Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Laptop auf einmal total langsam und hängt sich oft auf.

Laptop auf einmal total langsam und hängt sich oft auf.


Plagegeister aller Art und deren Bekämpfung: Laptop auf einmal total langsam und hängt sich oft auf.

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 07.10.2013, 11:03   #3
verena77
 
Laptop auf einmal total langsam und hängt sich oft auf. - Standard

Laptop auf einmal total langsam und hängt sich oft auf.


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by Rene und Verena (administrator) on RENEUNDVERENA on 07-10-2013 11:56:18
Running from C:\Users\Rene und Verena\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

() C:\Windows\System32\GFilterSvc.exe
() C:\ProgramData\IBUpdaterService\ibsvc.exe
() C:\Windows\system32\MQG4DECD.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Online Games Manager\ogmservice.exe
() C:\Users\Rene und Verena\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-06-20] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2010-03-08] (Synaptics Incorporated)
HKLM\...\Run: [Ocs_SM] - C:\Users\Rene und Verena\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [106496 2013-03-17] (OCS)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Facebook Update] - C:\Users\Rene und Verena\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)
MountPoints2: {173eb545-d28e-11e1-99c9-00262dbf438a} - G:\Startme.exe
MountPoints2: {c079985f-bc5d-11e1-a6f2-00262dbf438a} - G:\Startme.exe
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Olympus DSS UpdateManager] - C:\Program Files (x86)\OLYMPUS\DSSPlayerStandard\UpdateManager.exe [201216 2012-02-10] (OLYMPUS IMAGING CORP.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x3F6483FCAF4FCD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&affID=119828&babsrc=SP_ss&mntrId=A4CB1C4BD6E5AAEB
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D267372633D49452D536561726368426F7826464F524D3D494538535243&st={searchTerms}&clid=f69b9c58-9a82-4e33-b032-8d562921a47f&pid=freewarede&k=0
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&affID=119828&babsrc=SP_ss&mntrId=A4CB1C4BD6E5AAEB
SearchScopes: HKCU - {3E101DE8-F7C6-40BB-ABA2-732EF9CBC340} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=f69b9c58-9a82-4e33-b032-8d562921a47f&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {445AC450-B263-402E-9EAD-EE15CFC1122B} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=f69b9c58-9a82-4e33-b032-8d562921a47f&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKCU - {4C01E9F4-4D96-4BAC-A4B6-96BB5A4FF886} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=f69b9c58-9a82-4e33-b032-8d562921a47f&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E676F6F676C652E636F6D2F7365617263683F713D7B7365617263685465726D737D26726C733D636F6D2E6D6963726F736F66743A7B6C616E67756167657D3A7B72656665727265723A736F757263653F7D2669653D7B696E707574456E636F64696E677D266F653D7B6F7574707574456E636F64696E677D26736F7572636569643D69653726726C7A3D314937414453415F64654445343732&st={searchTerms}&clid=f69b9c58-9a82-4e33-b032-8d562921a47f&pid=freewarede&k=0
SearchScopes: HKCU - {7D288DDF-BCA2-42B4-8D49-9BC7E1BC66B1} URL = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D26666F726D3D4D45445444462670633D4D414D44267372633D49452D536561726368426F78&st={searchTerms}&clid=f69b9c58-9a82-4e33-b032-8d562921a47f&pid=freewarede&k=0
SearchScopes: HKCU - {A3B84764-488B-45BD-A66F-93F41BFEFDAC} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=f69b9c58-9a82-4e33-b032-8d562921a47f&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {C8F19405-0473-46A3-9BB0-17B1451C30BF} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=f69b9c58-9a82-4e33-b032-8d562921a47f&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {F684B0A3-A677-4E75-9BFC-CDB9E0A4E76B} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=f69b9c58-9a82-4e33-b032-8d562921a47f&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* URL = 
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: SpecialSavings - {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - C:\Program Files (x86)\SpecialSavings\SpecialSavingsSinged.dll (SpecialSavings)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

Chrome: 
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll ()
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (GamingWonderland Installer Plugin Stub) - C:\Program Files (x86)\GamingWonderlandEI\Installr\1.bin\NPgtEISB.dll (GamingWonderland)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Rene und Verena\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Google Docs) - C:\Users\RENEUN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\RENEUN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\RENEUN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\RENEUN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\RENEUN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\RENEUN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1

==================== Services (Whitelisted) =================

R2 GFilterSvc; C:\Windows\System32\GFilterSvc.exe [119808 2013-03-17] ()
R2 IBUpdaterService; C:\ProgramData\IBUpdaterService\ibsvc.exe [592448 2012-10-04] ()
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-06-20] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-06-20] (Microsoft Corporation)
R2 ntlookup; C:\Windows\system32\MQG4DECD.exe [118272 2013-03-17] ()
R2 ogmservice; C:\Program Files (x86)\Online Games Manager\ogmservice.exe [559552 2013-08-08] (RealNetworks, Inc.)
R2 SearchAnonymizer; C:\Users\Rene und Verena\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [40960 2013-03-17] ()

==================== Drivers (Whitelisted) ====================

R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-07 11:44 - 2013-10-07 11:44 - 01954124 _____ (Farbar) C:\Users\Rene und Verena\Desktop\FRST64.exe
2013-10-07 11:44 - 2013-10-07 11:44 - 00000000 ____D C:\FRST
2013-10-07 11:41 - 2013-10-07 11:41 - 00000000 ____D C:\Users\Rene und Verena\AppData\Roaming\Apple Computer
2013-10-04 16:22 - 2013-10-04 16:22 - 00000000 ____D C:\ProgramData\Oracle
2013-10-04 16:22 - 2013-10-04 16:21 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-04 16:21 - 2013-10-04 16:21 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-04 16:21 - 2013-10-04 16:21 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-04 16:21 - 2013-10-04 16:21 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-04 16:18 - 2013-10-04 16:18 - 00001845 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2013-10-04 16:17 - 2013-10-04 16:17 - 00000000 ____D C:\ProgramData\Apple Computer
2013-10-04 16:14 - 2013-10-04 16:14 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2013-10-04 16:14 - 2013-10-04 16:14 - 00000000 ____D C:\Users\Rene und Verena\AppData\Local\Apple
2013-10-04 16:14 - 2013-10-04 16:14 - 00000000 ____D C:\ProgramData\Apple
2013-10-04 16:14 - 2013-10-04 16:14 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-10-04 16:13 - 2013-10-04 16:13 - 00913832 _____ (Oracle Corporation) C:\Users\Rene und Verena\Downloads\chromeinstall-7u40.exe
2013-10-04 16:10 - 2013-10-04 16:11 - 41404760 _____ (Apple Inc.) C:\Users\Rene und Verena\Downloads\QuickTimeInstaller.exe
2013-10-04 13:27 - 2013-10-07 11:40 - 00000168 _____ C:\Windows\setupact.log
2013-10-04 13:27 - 2013-10-04 13:27 - 00000000 _____ C:\Windows\setuperr.log
2013-10-04 13:26 - 2013-10-04 13:26 - 00003288 ____N C:\bootsqm.dat
2013-10-03 14:40 - 2013-10-07 11:55 - 00193006 _____ C:\Windows\WindowsUpdate.log
2013-10-03 14:40 - 2013-10-03 14:40 - 00000082 _____ C:\Users\Rene und Verena\Documents\cc_20131003_144016.reg
2013-09-28 17:40 - 2013-09-28 17:40 - 00000964 _____ C:\Users\Rene und Verena\Desktop\Delicious - Emily's Honeymoon Cruise.lnk
2013-09-25 18:58 - 2013-09-25 18:58 - 00000000 ____D C:\Users\Rene und Verena\AppData\Roaming\Nordcurrent
2013-09-25 18:43 - 2013-09-25 18:43 - 00001266 _____ C:\Users\Public\Desktop\Weitere fantastische Spiele.lnk
2013-09-24 15:41 - 2013-09-24 15:41 - 00979267 _____ C:\Users\Rene und Verena\Downloads\SESpallet.zip
2013-09-24 15:41 - 2013-09-24 15:41 - 00598357 _____ C:\Users\Rene und Verena\Downloads\FLEXIMASS.exe
2013-09-24 15:40 - 2013-09-24 15:40 - 00402869 _____ C:\Users\Rene und Verena\Downloads\placeable_Floodlight.exe
2013-09-24 15:39 - 2013-09-24 15:39 - 04394797 _____ C:\Users\Rene und Verena\Downloads\Fliegl271Bull.exe
2013-09-24 15:38 - 2013-09-24 15:38 - 20085933 _____ C:\Users\Rene und Verena\Downloads\ClaasLexion770TT (3).exe
2013-09-24 15:38 - 2013-09-24 15:38 - 135283751 _____ C:\Users\Rene und Verena\Downloads\Gorale_kuj_pom_v1_3_rafal2121 (1) (1).zip
2013-09-24 15:37 - 2013-09-24 15:39 - 148946596 _____ C:\Users\Rene und Verena\Downloads\Agrarland_Brandenburg_By_T_Fight (1).zip
2013-09-24 15:35 - 2013-09-24 15:36 - 135283751 _____ C:\Users\Rene und Verena\Downloads\Gorale_kuj_pom_v1_3_rafal2121 (1).zip
2013-09-24 15:35 - 2013-09-24 15:35 - 00737549 _____ C:\Users\Rene und Verena\Downloads\SauterEquipment (1).exe
2013-09-24 15:34 - 2013-09-24 15:35 - 00737549 _____ C:\Users\Rene und Verena\Downloads\SauterEquipment.exe
2013-09-24 14:26 - 2013-09-24 14:26 - 02842740 _____ C:\Users\Rene und Verena\Downloads\Koeckerling_vector800 (1).exe
2013-09-24 14:25 - 2013-09-24 14:25 - 03459104 _____ C:\Users\Rene und Verena\Downloads\JohnDeere2030.exe
2013-09-24 14:22 - 2013-09-24 14:22 - 06961477 _____ C:\Users\Rene und Verena\Downloads\ClaasXerion5000.exe
2013-09-24 14:20 - 2013-09-24 14:20 - 10716197 _____ C:\Users\Rene und Verena\Downloads\Kverneland_Taarup_Mower Pack.exe
2013-09-24 14:19 - 2013-09-24 14:19 - 20210349 _____ C:\Users\Rene und Verena\Downloads\ClaasLexion770TT (2).exe
2013-09-24 14:18 - 2013-09-24 14:18 - 03169458 _____ C:\Users\Rene und Verena\Downloads\DeutzFahrSwatMaster3921.exe
2013-09-24 14:18 - 2013-09-24 14:18 - 02436264 _____ C:\Users\Rene und Verena\Downloads\KuhnGMD4010 (1).exe
2013-09-24 14:17 - 2013-09-24 14:17 - 00001013 _____ C:\Users\Rene und Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jZip.lnk
2013-09-24 14:16 - 2013-09-24 15:36 - 00000000 ____D C:\Users\Rene und Verena\AppData\Local\jZip
2013-09-24 14:16 - 2013-09-24 14:17 - 00000000 ____D C:\Program Files (x86)\jZip
2013-09-24 14:16 - 2013-09-24 14:16 - 01254736 _____ (Bandoo Media Inc) C:\Users\Rene und Verena\Downloads\jZipSetup-r133-w-bc.exe
2013-09-24 14:16 - 2013-09-24 14:16 - 01254736 _____ (Bandoo Media Inc) C:\Users\Rene und Verena\Downloads\jZipSetup-r133-w-bc (1).exe
2013-09-24 14:06 - 2013-09-24 14:06 - 08821340 _____ C:\Users\Rene und Verena\Downloads\Claas_Xerion_5000__12.exe
2013-09-24 14:05 - 2013-09-24 14:05 - 14743356 _____ C:\Users\Rene und Verena\Downloads\ClaasXerion3800.exe
2013-09-24 14:04 - 2013-09-24 14:04 - 02842740 _____ C:\Users\Rene und Verena\Downloads\Koeckerling_vector800.exe
2013-09-17 11:05 - 2013-09-17 11:05 - 00001730 _____ C:\Users\Rene und Verena\Documents\cc_20130917_110509.reg
2013-09-17 10:39 - 2013-10-07 11:44 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-17 10:39 - 2013-10-07 11:41 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-17 10:39 - 2013-09-17 10:39 - 00004124 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-09-17 10:39 - 2013-09-17 10:39 - 00003872 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-09-12 16:20 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-12 16:20 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-12 16:20 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-12 16:20 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-12 16:20 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-12 16:20 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-12 16:20 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-12 16:20 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-12 16:20 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-12 16:20 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-12 16:20 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-12 16:20 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-12 16:20 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-12 16:20 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-12 16:20 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-12 16:20 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-12 16:20 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-12 16:20 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-12 16:20 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-12 16:20 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-12 16:19 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-12 16:19 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-12 16:19 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-12 16:19 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-12 16:19 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-12 16:19 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-12 16:19 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-12 16:19 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-12 16:19 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-12 16:19 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-12 16:19 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-11 17:58 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-11 17:58 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-11 17:58 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-11 17:58 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-11 17:58 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-11 17:58 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-11 17:58 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-11 17:58 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-11 17:58 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-11 17:58 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-11 17:58 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-11 17:58 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-11 17:58 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-11 17:58 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-11 17:58 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-11 17:58 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-11 17:58 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-11 17:58 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-11 17:58 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-11 17:58 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-11 17:58 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-11 17:58 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-11 17:58 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-11 17:58 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-11 17:58 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-11 17:58 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-11 17:58 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 17:58 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-11 17:58 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-11 17:58 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-11 17:58 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-11 17:58 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-10 14:29 - 2013-09-10 14:32 - 148946596 _____ C:\Users\Rene und Verena\Downloads\Agrarland_Brandenburg_By_T_Fight.zip

==================== One Month Modified Files and Folders =======

2013-10-07 11:55 - 2013-10-03 14:40 - 00193006 _____ C:\Windows\WindowsUpdate.log
2013-10-07 11:48 - 2009-07-14 06:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-07 11:48 - 2009-07-14 06:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-07 11:44 - 2013-10-07 11:44 - 01954124 _____ (Farbar) C:\Users\Rene und Verena\Desktop\FRST64.exe
2013-10-07 11:44 - 2013-10-07 11:44 - 00000000 ____D C:\FRST
2013-10-07 11:44 - 2013-09-17 10:39 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-07 11:41 - 2013-10-07 11:41 - 00000000 ____D C:\Users\Rene und Verena\AppData\Roaming\Apple Computer
2013-10-07 11:41 - 2013-09-17 10:39 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-07 11:40 - 2013-10-04 13:27 - 00000168 _____ C:\Windows\setupact.log
2013-10-07 11:40 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-04 16:22 - 2013-10-04 16:22 - 00000000 ____D C:\ProgramData\Oracle
2013-10-04 16:21 - 2013-10-04 16:22 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-04 16:21 - 2013-10-04 16:21 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-04 16:21 - 2013-10-04 16:21 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-04 16:21 - 2013-10-04 16:21 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-04 16:21 - 2013-04-18 10:28 - 00868264 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-10-04 16:21 - 2013-04-18 10:28 - 00790440 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-10-04 16:18 - 2013-10-04 16:18 - 00001845 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2013-10-04 16:18 - 2012-11-03 16:09 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-10-04 16:17 - 2013-10-04 16:17 - 00000000 ____D C:\ProgramData\Apple Computer
2013-10-04 16:14 - 2013-10-04 16:14 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2013-10-04 16:14 - 2013-10-04 16:14 - 00000000 ____D C:\Users\Rene und Verena\AppData\Local\Apple
2013-10-04 16:14 - 2013-10-04 16:14 - 00000000 ____D C:\ProgramData\Apple
2013-10-04 16:14 - 2013-10-04 16:14 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-10-04 16:13 - 2013-10-04 16:13 - 00913832 _____ (Oracle Corporation) C:\Users\Rene und Verena\Downloads\chromeinstall-7u40.exe
2013-10-04 16:11 - 2013-10-04 16:10 - 41404760 _____ (Apple Inc.) C:\Users\Rene und Verena\Downloads\QuickTimeInstaller.exe
2013-10-04 16:01 - 2012-06-23 21:40 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-04 15:27 - 2012-07-01 22:16 - 00000968 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2792376547-1301702988-3592855983-1000UA.job
2013-10-04 15:27 - 2012-07-01 22:16 - 00000946 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2792376547-1301702988-3592855983-1000Core.job
2013-10-04 13:27 - 2013-10-04 13:27 - 00000000 _____ C:\Windows\setuperr.log
2013-10-04 13:26 - 2013-10-04 13:26 - 00003288 ____N C:\bootsqm.dat
2013-10-03 14:40 - 2013-10-03 14:40 - 00000082 _____ C:\Users\Rene und Verena\Documents\cc_20131003_144016.reg
2013-10-03 13:35 - 2010-11-21 08:50 - 00829998 _____ C:\Windows\system32\perfh007.dat
2013-10-03 13:35 - 2010-11-21 08:50 - 00190758 _____ C:\Windows\system32\perfc007.dat
2013-10-03 13:35 - 2009-07-14 07:13 - 00006248 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-02 13:18 - 2013-08-09 08:40 - 00166400 ___SH C:\Users\Rene und Verena\Downloads\Thumbs.db
2013-09-30 14:38 - 2012-07-13 17:11 - 00000000 ____D C:\Zylom Games
2013-09-28 17:40 - 2013-09-28 17:40 - 00000964 _____ C:\Users\Rene und Verena\Desktop\Delicious - Emily's Honeymoon Cruise.lnk
2013-09-28 17:40 - 2013-08-12 07:56 - 00000000 ____D C:\Program Files (x86)\RealArcade
2013-09-25 18:58 - 2013-09-25 18:58 - 00000000 ____D C:\Users\Rene und Verena\AppData\Roaming\Nordcurrent
2013-09-25 18:43 - 2013-09-25 18:43 - 00001266 _____ C:\Users\Public\Desktop\Weitere fantastische Spiele.lnk
2013-09-25 18:41 - 2013-07-09 19:47 - 00000000 ____D C:\BigFishCache
2013-09-24 15:41 - 2013-09-24 15:41 - 00979267 _____ C:\Users\Rene und Verena\Downloads\SESpallet.zip
2013-09-24 15:41 - 2013-09-24 15:41 - 00598357 _____ C:\Users\Rene und Verena\Downloads\FLEXIMASS.exe
2013-09-24 15:40 - 2013-09-24 15:40 - 00402869 _____ C:\Users\Rene und Verena\Downloads\placeable_Floodlight.exe
2013-09-24 15:39 - 2013-09-24 15:39 - 04394797 _____ C:\Users\Rene und Verena\Downloads\Fliegl271Bull.exe
2013-09-24 15:39 - 2013-09-24 15:37 - 148946596 _____ C:\Users\Rene und Verena\Downloads\Agrarland_Brandenburg_By_T_Fight (1).zip
2013-09-24 15:38 - 2013-09-24 15:38 - 20085933 _____ C:\Users\Rene und Verena\Downloads\ClaasLexion770TT (3).exe
2013-09-24 15:38 - 2013-09-24 15:38 - 135283751 _____ C:\Users\Rene und Verena\Downloads\Gorale_kuj_pom_v1_3_rafal2121 (1) (1).zip
2013-09-24 15:36 - 2013-09-24 15:35 - 135283751 _____ C:\Users\Rene und Verena\Downloads\Gorale_kuj_pom_v1_3_rafal2121 (1).zip
2013-09-24 15:36 - 2013-09-24 14:16 - 00000000 ____D C:\Users\Rene und Verena\AppData\Local\jZip
2013-09-24 15:35 - 2013-09-24 15:35 - 00737549 _____ C:\Users\Rene und Verena\Downloads\SauterEquipment (1).exe
2013-09-24 15:35 - 2013-09-24 15:34 - 00737549 _____ C:\Users\Rene und Verena\Downloads\SauterEquipment.exe
2013-09-24 14:26 - 2013-09-24 14:26 - 02842740 _____ C:\Users\Rene und Verena\Downloads\Koeckerling_vector800 (1).exe
2013-09-24 14:25 - 2013-09-24 14:25 - 03459104 _____ C:\Users\Rene und Verena\Downloads\JohnDeere2030.exe
2013-09-24 14:22 - 2013-09-24 14:22 - 06961477 _____ C:\Users\Rene und Verena\Downloads\ClaasXerion5000.exe
2013-09-24 14:20 - 2013-09-24 14:20 - 10716197 _____ C:\Users\Rene und Verena\Downloads\Kverneland_Taarup_Mower Pack.exe
2013-09-24 14:19 - 2013-09-24 14:19 - 20210349 _____ C:\Users\Rene und Verena\Downloads\ClaasLexion770TT (2).exe
2013-09-24 14:18 - 2013-09-24 14:18 - 03169458 _____ C:\Users\Rene und Verena\Downloads\DeutzFahrSwatMaster3921.exe
2013-09-24 14:18 - 2013-09-24 14:18 - 02436264 _____ C:\Users\Rene und Verena\Downloads\KuhnGMD4010 (1).exe
2013-09-24 14:17 - 2013-09-24 14:17 - 00001013 _____ C:\Users\Rene und Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jZip.lnk
2013-09-24 14:17 - 2013-09-24 14:16 - 00000000 ____D C:\Program Files (x86)\jZip
2013-09-24 14:16 - 2013-09-24 14:16 - 01254736 _____ (Bandoo Media Inc) C:\Users\Rene und Verena\Downloads\jZipSetup-r133-w-bc.exe
2013-09-24 14:16 - 2013-09-24 14:16 - 01254736 _____ (Bandoo Media Inc) C:\Users\Rene und Verena\Downloads\jZipSetup-r133-w-bc (1).exe
2013-09-24 14:06 - 2013-09-24 14:06 - 08821340 _____ C:\Users\Rene und Verena\Downloads\Claas_Xerion_5000__12.exe
2013-09-24 14:05 - 2013-09-24 14:05 - 14743356 _____ C:\Users\Rene und Verena\Downloads\ClaasXerion3800.exe
2013-09-24 14:04 - 2013-09-24 14:04 - 02842740 _____ C:\Users\Rene und Verena\Downloads\Koeckerling_vector800.exe
2013-09-22 17:17 - 2012-06-23 21:40 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-22 17:17 - 2012-06-23 21:40 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-22 17:17 - 2012-06-23 21:40 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-17 11:05 - 2013-09-17 11:05 - 00001730 _____ C:\Users\Rene und Verena\Documents\cc_20130917_110509.reg
2013-09-17 11:04 - 2012-06-21 15:49 - 00000000 ____D C:\Windows\Panther
2013-09-17 10:40 - 2012-06-26 14:35 - 00000000 ____D C:\Users\Rene und Verena\AppData\Local\Google
2013-09-17 10:39 - 2013-09-17 10:39 - 00004124 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-09-17 10:39 - 2013-09-17 10:39 - 00003872 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-09-17 10:39 - 2012-06-26 14:35 - 00000000 ____D C:\Program Files (x86)\Google
2013-09-17 10:38 - 2013-03-17 19:40 - 00000000 ____D C:\Users\Rene und Verena\AppData\Local\Deployment
2013-09-17 10:37 - 2012-06-21 14:56 - 00000000 ____D C:\Users\Rene und Verena
2013-09-12 16:33 - 2012-06-21 14:57 - 00000000 ___RD C:\Users\Rene und Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-12 16:33 - 2012-06-21 14:57 - 00000000 ___RD C:\Users\Rene und Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-12 16:25 - 2009-07-14 06:45 - 00415616 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-12 16:21 - 2012-06-21 15:44 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-12 16:19 - 2013-08-18 17:49 - 00000000 ____D C:\Windows\system32\MRT
2013-09-12 16:16 - 2012-06-21 15:21 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-10 14:32 - 2013-09-10 14:29 - 148946596 _____ C:\Users\Rene und Verena\Downloads\Agrarland_Brandenburg_By_T_Fight.zip

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-23 12:37

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---


FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2013
Ran by Rene und Verena at 2013-10-07 11:58:07
Running from C:\Users\Rene und Verena\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.175)
Adobe Reader X (10.1.8) - Deutsch (x32 Version: 10.1.8)
Apple Application Support (x32 Version: 2.3.4)
Apple Software Update (x32 Version: 2.1.3.127)
Bewerbungsfoto-/Passbild-Generator v3.5b (x32)
Big Fish: Game Manager (x32 Version: 3.2.0.6)
CCleaner (Version: 3.19)
Dairy Dash (x32)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
Delicious - Emily's Honeymoon Cruise (x32)
DEUTSCHLAND SPIELT GAME CENTER (x32 Version: 1.0.0.46)
Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287)
FastStone Image Viewer 4.6 (x32 Version: 4.6)
Free M4a to MP3 Converter 7.2 (x32)
G-Filter (HKCU)
Google Chrome (x32 Version: 29.0.1547.76)
Google Update Helper (x32 Version: 1.3.21.153)
Hell's Kitchen (x32)
Java 7 Update 40 (x32 Version: 7.0.400)
Junk Mail filter update (x32 Version: 14.0.8117.416)
jZip (HKCU Version: 2.0.0.133556)
Landwirtschafts Simulator 2011 (x32 Version: 1.0)
Landwirtschafts Simulator 2013 (x32 Version: 1.0)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (x32 Version: 2.0.48.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Security Client (Version: 4.3.0215.0)
Microsoft Security Essentials (Version: 4.3.215.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
MSVCRT (x32 Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MyFreeCodec (HKCU)
Olympus DSS Player Standard (x32 Version: 2.0.0)
Online Games Manager v1.21 (x32 Version: 1.21.2)
QuickTime (x32 Version: 7.74.80.86)
SearchAnonymizer (Version: 1.0.1 (de))
Softwarenetz Rechnung3 (x32)
SpecialSavings (x32)
Synaptics Pointing Device Driver (Version: 14.0.19.0)
UltraISO Premium V9.36 (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553157) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589370) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760758) 64-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 64-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition
Updater Service (x32 Version: 14,12,8,9)
VideoPerformer (x32)
Windows Live Anmelde-Assistent (x32 Version: 5.000.818.5)
Windows Live Communications Platform (x32 Version: 14.0.8117.416)
Windows Live Essentials (x32 Version: 14.0.8117.0416)
Windows Live Essentials (x32 Version: 14.0.8117.416)
Windows Live Mail (x32 Version: 14.0.8117.0416)
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)

==================== Restore Points  =========================

27-08-2013 17:10:32 Windows Update
31-08-2013 13:54:28 Windows Update
04-09-2013 10:54:46 Windows Update
08-09-2013 16:30:46 Windows Update
12-09-2013 14:04:12 Windows Update
17-09-2013 08:53:47 Windows Update
22-09-2013 15:36:20 Windows Update
26-09-2013 15:26:01 Windows Update
30-09-2013 12:50:05 Windows Update
04-10-2013 11:41:28 Windows Update
04-10-2013 14:16:29 Installed QuickTime
04-10-2013 14:19:27 Installed Java 7 Update 40

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {44C61994-414A-474B-99A2-1598D53B30B3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-17] (Google Inc.)
Task: {47987798-6ECA-4BF0-B804-CEE3BC85DF0B} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {73F5E017-7D02-4847-A182-32DF48F00D6E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2792376547-1301702988-3592855983-1000Core => C:\Users\Rene und Verena\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {76FBBFB3-A94D-472D-8CB0-4635A0B6CDE5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-17] (Google Inc.)
Task: {B62A1586-8E9E-4C90-AEA2-2AAEC043B589} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D261ECE2-4EC4-4489-B572-7DFA01086B72} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {F284A547-6D2B-4CDB-9F0C-9E2636BCCDB5} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2792376547-1301702988-3592855983-1000UA => C:\Users\Rene und Verena\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {F882400C-58DA-4BEF-9578-897928B5D5E6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-22] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2792376547-1301702988-3592855983-1000Core.job => C:\Users\Rene und Verena\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2792376547-1301702988-3592855983-1000UA.job => C:\Users\Rene und Verena\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-01-10 21:12 - 2012-01-10 21:12 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-09-21 12:46 - 2013-09-17 05:20 - 00709584 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\libglesv2.dll
2013-09-21 12:46 - 2013-09-17 05:20 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\libegl.dll
2013-09-21 12:46 - 2013-09-17 05:21 - 04053456 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll
2013-09-21 12:46 - 2013-09-17 05:21 - 00410576 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll
2013-09-21 12:46 - 2013-09-17 05:20 - 01604560 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:014BC3B4
AlternateDataStreams: C:\ProgramData\TEMP:04ADB7A6
AlternateDataStreams: C:\ProgramData\TEMP:04BB186B
AlternateDataStreams: C:\ProgramData\TEMP:073139EC
AlternateDataStreams: C:\ProgramData\TEMP:0915A718
AlternateDataStreams: C:\ProgramData\TEMP:0D52F295
AlternateDataStreams: C:\ProgramData\TEMP:0E67073E
AlternateDataStreams: C:\ProgramData\TEMP:10D98D98
AlternateDataStreams: C:\ProgramData\TEMP:122B409D
AlternateDataStreams: C:\ProgramData\TEMP:169E7AC5
AlternateDataStreams: C:\ProgramData\TEMP:193CB03B
AlternateDataStreams: C:\ProgramData\TEMP:1B3549F2
AlternateDataStreams: C:\ProgramData\TEMP:1E288DA3
AlternateDataStreams: C:\ProgramData\TEMP:2640C43F
AlternateDataStreams: C:\ProgramData\TEMP:28819F45
AlternateDataStreams: C:\ProgramData\TEMP:29C0641D
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
AlternateDataStreams: C:\ProgramData\TEMP:2CDB9CA3
AlternateDataStreams: C:\ProgramData\TEMP:2EB79F01
AlternateDataStreams: C:\ProgramData\TEMP:2F5A06FD
AlternateDataStreams: C:\ProgramData\TEMP:349E5B74
AlternateDataStreams: C:\ProgramData\TEMP:3B07E6F4
AlternateDataStreams: C:\ProgramData\TEMP:490BCC52
AlternateDataStreams: C:\ProgramData\TEMP:4A966CC2
AlternateDataStreams: C:\ProgramData\TEMP:4B244549
AlternateDataStreams: C:\ProgramData\TEMP:4B70A9FA
AlternateDataStreams: C:\ProgramData\TEMP:54531C7D
AlternateDataStreams: C:\ProgramData\TEMP:55C54F7C
AlternateDataStreams: C:\ProgramData\TEMP:56F368C9
AlternateDataStreams: C:\ProgramData\TEMP:5C0940F1
AlternateDataStreams: C:\ProgramData\TEMP:5C4A588B
AlternateDataStreams: C:\ProgramData\TEMP:5DB4FD98
AlternateDataStreams: C:\ProgramData\TEMP:5F1019FF
AlternateDataStreams: C:\ProgramData\TEMP:60E0AB2A
AlternateDataStreams: C:\ProgramData\TEMP:6301CE40
AlternateDataStreams: C:\ProgramData\TEMP:6677D85A
AlternateDataStreams: C:\ProgramData\TEMP:751D6870
AlternateDataStreams: C:\ProgramData\TEMP:76466F4C
AlternateDataStreams: C:\ProgramData\TEMP:79C6A9CE
AlternateDataStreams: C:\ProgramData\TEMP:7BB584AA
AlternateDataStreams: C:\ProgramData\TEMP:7D288858
AlternateDataStreams: C:\ProgramData\TEMP:7E4E56EA
AlternateDataStreams: C:\ProgramData\TEMP:84FA02E7
AlternateDataStreams: C:\ProgramData\TEMP:8B3C3098
AlternateDataStreams: C:\ProgramData\TEMP:8C12CFCD
AlternateDataStreams: C:\ProgramData\TEMP:969C0C96
AlternateDataStreams: C:\ProgramData\TEMP:97B3B270
AlternateDataStreams: C:\ProgramData\TEMP:9857FAE3
AlternateDataStreams: C:\ProgramData\TEMP:A2B3764A
AlternateDataStreams: C:\ProgramData\TEMP:A5264343
AlternateDataStreams: C:\ProgramData\TEMP:A688EF17
AlternateDataStreams: C:\ProgramData\TEMP:A7B70C4E
AlternateDataStreams: C:\ProgramData\TEMP:AB82C54F
AlternateDataStreams: C:\ProgramData\TEMP:AE2EA3C2
AlternateDataStreams: C:\ProgramData\TEMP:B3942462
AlternateDataStreams: C:\ProgramData\TEMP:BA24E689
AlternateDataStreams: C:\ProgramData\TEMP:C0A2E219
AlternateDataStreams: C:\ProgramData\TEMP:C43C957E
AlternateDataStreams: C:\ProgramData\TEMP:C69BA1D0
AlternateDataStreams: C:\ProgramData\TEMP:CC7738DB
AlternateDataStreams: C:\ProgramData\TEMP:D01ACC06
AlternateDataStreams: C:\ProgramData\TEMP:D576A536
AlternateDataStreams: C:\ProgramData\TEMP:D8A3B0BC
AlternateDataStreams: C:\ProgramData\TEMP:D9987109
AlternateDataStreams: C:\ProgramData\TEMP:DCB27118
AlternateDataStreams: C:\ProgramData\TEMP:E0848D16
AlternateDataStreams: C:\ProgramData\TEMP:E0EBA003
AlternateDataStreams: C:\ProgramData\TEMP:E153075C
AlternateDataStreams: C:\ProgramData\TEMP:E2B84483
AlternateDataStreams: C:\ProgramData\TEMP:E5DE9C8F
AlternateDataStreams: C:\ProgramData\TEMP:ED6B6C83
AlternateDataStreams: C:\ProgramData\TEMP:ED9B661E
AlternateDataStreams: C:\ProgramData\TEMP:EF5B3572
AlternateDataStreams: C:\ProgramData\TEMP:F2327E82
AlternateDataStreams: C:\ProgramData\TEMP:F2DC4B0B
AlternateDataStreams: C:\ProgramData\TEMP:F35AE645
AlternateDataStreams: C:\ProgramData\TEMP:F53B274A
AlternateDataStreams: C:\ProgramData\TEMP:F5FC5DCE
AlternateDataStreams: C:\ProgramData\TEMP:F67947AF
AlternateDataStreams: C:\ProgramData\TEMP:F8EE1B63
AlternateDataStreams: C:\ProgramData\TEMP:FBA79096
AlternateDataStreams: C:\ProgramData\TEMP:FC60E0F8
AlternateDataStreams: C:\ProgramData\TEMP:FD786DCA
AlternateDataStreams: C:\ProgramData\TEMP:FDCAE7B5

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/07/2013 11:54:08 AM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "I:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"

Error: (10/07/2013 11:53:18 AM) (Source: Application Hang) (User: )
Description: Programm FRST64.exe, Version 3.3.8.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2c0

Startzeit: 01cec341d561a885

Endzeit: 1

Anwendungspfad: C:\Users\Rene und Verena\Downloads\FRST64.exe

Berichts-ID: 31f5c2e1-2f36-11e3-855f-00262dbf438a

Error: (10/07/2013 11:42:25 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/04/2013 04:22:28 PM) (Source: MsiInstaller) (User: ReneundVerena)
Description: Product: Java Auto Updater -- Internal Error 2203. C:\Windows\Installer\6c7e01.ipi, -2147287035

Error: (10/04/2013 04:19:27 PM) (Source: MsiInstaller) (User: ReneundVerena)
Description: Produkt: Java 7 Update 40 -- Fehler 1500. Im Augenblick wird eine weitere Installation ausgeführt. Sie müssen erst die zweite Installation abschließen, bevor Sie mit dieser Installation fortfahren können.

Error: (10/04/2013 02:17:54 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/04/2013 01:28:49 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/03/2013 03:36:47 PM) (Source: Google Update) (User: ReneundVerena)
Description: Network Request Error.
Error: 0x80072efd. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80040880. Http status code 200.
trying WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying WinHTTP.
Send request returned 0x80072efe. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072efd. Http status code 0.
trying WinHTTP.
Send request returned 0x80072efd. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072efd. Http

Error: (10/03/2013 03:35:10 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: GFilterSvc.exe, Version: 1.0.0.1, Zeitstempel: 0x511f2de9
Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c92c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000172745
ID des fehlerhaften Prozesses: 0x768
Startzeit der fehlerhaften Anwendung: 0xGFilterSvc.exe0
Pfad der fehlerhaften Anwendung: GFilterSvc.exe1
Pfad des fehlerhaften Moduls: GFilterSvc.exe2
Berichtskennung: GFilterSvc.exe3

Error: (10/03/2013 02:38:16 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (10/04/2013 02:14:54 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (10/04/2013 01:33:46 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SysMain erreicht.

Error: (10/04/2013 01:27:15 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎04.‎10.‎2013 um 13:21:26 unerwartet heruntergefahren.

Error: (10/03/2013 09:57:57 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.

Error: (10/03/2013 03:37:36 PM) (Source: cdrom) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

Error: (10/03/2013 03:36:02 PM) (Source: cdrom) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

Error: (10/03/2013 03:35:26 PM) (Source: Service Control Manager) (User: )
Description: Dienst "G-Filter Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (10/03/2013 02:36:37 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎03.‎10.‎2013 um 14:34:51 unerwartet heruntergefahren.

Error: (10/03/2013 02:04:40 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{5C6F67D2-61BB-4547-A3EB-BF5F3E92534A}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (10/03/2013 02:02:30 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎03.‎10.‎2013 um 14:00:01 unerwartet heruntergefahren.


Microsoft Office Sessions:
=========================
Error: (10/07/2013 11:54:08 AM) (Source: Windows Backup)(User: )
Description: I:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)

Error: (10/07/2013 11:53:18 AM) (Source: Application Hang)(User: )
Description: FRST64.exe3.3.8.12c001cec341d561a8851C:\Users\Rene und Verena\Downloads\FRST64.exe31f5c2e1-2f36-11e3-855f-00262dbf438a

Error: (10/07/2013 11:42:25 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/04/2013 04:22:28 PM) (Source: MsiInstaller)(User: ReneundVerena)
Description: Product: Java Auto Updater -- Internal Error 2203. C:\Windows\Installer\6c7e01.ipi, -2147287035(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/04/2013 04:19:27 PM) (Source: MsiInstaller)(User: ReneundVerena)
Description: Produkt: Java 7 Update 40 -- Fehler 1500. Im Augenblick wird eine weitere Installation ausgeführt. Sie müssen erst die zweite Installation abschließen, bevor Sie mit dieser Installation fortfahren können.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/04/2013 02:17:54 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/04/2013 01:28:49 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/03/2013 03:36:47 PM) (Source: Google Update)(User: ReneundVerena)
Description: Network Request Error.
Error: 0x80072efd. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80040880. Http status code 200.
trying WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying WinHTTP.
Send request returned 0x80072efe. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072efd. Http status code 0.
trying WinHTTP.
Send request returned 0x80072efd. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072efd. Http

Error: (10/03/2013 03:35:10 PM) (Source: Application Error)(User: )
Description: GFilterSvc.exe1.0.0.1511f2de9ole32.dll6.1.7601.175144ce7c92cc0000005000000000017274576801cec03545447c07C:\Windows\System32\GFilterSvc.exeC:\Windows\system32\ole32.dll9f8d5adc-2c30-11e3-bf05-00262dbf438a

Error: (10/03/2013 02:38:16 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info =========================== 

Percentage of memory in use: 92%
Total physical RAM: 2934.6 MB
Available physical RAM: 233.08 MB
Total Pagefile: 5867.39 MB
Available Pagefile: 1675.05 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:201.99 GB) (Free:155.28 GB) NTFS
Drive d: () (Fixed) (Total:263.67 GB) (Free:263.46 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 49DC025F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=202 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=264 GB) - (Type=07 NTFS)

==================== End Of Log ============================
--- --- ---

Hoffe es ist so richtig wie ich es gepostet habe. Wie gesagt kenne mich da nicht so aus.

LG Verena
__________________
 

Themen zu Laptop auf einmal total langsam und hängt sich oft auf.
adware.agent, adware.trymedia, cc cleaner, hijack.startpage, pup.bprotector, pup.optional.advancedsystemprotector.a, pup.optional.babsolution.a, pup.optional.babylon.a, pup.optional.bitguard.a, pup.optional.conduit.a, pup.optional.datamngr.a, pup.optional.digitalsite.a, pup.optional.dprotect.a, pup.optional.elex, pup.optional.elex.a, pup.optional.esafe.a, pup.optional.installcore.a, pup.optional.performersoft.a, pup.optional.pricepeep.a, pup.optional.protector, pup.optional.qvo6.a, pup.optional.regcleanerpro.a, pup.optional.regcleanpro.a, pup.optional.searchgoltb.a, pup.optional.wajam, pup.optional.wajam.a


« Windows 8 - serve.bannersdontwork | 21 Infizierte Dateien bei Malwarebytes »


Ähnliche Themen: Laptop auf einmal total langsam und hängt sich oft auf.


  1. neuer Laptop Win 8.1 total langsam
    Plagegeister aller Art und deren Bekämpfung - 26.01.2015 (7)
  2. Windows 8: Laptop hängt/stockt total - Vorallem bei Browser-Games.
    Plagegeister aller Art und deren Bekämpfung - 24.12.2014 (5)
  3. Neuer Laptop total langsam
    Plagegeister aller Art und deren Bekämpfung - 14.09.2014 (7)
  4. Windows 7 Laptop wird manchmal sehr langsam oder hängt sich ganz auf
    Log-Analyse und Auswertung - 26.08.2014 (15)
  5. Laptop total langsam
    Plagegeister aller Art und deren Bekämpfung - 02.06.2014 (11)
  6. PC hängt sich ständig auf und total langsam
    Plagegeister aller Art und deren Bekämpfung - 05.04.2014 (7)
  7. Laptop ist langsam, hängt sich auf und öffnet selbstständig Internetseiten
    Alles rund um Windows - 23.02.2014 (1)
  8. Laptop seit vorgestern langsam, hängt sich manchmal auf
    Plagegeister aller Art und deren Bekämpfung - 23.12.2013 (11)
  9. Toshiba Satelite Lap-Top total langsam und hängt sich auf .
    Plagegeister aller Art und deren Bekämpfung - 26.05.2013 (1)
  10. Datum und Uhrzeit falsch, Firewall deaktiviert und Rechner auf einmal total langsam
    Plagegeister aller Art und deren Bekämpfung - 13.05.2013 (28)
  11. laptop auf einmal langsam
    Plagegeister aller Art und deren Bekämpfung - 19.02.2013 (10)
  12. Windows pc hängt und ist total langsam
    Plagegeister aller Art und deren Bekämpfung - 11.12.2012 (2)
  13. laptop hängt total und bei musik kommen desöfteren hänger und komische Geräusche
    Log-Analyse und Auswertung - 07.11.2011 (1)
  14. Browser total langsam hängt bei manchen seiten.
    Log-Analyse und Auswertung - 22.04.2010 (8)
  15. Laptop total langsam trotz neuinstallation
    Log-Analyse und Auswertung - 06.04.2009 (0)
  16. internetseiten bauen sich langsam auf/laptop hängt sich ständig auf
    Plagegeister aller Art und deren Bekämpfung - 14.01.2009 (0)
  17. Laptop total langsam
    Log-Analyse und Auswertung - 28.01.2008 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Laptop auf einmal total langsam und hängt sich oft auf. - FRST Logfile: FRST Logfile: FRST Logfile: Code: Alles auswählen Aufklappen ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013 Ran by Rene und Verena (administrator) on RENEUNDVERENA - Laptop auf einmal total langsam und hängt sich oft auf....
Archiv
Du betrachtest: Laptop auf einmal total langsam und hängt sich oft auf. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27