|
Alles rund um Windows: WIN7 Extrem langsam!Windows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows. |
27.01.2014, 12:45 | #1 |
| Problem: WIN7 Extrem langsam! Hallo zusammen, ich stelle mich kurz vor. Ich bin 22 Jahre alt und Auszubildender in einem Industrieunternehmen und habe nicht wirklich großes Wissen über PC´s und deren Technik. Jetzt zu meinem Anliegen: Ich habe mir Mitte letzten Jahres ein Notebook zugelegt. Einige Grunddaten: WIN7 Ultimate (Hat mir ein bekannter eingerichtet und besorgt) 8 GB RAM 500 GB Festplatte Intel i7-4700MQ Nividia GeForce GT 750M / 2GB GDDR5 Ich hatte das Gerät ganze 2 Tage, als mir auffiel, dass ziemlich viel Spam im Browser war. Ich habe mich an das Trojaner-Board gewandt und mir wurde super geholfen. Hier ist der Link, in dem mir damals geholfen wurde: http://www.trojaner-board.de/139055-...ung-hilfe.html Nur leider fällt mir immer mehr auf, dass der Rechner einfach echt langsam ist. Heute mussten wir unsere Notebooks mit zur Berufschule nehmen und mein Informatiklehrer hat mal kurz in meinen Rechner geguckt und meinte direkt, dass da einiges NICHT in Ordnung sei. Mir selber ist es aufgefallen, indem Spiele (Egoshooter) im Offline-Modus nur am ruckeln sind. Die selben Spiele im ONLINE-Modus (also über einen Server gegen andere Online Spieler) laufen jedoch komplett einwandfrei. Ebenso dauert es ziemlich lange, bis der Rechner sich erstmal hochgefahren hat. (Ca. 5min.) Es wäre wunderbar, wenn mir jemand Tipps geben könnte, wie ich das Notebook wieder richtig zum laufen bekomme. Sei es durch Anweisungen die ich ausführen soll oder Stellen, Personen oder Läden an die man sich wenden kann. Ich stelle auch gerne benötigte Logfiles oder sonstiges ein. Besten Dank |
27.01.2014, 15:18 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | WIN7 Extrem langsam! Anleitung / Hilfe Hi,
__________________Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten! Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht! Zudem bitte auch ein Log mit Farbars Tool machen: Scan mit Farbar's Recovery Scan Tool (FRST) Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Lesestoff: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
27.01.2014, 18:44 | #3 |
| WIN7 Extrem langsam! DetailsCode:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.01.15.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16476 Anonymus :: FELIX-PC [Administrator] 15.01.2014 15:35:39 mbam-log-2014-01-15 (15-35-39).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 429423 Laufzeit: 1 Stunde(n), 51 Minute(n), 12 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) KASPERSKY INTERNET SECURITY: Code:
ATTFilter Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 16 Minuten 55 Sekunden 30.12.2013, 12:01 Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 12 Minuten 41 Sekunden 31.12.2013, 00:36 Rootkit-Suche (abgebrochen) Keine Bedrohungen gefunden Abgebrochen 0 0 0 33 Minuten 20 Sekunden 03.01.2014, 19:08 Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 12 Minuten 5 Sekunden 04.01.2014, 13:29 Benutzerdefinierte Untersuchung Keine Bedrohungen gefunden Abgeschlossen 0 0 0 10 Sekunden 04.01.2014, 18:04 Benutzerdefinierte Untersuchung Keine Bedrohungen gefunden Abgeschlossen 0 0 0 24 Sekunden 04.01.2014, 18:09 Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 38 Minuten 32 Sekunden 05.01.2014, 00:00 Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 26 Minuten 8 Sekunden 05.01.2014, 01:00 Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 24 Minuten 42 Sekunden 05.01.2014, 01:55 Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 18 Minuten 7 Sekunden 08.01.2014, 20:54 Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 16 Minuten 13 Sekunden 09.01.2014, 17:15 Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 33 Minuten 46 Sekunden 10.01.2014, 21:43 Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 25 Minuten 24 Sekunden 11.01.2014, 00:00 Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 12 Minuten 39 Sekunden 13.01.2014, 18:40 Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 15 Minuten 41 Sekunden 14.01.2014, 16:55 Vollständige Untersuchung des Computers Keine Bedrohungen gefunden Abgeschlossen 0 0 0 1 Stunde 13 Minuten 15.01.2014, 15:34 Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 38 Minuten 43 Sekunden 15.01.2014, 16:47 Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 11 Minuten 3 Sekunden 15.01.2014, 20:59 Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 12 Minuten 52 Sekunden 16.01.2014, 17:52 Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 13 Minuten 18 Sekunden 17.01.2014, 18:09 Benutzerdefinierte Untersuchung Keine Bedrohungen gefunden Abgeschlossen 0 0 0 10 Sekunden 17.01.2014, 19:34 Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 26 Minuten 22 Sekunden 18.01.2014, 00:00 Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 16 Minuten 43 Sekunden 20.01.2014, 19:18 Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 32 Minuten 22 Sekunden 21.01.2014, 16:57 Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 16 Minuten 5 Sekunden 22.01.2014, 15:35 Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 12 Minuten 23 Sekunden 22.01.2014, 21:31 Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 33 Minuten 33 Sekunden 23.01.2014, 17:01 Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 22 Minuten 12 Sekunden 23.01.2014, 20:10 Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 18 Minuten 14 Sekunden 24.01.2014, 17:26 Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 27 Minuten 23 Sekunden 25.01.2014, 00:00 Vollständige Untersuchung des Computers Keine Bedrohungen gefunden Abgeschlossen 0 0 3 1 Stunde 14 Minuten 25.01.2014, 15:23 FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-01-2014 Ran by Anonymus (administrator) on FELIX-PC on 27-01-2014 18:42:45 Running from C:\Users\Felix\Downloads Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Realtek Semiconductor Corporation) C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (MSI) C:\Program Files (x86)\SCM\Radio Manager.exe (MSI) C:\Program Files (x86)\SCM\SCM.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe () C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe (AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe (Realtek Semiconductor Corporation) C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe (Realtek Semiconductor Corporation) C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe (Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\SkypePlugin.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [BtServer] - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [452608 2013-01-28] (Realtek Semiconductor Corporation) HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation) HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2875728 2013-03-04] (ELAN Microelectronics Corp.) HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-10-18] (NVIDIA Corporation) HKLM\...\Run: [Radio Manager] - C:\Program Files (x86)\SCM\Radio Manager.exe [406920 2013-04-01] (MSI) HKLM\...\Run: [SCM] - C:\Program Files (x86)\SCM\SCM.exe [407968 2013-04-01] (MSI) HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1063200 2013-10-18] (NVIDIA Corporation) HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation) HKLM-x32\...\Run: [AVMWlanClient] - C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2009-11-18] (Hewlett-Packard) HKLM-x32\...\Run: [] - [x] HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3806544 2013-11-29] (LogMeIn Inc.) HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1815464 2014-01-07] (Valve Corporation) HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.) HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.) MountPoints2: {747a19c9-f7b0-11e2-933a-806e6f6e6963} - E:\SETUP.EXE MountPoints2: {7840fd75-f7d5-11e2-ab2c-806e6f6e6963} - E:\CDSetup.exe MountPoints2: {a1c4c90a-f7ac-11e2-9ea9-bdf80bd1a8f2} - F:\pushinst.exe AppInit_DLLs: c:\windows\syswow64\nvinit.dll, => c:\windows\syswow64\nvinit.dll [141336 2013-10-23] (NVIDIA Corporation) AppInit_DLLs: c:\windows\syswow64\nvinit.dll, => c:\windows\syswow64\nvinit.dll [141336 2013-10-23] (NVIDIA Corporation) AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-10-23] (NVIDIA Corporation) AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll, => c:\windows\syswow64\nvinit.dll [141336 2013-10-23] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-10-23] (NVIDIA Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD1AFCC26C68BCE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab SearchScopes: HKLM - DefaultScope value is missing. BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) Toolbar: HKLM - No Name - {EFC2B9BE-AB2B-47F1-A47D-9EB28E58C917} - No File Toolbar: HKLM-x32 - No Name - {EFC2B9BE-AB2B-47F1-A47D-9EB28E58C917} - No File DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Winsock: Catalog9 01 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.) Winsock: Catalog9 02 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.) Winsock: Catalog9 03 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.) Winsock: Catalog9 04 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.) Winsock: Catalog9 05 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.) Winsock: Catalog9 06 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.) Winsock: Catalog9 18 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 01 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 02 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 03 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 04 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 05 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 06 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 18 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.) FireFox: ======== FF ProfilePath: C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\663fc740.default FF Homepage: about:home FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @soft-xpansion/npsxpdf - C:\Program Files (x86)\Common Files\Freemium\np-sxpdf.dll No File FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: CookieCuller - C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\663fc740.default\Extensions\{99B98C2C-7274-45a3-A640-D9DF1A1C8460}.xpi [2013-08-14] FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF HKLM-x32\...\Firefox\Extensions: [{B45418F9-6406-4828-9D1A-35313FB1E2D6}] - C:\ProgramData\Freemium\Free PDF Perfect\Data\fftb FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-08-19] FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2013-11-16] FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2013-11-16] FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2013-11-16] FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2013-11-16] FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2013-11-16] FF HKLM-x32\...\Thunderbird\Extensions: [{B45418F9-6406-4828-9D1A-35313FB1E2D6}] - C:\ProgramData\Freemium\Free PDF Perfect\Data\fftb FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-08-19] Chrome: ======= Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION CHR Extension: (Kaspersky URL Advisor) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2013-07-29] CHR Extension: (Content Blocker) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2013-07-29] CHR Extension: (Plus-HD-2.5) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd [2013-07-29] CHR Extension: (Virtual Keyboard) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2013-07-29] CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-07-28] CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17] CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17] CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17] CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17] CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17] ==================== Services (Whitelisted) ================= R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO) R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [29184 2012-12-26] (Realtek Semiconductor Corporation) R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [39424 2012-12-07] () R2 HPSLPSVC; C:\Users\Felix\AppData\Local\Temp\7zS05C3\hpslpsvc64.dll [1039360 2013-02-06] (Hewlett-Packard Co.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-08] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-08] (Intel Corporation) R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377104 2013-10-11] (LogMeIn, Inc.) R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2013-04-01] (Micro-Star International Co., Ltd.) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15122208 2013-10-18] (NVIDIA Corporation) R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-09-17] (Microsoft Corporation) R2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [495616 2013-03-15] () R2 RtkBleServ; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe [39424 2012-12-07] (Realtek Semiconductor Corporation) S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234096 2013-08-01] (soft Xpansion) ==================== Drivers (Whitelisted) ==================== S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin) R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [66928 2013-03-15] (Qualcomm Atheros, Inc.) S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-03-22] (Intel Corporation) R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [165824 2013-03-15] (Qualcomm Atheros, Inc.) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-11-16] (Kaspersky Lab ZAO) S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [112224 2013-06-08] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [620640 2013-12-20] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2013-12-20] (Kaspersky Lab ZAO) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99800 2013-05-08] (Intel Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-09-28] (NVIDIA Corporation) R3 RtkBtFilter; C:\Windows\System32\DRIVERS\RtkBtfilter.sys [518800 2012-12-06] (Realtek Semiconductor Corporation) R3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [407112 2013-04-28] (Realsil Semiconductor Corporation) R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1514568 2013-05-02] (Realtek Semiconductor Corporation ) S3 athr; system32\DRIVERS\athrx.sys [x] S3 VGPU; System32\drivers\rdvgkmd.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-01-27 18:42 - 2014-01-27 18:42 - 00000000 ____D C:\Users\Felix\Downloads\FRST-OlderVersion 2014-01-27 18:40 - 2014-01-27 18:40 - 00003272 _____ C:\Users\Felix\Desktop\Kaspersky.txt 2014-01-24 17:27 - 2014-01-24 17:27 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk 2014-01-24 17:27 - 2014-01-24 17:27 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-01-24 17:27 - 2014-01-24 17:27 - 00000000 ____D C:\Program Files\iTunes 2014-01-24 17:27 - 2014-01-24 17:27 - 00000000 ____D C:\Program Files\iPod 2014-01-24 17:27 - 2014-01-24 17:27 - 00000000 ____D C:\Program Files (x86)\iTunes 2014-01-22 17:33 - 2014-01-27 18:32 - 00002119 _____ C:\Windows\setupact.log 2014-01-22 17:33 - 2014-01-22 17:33 - 00000000 _____ C:\Windows\setuperr.log 2014-01-22 10:46 - 2014-01-22 10:57 - 00000000 ____D C:\Users\Felix\AppData\Local\Microsoft Games 2014-01-16 20:34 - 2014-01-16 20:34 - 00839174 _____ C:\Users\Felix\Desktop\szenario.ils4 2014-01-16 20:33 - 2014-01-16 20:33 - 00082890 _____ C:\Users\Felix\Desktop\mod.ils4 2014-01-15 14:39 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2014-01-15 14:39 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2014-01-15 14:39 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2014-01-15 14:39 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2014-01-15 14:39 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2014-01-15 14:39 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2014-01-15 14:39 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2014-01-15 14:39 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2014-01-15 14:39 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-01-14 20:40 - 2014-01-14 20:41 - 20656362 _____ C:\Users\Felix\Downloads\setup.zip 2014-01-14 20:38 - 2014-01-14 20:41 - 00000000 ____D C:\Users\Felix\Desktop\ILST 2014-01-14 19:06 - 2014-01-14 19:06 - 00000000 ____D C:\Users\Felix\Desktop\data 2014-01-14 18:47 - 2014-01-13 18:22 - 00000000 ____D C:\Users\Felix\Desktop\Mod_OberbergNeu 2014-01-08 20:43 - 2014-01-08 20:43 - 00003064 _____ C:\Windows\System32\Tasks\{A4C329CE-F458-41DD-BF61-1773BBC3C6F5} 2014-01-08 20:41 - 2014-01-08 20:41 - 00003064 _____ C:\Windows\System32\Tasks\{D9EFB391-AC6E-452E-A9DF-5C0843B1C17B} 2014-01-04 18:16 - 2014-01-05 02:45 - 00000000 ____D C:\Users\Felix\Desktop\Walking dead 4 2013-12-28 16:45 - 2014-01-17 19:43 - 00000000 ____D C:\Users\Felix\Desktop\musik 2013-12-28 16:25 - 2013-12-28 16:25 - 34115288 _____ (DVDVideoSoft Ltd. ) C:\Users\Felix\Downloads\FreeYouTubeToMP3Converter(1).exe ==================== One Month Modified Files and Folders ======= 2014-01-27 18:43 - 2013-09-10 16:51 - 00024475 _____ C:\Users\Felix\Downloads\FRST.txt 2014-01-27 18:42 - 2014-01-27 18:42 - 00000000 ____D C:\Users\Felix\Downloads\FRST-OlderVersion 2014-01-27 18:42 - 2013-07-31 16:41 - 00000000 ____D C:\FRST 2014-01-27 18:42 - 2013-07-31 16:40 - 02078208 _____ (Farbar) C:\Users\Felix\Downloads\FRST64.exe 2014-01-27 18:41 - 2009-07-14 05:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-01-27 18:41 - 2009-07-14 05:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-01-27 18:40 - 2014-01-27 18:40 - 00003272 _____ C:\Users\Felix\Desktop\Kaspersky.txt 2014-01-27 18:39 - 2013-11-16 21:37 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2014-01-27 18:36 - 2013-08-04 18:55 - 01761485 _____ C:\Windows\WindowsUpdate.log 2014-01-27 18:34 - 2013-07-28 18:38 - 00020168 _____ C:\Users\Felix\AppData\Local\BTServer.log 2014-01-27 18:33 - 2013-07-30 18:15 - 00000000 ____D C:\Users\Felix\AppData\Local\LogMeIn Hamachi 2014-01-27 18:33 - 2013-07-28 19:57 - 00000000 ____D C:\ProgramData\Bigfoot Networks 2014-01-27 18:32 - 2014-01-22 17:33 - 00002119 _____ C:\Windows\setupact.log 2014-01-27 18:32 - 2013-08-22 10:01 - 00000000 ____D C:\Program Files (x86)\Steam 2014-01-27 18:32 - 2013-07-28 18:37 - 00000000 ____D C:\ProgramData\Realtek 2014-01-27 18:32 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2014-01-27 11:12 - 2013-07-28 19:41 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-01-27 11:07 - 2011-04-12 08:43 - 00700720 _____ C:\Windows\system32\perfh007.dat 2014-01-27 11:07 - 2011-04-12 08:43 - 00150326 _____ C:\Windows\system32\perfc007.dat 2014-01-27 11:07 - 2009-07-14 06:13 - 01624106 _____ C:\Windows\system32\PerfStringBackup.INI 2014-01-25 16:48 - 2013-12-06 16:35 - 00000000 __SHD C:\Users\Felix\wc 2014-01-24 17:27 - 2014-01-24 17:27 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk 2014-01-24 17:27 - 2014-01-24 17:27 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-01-24 17:27 - 2014-01-24 17:27 - 00000000 ____D C:\Program Files\iTunes 2014-01-24 17:27 - 2014-01-24 17:27 - 00000000 ____D C:\Program Files\iPod 2014-01-24 17:27 - 2014-01-24 17:27 - 00000000 ____D C:\Program Files (x86)\iTunes 2014-01-24 17:24 - 2013-07-28 21:35 - 00000000 ____D C:\ProgramData\Apple 2014-01-22 17:33 - 2014-01-22 17:33 - 00000000 _____ C:\Windows\setuperr.log 2014-01-22 16:23 - 2013-07-31 16:45 - 00035625 _____ C:\Users\Felix\Downloads\Addition.txt 2014-01-22 15:07 - 2013-12-20 19:46 - 00000000 ____D C:\Users\Felix\AppData\Roaming\TS3Client 2014-01-22 10:57 - 2014-01-22 10:46 - 00000000 ____D C:\Users\Felix\AppData\Local\Microsoft Games 2014-01-20 16:48 - 2013-07-30 05:44 - 00000000 ____D C:\Users\Felix\AppData\Local\Adobe 2014-01-20 16:48 - 2013-07-28 19:41 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-01-20 16:48 - 2013-07-28 19:41 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-01-20 16:48 - 2013-07-28 19:41 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-01-17 19:43 - 2013-12-28 16:45 - 00000000 ____D C:\Users\Felix\Desktop\musik 2014-01-16 20:34 - 2014-01-16 20:34 - 00839174 _____ C:\Users\Felix\Desktop\szenario.ils4 2014-01-16 20:33 - 2014-01-16 20:33 - 00082890 _____ C:\Users\Felix\Desktop\mod.ils4 2014-01-15 20:28 - 2009-07-14 05:45 - 00451168 _____ C:\Windows\system32\FNTCACHE.DAT 2014-01-15 18:13 - 2013-08-04 19:05 - 00000000 ____D C:\Windows\system32\MRT 2014-01-15 18:12 - 2012-02-14 19:12 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-01-14 20:41 - 2014-01-14 20:40 - 20656362 _____ C:\Users\Felix\Downloads\setup.zip 2014-01-14 20:41 - 2014-01-14 20:38 - 00000000 ____D C:\Users\Felix\Desktop\ILST 2014-01-14 19:06 - 2014-01-14 19:06 - 00000000 ____D C:\Users\Felix\Desktop\data 2014-01-13 18:22 - 2014-01-14 18:47 - 00000000 ____D C:\Users\Felix\Desktop\Mod_OberbergNeu 2014-01-12 15:18 - 2012-02-14 18:39 - 01598386 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2014-01-08 20:43 - 2014-01-08 20:43 - 00003064 _____ C:\Windows\System32\Tasks\{A4C329CE-F458-41DD-BF61-1773BBC3C6F5} 2014-01-08 20:41 - 2014-01-08 20:41 - 00003064 _____ C:\Windows\System32\Tasks\{D9EFB391-AC6E-452E-A9DF-5C0843B1C17B} 2014-01-05 02:45 - 2014-01-04 18:16 - 00000000 ____D C:\Users\Felix\Desktop\Walking dead 4 2013-12-30 11:27 - 2013-07-29 18:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-12-28 16:26 - 2013-11-15 17:31 - 00001532 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk 2013-12-28 16:26 - 2013-11-15 17:30 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft 2013-12-28 16:26 - 2013-08-13 17:24 - 00000000 ____D C:\Users\Felix\AppData\Roaming\DVDVideoSoft 2013-12-28 16:25 - 2013-12-28 16:25 - 34115288 _____ (DVDVideoSoft Ltd. ) C:\Users\Felix\Downloads\FreeYouTubeToMP3Converter(1).exe Some content of TEMP: ==================== C:\Users\Felix\AppData\Local\Temp\RegSvr32User.exe C:\Users\Felix\AppData\Local\Temp\vb43iorx.dll ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-01-20 21:03 ==================== End Of Log ============================ --- --- --- --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-01-2014 Ran by Anonymus at 2014-01-27 18:43:33 Running from C:\Users\Felix\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886} AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD} ==================== Installed Programs ====================== 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated) Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.43 - Adobe Systems Incorporated) Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated) Apple Application Support (x32 Version: 3.0 - Apple Inc.) Apple Mobile Device Support (Version: 7.1.0.32 - Apple Inc.) Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.) AVM FRITZ!WLAN (x32 Version: - AVM Berlin) B109n-z (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden Bonjour (Version: 3.0.0.10 - Apple Inc.) BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Call of Duty: Modern Warfare 3 - Multiplayer (x32 Version: - Infinity Ward) CCleaner (Version: 4.04 - Piriform) Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000 - Microsoft Corporation) DC-Bass Source 1.3.0 (x32 Version: - ) Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden DirectVobSub 2.40.4209 (x32 Version: 2.40.4209 - MPC-HC Team) DivX-Setup (x32 Version: 2.6.1.8 - DivX, LLC) Emergency4 (x32 Version: 1.03.001 - ) ETDWare PS/2-X64 11.13.2.4_WHQL (Version: 11.13.2.4 - ELAN Microelectronic Corp.) Feuer- und Notfallsimulation Wegberg Version 6.0 (x32 Version: 6.0 - Marco H.) ffdshow v1.1.4399 [2012-03-22] (x32 Version: 1.1.4399.0 - ) Free Pdf Perfect Prereq (x32 Version: 1.1.0.70 - Covus Freemium GmbH) Hidden Free YouTube to MP3 Converter version 3.12.19.1219 (x32 Version: 3.12.19.1219 - DVDVideoSoft Ltd.) Freemium Free PDF Perfect (x32 Version: 1.0 - Freemium) GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden Haali Media Splitter (x32 Version: - ) HP Customer Participation Program 14.0 (Version: 14.0 - HP) HP Imaging Device Functions 14.0 (Version: 14.0 - HP) HP Photosmart Wireless B109n-z All-in-One Driver Software 14.0 Rel. 6 (Version: - HP) HP Smart Web Printing 4.60 (Version: 4.60 - HP) HP Solution Center 14.0 (Version: 14.0 - HP) HP Update (x32 Version: 5.002.002.002 - Hewlett-Packard) HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden iCloud (Version: 3.1.0.40 - Apple Inc.) Intel(R) Management Engine Components (x32 Version: 9.5.3.1520 - Intel Corporation) Intel(R) Processor Graphics (x32 Version: 9.18.10.3165 - Intel Corporation) Intel(R) Rapid Storage Technology (Version: 12.5.0.1066 - Intel Corporation) Intel(R) Rapid Storage Technology (Version: 12.5.0.1066 - Intel Corporation) Hidden Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 3.0.0.63463 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 2.5.0.19 - Intel Corporation) Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden iTunes (Version: 11.1.4.62 - Apple Inc.) Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden Lagarith Lossless Codec (1.3.27) (x32 Version: - ) LAME v3.99.3 (for Windows) (x32 Version: - ) LogMeIn Hamachi (x32 Version: 2.2.0.109 - LogMeIn, Inc.) LogMeIn Hamachi (x32 Version: 2.2.0.109 - LogMeIn, Inc.) Hidden Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation) MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Office 365 Home Premium - de-de (Version: 15.0.4551.1005 - Microsoft Corporation) Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation) Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla) Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla) MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation) Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden NVIDIA GeForce Experience 1.7 (Version: 1.7 - NVIDIA Corporation) NVIDIA Grafiktreiber 331.65 (Version: 331.65 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.140.952 - NVIDIA Corporation) Hidden NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Optimus 9.3.16 (Version: 9.3.16 - NVIDIA Corporation) Hidden NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725 - NVIDIA Corporation) NVIDIA ShadowPlay 9.3.16 (Version: 9.3.16 - NVIDIA Corporation) Hidden NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden NVIDIA Update 9.3.16 (Version: 9.3.16 - NVIDIA Corporation) Hidden NVIDIA Update Components (Version: 9.3.16 - NVIDIA Corporation) Hidden NVIDIA Virtual Audio 1.2.9 (Version: 1.2.9 - NVIDIA Corporation) Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1005 - Microsoft Corporation) Hidden OpenSource Flash Video Splitter 1.0.0.5 (x32 Version: 1.0.0.5 - ) PS_AIO_06_B109n-z_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden Qualcomm Atheros Killer Network Manager (Version: 6.1.0.550 - Qualcomm Atheros) Hidden Qualcomm Atheros Killer Network Manager (x32 Version: 6.1.0.550 - Qualcomm Atheros) QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden REALTEK Bluetooth Driver (x32 Version: 3.9691.663.020613 - REALTEK Semiconductor Corp.) Realtek Card Reader (x32 Version: 6.2.9200.21228 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6959 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver (x32 Version: 1.00.0212 - REALTEK Semiconductor Corp.) RTS Wegberg Version 2.0 (x32 Version: 2.0 - Marco H.) Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden SCM (Version: 13.013.04011 - Application) SHIELD Streaming (Version: 1.6.34 - NVIDIA Corporation) Hidden Shop for HP Supplies (Version: 14.0 - HP) Skype™ 6.6 (x32 Version: 6.6.106 - Skype Technologies S.A.) SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden SolutionCenter (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Steam (x32 Version: 1.0.0.0 - Valve Corporation) TeamSpeak 3 Client (Version: 3.0.13 - TeamSpeak Systems GmbH) TeamViewer 8 (x32 Version: 8.0.19617 - TeamViewer) Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Ultimate Codec Packages (HKCU Version: - ) <==== ATTENTION Update for Ultimate Codec (HKCU Version: - ) <==== ATTENTION VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden VisualBee for Microsoft PowerPoint (HKCU Version: V3.9 - VisualBee.com) WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden WinRAR 4.20 (64-Bit) (Version: 4.20.0 - win.rar GmbH) Xvid Video Codec (x32 Version: 1.3.2 - Xvid Team) ==================== Restore Points ========================= 14-01-2014 19:34:10 Simulationsprogramm Integrierte Leitstelle V4 wird entfernt 15-01-2014 17:11:54 Windows Update 21-01-2014 15:30:42 Windows Update 24-01-2014 16:00:21 Windows Update ==================== Hosts content: ========================== 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {03F808CC-0301-41CD-ABE3-5054223C2515} - \DealPly No Task File Task: {1387F99A-15FE-4FA6-AF63-8CE83D887660} - System32\Tasks\{A4C329CE-F458-41DD-BF61-1773BBC3C6F5} => C:\Program Files (x86)\BK Elektronik\Simulationsprogramm Integrierte Leitstelle V4\ILS-SimV4.exe Task: {15E94D35-C012-47FB-A12C-0A3DC768E5E0} - System32\Tasks\{FA798317-5274-4139-BDD9-F7ACED4F978E} => C:\Program Files (x86)\BK Elektronik\Simulationsprogramm Integrierte Leitstelle V4\ILS-SimV4.exe Task: {24728299-8AEC-4185-BF22-366BFDADD8D4} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe Task: {5D31E009-A7ED-40F5-91BA-9C8FEE0C3753} - \DealPlyUpdate No Task File Task: {5E4FB163-AB17-426D-BA76-192DCCD6D649} - System32\Tasks\{A37A6CF3-C1B8-4009-A9F1-643F4DB14663} => C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe Task: {630DB15E-BFE5-4B26-B6DE-2B20C48A34DB} - \QtraxPlayer No Task File Task: {70629DDF-D57A-4B84-8695-990697AF3C34} - System32\Tasks\{FF5EBAB2-AB0A-46E7-BE67-E2D1BCFDCC80} => C:\Program Files (x86)\BK Elektronik\Simulationsprogramm Integrierte Leitstelle V4\ILS-SimV4.exe Task: {778E1192-92B8-474D-AC19-3AE3EC19BF89} - \Desk 365 RunAsStdUser No Task File Task: {7AD17BAC-9420-495A-880D-15FD2E49ECB7} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2013-11-27] (Microsoft Corporation) Task: {80921214-3AAF-4D3B-B40F-A03CEF1B7EF4} - System32\Tasks\{522814BB-B8EF-4DBB-802C-20E4082F50A2} => C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe Task: {8C60A5CA-F62E-432E-BB5E-88B8D6C0DFA8} - System32\Tasks\{D9EFB391-AC6E-452E-A9DF-5C0843B1C17B} => C:\Program Files (x86)\BK Elektronik\Simulationsprogramm Integrierte Leitstelle V4\ILS-SimV4.exe Task: {90BBACD7-06DB-435C-815E-1AA45736BE5B} - \ProtectedSearch\Protected Search No Task File Task: {945A51F8-10D4-4ECA-99B9-91DEB7470F19} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {95E47A5D-DBFF-442E-BACB-6DA57BA9D034} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-20] (Adobe Systems Incorporated) Task: {A1E44AD3-CACE-4453-A4F1-ED1119073F8B} - System32\Tasks\{CA407B8C-15F7-4A6D-9E48-910E81F88474} => C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe Task: {B88727DF-B84D-49DA-BD98-B319A5E0D828} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd) Task: {C7C503D3-23E0-4698-977F-69AA16297B61} - System32\Tasks\Microsoft\Office\Office First Run Task => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-09-17] (Microsoft Corporation) Task: {D639D731-DC23-404C-8477-68412D215113} - System32\Tasks\{B1D7A799-F91D-442A-B17B-4CD41460694E} => C:\Program Files (x86)\sixteen tons entertainment\Emergency4\Em4.exe [2007-10-11] () Task: {D6825F7F-0751-41BA-8C19-EB4651D5AE85} - System32\Tasks\{E5CC6569-A8C6-4BAE-A851-06C582F749B9} => C:\Program Files (x86)\sixteen tons entertainment\Emergency4\Em4.exe [2007-10-11] () Task: {EEAABF06-B88A-4BAF-8F1D-C0AA996DF335} - System32\Tasks\{0F4DE93C-4B1A-42CF-82FA-6F5EFFFAF858} => C:\Program Files (x86)\sixteen tons entertainment\Emergency4\Em4.exe [2007-10-11] () Task: {FF966BCC-5893-4868-81F5-BD6DB8ABBB61} - \Browser Updater\Browser Updater No Task File Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============= 2011-05-09 19:46 - 2011-05-09 19:46 - 02760192 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtCore4.dll 2011-05-09 19:56 - 2011-05-09 19:56 - 09856000 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtGui4.dll 2011-05-09 19:48 - 2011-05-09 19:48 - 00990720 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtNetwork4.dll 2011-05-09 19:47 - 2011-05-09 19:47 - 00416256 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtXml4.dll 2013-03-15 11:22 - 2013-03-15 11:22 - 00217600 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFCommon.dll 2011-05-10 11:32 - 2011-05-10 11:32 - 00731648 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\qwt5.dll 2013-03-15 11:22 - 2013-03-15 11:22 - 00404992 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modApplications.dll 2013-03-15 11:22 - 2013-03-15 11:22 - 00036864 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modFeatures.dll 2013-03-15 11:22 - 2013-03-15 11:22 - 00025088 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modFraps.dll 2013-03-15 11:22 - 2013-03-15 11:22 - 00240128 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modGraph.dll 2013-03-15 11:22 - 2013-03-15 11:22 - 00062464 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modlcd.dll 2013-03-15 11:22 - 2013-03-15 11:22 - 00291328 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modNetwork.dll 2013-03-15 11:22 - 2013-03-15 11:22 - 00184832 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modNpu.dll 2013-03-15 11:22 - 2013-03-15 11:22 - 00211456 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modOptions.dll 2013-03-15 11:22 - 2013-03-15 11:22 - 00064000 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modOverview.dll 2013-03-15 11:22 - 2013-03-15 11:22 - 00317440 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modSystemInfo.dll 2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2014-01-08 20:23 - 2013-12-12 23:19 - 00142848 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll 2014-01-08 20:23 - 2013-11-05 02:12 - 00890592 _____ () C:\Program Files (x86)\Steam\libavutil-52.dll 2013-07-01 07:20 - 2013-12-12 23:04 - 00716800 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2013-07-26 13:46 - 2014-01-07 22:00 - 01138088 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2013-07-15 13:32 - 2013-12-12 23:04 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll 2013-06-14 14:49 - 2013-06-15 00:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll 2013-06-14 14:49 - 2013-06-15 00:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll 2013-06-14 14:49 - 2013-06-15 00:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll 2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll 2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll 2013-06-17 12:35 - 2013-06-17 12:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll 2013-05-08 14:52 - 2013-05-08 14:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll 2013-12-26 13:57 - 2013-12-26 13:57 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2013-07-28 20:01 - 2013-05-08 05:23 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== Faulty Device Manager Devices ============= Name: Photosmart Wireless B109n-z Description: Photosmart Wireless B109n-z Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318} Manufacturer: HP Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (01/27/2014 06:34:26 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: daemonu.exe, Version: 9.3.16.0, Zeitstempel: 0x525f66c3 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7 Ausnahmecode: 0xc0000008 Fehleroffset: 0x00082915 ID des fehlerhaften Prozesses: 0xd00 Startzeit der fehlerhaften Anwendung: 0xdaemonu.exe0 Pfad der fehlerhaften Anwendung: daemonu.exe1 Pfad des fehlerhaften Moduls: daemonu.exe2 Berichtskennung: daemonu.exe3 Error: (01/27/2014 06:33:57 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/27/2014 11:11:34 AM) (Source: Office 2013 Licensing Service) (User: ) Description: Subscription licensing service failed: -2143485936 Error: (01/27/2014 11:11:34 AM) (Source: Microsoft Office 15) (User: ) Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {C681B6BC-4F95-4500-8833-E5EE6953B0DE} Error: (01/27/2014 11:11:22 AM) (Source: Microsoft Office 15) (User: ) Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {C681B6BC-4F95-4500-8833-E5EE6953B0DE} Error: (01/27/2014 11:02:29 AM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: daemonu.exe, Version: 9.3.16.0, Zeitstempel: 0x525f66c3 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7 Ausnahmecode: 0xc0000008 Fehleroffset: 0x00082915 ID des fehlerhaften Prozesses: 0xf64 Startzeit der fehlerhaften Anwendung: 0xdaemonu.exe0 Pfad der fehlerhaften Anwendung: daemonu.exe1 Pfad des fehlerhaften Moduls: daemonu.exe2 Berichtskennung: daemonu.exe3 Error: (01/27/2014 11:01:38 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/27/2014 10:55:48 AM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: daemonu.exe, Version: 9.3.16.0, Zeitstempel: 0x525f66c3 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7 Ausnahmecode: 0xc0000008 Fehleroffset: 0x00082915 ID des fehlerhaften Prozesses: 0xf4c Startzeit der fehlerhaften Anwendung: 0xdaemonu.exe0 Pfad der fehlerhaften Anwendung: daemonu.exe1 Pfad des fehlerhaften Moduls: daemonu.exe2 Berichtskennung: daemonu.exe3 Error: (01/27/2014 10:53:49 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/25/2014 03:21:59 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: daemonu.exe, Version: 9.3.16.0, Zeitstempel: 0x525f66c3 Name des fehlerhaften Moduls: daemonu.exe, Version: 9.3.16.0, Zeitstempel: 0x525f66c3 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00026160 ID des fehlerhaften Prozesses: 0xb98 Startzeit der fehlerhaften Anwendung: 0xdaemonu.exe0 Pfad der fehlerhaften Anwendung: daemonu.exe1 Pfad des fehlerhaften Moduls: daemonu.exe2 Berichtskennung: daemonu.exe3 System errors: ============= Error: (01/27/2014 06:34:27 PM) (Source: Service Control Manager) (User: ) Description: Dienst "NVIDIA Update Service Daemon" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (01/27/2014 06:34:08 PM) (Source: DCOM) (User: ) Description: {0006F03A-0000-0000-C000-000000000046} Error: (01/27/2014 11:02:29 AM) (Source: Service Control Manager) (User: ) Description: Dienst "NVIDIA Update Service Daemon" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (01/27/2014 11:01:39 AM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst AVP erreicht. Error: (01/27/2014 10:55:53 AM) (Source: Service Control Manager) (User: ) Description: Dienst "NVIDIA Update Service Daemon" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (01/27/2014 10:53:53 AM) (Source: DCOM) (User: ) Description: {0006F03A-0000-0000-C000-000000000046} Error: (01/25/2014 03:26:17 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Windows Update" wurde nicht richtig gestartet. Error: (01/25/2014 03:22:06 PM) (Source: Service Control Manager) (User: ) Description: Dienst "NVIDIA Update Service Daemon" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (01/25/2014 03:20:02 PM) (Source: EventLog) (User: ) Description: Das System wurde zuvor am 25.01.2014 um 15:18:22 unerwartet heruntergefahren. Error: (01/25/2014 01:52:12 PM) (Source: DCOM) (User: ) Description: {0006F03A-0000-0000-C000-000000000046} Microsoft Office Sessions: ========================= Error: (01/27/2014 06:34:26 PM) (Source: Application Error)(User: ) Description: daemonu.exe9.3.16.0525f66c3ntdll.dll6.1.7601.18247521ea8e7c000000800082915d0001cf1b85d1f13027C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exeC:\Windows\SysWOW64\ntdll.dll44453f1b-8779-11e3-b143-240a6438a4e4 Error: (01/27/2014 06:33:57 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/27/2014 11:11:34 AM) (Source: Office 2013 Licensing Service)(User: ) Description: Subscription licensing service failed: -2143485936 Error: (01/27/2014 11:11:34 AM) (Source: Microsoft Office 15)(User: ) Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {C681B6BC-4F95-4500-8833-E5EE6953B0DE} Error: (01/27/2014 11:11:22 AM) (Source: Microsoft Office 15)(User: ) Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {C681B6BC-4F95-4500-8833-E5EE6953B0DE} Error: (01/27/2014 11:02:29 AM) (Source: Application Error)(User: ) Description: daemonu.exe9.3.16.0525f66c3ntdll.dll6.1.7601.18247521ea8e7c000000800082915f6401cf1b46b2fd4ad6C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exeC:\Windows\SysWOW64\ntdll.dll212088b4-873a-11e3-9d91-240a6438a4e4 Error: (01/27/2014 11:01:38 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/27/2014 10:55:48 AM) (Source: Application Error)(User: ) Description: daemonu.exe9.3.16.0525f66c3ntdll.dll6.1.7601.18247521ea8e7c000000800082915f4c01cf1b45869bfd5cC:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exeC:\Windows\SysWOW64\ntdll.dll324a532d-8739-11e3-8e8c-240a6438a4e4 Error: (01/27/2014 10:53:49 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/25/2014 03:21:59 PM) (Source: Application Error)(User: ) Description: daemonu.exe9.3.16.0525f66c3daemonu.exe9.3.16.0525f66c3c000000500026160b9801cf19d896ae49bbC:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exeC:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe0cc982ce-85cc-11e3-bdc5-240a6438a4e4 CodeIntegrity Errors: =================================== Date: 2014-01-25 17:31:19.905 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-25 17:31:19.903 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-25 17:31:19.900 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-25 17:31:19.885 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-25 17:31:19.883 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-25 17:31:19.880 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-25 16:47:48.544 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-25 16:47:48.544 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-25 16:47:48.528 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-25 15:47:14.146 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Memory info =========================== Percentage of memory in use: 32% Total physical RAM: 8112.65 MB Available physical RAM: 5509.07 MB Total Pagefile: 16223.48 MB Available Pagefile: 13252 MB Total Virtual: 8192 MB Available Virtual: 8191.79 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:156.25 GB) (Free:71.61 GB) NTFS Drive d: () (Fixed) (Total:307.65 GB) (Free:307.55 GB) NTFS Drive e: (MW3_DVD1) (CDROM) (Total:7.78 GB) (Free:0 GB) UDF ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 051DE3B8) Partition 1: (Active) - (Size=2 GB) - (Type=0B) Partition 2: (Not Active) - (Size=156 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=308 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
27.01.2014, 18:59 | #4 |
Doppelaccount | Lösung: WIN7 Extrem langsam! Das Problem hatten wir auch, Win7 wurde immer wieder laaangsaam bis zum Stillstand. Dienste durchsehen und so viel wie möglich abschalten ! Mit TraxEx löschen und defragmentieren. - hat geholfen hier noch etwas > AdwCleaner Geändert von Max8 (27.01.2014 um 19:06 Uhr) |
27.01.2014, 19:41 | #5 |
| Wie WIN7 Extrem langsam! Mein Informatik Lehrer hat das heute teilweise defragmentiert, hat aber "NUR" 112MB gebracht. Also nicht die Welt. Dabei ist ihm ein virtuelles Laufwerk aufgefallen, dass eigentlich garnicht da sein dürfte. Wenn ich darf, lade ich gerne einen Screenshot hoch. Bitte falls erwünscht sagen, ob und wo ich das Bild hochladen soll. Die Leistungsbewertung des Notebooks beträgt 5,9 und ist aus der Systemsteuerung abgelesen und vorher Aktualisiert worden! |
27.01.2014, 23:35 | #6 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Wo WIN7 Extrem langsam! Lösung! Adware/Junkware/Toolbars entfernen 1. Schritt: adwCleaner Downloade Dir bitte AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ --> WIN7 Extrem langsam! |
28.01.2014, 13:34 | #7 |
| WIN7 Extrem langsam!Code:
ATTFilter # AdwCleaner v3.017 - Bericht erstellt am 28/01/2014 um 13:09:36 # Aktualisiert 12/01/2014 von Xplode # Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits) # Benutzername : Anonymus - FELIX-PC # Gestartet von : C:\Users\Felix\Downloads\adwcleaner_3.017.exe # Option : Löschen ***** [ Dienste ] ***** ***** [ Dateien / Ordner ] ***** Ordner Gelöscht : C:\Users\Felix\AppData\Local\emaze Datei Gelöscht : C:\Windows\System32\Tasks\Browser Updater ***** [ Verknüpfungen ] ***** ***** [ Registrierungsdatenbank ] ***** Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\desk365_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\desk365_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\plus-hd-2_rasapi32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\plus-hd-2_rasmancs Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_download_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_download_RASMANCS Schlüssel Gelöscht : HKLM\Software\hdcode Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DSite ***** [ Browser ] ***** -\\ Internet Explorer v11.0.9600.16428 -\\ Mozilla Firefox v26.0 (de) [ Datei : C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\663fc740.default\prefs.js ] [ Datei : C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\663fc740.default\prefs.js ] [ Datei : C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\663fc740.default\prefs.js ] ************************* AdwCleaner[0].txt - [6808 octets] - [20/08/2013 15:33:15] AdwCleaner[R0].txt - [1347 octets] - [20/08/2013 15:26:03] AdwCleaner[R1].txt - [4040 octets] - [10/09/2013 16:30:49] AdwCleaner[R2].txt - [2035 octets] - [07/11/2013 18:38:15] AdwCleaner[R3].txt - [1421 octets] - [16/11/2013 11:46:38] AdwCleaner[R4].txt - [2225 octets] - [28/01/2014 13:08:55] AdwCleaner[S0].txt - [2999 octets] - [10/09/2013 16:31:34] AdwCleaner[S1].txt - [2098 octets] - [07/11/2013 18:40:33] AdwCleaner[S2].txt - [1482 octets] - [16/11/2013 11:47:27] AdwCleaner[S3].txt - [2096 octets] - [28/01/2014 13:09:36] ########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [2156 octets] ########## Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.1.0 (01.07.2014:1) OS: Windows 7 Ultimate x64 Ran by Anonymus on 28.01.2014 at 13:28:17,13 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders ~~~ FireFox Emptied folder: C:\Users\Felix\AppData\Roaming\mozilla\firefox\profiles\663fc740.default\minidumps [36 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 28.01.2014 at 13:31:17,02 Computer was rebooted End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-01-2014 02 Ran by Anonymus (administrator) on FELIX-PC on 28-01-2014 13:33:30 Running from C:\Users\Felix\Downloads Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe (Realtek Semiconductor Corporation) C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe (Realtek Semiconductor Corporation) C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (MSI) C:\Program Files (x86)\SCM\Radio Manager.exe (MSI) C:\Program Files (x86)\SCM\SCM.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe () C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe (Realtek Semiconductor Corporation) C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\SkypePlugin.exe (Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [BtServer] - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [452608 2013-01-28] (Realtek Semiconductor Corporation) HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation) HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2875728 2013-03-04] (ELAN Microelectronics Corp.) HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-10-18] (NVIDIA Corporation) HKLM\...\Run: [Radio Manager] - C:\Program Files (x86)\SCM\Radio Manager.exe [406920 2013-04-01] (MSI) HKLM\...\Run: [SCM] - C:\Program Files (x86)\SCM\SCM.exe [407968 2013-04-01] (MSI) HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1063200 2013-10-18] (NVIDIA Corporation) HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation) HKLM-x32\...\Run: [AVMWlanClient] - C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2009-11-18] (Hewlett-Packard) HKLM-x32\...\Run: [] - [x] HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3813200 2014-01-23] (LogMeIn Inc.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1815976 2014-01-27] (Valve Corporation) HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.) HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.) MountPoints2: {747a19c9-f7b0-11e2-933a-806e6f6e6963} - E:\SETUP.EXE MountPoints2: {7840fd75-f7d5-11e2-ab2c-806e6f6e6963} - E:\CDSetup.exe MountPoints2: {a1c4c90a-f7ac-11e2-9ea9-bdf80bd1a8f2} - F:\pushinst.exe AppInit_DLLs: c:\windows\syswow64\nvinit.dll, => c:\windows\syswow64\nvinit.dll [141336 2013-10-23] (NVIDIA Corporation) AppInit_DLLs: c:\windows\syswow64\nvinit.dll, => c:\windows\syswow64\nvinit.dll [141336 2013-10-23] (NVIDIA Corporation) AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-10-23] (NVIDIA Corporation) AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll, => c:\windows\syswow64\nvinit.dll [141336 2013-10-23] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-10-23] (NVIDIA Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD1AFCC26C68BCE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab SearchScopes: HKLM - DefaultScope value is missing. BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) Toolbar: HKLM - No Name - {EFC2B9BE-AB2B-47F1-A47D-9EB28E58C917} - No File Toolbar: HKLM-x32 - No Name - {EFC2B9BE-AB2B-47F1-A47D-9EB28E58C917} - No File DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Winsock: Catalog9 01 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.) Winsock: Catalog9 02 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.) Winsock: Catalog9 03 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.) Winsock: Catalog9 04 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.) Winsock: Catalog9 05 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.) Winsock: Catalog9 06 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.) Winsock: Catalog9 18 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 01 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 02 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 03 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 04 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 05 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 06 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 18 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.) FireFox: ======== FF ProfilePath: C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\663fc740.default FF Homepage: about:home FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @soft-xpansion/npsxpdf - C:\Program Files (x86)\Common Files\Freemium\np-sxpdf.dll No File FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: CookieCuller - C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\663fc740.default\Extensions\{99B98C2C-7274-45a3-A640-D9DF1A1C8460}.xpi [2013-08-14] FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF HKLM-x32\...\Firefox\Extensions: [{B45418F9-6406-4828-9D1A-35313FB1E2D6}] - C:\ProgramData\Freemium\Free PDF Perfect\Data\fftb FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-08-19] FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2013-11-16] FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2013-11-16] FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2013-11-16] FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2013-11-16] FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2013-11-16] FF HKLM-x32\...\Thunderbird\Extensions: [{B45418F9-6406-4828-9D1A-35313FB1E2D6}] - C:\ProgramData\Freemium\Free PDF Perfect\Data\fftb FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-08-19] Chrome: ======= Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION CHR Extension: (Kaspersky URL Advisor) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2013-07-29] CHR Extension: (Content Blocker) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2013-07-29] CHR Extension: (Plus-HD-2.5) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd [2013-07-29] CHR Extension: (Virtual Keyboard) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2013-07-29] CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-07-28] CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17] CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17] CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17] CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17] CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17] ==================== Services (Whitelisted) ================= R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO) R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [29184 2012-12-26] (Realtek Semiconductor Corporation) R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [39424 2012-12-07] () R2 HPSLPSVC; C:\Users\Felix\AppData\Local\Temp\7zS05C3\hpslpsvc64.dll [1039360 2013-02-06] (Hewlett-Packard Co.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-08] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-08] (Intel Corporation) R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377104 2013-12-13] (LogMeIn, Inc.) R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2013-04-01] (Micro-Star International Co., Ltd.) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15122208 2013-10-18] (NVIDIA Corporation) R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-09-17] (Microsoft Corporation) R2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [495616 2013-03-15] () R2 RtkBleServ; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe [39424 2012-12-07] (Realtek Semiconductor Corporation) S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234096 2013-08-01] (soft Xpansion) ==================== Drivers (Whitelisted) ==================== S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin) R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [66928 2013-03-15] (Qualcomm Atheros, Inc.) S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-03-22] (Intel Corporation) R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [165824 2013-03-15] (Qualcomm Atheros, Inc.) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-11-16] (Kaspersky Lab ZAO) S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [112224 2013-06-08] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [620640 2013-12-20] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2013-12-20] (Kaspersky Lab ZAO) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99800 2013-05-08] (Intel Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-09-28] (NVIDIA Corporation) R3 RtkBtFilter; C:\Windows\System32\DRIVERS\RtkBtfilter.sys [518800 2012-12-06] (Realtek Semiconductor Corporation) R3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [407112 2013-04-28] (Realsil Semiconductor Corporation) R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1514568 2013-05-02] (Realtek Semiconductor Corporation ) S3 athr; system32\DRIVERS\athrx.sys [x] S3 VGPU; System32\drivers\rdvgkmd.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-01-28 13:31 - 2014-01-28 13:31 - 00000779 _____ C:\Users\Felix\Desktop\JRT.txt 2014-01-28 13:13 - 2014-01-28 13:13 - 01037068 _____ (Thisisu) C:\Users\Felix\Downloads\JRT(2).exe 2014-01-28 13:08 - 2014-01-28 13:08 - 01236282 _____ C:\Users\Felix\Downloads\adwcleaner_3.017.exe 2014-01-27 21:17 - 2014-01-27 21:17 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi 2014-01-27 18:42 - 2014-01-28 13:33 - 00000000 ____D C:\Users\Felix\Downloads\FRST-OlderVersion 2014-01-24 17:27 - 2014-01-24 17:27 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk 2014-01-24 17:27 - 2014-01-24 17:27 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-01-24 17:27 - 2014-01-24 17:27 - 00000000 ____D C:\Program Files\iTunes 2014-01-24 17:27 - 2014-01-24 17:27 - 00000000 ____D C:\Program Files\iPod 2014-01-24 17:27 - 2014-01-24 17:27 - 00000000 ____D C:\Program Files (x86)\iTunes 2014-01-22 17:33 - 2014-01-28 13:26 - 00002847 _____ C:\Windows\setupact.log 2014-01-22 17:33 - 2014-01-22 17:33 - 00000000 _____ C:\Windows\setuperr.log 2014-01-22 10:46 - 2014-01-22 10:57 - 00000000 ____D C:\Users\Felix\AppData\Local\Microsoft Games 2014-01-16 20:34 - 2014-01-16 20:34 - 00839174 _____ C:\Users\Felix\Desktop\szenario.ils4 2014-01-16 20:33 - 2014-01-16 20:33 - 00082890 _____ C:\Users\Felix\Desktop\mod.ils4 2014-01-15 14:39 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2014-01-15 14:39 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2014-01-15 14:39 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2014-01-15 14:39 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2014-01-15 14:39 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2014-01-15 14:39 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2014-01-15 14:39 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2014-01-15 14:39 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2014-01-15 14:39 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-01-14 20:40 - 2014-01-14 20:41 - 20656362 _____ C:\Users\Felix\Downloads\setup.zip 2014-01-14 20:38 - 2014-01-14 20:41 - 00000000 ____D C:\Users\Felix\Desktop\ILST 2014-01-14 19:06 - 2014-01-14 19:06 - 00000000 ____D C:\Users\Felix\Desktop\data 2014-01-14 18:47 - 2014-01-13 18:22 - 00000000 ____D C:\Users\Felix\Desktop\Mod_OberbergNeu 2014-01-08 20:43 - 2014-01-08 20:43 - 00003064 _____ C:\Windows\System32\Tasks\{A4C329CE-F458-41DD-BF61-1773BBC3C6F5} 2014-01-08 20:41 - 2014-01-08 20:41 - 00003064 _____ C:\Windows\System32\Tasks\{D9EFB391-AC6E-452E-A9DF-5C0843B1C17B} 2014-01-04 18:16 - 2014-01-05 02:45 - 00000000 ____D C:\Users\Felix\Desktop\Walking dead 4 ==================== One Month Modified Files and Folders ======= 2014-01-28 13:34 - 2013-09-10 16:51 - 00024552 _____ C:\Users\Felix\Downloads\FRST.txt 2014-01-28 13:33 - 2014-01-27 18:42 - 00000000 ____D C:\Users\Felix\Downloads\FRST-OlderVersion 2014-01-28 13:33 - 2013-07-31 16:41 - 00000000 ____D C:\FRST 2014-01-28 13:33 - 2013-07-31 16:40 - 02079232 _____ (Farbar) C:\Users\Felix\Downloads\FRST64.exe 2014-01-28 13:31 - 2014-01-28 13:31 - 00000779 _____ C:\Users\Felix\Desktop\JRT.txt 2014-01-28 13:30 - 2013-08-04 18:55 - 01778012 _____ C:\Windows\WindowsUpdate.log 2014-01-28 13:28 - 2013-11-16 21:37 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2014-01-28 13:28 - 2013-07-28 18:38 - 00027955 _____ C:\Users\Felix\AppData\Local\BTServer.log 2014-01-28 13:27 - 2013-08-22 10:01 - 00000000 ____D C:\Program Files (x86)\Steam 2014-01-28 13:27 - 2013-07-30 18:15 - 00000000 ____D C:\Users\Felix\AppData\Local\LogMeIn Hamachi 2014-01-28 13:27 - 2013-07-28 19:57 - 00000000 ____D C:\ProgramData\Bigfoot Networks 2014-01-28 13:26 - 2014-01-22 17:33 - 00002847 _____ C:\Windows\setupact.log 2014-01-28 13:26 - 2013-07-28 18:37 - 00000000 ____D C:\ProgramData\Realtek 2014-01-28 13:26 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2014-01-28 13:19 - 2009-07-14 05:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-01-28 13:19 - 2009-07-14 05:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-01-28 13:13 - 2014-01-28 13:13 - 01037068 _____ (Thisisu) C:\Users\Felix\Downloads\JRT(2).exe 2014-01-28 13:12 - 2013-07-28 19:41 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-01-28 13:09 - 2013-08-20 15:25 - 00000000 ____D C:\AdwCleaner 2014-01-28 13:08 - 2014-01-28 13:08 - 01236282 _____ C:\Users\Felix\Downloads\adwcleaner_3.017.exe 2014-01-27 21:17 - 2014-01-27 21:17 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi 2014-01-27 21:17 - 2013-07-30 18:14 - 00000926 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk 2014-01-27 18:43 - 2013-07-31 16:45 - 00029652 _____ C:\Users\Felix\Downloads\Addition.txt 2014-01-27 11:07 - 2011-04-12 08:43 - 00700720 _____ C:\Windows\system32\perfh007.dat 2014-01-27 11:07 - 2011-04-12 08:43 - 00150326 _____ C:\Windows\system32\perfc007.dat 2014-01-27 11:07 - 2009-07-14 06:13 - 01624106 _____ C:\Windows\system32\PerfStringBackup.INI 2014-01-25 16:48 - 2013-12-06 16:35 - 00000000 __SHD C:\Users\Felix\wc 2014-01-24 17:27 - 2014-01-24 17:27 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk 2014-01-24 17:27 - 2014-01-24 17:27 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-01-24 17:27 - 2014-01-24 17:27 - 00000000 ____D C:\Program Files\iTunes 2014-01-24 17:27 - 2014-01-24 17:27 - 00000000 ____D C:\Program Files\iPod 2014-01-24 17:27 - 2014-01-24 17:27 - 00000000 ____D C:\Program Files (x86)\iTunes 2014-01-24 17:24 - 2013-07-28 21:35 - 00000000 ____D C:\ProgramData\Apple 2014-01-22 17:33 - 2014-01-22 17:33 - 00000000 _____ C:\Windows\setuperr.log 2014-01-22 15:07 - 2013-12-20 19:46 - 00000000 ____D C:\Users\Felix\AppData\Roaming\TS3Client 2014-01-22 10:57 - 2014-01-22 10:46 - 00000000 ____D C:\Users\Felix\AppData\Local\Microsoft Games 2014-01-20 16:48 - 2013-07-30 05:44 - 00000000 ____D C:\Users\Felix\AppData\Local\Adobe 2014-01-20 16:48 - 2013-07-28 19:41 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-01-20 16:48 - 2013-07-28 19:41 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-01-20 16:48 - 2013-07-28 19:41 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-01-17 19:43 - 2013-12-28 16:45 - 00000000 ____D C:\Users\Felix\Desktop\musik 2014-01-16 20:34 - 2014-01-16 20:34 - 00839174 _____ C:\Users\Felix\Desktop\szenario.ils4 2014-01-16 20:33 - 2014-01-16 20:33 - 00082890 _____ C:\Users\Felix\Desktop\mod.ils4 2014-01-15 20:28 - 2009-07-14 05:45 - 00451168 _____ C:\Windows\system32\FNTCACHE.DAT 2014-01-15 18:13 - 2013-08-04 19:05 - 00000000 ____D C:\Windows\system32\MRT 2014-01-15 18:12 - 2012-02-14 19:12 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-01-14 20:41 - 2014-01-14 20:40 - 20656362 _____ C:\Users\Felix\Downloads\setup.zip 2014-01-14 20:41 - 2014-01-14 20:38 - 00000000 ____D C:\Users\Felix\Desktop\ILST 2014-01-14 19:06 - 2014-01-14 19:06 - 00000000 ____D C:\Users\Felix\Desktop\data 2014-01-13 18:22 - 2014-01-14 18:47 - 00000000 ____D C:\Users\Felix\Desktop\Mod_OberbergNeu 2014-01-12 15:18 - 2012-02-14 18:39 - 01598386 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2014-01-08 20:43 - 2014-01-08 20:43 - 00003064 _____ C:\Windows\System32\Tasks\{A4C329CE-F458-41DD-BF61-1773BBC3C6F5} 2014-01-08 20:41 - 2014-01-08 20:41 - 00003064 _____ C:\Windows\System32\Tasks\{D9EFB391-AC6E-452E-A9DF-5C0843B1C17B} 2014-01-05 02:45 - 2014-01-04 18:16 - 00000000 ____D C:\Users\Felix\Desktop\Walking dead 4 2013-12-30 11:27 - 2013-07-29 18:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service Some content of TEMP: ==================== C:\Users\Felix\AppData\Local\Temp\Quarantine.exe C:\Users\Felix\AppData\Local\Temp\RegSvr32User.exe C:\Users\Felix\AppData\Local\Temp\vb43iorx.dll ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-01-20 21:03 ==================== End Of Log ============================ --- --- --- --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-01-2014 02 Ran by Anonymus at 2014-01-28 13:34:14 Running from C:\Users\Felix\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Kaspersky Internet Security (Disabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886} AS: Kaspersky Internet Security (Disabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security (Disabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD} ==================== Installed Programs ====================== 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated) Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.43 - Adobe Systems Incorporated) Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated) Apple Application Support (x32 Version: 3.0 - Apple Inc.) Apple Mobile Device Support (Version: 7.1.0.32 - Apple Inc.) Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.) AVM FRITZ!WLAN (x32 Version: - AVM Berlin) B109n-z (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden Bonjour (Version: 3.0.0.10 - Apple Inc.) BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Call of Duty: Modern Warfare 3 - Multiplayer (x32 Version: - Infinity Ward) CCleaner (Version: 4.04 - Piriform) Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000 - Microsoft Corporation) DC-Bass Source 1.3.0 (x32 Version: - ) Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden DirectVobSub 2.40.4209 (x32 Version: 2.40.4209 - MPC-HC Team) DivX-Setup (x32 Version: 2.6.1.8 - DivX, LLC) Emergency4 (x32 Version: 1.03.001 - ) ETDWare PS/2-X64 11.13.2.4_WHQL (Version: 11.13.2.4 - ELAN Microelectronic Corp.) Feuer- und Notfallsimulation Wegberg Version 6.0 (x32 Version: 6.0 - Marco H.) ffdshow v1.1.4399 [2012-03-22] (x32 Version: 1.1.4399.0 - ) Free Pdf Perfect Prereq (x32 Version: 1.1.0.70 - Covus Freemium GmbH) Hidden Free YouTube to MP3 Converter version 3.12.19.1219 (x32 Version: 3.12.19.1219 - DVDVideoSoft Ltd.) Freemium Free PDF Perfect (x32 Version: 1.0 - Freemium) GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden Haali Media Splitter (x32 Version: - ) HP Customer Participation Program 14.0 (Version: 14.0 - HP) HP Imaging Device Functions 14.0 (Version: 14.0 - HP) HP Photosmart Wireless B109n-z All-in-One Driver Software 14.0 Rel. 6 (Version: - HP) HP Smart Web Printing 4.60 (Version: 4.60 - HP) HP Solution Center 14.0 (Version: 14.0 - HP) HP Update (x32 Version: 5.002.002.002 - Hewlett-Packard) HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden iCloud (Version: 3.1.0.40 - Apple Inc.) Intel(R) Management Engine Components (x32 Version: 9.5.3.1520 - Intel Corporation) Intel(R) Processor Graphics (x32 Version: 9.18.10.3165 - Intel Corporation) Intel(R) Rapid Storage Technology (Version: 12.5.0.1066 - Intel Corporation) Intel(R) Rapid Storage Technology (Version: 12.5.0.1066 - Intel Corporation) Hidden Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 3.0.0.63463 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 2.5.0.19 - Intel Corporation) Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden iTunes (Version: 11.1.4.62 - Apple Inc.) Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden Lagarith Lossless Codec (1.3.27) (x32 Version: - ) LAME v3.99.3 (for Windows) (x32 Version: - ) LogMeIn Hamachi (x32 Version: 2.2.0.114 - LogMeIn, Inc.) LogMeIn Hamachi (x32 Version: 2.2.0.114 - LogMeIn, Inc.) Hidden Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation) MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Office 365 Home Premium - de-de (Version: 15.0.4551.1005 - Microsoft Corporation) Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation) Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla) Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla) MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation) Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden NVIDIA GeForce Experience 1.7 (Version: 1.7 - NVIDIA Corporation) NVIDIA Grafiktreiber 331.65 (Version: 331.65 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.140.952 - NVIDIA Corporation) Hidden NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Optimus 9.3.16 (Version: 9.3.16 - NVIDIA Corporation) Hidden NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725 - NVIDIA Corporation) NVIDIA ShadowPlay 9.3.16 (Version: 9.3.16 - NVIDIA Corporation) Hidden NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden NVIDIA Update 9.3.16 (Version: 9.3.16 - NVIDIA Corporation) Hidden NVIDIA Update Components (Version: 9.3.16 - NVIDIA Corporation) Hidden NVIDIA Virtual Audio 1.2.9 (Version: 1.2.9 - NVIDIA Corporation) Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1005 - Microsoft Corporation) Hidden OpenSource Flash Video Splitter 1.0.0.5 (x32 Version: 1.0.0.5 - ) PS_AIO_06_B109n-z_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden Qualcomm Atheros Killer Network Manager (Version: 6.1.0.550 - Qualcomm Atheros) Hidden Qualcomm Atheros Killer Network Manager (x32 Version: 6.1.0.550 - Qualcomm Atheros) QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden REALTEK Bluetooth Driver (x32 Version: 3.9691.663.020613 - REALTEK Semiconductor Corp.) Realtek Card Reader (x32 Version: 6.2.9200.21228 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6959 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver (x32 Version: 1.00.0212 - REALTEK Semiconductor Corp.) RTS Wegberg Version 2.0 (x32 Version: 2.0 - Marco H.) Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden SCM (Version: 13.013.04011 - Application) SHIELD Streaming (Version: 1.6.34 - NVIDIA Corporation) Hidden Shop for HP Supplies (Version: 14.0 - HP) Skype™ 6.6 (x32 Version: 6.6.106 - Skype Technologies S.A.) SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden SolutionCenter (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Steam (x32 Version: 1.0.0.0 - Valve Corporation) TeamSpeak 3 Client (Version: 3.0.13 - TeamSpeak Systems GmbH) TeamViewer 8 (x32 Version: 8.0.19617 - TeamViewer) Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Ultimate Codec Packages (HKCU Version: - ) <==== ATTENTION VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden VisualBee for Microsoft PowerPoint (HKCU Version: V3.9 - VisualBee.com) WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden WinRAR 4.20 (64-Bit) (Version: 4.20.0 - win.rar GmbH) Xvid Video Codec (x32 Version: 1.3.2 - Xvid Team) ==================== Restore Points ========================= 14-01-2014 19:34:10 Simulationsprogramm Integrierte Leitstelle V4 wird entfernt 15-01-2014 17:11:54 Windows Update 21-01-2014 15:30:42 Windows Update 24-01-2014 16:00:21 Windows Update ==================== Hosts content: ========================== 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {03F808CC-0301-41CD-ABE3-5054223C2515} - \DealPly No Task File Task: {1387F99A-15FE-4FA6-AF63-8CE83D887660} - System32\Tasks\{A4C329CE-F458-41DD-BF61-1773BBC3C6F5} => C:\Program Files (x86)\BK Elektronik\Simulationsprogramm Integrierte Leitstelle V4\ILS-SimV4.exe Task: {15E94D35-C012-47FB-A12C-0A3DC768E5E0} - System32\Tasks\{FA798317-5274-4139-BDD9-F7ACED4F978E} => C:\Program Files (x86)\BK Elektronik\Simulationsprogramm Integrierte Leitstelle V4\ILS-SimV4.exe Task: {24728299-8AEC-4185-BF22-366BFDADD8D4} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe Task: {5D31E009-A7ED-40F5-91BA-9C8FEE0C3753} - \DealPlyUpdate No Task File Task: {5E4FB163-AB17-426D-BA76-192DCCD6D649} - System32\Tasks\{A37A6CF3-C1B8-4009-A9F1-643F4DB14663} => C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe Task: {630DB15E-BFE5-4B26-B6DE-2B20C48A34DB} - \QtraxPlayer No Task File Task: {70629DDF-D57A-4B84-8695-990697AF3C34} - System32\Tasks\{FF5EBAB2-AB0A-46E7-BE67-E2D1BCFDCC80} => C:\Program Files (x86)\BK Elektronik\Simulationsprogramm Integrierte Leitstelle V4\ILS-SimV4.exe Task: {778E1192-92B8-474D-AC19-3AE3EC19BF89} - \Desk 365 RunAsStdUser No Task File Task: {7AD17BAC-9420-495A-880D-15FD2E49ECB7} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2013-11-27] (Microsoft Corporation) Task: {80921214-3AAF-4D3B-B40F-A03CEF1B7EF4} - System32\Tasks\{522814BB-B8EF-4DBB-802C-20E4082F50A2} => C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe Task: {8C60A5CA-F62E-432E-BB5E-88B8D6C0DFA8} - System32\Tasks\{D9EFB391-AC6E-452E-A9DF-5C0843B1C17B} => C:\Program Files (x86)\BK Elektronik\Simulationsprogramm Integrierte Leitstelle V4\ILS-SimV4.exe Task: {90BBACD7-06DB-435C-815E-1AA45736BE5B} - \ProtectedSearch\Protected Search No Task File Task: {945A51F8-10D4-4ECA-99B9-91DEB7470F19} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {95E47A5D-DBFF-442E-BACB-6DA57BA9D034} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-20] (Adobe Systems Incorporated) Task: {A1E44AD3-CACE-4453-A4F1-ED1119073F8B} - System32\Tasks\{CA407B8C-15F7-4A6D-9E48-910E81F88474} => C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe Task: {B88727DF-B84D-49DA-BD98-B319A5E0D828} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd) Task: {C7C503D3-23E0-4698-977F-69AA16297B61} - System32\Tasks\Microsoft\Office\Office First Run Task => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-09-17] (Microsoft Corporation) Task: {D639D731-DC23-404C-8477-68412D215113} - System32\Tasks\{B1D7A799-F91D-442A-B17B-4CD41460694E} => C:\Program Files (x86)\sixteen tons entertainment\Emergency4\Em4.exe [2007-10-11] () Task: {D6825F7F-0751-41BA-8C19-EB4651D5AE85} - System32\Tasks\{E5CC6569-A8C6-4BAE-A851-06C582F749B9} => C:\Program Files (x86)\sixteen tons entertainment\Emergency4\Em4.exe [2007-10-11] () Task: {EEAABF06-B88A-4BAF-8F1D-C0AA996DF335} - System32\Tasks\{0F4DE93C-4B1A-42CF-82FA-6F5EFFFAF858} => C:\Program Files (x86)\sixteen tons entertainment\Emergency4\Em4.exe [2007-10-11] () Task: {FF966BCC-5893-4868-81F5-BD6DB8ABBB61} - \Browser Updater\Browser Updater No Task File Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============= 2011-05-09 19:46 - 2011-05-09 19:46 - 02760192 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtCore4.dll 2011-05-09 19:56 - 2011-05-09 19:56 - 09856000 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtGui4.dll 2011-05-09 19:48 - 2011-05-09 19:48 - 00990720 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtNetwork4.dll 2011-05-09 19:47 - 2011-05-09 19:47 - 00416256 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtXml4.dll 2013-03-15 11:22 - 2013-03-15 11:22 - 00217600 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFCommon.dll 2011-05-10 11:32 - 2011-05-10 11:32 - 00731648 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\qwt5.dll 2013-03-15 11:22 - 2013-03-15 11:22 - 00404992 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modApplications.dll 2013-03-15 11:22 - 2013-03-15 11:22 - 00036864 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modFeatures.dll 2013-03-15 11:22 - 2013-03-15 11:22 - 00025088 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modFraps.dll 2013-03-15 11:22 - 2013-03-15 11:22 - 00240128 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modGraph.dll 2013-03-15 11:22 - 2013-03-15 11:22 - 00062464 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modlcd.dll 2013-03-15 11:22 - 2013-03-15 11:22 - 00291328 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modNetwork.dll 2013-03-15 11:22 - 2013-03-15 11:22 - 00184832 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modNpu.dll 2013-03-15 11:22 - 2013-03-15 11:22 - 00211456 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modOptions.dll 2013-03-15 11:22 - 2013-03-15 11:22 - 00064000 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modOverview.dll 2013-03-15 11:22 - 2013-03-15 11:22 - 00317440 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modSystemInfo.dll 2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2013-06-17 12:35 - 2013-06-17 12:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll 2013-05-08 14:52 - 2013-05-08 14:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll 2014-01-08 20:23 - 2013-12-12 23:19 - 00142848 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll 2014-01-08 20:23 - 2013-11-05 02:12 - 00890592 _____ () C:\Program Files (x86)\Steam\libavutil-52.dll 2013-07-01 07:20 - 2014-01-11 00:33 - 00717312 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2013-07-26 13:46 - 2014-01-27 20:02 - 01138088 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2013-07-15 13:32 - 2014-01-11 00:33 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll 2013-06-14 14:49 - 2013-06-15 00:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll 2013-06-14 14:49 - 2013-06-15 00:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll 2013-06-14 14:49 - 2013-06-15 00:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll 2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll 2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll 2013-07-28 20:01 - 2013-05-08 05:23 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2013-12-26 13:57 - 2013-12-26 13:57 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2014-01-20 16:48 - 2014-01-20 16:48 - 16287624 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== Faulty Device Manager Devices ============= Name: Photosmart Wireless B109n-z Description: Photosmart Wireless B109n-z Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318} Manufacturer: HP Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== System errors: ============= Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2014-01-27 19:05:18.360 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-27 19:05:18.360 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-27 19:05:18.344 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-27 19:05:18.328 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-27 19:05:18.328 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-27 19:05:18.313 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-25 17:31:19.905 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-25 17:31:19.903 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-25 17:31:19.900 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-25 17:31:19.885 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Memory info =========================== Percentage of memory in use: 31% Total physical RAM: 8112.65 MB Available physical RAM: 5543.6 MB Total Pagefile: 16223.48 MB Available Pagefile: 13169.62 MB Total Virtual: 8192 MB Available Virtual: 8191.79 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:156.25 GB) (Free:71.62 GB) NTFS Drive d: () (Fixed) (Total:307.65 GB) (Free:307.55 GB) NTFS Drive e: (MW3_DVD1) (CDROM) (Total:7.78 GB) (Free:0 GB) UDF ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 051DE3B8) Partition 1: (Active) - (Size=2 GB) - (Type=0B) Partition 2: (Not Active) - (Size=156 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=308 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
28.01.2014, 15:17 | #8 |
/// Winkelfunktion /// TB-Süch-Tiger™ | WIN7 Extrem langsam! Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes Anti-Malware (MBAM) Hinweis: Denk bitte vorher daran, Malwarebytes Anti-Malware über den Updatebutton zu aktualisieren! Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
28.01.2014, 20:44 | #9 |
| WIN7 Extrem langsam!Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.01.27.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16476 Anonymus :: FELIX-PC [Administrator] 28.01.2014 16:19:51 mbam-log-2014-01-28 (16-19-51).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 428658 Laufzeit: 57 Minute(n), 59 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.01.27.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16476 Anonymus :: FELIX-PC [Administrator] 28.01.2014 17:25:30 mbam-log-2014-01-28 (17-25-30).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 229866 Laufzeit: 2 Minute(n), 31 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=f1f171806aa9fe4ab567bed4a18fdc53 # engine=16832 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=false # unsafe_checked=false # antistealth_checked=true # utc_time=2014-01-28 07:38:40 # local_time=2014-01-28 08:38:40 (+0100, Mitteleuropäische Zeit) # country="Germany" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=5893 16776573 100 94 15863 142567770 0 0 # scanned=211814 # found=0 # cleaned=0 # scan_time=10719 |
29.01.2014, 01:09 | #10 |
/// Winkelfunktion /// TB-Süch-Tiger™ | WIN7 Extrem langsam! [gelöst] TFC - Temp File Cleaner Lade dir TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.
Sieht soweit ok aus Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
29.01.2014, 20:51 | #11 |
| WIN7 Extrem langsam! [gelöst] Erstmal riesen Dank für die flotte hilfe! Mich macht halt nur noch einiges stutzig. Zuerst das: Code:
ATTFilter Warnung 29.01.2014 20:23:15 Diagnostics-Performance 110 Systemstart-Leistungsüberwachung Warnung 29.01.2014 20:23:15 Diagnostics-Performance 101 Systemstart-Leistungsüberwachung Kritisch 29.01.2014 20:23:15 Diagnostics-Performance 100 Systemstart-Leistungsüberwachung Warnung 28.01.2014 20:15:42 Diagnostics-Performance 301 Standbyleistungsüberwachung Fehler 28.01.2014 20:15:42 Diagnostics-Performance 300 Standbyleistungsüberwachung Kritisch 28.01.2014 16:11:12 Diagnostics-Performance 100 Systemstart-Leistungsüberwachung Warnung 28.01.2014 16:11:12 Diagnostics-Performance 203 Herunterfahr-Leistungsüberwachung Warnung 28.01.2014 16:11:12 Diagnostics-Performance 200 Herunterfahr-Leistungsüberwachung Kritisch 28.01.2014 13:28:56 Diagnostics-Performance 100 Systemstart-Leistungsüberwachung Warnung 28.01.2014 13:28:55 Diagnostics-Performance 200 Herunterfahr-Leistungsüberwachung Kritisch 28.01.2014 13:13:31 Diagnostics-Performance 100 Systemstart-Leistungsüberwachung Warnung 28.01.2014 13:13:30 Diagnostics-Performance 200 Herunterfahr-Leistungsüberwachung Warnung 28.01.2014 12:56:47 Diagnostics-Performance 203 Herunterfahr-Leistungsüberwachung Warnung 28.01.2014 12:56:47 Diagnostics-Performance 200 Herunterfahr-Leistungsüberwachung Kritisch 28.01.2014 12:56:45 Diagnostics-Performance 100 Systemstart-Leistungsüberwachung Der unbekannte virtuelle Datenträger heißt wie folgt: ┐ § ǁ ┘ À² Es ist auch kein USB Stick oder sonst was angeschlossen. Auch ist die Leistungsbewertung enorm schlecht: Code:
ATTFilter Prozessor 7,6 RAM 7,7 Grafik 7,1 Grafik Spiele 7,1 Primäre Festplatte 5,9 |
29.01.2014, 21:37 | #12 | ||
/// Winkelfunktion /// TB-Süch-Tiger™ | WIN7 Extrem langsam! [gelöst]Zitat:
Zitat:
MaxWert ist 7.9!! Mehr gibt es nicht!
__________________ Logfiles bitte immer in CODE-Tags posten |
29.01.2014, 22:00 | #13 |
| WIN7 Extrem langsam! [gelöst]Echt?! Dann muss ich sagen, dass mein Informatik Lehrer keine Ahnung auf dem Gebiet hat, weil er zu mir meinte, dass 1,0 das beste sei und man aufgrund der "schlechten Leistungsbewertungen" (7,1 usw.) in meinem System darauf schließen kann, dass etwas nicht stimmt. Kannst du mir was zu den Fehlermeldungen sagen? |
29.01.2014, 22:04 | #14 |
| WIN7 Extrem langsam! [gelöst] |
29.01.2014, 23:06 | #15 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | WIN7 Extrem langsam! [gelöst]Zitat:
Wirf die mal aus und schau dann nochmal bei Defrag nach. Alternative zum Windows-Defrag: Defraggler - Download - Filepony
__________________ Logfiles bitte immer in CODE-Tags posten |
Themen zu WIN7 Extrem langsam! |
browser, direkt, einfach, geforce, großes, hallo zusammen, jahre, komplett, lange, langsam, link, logfiles, notebook, rechner, richtig, ruckel, server, spam, spiele, stelle, super, tipps, win, win7, wirklich, zusammen |