-18] (SAMSUNG Electronics co., LTD.)
Task: {6D1338E0-FA4A-45FE-8440-7E8D5D139866} - System32\Tasks\SCCSpeedBoot => C:\Program Files (x86)\Samsung\Easy Settings\SCCSpeedBoot.exe [2012-03-27] (Samsung Electronics Co., Ltd.)
Task: {7888AEAF-5DF1-4CE6-96FB-3F73393102CA} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe [2012-02-06] (Intel)
Task: {7B5A0EB6-C526-4E20-95C4-6655C556F840} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-02-16] (CyberLink)
Task: {8EDDEB03-1F82-4047-87AA-AD1BF4553B06} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {A56A400A-E53D-41E9-BD5D-3EBEC2C10DC7} - System32\Tasks\Easy Software Manager Agent => C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe [2012-04-06] (Samsung Electronics CO., LTD.)
Task: {AD37742E-776F-4715-B947-FBEDA4E43F2E} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe [2012-01-31] (Samsung Electronics)
Task: {B05BDA80-E27E-4234-94A5-F7306BE1D60D} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\WSCStub.exe [2011-08-13] (Symantec Corporation)
Task: {CA174AFB-6101-4330-8297-8B2464BC5473} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2012-01-28] (SEC)
Task: {D76D4BD0-3EF8-4A0A-BEBC-85935DD5E86C} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\SymErr.exe [2011-08-11] (Symantec Corporation)
Task: {DA27D27A-D373-4D51-9417-5D419E1CEA12} - System32\Tasks\SmartSetting => C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe [2012-03-27] (Samsung Electronics Co., Ltd.)
Task: {DD24B959-E84B-4B26-9B3E-BEA66781EEA1} - System32\Tasks\FFSRConfigurer => C:\Program Files (x86)\Samsung\Fast Flash Sleep Resume\FFSRConfigurer.exe [2012-03-29] (Samsung)
Task: {FB5067E3-A561-407F-AF71-09DA3F297E7F} - System32\Tasks\Xerox PhotoCafe Communicator => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe [2011-10-26] ()
Task: C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\windows\Tasks\Xerox PhotoCafe Communicator.job => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/20/2013 05:55:40 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/20/2013 05:52:25 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ExpressCacheRun64.exe, Version: 1.0.0.2, Zeitstempel: 0x4df608c1
Name des fehlerhaften Moduls: ecapi64.dll, Version: 1.0.46.0, Zeitstempel: 0x4ddeea46
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0000000000001ae7
ID des fehlerhaften Prozesses: 0xd14
Startzeit der fehlerhaften Anwendung: 0xExpressCacheRun64.exe0
Pfad der fehlerhaften Anwendung: ExpressCacheRun64.exe1
Pfad des fehlerhaften Moduls: ExpressCacheRun64.exe2
Berichtskennung: ExpressCacheRun64.exe3

Error: (08/20/2013 05:51:45 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/20/2013 10:49:03 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (08/20/2013 05:51:42 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (08/20/2013 10:49:00 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom


Microsoft Office Sessions:
=========================
Error: (08/20/2013 05:55:40 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/20/2013 05:52:25 PM) (Source: Application Error)(User: )
Description: ExpressCacheRun64.exe1.0.0.24df608c1ecapi64.dll1.0.46.04ddeea46c00004090000000000001ae7d1401ce9dbd4166f64aC:\Windows\MSetup\BASW-13755A12\ExpressCacheRun64.exeC:\Windows\MSetup\BASW-13755A12\ecapi64.dll817742d1-09b0-11e3-8306-c485085edfac

Error: (08/20/2013 05:51:45 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/20/2013 10:49:03 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info =========================== 

Percentage of memory in use: 23%
Total physical RAM: 5925.54 MB
Available physical RAM: 4542.8 MB
Total Pagefile: 11849.27 MB
Available Pagefile: 10444.89 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:442.4 GB) (Free:408.26 GB) NTFS
Drive d: () (Removable) (Total:59.71 GB) (Free:58.97 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 97B4250C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=442 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=23 GB) - (Type=27)

========================================================
Disk: 1 (Size: 22 GB) (Disk ID: 74F02DEA)
Partition 1: (Not Active) - (Size=18 GB) - (Type=73)
Partition 2: (Not Active) - (Size=5 GB) - (Type=84)

========================================================
Disk: 2 (Size: 60 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=60 GB) - (Type=0C)

==================== End Of Log ============================

--- --- ---

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-08-2013 03
Ran by Fritz (administrator) on 20-08-2013 18:36:51
Running from C:\Users\Fritz\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\windows\system32\WLANExt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
() C:\Windows\SetDisplayResolution.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
(Intel Corporation) C:\windows\system32\igfxext.exe
(Intel Corporation) C:\windows\system32\igfxsrvc.exe
() C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12452456 2012-02-21] (Realtek Semiconductor)
HKLM\...\Run: [BLEServicesCtrl] - C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [177936 2012-02-17] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11406608 2012-02-21] (Intel Corporation)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2816336 2012-03-14] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-04] (Intel Corporation)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\coIEPlg.dll (Symantec Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

==================== Services (Whitelisted) =================

R2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-02-11] (Diskeeper Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-08] ()
R2 irstrtsv; C:\windows\SysWOW64\irstrtsv.exe [193536 2012-02-06] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe [138760 2011-08-10] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 SamsungDeviceConfigurationWinService; C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [31624 2012-02-13] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20110819.004\BHDrvx64.sys [1151096 2011-08-18] (Symantec Corporation)
R3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20110819.004\BHDrvx64.sys [1151096 2011-08-18] (Symantec Corporation)
R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1301000.01C\ccSetx64.sys [167048 2011-08-08] (Symantec Corporation)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-02-11] (Diskeeper Corporation)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [92976 2012-02-11] (Diskeeper Corporation)
R3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20110726.001\IDSVia64.sys [488568 2011-07-20] (Symantec Corporation)
R3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20110726.001\IDSVia64.sys [488568 2011-07-20] (Symantec Corporation)
R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2012-02-07] (Intel Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120109.002\ENG64.SYS [117880 2012-01-08] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120109.002\ENG64.SYS [117880 2012-01-08] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120109.002\EX64.SYS [2048632 2012-01-08] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120109.002\EX64.SYS [2048632 2012-01-08] (Symantec Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 SRTSP; C:\Windows\system32\drivers\NISx64\1301000.01C\SRTSP64.SYS [729720 2011-08-02] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1301000.01C\SRTSPX64.SYS [37496 2011-08-02] (Symantec Corporation)
R3 SymDS; C:\Windows\system32\drivers\NISx64\1301000.01C\SYMDS64.SYS [451192 2011-07-25] (Symantec Corporation)
R3 SymEFA; C:\Windows\system32\drivers\NISx64\1301000.01C\SYMEFA64.SYS [1084536 2011-07-28] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2012-04-12] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NISx64\1301000.01C\Ironx64.SYS [189560 2011-07-25] (Symantec Corporation)
R3 SymNetS; C:\Windows\system32\drivers\NISx64\1301000.01C\SYMNETS.SYS [401016 2011-07-25] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-20 18:35 - 2013-08-20 18:32 - 01576196 _____ (Farbar) C:\Users\Fritz\Desktop\FRST64.exe
2013-08-20 17:55 - 2013-08-20 17:55 - 00000000 ____D C:\windows\System32\Tasks\Norton Internet Security
2013-08-20 17:53 - 2013-08-20 17:53 - 00001439 _____ C:\Users\Fritz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-20 17:53 - 2013-08-20 17:53 - 00001405 _____ C:\Users\Fritz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-08-20 17:53 - 2013-08-20 17:53 - 00000000 ___RD C:\Users\Fritz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-08-20 17:53 - 2013-08-20 17:53 - 00000000 ___RD C:\Users\Fritz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-08-20 17:52 - 2013-08-20 17:53 - 00000000 ____D C:\Users\Fritz
2013-08-20 17:52 - 2013-08-20 17:52 - 00003186 _____ C:\windows\System32\Tasks\FFSRConfigurer
2013-08-20 17:52 - 2013-08-20 17:52 - 00001076 _____ C:\Users\Ihre Meinung ist wichtig.lnk
2013-08-20 17:52 - 2013-08-20 17:52 - 00000020 ___SH C:\Users\Fritz\ntuser.ini
2013-08-20 17:52 - 2013-08-20 17:52 - 00000000 _SHDL C:\Users\Fritz\Vorlagen
2013-08-20 17:52 - 2013-08-20 17:52 - 00000000 _SHDL C:\Users\Fritz\Startmenü
2013-08-20 17:52 - 2013-08-20 17:52 - 00000000 _SHDL C:\Users\Fritz\Netzwerkumgebung
2013-08-20 17:52 - 2013-08-20 17:52 - 00000000 _SHDL C:\Users\Fritz\Lokale Einstellungen
2013-08-20 17:52 - 2013-08-20 17:52 - 00000000 _SHDL C:\Users\Fritz\Eigene Dateien
2013-08-20 17:52 - 2013-08-20 17:52 - 00000000 _SHDL C:\Users\Fritz\Druckumgebung
2013-08-20 17:52 - 2013-08-20 17:52 - 00000000 _SHDL C:\Users\Fritz\Documents\Eigene Musik
2013-08-20 17:52 - 2013-08-20 17:52 - 00000000 _SHDL C:\Users\Fritz\Documents\Eigene Bilder
2013-08-20 17:52 - 2013-08-20 17:52 - 00000000 _SHDL C:\Users\Fritz\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-08-20 17:52 - 2013-08-20 17:52 - 00000000 _SHDL C:\Users\Fritz\AppData\Local\Verlauf
2013-08-20 17:52 - 2013-08-20 17:52 - 00000000 _SHDL C:\Users\Fritz\AppData\Local\Anwendungsdaten
2013-08-20 17:52 - 2013-08-20 17:52 - 00000000 _SHDL C:\Users\Fritz\Anwendungsdaten
2013-08-20 17:52 - 2013-08-20 17:52 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-08-20 17:52 - 2013-08-20 17:52 - 00000000 ____D C:\Users\Fritz\AppData\Roaming\Intel
2013-08-20 17:52 - 2013-08-20 17:52 - 00000000 ____D C:\Users\Fritz\AppData\Local\VirtualStore
2013-08-20 17:52 - 2013-08-20 17:52 - 00000000 ____D C:\ProgramData\Skype
2013-08-20 17:52 - 2013-08-20 17:52 - 00000000 _____ C:\windows\system32\Drivers\144D_SAMSUNG_N_530U4C_P03A.mrk
2013-08-20 17:52 - 2013-08-20 17:52 - 00000000 _____ C:\Users\Fritz\agent.log
2013-08-20 17:52 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\Fritz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-08-20 17:52 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\Fritz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-08-20 17:50 - 2013-08-20 17:50 - 00000000 __SHD C:\Recovery

==================== One Month Modified Files and Folders =======

2013-08-20 18:36 - 2013-08-20 18:36 - 00000000 ____D C:\FRST
2013-08-20 18:32 - 2013-08-20 18:35 - 01576196 _____ (Farbar) C:\Users\Fritz\Desktop\FRST64.exe
2013-08-20 18:23 - 2012-04-13 02:41 - 00788803 _____ C:\windows\WindowsUpdate.log
2013-08-20 18:19 - 2012-04-12 11:04 - 00000328 _____ C:\windows\Tasks\Xerox PhotoCafe Communicator.job
2013-08-20 18:15 - 2012-04-13 03:01 - 00680010 _____ C:\windows\system32\perfh010.dat
2013-08-20 18:15 - 2012-04-13 03:01 - 00124006 _____ C:\windows\system32\perfc010.dat
2013-08-20 18:15 - 2012-04-13 02:55 - 00643866 _____ C:\windows\system32\perfh007.dat
2013-08-20 18:15 - 2012-04-13 02:55 - 00126394 _____ C:\windows\system32\perfc007.dat
2013-08-20 18:15 - 2012-04-13 02:49 - 00684954 _____ C:\windows\system32\perfh00C.dat
2013-08-20 18:15 - 2012-04-13 02:49 - 00127070 _____ C:\windows\system32\perfc00C.dat
2013-08-20 18:15 - 2009-07-14 07:13 - 03085342 _____ C:\windows\system32\PerfStringBackup.INI
2013-08-20 18:14 - 2009-07-14 06:51 - 00042000 _____ C:\windows\setupact.log
2013-08-20 17:59 - 2009-07-14 06:45 - 00020992 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-20 17:59 - 2009-07-14 06:45 - 00020992 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-20 17:55 - 2013-08-20 17:55 - 00000000 ____D C:\windows\System32\Tasks\Norton Internet Security
2013-08-20 17:54 - 2012-04-12 11:49 - 00000000 ____D C:\ProgramData\Norton
2013-08-20 17:53 - 2013-08-20 17:53 - 00001439 _____ C:\Users\Fritz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-20 17:53 - 2013-08-20 17:53 - 00001405 _____ C:\Users\Fritz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-08-20 17:53 - 2013-08-20 17:53 - 00000000 ___RD C:\Users\Fritz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-08-20 17:53 - 2013-08-20 17:53 - 00000000 ___RD C:\Users\Fritz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-08-20 17:53 - 2013-08-20 17:52 - 00000000 ____D C:\Users\Fritz
2013-08-20 17:53 - 2012-04-13 02:41 - 00000000 ____D C:\windows\MSetup
2013-08-20 17:53 - 2012-04-12 11:52 - 00082943 _____ C:\windows\SetDisplayResolution.log
2013-08-20 17:52 - 2013-08-20 17:52 - 00003186 _____ C:\windows\System32\Tasks\FFSRConfigurer
2013-08-20 17:52 - 2013-08-20 17:52 - 00001076 _____ C:\Users\Ihre Meinung ist wichtig.lnk
2013-08-20 17:52 - 2013-08-20 17:52 - 00000020 ___SH C:\Users\Fritz\ntuser.ini
2013-08-20 17:52 - 2013-08-20 17:52 - 00000000 _SHDL C:\Users\Fritz\Vorlagen
2013-08-20 17:52 - 2013-08-20 17:52 - 00000000 _SHDL C:\Users\Fritz\Startmenü
2013-08-20 17:52 - 2013-08-20 17:52 - 00000000 _SHDL C:\Users\Fritz\Netzwerkumgebung
2013-08-20 17:52 - 2013-08-20 17:52 - 00000000 _SHDL C:\Users\Fritz\Lokale Einstellungen
2013-08-20 17:52 - 2013-08-20 17:52 - 00000000 _SHDL C:\Users\Fritz\Eigene Dateien
2013-08-20 17:52 - 2013-08-20 17:52 - 00000000 _SHDL C:\Users\Fritz\Druckumgebung
2013-08-20 17:52 - 2013-08-20 17:52 - 00000000 _SHDL C:\Users\Fritz\Documents\Eigene Musik
2013-08-20 17:52 - 2013-08-20 17:52 - 00000000 _SHDL C:\Users\Fritz\Documents\Eigene Bilder
2013-08-20 17:52 - 2013-08-20 17:52 - 00000000 _SHDL C:\Users\Fritz\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-08-20 17:52 - 2013-08-20 17:52 - 00000000 _SHDL C:\Users\Fritz\AppData\Local\Verlauf
2013-08-20 17:52 - 2013-08-20 17:52 - 00000000 _SHDL C:\Users\Fritz\AppData\Local\Anwendungsdaten
2013-08-20 17:52 - 2013-08-20 17:52 - 00000000 _SHDL C:\Users\Fritz\Anwendungsdaten
2013-08-20 17:52 - 2013-08-20 17:52 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-08-20 17:52 - 2013-08-20 17:52 - 00000000 ____D C:\Users\Fritz\AppData\Roaming\Intel
2013-08-20 17:52 - 2013-08-20 17:52 - 00000000 ____D C:\Users\Fritz\AppData\Local\VirtualStore
2013-08-20 17:52 - 2013-08-20 17:52 - 00000000 ____D C:\ProgramData\Skype
2013-08-20 17:52 - 2013-08-20 17:52 - 00000000 _____ C:\windows\system32\Drivers\144D_SAMSUNG_N_530U4C_P03A.mrk
2013-08-20 17:52 - 2013-08-20 17:52 - 00000000 _____ C:\Users\Fritz\agent.log
2013-08-20 17:52 - 2012-04-12 11:28 - 00006332 _____ C:\windows\LCDStretchMode.log
2013-08-20 17:52 - 2012-04-12 10:46 - 00000828 _____ C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2013-08-20 17:51 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-08-20 17:50 - 2013-08-20 17:50 - 00000000 __SHD C:\Recovery
2013-08-20 10:49 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2012-04-12 13:20

==================== End Of Log ============================

--- --- ---

--- --- ---

schrauber · 21.08.2013, 09:24

Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1

WICHTIG - Speichere Combofix auf deinem Desktop

Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

fritzflegl · 21.08.2013, 12:00

Combofix Logfile:

Code:

ATTFilter

ComboFix 13-08-20.01 - Fritz 21.08.2013  12:31:37.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.5926.4168 [GMT 2:00]
ausgeführt von:: c:\users\Fritz\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-07-21 bis 2013-08-21  ))))))))))))))))))))))))))))))
.
.
2013-08-21 10:35 . 2013-08-21 10:35	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-08-20 18:14 . 2013-08-20 18:14	--------	d-----w-	c:\programdata\Malwarebytes
2013-08-20 18:14 . 2013-08-20 18:14	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2013-08-20 18:14 . 2013-04-04 12:50	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-08-20 16:36 . 2013-08-20 16:36	--------	d-----w-	C:\FRST
2013-08-20 15:52 . 2013-08-20 15:52	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2013-08-20 15:52 . 2013-08-20 15:52	--------	d-----r-	c:\program files (x86)\Skype
2013-08-20 15:52 . 2013-08-20 15:52	--------	d-----w-	c:\programdata\Skype
2013-08-20 15:52 . 2013-08-20 15:53	--------	d-----w-	c:\users\Fritz
2013-08-20 15:50 . 2013-08-20 15:50	--------	d-----w-	C:\Recovery
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-04 291608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"DelayedDesktopSwitchTimeout"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 excsd;ExpressCache Storage Filter Driver;c:\windows\system32\DRIVERS\excsd.sys;c:\windows\SYSNATIVE\DRIVERS\excsd.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 excfs;ExpressCache File System Filter Driver;c:\windows\system32\DRIVERS\excfs.sys;c:\windows\SYSNATIVE\DRIVERS\excfs.sys [x]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys;c:\windows\SYSNATIVE\Drivers\SABI.sys [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 ExpressCache;ExpressCache;c:\program files\Diskeeper Corporation\ExpressCache\ExpressCache.exe;c:\program files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 irstrtsv;Intel(R) Rapid Start Technology Service;c:\windows\SysWOW64\irstrtsv.exe;c:\windows\SysWOW64\irstrtsv.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 SamsungDeviceConfigurationWinService;SamsungDeviceConfiguration;c:\program files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe;c:\program files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 irstrtdv;Intel(R) Rapid Start Technology Driver;c:\windows\system32\DRIVERS\irstrtdv.sys;c:\windows\SYSNATIVE\DRIVERS\irstrtdv.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys;c:\windows\SYSNATIVE\DRIVERS\iwdbus.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys;c:\windows\SYSNATIVE\DRIVERS\WDKMD.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-08-21 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 04:41]
.
2012-04-12 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 04:41]
.
2013-08-21 c:\windows\Tasks\Xerox PhotoCafe Communicator.job
- c:\programdata\Xerox PhotoCafe\MessageCheck.exe [2011-10-26 09:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-02-21 12452456]
"BLEServicesCtrl"="c:\program files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2012-02-17 177936]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2012-02-21 11406608]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-11 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-11 398104]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-11 440600]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://samsung.msn.com
mStart Page = hxxp://samsung.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10u_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10u_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-08-21  12:37:51
ComboFix-quarantined-files.txt  2013-08-21 10:37
.
Vor Suchlauf: 8 Verzeichnis(se), 438.260.457.472 Bytes frei
Nach Suchlauf: 11 Verzeichnis(se), 438.110.793.728 Bytes frei
.
- - End Of File - - 23D5F78BBC6F8BA5EA047A1382F1731A

--- --- ---

schrauber · 21.08.2013, 12:56

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

fritzflegl · 22.08.2013, 15:04

nachdem der laptop auch öfter im win7 startbildschirm eingefroren ist, hab ich erstmal die garantie in anspruch genommen und ihn eingeschickt. mal sehen was dabei rumkommt.

trotzdem erstmal bis hierhin danke an dich schrauber!

gruss fritz

schrauber · 23.08.2013, 07:28

ok

23.08.2013, 07:28	#8
schrauber /// the machine /// TB-Ausbilder	laptop samsung serie 5 oft sehr langsam usw.... ok __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

laptop samsung serie 5 oft sehr langsam usw....

Log-Analyse und Auswertung: laptop samsung serie 5 oft sehr langsam usw....