| |
| |||||||
Alles rund um Windows: WIN7 Extrem langsam!Windows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows. |
 |
27.01.2014, 12:45
| #1 |
 |  Problem: WIN7 Extrem langsam! Hallo zusammen, ich stelle mich kurz vor. Ich bin 22 Jahre alt und Auszubildender in einem Industrieunternehmen und habe nicht wirklich großes Wissen über PC´s und deren Technik.  Jetzt zu meinem Anliegen: Ich habe mir Mitte letzten Jahres ein Notebook zugelegt. Einige Grunddaten: WIN7 Ultimate (Hat mir ein bekannter eingerichtet und besorgt) 8 GB RAM 500 GB Festplatte Intel i7-4700MQ Nividia GeForce GT 750M / 2GB GDDR5 Ich hatte das Gerät ganze 2 Tage, als mir auffiel, dass ziemlich viel Spam im Browser war. Ich habe mich an das Trojaner-Board gewandt und mir wurde super geholfen. Hier ist der Link, in dem mir damals geholfen wurde: http://www.trojaner-board.de/139055-...ung-hilfe.html Nur leider fällt mir immer mehr auf, dass der Rechner einfach echt langsam ist. Heute mussten wir unsere Notebooks mit zur Berufschule nehmen und mein Informatiklehrer hat mal kurz in meinen Rechner geguckt und meinte direkt, dass da einiges NICHT in Ordnung sei. Mir selber ist es aufgefallen, indem Spiele (Egoshooter) im Offline-Modus nur am ruckeln sind. Die selben Spiele im ONLINE-Modus (also über einen Server gegen andere Online Spieler) laufen jedoch komplett einwandfrei. Ebenso dauert es ziemlich lange, bis der Rechner sich erstmal hochgefahren hat. (Ca. 5min.) Es wäre wunderbar, wenn mir jemand Tipps geben könnte, wie ich das Notebook wieder richtig zum laufen bekomme. Sei es durch Anweisungen die ich ausführen soll oder Stellen, Personen oder Läden an die man sich wenden kann. Ich stelle auch gerne benötigte Logfiles oder sonstiges ein.  Besten Dank |
|
27.01.2014, 15:18
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | WIN7 Extrem langsam! Anleitung / Hilfe Hi,
__________________Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten! Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht! Zudem bitte auch ein Log mit Farbars Tool machen: Scan mit Farbar's Recovery Scan Tool (FRST) Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
 Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
27.01.2014, 18:44
| #3 |
| | WIN7 Extrem langsam! DetailsCode:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.01.15.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16476 Anonymus :: FELIX-PC [Administrator] 15.01.2014 15:35:39 mbam-log-2014-01-15 (15-35-39).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 429423 Laufzeit: 1 Stunde(n), 51 Minute(n), 12 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) KASPERSKY INTERNET SECURITY: Code:
ATTFilter Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 16 Minuten 55 Sekunden 30.12.2013, 12:01
Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 12 Minuten 41 Sekunden 31.12.2013, 00:36
Rootkit-Suche (abgebrochen) Keine Bedrohungen gefunden Abgebrochen 0 0 0 33 Minuten 20 Sekunden 03.01.2014, 19:08
Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 12 Minuten 5 Sekunden 04.01.2014, 13:29
Benutzerdefinierte Untersuchung Keine Bedrohungen gefunden Abgeschlossen 0 0 0 10 Sekunden 04.01.2014, 18:04
Benutzerdefinierte Untersuchung Keine Bedrohungen gefunden Abgeschlossen 0 0 0 24 Sekunden 04.01.2014, 18:09
Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 38 Minuten 32 Sekunden 05.01.2014, 00:00
Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 26 Minuten 8 Sekunden 05.01.2014, 01:00
Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 24 Minuten 42 Sekunden 05.01.2014, 01:55
Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 18 Minuten 7 Sekunden 08.01.2014, 20:54
Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 16 Minuten 13 Sekunden 09.01.2014, 17:15
Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 33 Minuten 46 Sekunden 10.01.2014, 21:43
Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 25 Minuten 24 Sekunden 11.01.2014, 00:00
Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 12 Minuten 39 Sekunden 13.01.2014, 18:40
Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 15 Minuten 41 Sekunden 14.01.2014, 16:55
Vollständige Untersuchung des Computers Keine Bedrohungen gefunden Abgeschlossen 0 0 0 1 Stunde 13 Minuten 15.01.2014, 15:34
Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 38 Minuten 43 Sekunden 15.01.2014, 16:47
Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 11 Minuten 3 Sekunden 15.01.2014, 20:59
Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 12 Minuten 52 Sekunden 16.01.2014, 17:52
Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 13 Minuten 18 Sekunden 17.01.2014, 18:09
Benutzerdefinierte Untersuchung Keine Bedrohungen gefunden Abgeschlossen 0 0 0 10 Sekunden 17.01.2014, 19:34
Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 26 Minuten 22 Sekunden 18.01.2014, 00:00
Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 16 Minuten 43 Sekunden 20.01.2014, 19:18
Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 32 Minuten 22 Sekunden 21.01.2014, 16:57
Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 16 Minuten 5 Sekunden 22.01.2014, 15:35
Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 12 Minuten 23 Sekunden 22.01.2014, 21:31
Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 33 Minuten 33 Sekunden 23.01.2014, 17:01
Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 22 Minuten 12 Sekunden 23.01.2014, 20:10
Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 18 Minuten 14 Sekunden 24.01.2014, 17:26
Rootkit-Suche Keine Bedrohungen gefunden Abgeschlossen 0 0 0 27 Minuten 23 Sekunden 25.01.2014, 00:00
Vollständige Untersuchung des Computers Keine Bedrohungen gefunden Abgeschlossen 0 0 3 1 Stunde 14 Minuten 25.01.2014, 15:23
FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-01-2014
Ran by Anonymus (administrator) on FELIX-PC on 27-01-2014 18:42:45
Running from C:\Users\Felix\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(MSI) C:\Program Files (x86)\SCM\Radio Manager.exe
(MSI) C:\Program Files (x86)\SCM\SCM.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
() C:\Program Files (x86)\REALTEK\Realtek Bluetooth\SkypePlugin.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [BtServer] - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [452608 2013-01-28] (Realtek Semiconductor Corporation)
HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2875728 2013-03-04] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-10-18] (NVIDIA Corporation)
HKLM\...\Run: [Radio Manager] - C:\Program Files (x86)\SCM\Radio Manager.exe [406920 2013-04-01] (MSI)
HKLM\...\Run: [SCM] - C:\Program Files (x86)\SCM\SCM.exe [407968 2013-04-01] (MSI)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1063200 2013-10-18] (NVIDIA Corporation)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [AVMWlanClient] - C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2009-11-18] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3806544 2013-11-29] (LogMeIn Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1815464 2014-01-07] (Valve Corporation)
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
MountPoints2: {747a19c9-f7b0-11e2-933a-806e6f6e6963} - E:\SETUP.EXE
MountPoints2: {7840fd75-f7d5-11e2-ab2c-806e6f6e6963} - E:\CDSetup.exe
MountPoints2: {a1c4c90a-f7ac-11e2-9ea9-bdf80bd1a8f2} - F:\pushinst.exe
AppInit_DLLs: c:\windows\syswow64\nvinit.dll, => c:\windows\syswow64\nvinit.dll [141336 2013-10-23] (NVIDIA Corporation)
AppInit_DLLs: c:\windows\syswow64\nvinit.dll, => c:\windows\syswow64\nvinit.dll [141336 2013-10-23] (NVIDIA Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-10-23] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll, => c:\windows\syswow64\nvinit.dll [141336 2013-10-23] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-10-23] (NVIDIA Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD1AFCC26C68BCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - No Name - {EFC2B9BE-AB2B-47F1-A47D-9EB28E58C917} - No File
Toolbar: HKLM-x32 - No Name - {EFC2B9BE-AB2B-47F1-A47D-9EB28E58C917} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 02 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 03 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 04 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 05 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 06 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 18 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 01 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 02 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 03 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 04 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 05 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 06 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 18 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
FireFox:
========
FF ProfilePath: C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\663fc740.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @soft-xpansion/npsxpdf - C:\Program Files (x86)\Common Files\Freemium\np-sxpdf.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: CookieCuller - C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\663fc740.default\Extensions\{99B98C2C-7274-45a3-A640-D9DF1A1C8460}.xpi [2013-08-14]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [{B45418F9-6406-4828-9D1A-35313FB1E2D6}] - C:\ProgramData\Freemium\Free PDF Perfect\Data\fftb
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-08-19]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2013-11-16]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2013-11-16]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2013-11-16]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2013-11-16]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2013-11-16]
FF HKLM-x32\...\Thunderbird\Extensions: [{B45418F9-6406-4828-9D1A-35313FB1E2D6}] - C:\ProgramData\Freemium\Free PDF Perfect\Data\fftb
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-08-19]
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2013-07-29]
CHR Extension: (Content Blocker) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2013-07-29]
CHR Extension: (Plus-HD-2.5) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd [2013-07-29]
CHR Extension: (Virtual Keyboard) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2013-07-29]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-07-28]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17]
==================== Services (Whitelisted) =================
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [29184 2012-12-26] (Realtek Semiconductor Corporation)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [39424 2012-12-07] ()
R2 HPSLPSVC; C:\Users\Felix\AppData\Local\Temp\7zS05C3\hpslpsvc64.dll [1039360 2013-02-06] (Hewlett-Packard Co.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-08] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-08] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377104 2013-10-11] (LogMeIn, Inc.)
R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2013-04-01] (Micro-Star International Co., Ltd.)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15122208 2013-10-18] (NVIDIA Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-09-17] (Microsoft Corporation)
R2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [495616 2013-03-15] ()
R2 RtkBleServ; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe [39424 2012-12-07] (Realtek Semiconductor Corporation)
S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234096 2013-08-01] (soft Xpansion)
==================== Drivers (Whitelisted) ====================
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [66928 2013-03-15] (Qualcomm Atheros, Inc.)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-03-22] (Intel Corporation)
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [165824 2013-03-15] (Qualcomm Atheros, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-11-16] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [112224 2013-06-08] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [620640 2013-12-20] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2013-12-20] (Kaspersky Lab ZAO)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99800 2013-05-08] (Intel Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-09-28] (NVIDIA Corporation)
R3 RtkBtFilter; C:\Windows\System32\DRIVERS\RtkBtfilter.sys [518800 2012-12-06] (Realtek Semiconductor Corporation)
R3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [407112 2013-04-28] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1514568 2013-05-02] (Realtek Semiconductor Corporation )
S3 athr; system32\DRIVERS\athrx.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-27 18:42 - 2014-01-27 18:42 - 00000000 ____D C:\Users\Felix\Downloads\FRST-OlderVersion
2014-01-27 18:40 - 2014-01-27 18:40 - 00003272 _____ C:\Users\Felix\Desktop\Kaspersky.txt
2014-01-24 17:27 - 2014-01-24 17:27 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2014-01-24 17:27 - 2014-01-24 17:27 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-24 17:27 - 2014-01-24 17:27 - 00000000 ____D C:\Program Files\iTunes
2014-01-24 17:27 - 2014-01-24 17:27 - 00000000 ____D C:\Program Files\iPod
2014-01-24 17:27 - 2014-01-24 17:27 - 00000000 ____D C:\Program Files (x86)\iTunes
2014-01-22 17:33 - 2014-01-27 18:32 - 00002119 _____ C:\Windows\setupact.log
2014-01-22 17:33 - 2014-01-22 17:33 - 00000000 _____ C:\Windows\setuperr.log
2014-01-22 10:46 - 2014-01-22 10:57 - 00000000 ____D C:\Users\Felix\AppData\Local\Microsoft Games
2014-01-16 20:34 - 2014-01-16 20:34 - 00839174 _____ C:\Users\Felix\Desktop\szenario.ils4
2014-01-16 20:33 - 2014-01-16 20:33 - 00082890 _____ C:\Users\Felix\Desktop\mod.ils4
2014-01-15 14:39 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 14:39 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 14:39 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 14:39 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 14:39 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 14:39 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 14:39 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 14:39 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 14:39 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-14 20:40 - 2014-01-14 20:41 - 20656362 _____ C:\Users\Felix\Downloads\setup.zip
2014-01-14 20:38 - 2014-01-14 20:41 - 00000000 ____D C:\Users\Felix\Desktop\ILST
2014-01-14 19:06 - 2014-01-14 19:06 - 00000000 ____D C:\Users\Felix\Desktop\data
2014-01-14 18:47 - 2014-01-13 18:22 - 00000000 ____D C:\Users\Felix\Desktop\Mod_OberbergNeu
2014-01-08 20:43 - 2014-01-08 20:43 - 00003064 _____ C:\Windows\System32\Tasks\{A4C329CE-F458-41DD-BF61-1773BBC3C6F5}
2014-01-08 20:41 - 2014-01-08 20:41 - 00003064 _____ C:\Windows\System32\Tasks\{D9EFB391-AC6E-452E-A9DF-5C0843B1C17B}
2014-01-04 18:16 - 2014-01-05 02:45 - 00000000 ____D C:\Users\Felix\Desktop\Walking dead 4
2013-12-28 16:45 - 2014-01-17 19:43 - 00000000 ____D C:\Users\Felix\Desktop\musik
2013-12-28 16:25 - 2013-12-28 16:25 - 34115288 _____ (DVDVideoSoft Ltd. ) C:\Users\Felix\Downloads\FreeYouTubeToMP3Converter(1).exe
==================== One Month Modified Files and Folders =======
2014-01-27 18:43 - 2013-09-10 16:51 - 00024475 _____ C:\Users\Felix\Downloads\FRST.txt
2014-01-27 18:42 - 2014-01-27 18:42 - 00000000 ____D C:\Users\Felix\Downloads\FRST-OlderVersion
2014-01-27 18:42 - 2013-07-31 16:41 - 00000000 ____D C:\FRST
2014-01-27 18:42 - 2013-07-31 16:40 - 02078208 _____ (Farbar) C:\Users\Felix\Downloads\FRST64.exe
2014-01-27 18:41 - 2009-07-14 05:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-27 18:41 - 2009-07-14 05:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-27 18:40 - 2014-01-27 18:40 - 00003272 _____ C:\Users\Felix\Desktop\Kaspersky.txt
2014-01-27 18:39 - 2013-11-16 21:37 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2014-01-27 18:36 - 2013-08-04 18:55 - 01761485 _____ C:\Windows\WindowsUpdate.log
2014-01-27 18:34 - 2013-07-28 18:38 - 00020168 _____ C:\Users\Felix\AppData\Local\BTServer.log
2014-01-27 18:33 - 2013-07-30 18:15 - 00000000 ____D C:\Users\Felix\AppData\Local\LogMeIn Hamachi
2014-01-27 18:33 - 2013-07-28 19:57 - 00000000 ____D C:\ProgramData\Bigfoot Networks
2014-01-27 18:32 - 2014-01-22 17:33 - 00002119 _____ C:\Windows\setupact.log
2014-01-27 18:32 - 2013-08-22 10:01 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-27 18:32 - 2013-07-28 18:37 - 00000000 ____D C:\ProgramData\Realtek
2014-01-27 18:32 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-27 11:12 - 2013-07-28 19:41 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-27 11:07 - 2011-04-12 08:43 - 00700720 _____ C:\Windows\system32\perfh007.dat
2014-01-27 11:07 - 2011-04-12 08:43 - 00150326 _____ C:\Windows\system32\perfc007.dat
2014-01-27 11:07 - 2009-07-14 06:13 - 01624106 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-25 16:48 - 2013-12-06 16:35 - 00000000 __SHD C:\Users\Felix\wc
2014-01-24 17:27 - 2014-01-24 17:27 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2014-01-24 17:27 - 2014-01-24 17:27 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-24 17:27 - 2014-01-24 17:27 - 00000000 ____D C:\Program Files\iTunes
2014-01-24 17:27 - 2014-01-24 17:27 - 00000000 ____D C:\Program Files\iPod
2014-01-24 17:27 - 2014-01-24 17:27 - 00000000 ____D C:\Program Files (x86)\iTunes
2014-01-24 17:24 - 2013-07-28 21:35 - 00000000 ____D C:\ProgramData\Apple
2014-01-22 17:33 - 2014-01-22 17:33 - 00000000 _____ C:\Windows\setuperr.log
2014-01-22 16:23 - 2013-07-31 16:45 - 00035625 _____ C:\Users\Felix\Downloads\Addition.txt
2014-01-22 15:07 - 2013-12-20 19:46 - 00000000 ____D C:\Users\Felix\AppData\Roaming\TS3Client
2014-01-22 10:57 - 2014-01-22 10:46 - 00000000 ____D C:\Users\Felix\AppData\Local\Microsoft Games
2014-01-20 16:48 - 2013-07-30 05:44 - 00000000 ____D C:\Users\Felix\AppData\Local\Adobe
2014-01-20 16:48 - 2013-07-28 19:41 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-20 16:48 - 2013-07-28 19:41 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-20 16:48 - 2013-07-28 19:41 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-17 19:43 - 2013-12-28 16:45 - 00000000 ____D C:\Users\Felix\Desktop\musik
2014-01-16 20:34 - 2014-01-16 20:34 - 00839174 _____ C:\Users\Felix\Desktop\szenario.ils4
2014-01-16 20:33 - 2014-01-16 20:33 - 00082890 _____ C:\Users\Felix\Desktop\mod.ils4
2014-01-15 20:28 - 2009-07-14 05:45 - 00451168 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-15 18:13 - 2013-08-04 19:05 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 18:12 - 2012-02-14 19:12 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-14 20:41 - 2014-01-14 20:40 - 20656362 _____ C:\Users\Felix\Downloads\setup.zip
2014-01-14 20:41 - 2014-01-14 20:38 - 00000000 ____D C:\Users\Felix\Desktop\ILST
2014-01-14 19:06 - 2014-01-14 19:06 - 00000000 ____D C:\Users\Felix\Desktop\data
2014-01-13 18:22 - 2014-01-14 18:47 - 00000000 ____D C:\Users\Felix\Desktop\Mod_OberbergNeu
2014-01-12 15:18 - 2012-02-14 18:39 - 01598386 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2014-01-08 20:43 - 2014-01-08 20:43 - 00003064 _____ C:\Windows\System32\Tasks\{A4C329CE-F458-41DD-BF61-1773BBC3C6F5}
2014-01-08 20:41 - 2014-01-08 20:41 - 00003064 _____ C:\Windows\System32\Tasks\{D9EFB391-AC6E-452E-A9DF-5C0843B1C17B}
2014-01-05 02:45 - 2014-01-04 18:16 - 00000000 ____D C:\Users\Felix\Desktop\Walking dead 4
2013-12-30 11:27 - 2013-07-29 18:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-28 16:26 - 2013-11-15 17:31 - 00001532 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2013-12-28 16:26 - 2013-11-15 17:30 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-12-28 16:26 - 2013-08-13 17:24 - 00000000 ____D C:\Users\Felix\AppData\Roaming\DVDVideoSoft
2013-12-28 16:25 - 2013-12-28 16:25 - 34115288 _____ (DVDVideoSoft Ltd. ) C:\Users\Felix\Downloads\FreeYouTubeToMP3Converter(1).exe
Some content of TEMP:
====================
C:\Users\Felix\AppData\Local\Temp\RegSvr32User.exe
C:\Users\Felix\AppData\Local\Temp\vb43iorx.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-20 21:03
==================== End Of Log ============================
--- --- --- --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-01-2014
Ran by Anonymus at 2014-01-27 18:43:33
Running from C:\Users\Felix\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
Apple Application Support (x32 Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
AVM FRITZ!WLAN (x32 Version: - AVM Berlin)
B109n-z (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Bonjour (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Call of Duty: Modern Warfare 3 - Multiplayer (x32 Version: - Infinity Ward)
CCleaner (Version: 4.04 - Piriform)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.)
Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
DC-Bass Source 1.3.0 (x32 Version: - )
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
DirectVobSub 2.40.4209 (x32 Version: 2.40.4209 - MPC-HC Team)
DivX-Setup (x32 Version: 2.6.1.8 - DivX, LLC)
Emergency4 (x32 Version: 1.03.001 - )
ETDWare PS/2-X64 11.13.2.4_WHQL (Version: 11.13.2.4 - ELAN Microelectronic Corp.)
Feuer- und Notfallsimulation Wegberg Version 6.0 (x32 Version: 6.0 - Marco H.)
ffdshow v1.1.4399 [2012-03-22] (x32 Version: 1.1.4399.0 - )
Free Pdf Perfect Prereq (x32 Version: 1.1.0.70 - Covus Freemium GmbH) Hidden
Free YouTube to MP3 Converter version 3.12.19.1219 (x32 Version: 3.12.19.1219 - DVDVideoSoft Ltd.)
Freemium Free PDF Perfect (x32 Version: 1.0 - Freemium)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Haali Media Splitter (x32 Version: - )
HP Customer Participation Program 14.0 (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (Version: 14.0 - HP)
HP Photosmart Wireless B109n-z All-in-One Driver Software 14.0 Rel. 6 (Version: - HP)
HP Smart Web Printing 4.60 (Version: 4.60 - HP)
HP Solution Center 14.0 (Version: 14.0 - HP)
HP Update (x32 Version: 5.002.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
iCloud (Version: 3.1.0.40 - Apple Inc.)
Intel(R) Management Engine Components (x32 Version: 9.5.3.1520 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 9.18.10.3165 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.5.0.1066 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.5.0.1066 - Intel Corporation) Hidden
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 3.0.0.63463 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 2.5.0.19 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden
iTunes (Version: 11.1.4.62 - Apple Inc.)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Lagarith Lossless Codec (1.3.27) (x32 Version: - )
LAME v3.99.3 (for Windows) (x32 Version: - )
LogMeIn Hamachi (x32 Version: 2.2.0.109 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.109 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 365 Home Premium - de-de (Version: 15.0.4551.1005 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
NVIDIA GeForce Experience 1.7 (Version: 1.7 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (Version: 331.65 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.140.952 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus 9.3.16 (Version: 9.3.16 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA ShadowPlay 9.3.16 (Version: 9.3.16 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Update 9.3.16 (Version: 9.3.16 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 9.3.16 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.9 (Version: 1.2.9 - NVIDIA Corporation)
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1005 - Microsoft Corporation) Hidden
OpenSource Flash Video Splitter 1.0.0.5 (x32 Version: 1.0.0.5 - )
PS_AIO_06_B109n-z_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Qualcomm Atheros Killer Network Manager (Version: 6.1.0.550 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager (x32 Version: 6.1.0.550 - Qualcomm Atheros)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
REALTEK Bluetooth Driver (x32 Version: 3.9691.663.020613 - REALTEK Semiconductor Corp.)
Realtek Card Reader (x32 Version: 6.2.9200.21228 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6959 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (x32 Version: 1.00.0212 - REALTEK Semiconductor Corp.)
RTS Wegberg Version 2.0 (x32 Version: 2.0 - Marco H.)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
SCM (Version: 13.013.04011 - Application)
SHIELD Streaming (Version: 1.6.34 - NVIDIA Corporation) Hidden
Shop for HP Supplies (Version: 14.0 - HP)
Skype™ 6.6 (x32 Version: 6.6.106 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (Version: 3.0.13 - TeamSpeak Systems GmbH)
TeamViewer 8 (x32 Version: 8.0.19617 - TeamViewer)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Ultimate Codec Packages (HKCU Version: - ) <==== ATTENTION
Update for Ultimate Codec (HKCU Version: - ) <==== ATTENTION
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VisualBee for Microsoft PowerPoint (HKCU Version: V3.9 - VisualBee.com)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
WinRAR 4.20 (64-Bit) (Version: 4.20.0 - win.rar GmbH)
Xvid Video Codec (x32 Version: 1.3.2 - Xvid Team)
==================== Restore Points =========================
14-01-2014 19:34:10 Simulationsprogramm Integrierte Leitstelle V4 wird entfernt
15-01-2014 17:11:54 Windows Update
21-01-2014 15:30:42 Windows Update
24-01-2014 16:00:21 Windows Update
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {03F808CC-0301-41CD-ABE3-5054223C2515} - \DealPly No Task File
Task: {1387F99A-15FE-4FA6-AF63-8CE83D887660} - System32\Tasks\{A4C329CE-F458-41DD-BF61-1773BBC3C6F5} => C:\Program Files (x86)\BK Elektronik\Simulationsprogramm Integrierte Leitstelle V4\ILS-SimV4.exe
Task: {15E94D35-C012-47FB-A12C-0A3DC768E5E0} - System32\Tasks\{FA798317-5274-4139-BDD9-F7ACED4F978E} => C:\Program Files (x86)\BK Elektronik\Simulationsprogramm Integrierte Leitstelle V4\ILS-SimV4.exe
Task: {24728299-8AEC-4185-BF22-366BFDADD8D4} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {5D31E009-A7ED-40F5-91BA-9C8FEE0C3753} - \DealPlyUpdate No Task File
Task: {5E4FB163-AB17-426D-BA76-192DCCD6D649} - System32\Tasks\{A37A6CF3-C1B8-4009-A9F1-643F4DB14663} => C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe
Task: {630DB15E-BFE5-4B26-B6DE-2B20C48A34DB} - \QtraxPlayer No Task File
Task: {70629DDF-D57A-4B84-8695-990697AF3C34} - System32\Tasks\{FF5EBAB2-AB0A-46E7-BE67-E2D1BCFDCC80} => C:\Program Files (x86)\BK Elektronik\Simulationsprogramm Integrierte Leitstelle V4\ILS-SimV4.exe
Task: {778E1192-92B8-474D-AC19-3AE3EC19BF89} - \Desk 365 RunAsStdUser No Task File
Task: {7AD17BAC-9420-495A-880D-15FD2E49ECB7} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2013-11-27] (Microsoft Corporation)
Task: {80921214-3AAF-4D3B-B40F-A03CEF1B7EF4} - System32\Tasks\{522814BB-B8EF-4DBB-802C-20E4082F50A2} => C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe
Task: {8C60A5CA-F62E-432E-BB5E-88B8D6C0DFA8} - System32\Tasks\{D9EFB391-AC6E-452E-A9DF-5C0843B1C17B} => C:\Program Files (x86)\BK Elektronik\Simulationsprogramm Integrierte Leitstelle V4\ILS-SimV4.exe
Task: {90BBACD7-06DB-435C-815E-1AA45736BE5B} - \ProtectedSearch\Protected Search No Task File
Task: {945A51F8-10D4-4ECA-99B9-91DEB7470F19} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {95E47A5D-DBFF-442E-BACB-6DA57BA9D034} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-20] (Adobe Systems Incorporated)
Task: {A1E44AD3-CACE-4453-A4F1-ED1119073F8B} - System32\Tasks\{CA407B8C-15F7-4A6D-9E48-910E81F88474} => C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe
Task: {B88727DF-B84D-49DA-BD98-B319A5E0D828} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: {C7C503D3-23E0-4698-977F-69AA16297B61} - System32\Tasks\Microsoft\Office\Office First Run Task => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-09-17] (Microsoft Corporation)
Task: {D639D731-DC23-404C-8477-68412D215113} - System32\Tasks\{B1D7A799-F91D-442A-B17B-4CD41460694E} => C:\Program Files (x86)\sixteen tons entertainment\Emergency4\Em4.exe [2007-10-11] ()
Task: {D6825F7F-0751-41BA-8C19-EB4651D5AE85} - System32\Tasks\{E5CC6569-A8C6-4BAE-A851-06C582F749B9} => C:\Program Files (x86)\sixteen tons entertainment\Emergency4\Em4.exe [2007-10-11] ()
Task: {EEAABF06-B88A-4BAF-8F1D-C0AA996DF335} - System32\Tasks\{0F4DE93C-4B1A-42CF-82FA-6F5EFFFAF858} => C:\Program Files (x86)\sixteen tons entertainment\Emergency4\Em4.exe [2007-10-11] ()
Task: {FF966BCC-5893-4868-81F5-BD6DB8ABBB61} - \Browser Updater\Browser Updater No Task File
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2011-05-09 19:46 - 2011-05-09 19:46 - 02760192 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtCore4.dll
2011-05-09 19:56 - 2011-05-09 19:56 - 09856000 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtGui4.dll
2011-05-09 19:48 - 2011-05-09 19:48 - 00990720 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtNetwork4.dll
2011-05-09 19:47 - 2011-05-09 19:47 - 00416256 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtXml4.dll
2013-03-15 11:22 - 2013-03-15 11:22 - 00217600 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFCommon.dll
2011-05-10 11:32 - 2011-05-10 11:32 - 00731648 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\qwt5.dll
2013-03-15 11:22 - 2013-03-15 11:22 - 00404992 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modApplications.dll
2013-03-15 11:22 - 2013-03-15 11:22 - 00036864 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modFeatures.dll
2013-03-15 11:22 - 2013-03-15 11:22 - 00025088 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modFraps.dll
2013-03-15 11:22 - 2013-03-15 11:22 - 00240128 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modGraph.dll
2013-03-15 11:22 - 2013-03-15 11:22 - 00062464 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modlcd.dll
2013-03-15 11:22 - 2013-03-15 11:22 - 00291328 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modNetwork.dll
2013-03-15 11:22 - 2013-03-15 11:22 - 00184832 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modNpu.dll
2013-03-15 11:22 - 2013-03-15 11:22 - 00211456 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modOptions.dll
2013-03-15 11:22 - 2013-03-15 11:22 - 00064000 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modOverview.dll
2013-03-15 11:22 - 2013-03-15 11:22 - 00317440 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modSystemInfo.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-08 20:23 - 2013-12-12 23:19 - 00142848 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-01-08 20:23 - 2013-11-05 02:12 - 00890592 _____ () C:\Program Files (x86)\Steam\libavutil-52.dll
2013-07-01 07:20 - 2013-12-12 23:04 - 00716800 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2013-07-26 13:46 - 2014-01-07 22:00 - 01138088 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-07-15 13:32 - 2013-12-12 23:04 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2013-06-14 14:49 - 2013-06-15 00:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2013-06-14 14:49 - 2013-06-15 00:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2013-06-14 14:49 - 2013-06-15 00:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2013-06-17 12:35 - 2013-06-17 12:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2013-05-08 14:52 - 2013-05-08 14:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
2013-12-26 13:57 - 2013-12-26 13:57 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-07-28 20:01 - 2013-05-08 05:23 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== Faulty Device Manager Devices =============
Name: Photosmart Wireless B109n-z
Description: Photosmart Wireless B109n-z
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/27/2014 06:34:26 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: daemonu.exe, Version: 9.3.16.0, Zeitstempel: 0x525f66c3
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000008
Fehleroffset: 0x00082915
ID des fehlerhaften Prozesses: 0xd00
Startzeit der fehlerhaften Anwendung: 0xdaemonu.exe0
Pfad der fehlerhaften Anwendung: daemonu.exe1
Pfad des fehlerhaften Moduls: daemonu.exe2
Berichtskennung: daemonu.exe3
Error: (01/27/2014 06:33:57 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/27/2014 11:11:34 AM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -2143485936
Error: (01/27/2014 11:11:34 AM) (Source: Microsoft Office 15) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {C681B6BC-4F95-4500-8833-E5EE6953B0DE}
Error: (01/27/2014 11:11:22 AM) (Source: Microsoft Office 15) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {C681B6BC-4F95-4500-8833-E5EE6953B0DE}
Error: (01/27/2014 11:02:29 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: daemonu.exe, Version: 9.3.16.0, Zeitstempel: 0x525f66c3
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000008
Fehleroffset: 0x00082915
ID des fehlerhaften Prozesses: 0xf64
Startzeit der fehlerhaften Anwendung: 0xdaemonu.exe0
Pfad der fehlerhaften Anwendung: daemonu.exe1
Pfad des fehlerhaften Moduls: daemonu.exe2
Berichtskennung: daemonu.exe3
Error: (01/27/2014 11:01:38 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/27/2014 10:55:48 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: daemonu.exe, Version: 9.3.16.0, Zeitstempel: 0x525f66c3
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000008
Fehleroffset: 0x00082915
ID des fehlerhaften Prozesses: 0xf4c
Startzeit der fehlerhaften Anwendung: 0xdaemonu.exe0
Pfad der fehlerhaften Anwendung: daemonu.exe1
Pfad des fehlerhaften Moduls: daemonu.exe2
Berichtskennung: daemonu.exe3
Error: (01/27/2014 10:53:49 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/25/2014 03:21:59 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: daemonu.exe, Version: 9.3.16.0, Zeitstempel: 0x525f66c3
Name des fehlerhaften Moduls: daemonu.exe, Version: 9.3.16.0, Zeitstempel: 0x525f66c3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00026160
ID des fehlerhaften Prozesses: 0xb98
Startzeit der fehlerhaften Anwendung: 0xdaemonu.exe0
Pfad der fehlerhaften Anwendung: daemonu.exe1
Pfad des fehlerhaften Moduls: daemonu.exe2
Berichtskennung: daemonu.exe3
System errors:
=============
Error: (01/27/2014 06:34:27 PM) (Source: Service Control Manager) (User: )
Description: Dienst "NVIDIA Update Service Daemon" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/27/2014 06:34:08 PM) (Source: DCOM) (User: )
Description: {0006F03A-0000-0000-C000-000000000046}
Error: (01/27/2014 11:02:29 AM) (Source: Service Control Manager) (User: )
Description: Dienst "NVIDIA Update Service Daemon" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/27/2014 11:01:39 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst AVP erreicht.
Error: (01/27/2014 10:55:53 AM) (Source: Service Control Manager) (User: )
Description: Dienst "NVIDIA Update Service Daemon" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/27/2014 10:53:53 AM) (Source: DCOM) (User: )
Description: {0006F03A-0000-0000-C000-000000000046}
Error: (01/25/2014 03:26:17 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (01/25/2014 03:22:06 PM) (Source: Service Control Manager) (User: )
Description: Dienst "NVIDIA Update Service Daemon" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/25/2014 03:20:02 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 25.01.2014 um 15:18:22 unerwartet heruntergefahren.
Error: (01/25/2014 01:52:12 PM) (Source: DCOM) (User: )
Description: {0006F03A-0000-0000-C000-000000000046}
Microsoft Office Sessions:
=========================
Error: (01/27/2014 06:34:26 PM) (Source: Application Error)(User: )
Description: daemonu.exe9.3.16.0525f66c3ntdll.dll6.1.7601.18247521ea8e7c000000800082915d0001cf1b85d1f13027C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exeC:\Windows\SysWOW64\ntdll.dll44453f1b-8779-11e3-b143-240a6438a4e4
Error: (01/27/2014 06:33:57 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/27/2014 11:11:34 AM) (Source: Office 2013 Licensing Service)(User: )
Description: Subscription licensing service failed: -2143485936
Error: (01/27/2014 11:11:34 AM) (Source: Microsoft Office 15)(User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {C681B6BC-4F95-4500-8833-E5EE6953B0DE}
Error: (01/27/2014 11:11:22 AM) (Source: Microsoft Office 15)(User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {C681B6BC-4F95-4500-8833-E5EE6953B0DE}
Error: (01/27/2014 11:02:29 AM) (Source: Application Error)(User: )
Description: daemonu.exe9.3.16.0525f66c3ntdll.dll6.1.7601.18247521ea8e7c000000800082915f6401cf1b46b2fd4ad6C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exeC:\Windows\SysWOW64\ntdll.dll212088b4-873a-11e3-9d91-240a6438a4e4
Error: (01/27/2014 11:01:38 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/27/2014 10:55:48 AM) (Source: Application Error)(User: )
Description: daemonu.exe9.3.16.0525f66c3ntdll.dll6.1.7601.18247521ea8e7c000000800082915f4c01cf1b45869bfd5cC:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exeC:\Windows\SysWOW64\ntdll.dll324a532d-8739-11e3-8e8c-240a6438a4e4
Error: (01/27/2014 10:53:49 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/25/2014 03:21:59 PM) (Source: Application Error)(User: )
Description: daemonu.exe9.3.16.0525f66c3daemonu.exe9.3.16.0525f66c3c000000500026160b9801cf19d896ae49bbC:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exeC:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe0cc982ce-85cc-11e3-bdc5-240a6438a4e4
CodeIntegrity Errors:
===================================
Date: 2014-01-25 17:31:19.905
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-25 17:31:19.903
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-25 17:31:19.900
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-25 17:31:19.885
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-25 17:31:19.883
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-25 17:31:19.880
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-25 16:47:48.544
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-25 16:47:48.544
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-25 16:47:48.528
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-25 15:47:14.146
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 32%
Total physical RAM: 8112.65 MB
Available physical RAM: 5509.07 MB
Total Pagefile: 16223.48 MB
Available Pagefile: 13252 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:156.25 GB) (Free:71.61 GB) NTFS
Drive d: () (Fixed) (Total:307.65 GB) (Free:307.55 GB) NTFS
Drive e: (MW3_DVD1) (CDROM) (Total:7.78 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 051DE3B8)
Partition 1: (Active) - (Size=2 GB) - (Type=0B)
Partition 2: (Not Active) - (Size=156 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=308 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
27.01.2014, 18:59
| #4 |
| Doppelaccount | Lösung: WIN7 Extrem langsam! Das Problem hatten wir auch, Win7 wurde immer wieder laaangsaam bis zum Stillstand. Dienste durchsehen und so viel wie möglich abschalten ! Mit TraxEx löschen und defragmentieren. - hat geholfen hier noch etwas > AdwCleaner Geändert von Max8 (27.01.2014 um 19:06 Uhr) |
|
27.01.2014, 19:41
| #5 |
| | Wie WIN7 Extrem langsam! Mein Informatik Lehrer hat das heute teilweise defragmentiert, hat aber "NUR" 112MB gebracht. Also nicht die Welt. Dabei ist ihm ein virtuelles Laufwerk aufgefallen, dass eigentlich garnicht da sein dürfte. Wenn ich darf, lade ich gerne einen Screenshot hoch. Bitte falls erwünscht sagen, ob und wo ich das Bild hochladen soll. Die Leistungsbewertung des Notebooks beträgt 5,9 und ist aus der Systemsteuerung abgelesen und vorher Aktualisiert worden! |
|
27.01.2014, 23:35
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Wo WIN7 Extrem langsam! Lösung! Adware/Junkware/Toolbars entfernen 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ --> WIN7 Extrem langsam! |
|
28.01.2014, 13:34
| #7 |
| | WIN7 Extrem langsam!Code:
ATTFilter # AdwCleaner v3.017 - Bericht erstellt am 28/01/2014 um 13:09:36
# Aktualisiert 12/01/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : Anonymus - FELIX-PC
# Gestartet von : C:\Users\Felix\Downloads\adwcleaner_3.017.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Users\Felix\AppData\Local\emaze
Datei Gelöscht : C:\Windows\System32\Tasks\Browser Updater
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\desk365_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\desk365_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\plus-hd-2_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\plus-hd-2_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_download_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_download_RASMANCS
Schlüssel Gelöscht : HKLM\Software\hdcode
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DSite
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Mozilla Firefox v26.0 (de)
[ Datei : C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\663fc740.default\prefs.js ]
[ Datei : C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\663fc740.default\prefs.js ]
[ Datei : C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\663fc740.default\prefs.js ]
*************************
AdwCleaner[0].txt - [6808 octets] - [20/08/2013 15:33:15]
AdwCleaner[R0].txt - [1347 octets] - [20/08/2013 15:26:03]
AdwCleaner[R1].txt - [4040 octets] - [10/09/2013 16:30:49]
AdwCleaner[R2].txt - [2035 octets] - [07/11/2013 18:38:15]
AdwCleaner[R3].txt - [1421 octets] - [16/11/2013 11:46:38]
AdwCleaner[R4].txt - [2225 octets] - [28/01/2014 13:08:55]
AdwCleaner[S0].txt - [2999 octets] - [10/09/2013 16:31:34]
AdwCleaner[S1].txt - [2098 octets] - [07/11/2013 18:40:33]
AdwCleaner[S2].txt - [1482 octets] - [16/11/2013 11:47:27]
AdwCleaner[S3].txt - [2096 octets] - [28/01/2014 13:09:36]
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [2156 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Ultimate x64
Ran by Anonymus on 28.01.2014 at 13:28:17,13
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\Felix\AppData\Roaming\mozilla\firefox\profiles\663fc740.default\minidumps [36 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28.01.2014 at 13:31:17,02
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-01-2014 02
Ran by Anonymus (administrator) on FELIX-PC on 28-01-2014 13:33:30
Running from C:\Users\Felix\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(MSI) C:\Program Files (x86)\SCM\Radio Manager.exe
(MSI) C:\Program Files (x86)\SCM\SCM.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
() C:\Program Files (x86)\REALTEK\Realtek Bluetooth\SkypePlugin.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [BtServer] - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [452608 2013-01-28] (Realtek Semiconductor Corporation)
HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2875728 2013-03-04] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-10-18] (NVIDIA Corporation)
HKLM\...\Run: [Radio Manager] - C:\Program Files (x86)\SCM\Radio Manager.exe [406920 2013-04-01] (MSI)
HKLM\...\Run: [SCM] - C:\Program Files (x86)\SCM\SCM.exe [407968 2013-04-01] (MSI)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1063200 2013-10-18] (NVIDIA Corporation)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [AVMWlanClient] - C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2009-11-18] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3813200 2014-01-23] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1815976 2014-01-27] (Valve Corporation)
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
MountPoints2: {747a19c9-f7b0-11e2-933a-806e6f6e6963} - E:\SETUP.EXE
MountPoints2: {7840fd75-f7d5-11e2-ab2c-806e6f6e6963} - E:\CDSetup.exe
MountPoints2: {a1c4c90a-f7ac-11e2-9ea9-bdf80bd1a8f2} - F:\pushinst.exe
AppInit_DLLs: c:\windows\syswow64\nvinit.dll, => c:\windows\syswow64\nvinit.dll [141336 2013-10-23] (NVIDIA Corporation)
AppInit_DLLs: c:\windows\syswow64\nvinit.dll, => c:\windows\syswow64\nvinit.dll [141336 2013-10-23] (NVIDIA Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-10-23] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll, => c:\windows\syswow64\nvinit.dll [141336 2013-10-23] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-10-23] (NVIDIA Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD1AFCC26C68BCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - No Name - {EFC2B9BE-AB2B-47F1-A47D-9EB28E58C917} - No File
Toolbar: HKLM-x32 - No Name - {EFC2B9BE-AB2B-47F1-A47D-9EB28E58C917} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 02 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 03 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 04 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 05 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 06 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 18 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 01 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 02 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 03 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 04 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 05 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 06 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 18 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
FireFox:
========
FF ProfilePath: C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\663fc740.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @soft-xpansion/npsxpdf - C:\Program Files (x86)\Common Files\Freemium\np-sxpdf.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: CookieCuller - C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\663fc740.default\Extensions\{99B98C2C-7274-45a3-A640-D9DF1A1C8460}.xpi [2013-08-14]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [{B45418F9-6406-4828-9D1A-35313FB1E2D6}] - C:\ProgramData\Freemium\Free PDF Perfect\Data\fftb
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-08-19]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2013-11-16]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2013-11-16]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2013-11-16]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2013-11-16]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2013-11-16]
FF HKLM-x32\...\Thunderbird\Extensions: [{B45418F9-6406-4828-9D1A-35313FB1E2D6}] - C:\ProgramData\Freemium\Free PDF Perfect\Data\fftb
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-08-19]
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2013-07-29]
CHR Extension: (Content Blocker) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2013-07-29]
CHR Extension: (Plus-HD-2.5) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd [2013-07-29]
CHR Extension: (Virtual Keyboard) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2013-07-29]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-07-28]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17]
==================== Services (Whitelisted) =================
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [29184 2012-12-26] (Realtek Semiconductor Corporation)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [39424 2012-12-07] ()
R2 HPSLPSVC; C:\Users\Felix\AppData\Local\Temp\7zS05C3\hpslpsvc64.dll [1039360 2013-02-06] (Hewlett-Packard Co.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-08] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-08] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377104 2013-12-13] (LogMeIn, Inc.)
R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2013-04-01] (Micro-Star International Co., Ltd.)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15122208 2013-10-18] (NVIDIA Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-09-17] (Microsoft Corporation)
R2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [495616 2013-03-15] ()
R2 RtkBleServ; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe [39424 2012-12-07] (Realtek Semiconductor Corporation)
S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234096 2013-08-01] (soft Xpansion)
==================== Drivers (Whitelisted) ====================
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [66928 2013-03-15] (Qualcomm Atheros, Inc.)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-03-22] (Intel Corporation)
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [165824 2013-03-15] (Qualcomm Atheros, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-11-16] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [112224 2013-06-08] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [620640 2013-12-20] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2013-12-20] (Kaspersky Lab ZAO)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99800 2013-05-08] (Intel Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-09-28] (NVIDIA Corporation)
R3 RtkBtFilter; C:\Windows\System32\DRIVERS\RtkBtfilter.sys [518800 2012-12-06] (Realtek Semiconductor Corporation)
R3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [407112 2013-04-28] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1514568 2013-05-02] (Realtek Semiconductor Corporation )
S3 athr; system32\DRIVERS\athrx.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-28 13:31 - 2014-01-28 13:31 - 00000779 _____ C:\Users\Felix\Desktop\JRT.txt
2014-01-28 13:13 - 2014-01-28 13:13 - 01037068 _____ (Thisisu) C:\Users\Felix\Downloads\JRT(2).exe
2014-01-28 13:08 - 2014-01-28 13:08 - 01236282 _____ C:\Users\Felix\Downloads\adwcleaner_3.017.exe
2014-01-27 21:17 - 2014-01-27 21:17 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2014-01-27 18:42 - 2014-01-28 13:33 - 00000000 ____D C:\Users\Felix\Downloads\FRST-OlderVersion
2014-01-24 17:27 - 2014-01-24 17:27 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2014-01-24 17:27 - 2014-01-24 17:27 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-24 17:27 - 2014-01-24 17:27 - 00000000 ____D C:\Program Files\iTunes
2014-01-24 17:27 - 2014-01-24 17:27 - 00000000 ____D C:\Program Files\iPod
2014-01-24 17:27 - 2014-01-24 17:27 - 00000000 ____D C:\Program Files (x86)\iTunes
2014-01-22 17:33 - 2014-01-28 13:26 - 00002847 _____ C:\Windows\setupact.log
2014-01-22 17:33 - 2014-01-22 17:33 - 00000000 _____ C:\Windows\setuperr.log
2014-01-22 10:46 - 2014-01-22 10:57 - 00000000 ____D C:\Users\Felix\AppData\Local\Microsoft Games
2014-01-16 20:34 - 2014-01-16 20:34 - 00839174 _____ C:\Users\Felix\Desktop\szenario.ils4
2014-01-16 20:33 - 2014-01-16 20:33 - 00082890 _____ C:\Users\Felix\Desktop\mod.ils4
2014-01-15 14:39 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 14:39 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 14:39 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 14:39 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 14:39 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 14:39 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 14:39 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 14:39 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 14:39 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-14 20:40 - 2014-01-14 20:41 - 20656362 _____ C:\Users\Felix\Downloads\setup.zip
2014-01-14 20:38 - 2014-01-14 20:41 - 00000000 ____D C:\Users\Felix\Desktop\ILST
2014-01-14 19:06 - 2014-01-14 19:06 - 00000000 ____D C:\Users\Felix\Desktop\data
2014-01-14 18:47 - 2014-01-13 18:22 - 00000000 ____D C:\Users\Felix\Desktop\Mod_OberbergNeu
2014-01-08 20:43 - 2014-01-08 20:43 - 00003064 _____ C:\Windows\System32\Tasks\{A4C329CE-F458-41DD-BF61-1773BBC3C6F5}
2014-01-08 20:41 - 2014-01-08 20:41 - 00003064 _____ C:\Windows\System32\Tasks\{D9EFB391-AC6E-452E-A9DF-5C0843B1C17B}
2014-01-04 18:16 - 2014-01-05 02:45 - 00000000 ____D C:\Users\Felix\Desktop\Walking dead 4
==================== One Month Modified Files and Folders =======
2014-01-28 13:34 - 2013-09-10 16:51 - 00024552 _____ C:\Users\Felix\Downloads\FRST.txt
2014-01-28 13:33 - 2014-01-27 18:42 - 00000000 ____D C:\Users\Felix\Downloads\FRST-OlderVersion
2014-01-28 13:33 - 2013-07-31 16:41 - 00000000 ____D C:\FRST
2014-01-28 13:33 - 2013-07-31 16:40 - 02079232 _____ (Farbar) C:\Users\Felix\Downloads\FRST64.exe
2014-01-28 13:31 - 2014-01-28 13:31 - 00000779 _____ C:\Users\Felix\Desktop\JRT.txt
2014-01-28 13:30 - 2013-08-04 18:55 - 01778012 _____ C:\Windows\WindowsUpdate.log
2014-01-28 13:28 - 2013-11-16 21:37 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2014-01-28 13:28 - 2013-07-28 18:38 - 00027955 _____ C:\Users\Felix\AppData\Local\BTServer.log
2014-01-28 13:27 - 2013-08-22 10:01 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-28 13:27 - 2013-07-30 18:15 - 00000000 ____D C:\Users\Felix\AppData\Local\LogMeIn Hamachi
2014-01-28 13:27 - 2013-07-28 19:57 - 00000000 ____D C:\ProgramData\Bigfoot Networks
2014-01-28 13:26 - 2014-01-22 17:33 - 00002847 _____ C:\Windows\setupact.log
2014-01-28 13:26 - 2013-07-28 18:37 - 00000000 ____D C:\ProgramData\Realtek
2014-01-28 13:26 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-28 13:19 - 2009-07-14 05:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-28 13:19 - 2009-07-14 05:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-28 13:13 - 2014-01-28 13:13 - 01037068 _____ (Thisisu) C:\Users\Felix\Downloads\JRT(2).exe
2014-01-28 13:12 - 2013-07-28 19:41 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-28 13:09 - 2013-08-20 15:25 - 00000000 ____D C:\AdwCleaner
2014-01-28 13:08 - 2014-01-28 13:08 - 01236282 _____ C:\Users\Felix\Downloads\adwcleaner_3.017.exe
2014-01-27 21:17 - 2014-01-27 21:17 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2014-01-27 21:17 - 2013-07-30 18:14 - 00000926 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-01-27 18:43 - 2013-07-31 16:45 - 00029652 _____ C:\Users\Felix\Downloads\Addition.txt
2014-01-27 11:07 - 2011-04-12 08:43 - 00700720 _____ C:\Windows\system32\perfh007.dat
2014-01-27 11:07 - 2011-04-12 08:43 - 00150326 _____ C:\Windows\system32\perfc007.dat
2014-01-27 11:07 - 2009-07-14 06:13 - 01624106 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-25 16:48 - 2013-12-06 16:35 - 00000000 __SHD C:\Users\Felix\wc
2014-01-24 17:27 - 2014-01-24 17:27 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2014-01-24 17:27 - 2014-01-24 17:27 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-24 17:27 - 2014-01-24 17:27 - 00000000 ____D C:\Program Files\iTunes
2014-01-24 17:27 - 2014-01-24 17:27 - 00000000 ____D C:\Program Files\iPod
2014-01-24 17:27 - 2014-01-24 17:27 - 00000000 ____D C:\Program Files (x86)\iTunes
2014-01-24 17:24 - 2013-07-28 21:35 - 00000000 ____D C:\ProgramData\Apple
2014-01-22 17:33 - 2014-01-22 17:33 - 00000000 _____ C:\Windows\setuperr.log
2014-01-22 15:07 - 2013-12-20 19:46 - 00000000 ____D C:\Users\Felix\AppData\Roaming\TS3Client
2014-01-22 10:57 - 2014-01-22 10:46 - 00000000 ____D C:\Users\Felix\AppData\Local\Microsoft Games
2014-01-20 16:48 - 2013-07-30 05:44 - 00000000 ____D C:\Users\Felix\AppData\Local\Adobe
2014-01-20 16:48 - 2013-07-28 19:41 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-20 16:48 - 2013-07-28 19:41 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-20 16:48 - 2013-07-28 19:41 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-17 19:43 - 2013-12-28 16:45 - 00000000 ____D C:\Users\Felix\Desktop\musik
2014-01-16 20:34 - 2014-01-16 20:34 - 00839174 _____ C:\Users\Felix\Desktop\szenario.ils4
2014-01-16 20:33 - 2014-01-16 20:33 - 00082890 _____ C:\Users\Felix\Desktop\mod.ils4
2014-01-15 20:28 - 2009-07-14 05:45 - 00451168 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-15 18:13 - 2013-08-04 19:05 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 18:12 - 2012-02-14 19:12 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-14 20:41 - 2014-01-14 20:40 - 20656362 _____ C:\Users\Felix\Downloads\setup.zip
2014-01-14 20:41 - 2014-01-14 20:38 - 00000000 ____D C:\Users\Felix\Desktop\ILST
2014-01-14 19:06 - 2014-01-14 19:06 - 00000000 ____D C:\Users\Felix\Desktop\data
2014-01-13 18:22 - 2014-01-14 18:47 - 00000000 ____D C:\Users\Felix\Desktop\Mod_OberbergNeu
2014-01-12 15:18 - 2012-02-14 18:39 - 01598386 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2014-01-08 20:43 - 2014-01-08 20:43 - 00003064 _____ C:\Windows\System32\Tasks\{A4C329CE-F458-41DD-BF61-1773BBC3C6F5}
2014-01-08 20:41 - 2014-01-08 20:41 - 00003064 _____ C:\Windows\System32\Tasks\{D9EFB391-AC6E-452E-A9DF-5C0843B1C17B}
2014-01-05 02:45 - 2014-01-04 18:16 - 00000000 ____D C:\Users\Felix\Desktop\Walking dead 4
2013-12-30 11:27 - 2013-07-29 18:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
Some content of TEMP:
====================
C:\Users\Felix\AppData\Local\Temp\Quarantine.exe
C:\Users\Felix\AppData\Local\Temp\RegSvr32User.exe
C:\Users\Felix\AppData\Local\Temp\vb43iorx.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-20 21:03
==================== End Of Log ============================
--- --- --- --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-01-2014 02
Ran by Anonymus at 2014-01-28 13:34:14
Running from C:\Users\Felix\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Kaspersky Internet Security (Disabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Disabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
Apple Application Support (x32 Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
AVM FRITZ!WLAN (x32 Version: - AVM Berlin)
B109n-z (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Bonjour (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Call of Duty: Modern Warfare 3 - Multiplayer (x32 Version: - Infinity Ward)
CCleaner (Version: 4.04 - Piriform)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.)
Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
DC-Bass Source 1.3.0 (x32 Version: - )
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
DirectVobSub 2.40.4209 (x32 Version: 2.40.4209 - MPC-HC Team)
DivX-Setup (x32 Version: 2.6.1.8 - DivX, LLC)
Emergency4 (x32 Version: 1.03.001 - )
ETDWare PS/2-X64 11.13.2.4_WHQL (Version: 11.13.2.4 - ELAN Microelectronic Corp.)
Feuer- und Notfallsimulation Wegberg Version 6.0 (x32 Version: 6.0 - Marco H.)
ffdshow v1.1.4399 [2012-03-22] (x32 Version: 1.1.4399.0 - )
Free Pdf Perfect Prereq (x32 Version: 1.1.0.70 - Covus Freemium GmbH) Hidden
Free YouTube to MP3 Converter version 3.12.19.1219 (x32 Version: 3.12.19.1219 - DVDVideoSoft Ltd.)
Freemium Free PDF Perfect (x32 Version: 1.0 - Freemium)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Haali Media Splitter (x32 Version: - )
HP Customer Participation Program 14.0 (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (Version: 14.0 - HP)
HP Photosmart Wireless B109n-z All-in-One Driver Software 14.0 Rel. 6 (Version: - HP)
HP Smart Web Printing 4.60 (Version: 4.60 - HP)
HP Solution Center 14.0 (Version: 14.0 - HP)
HP Update (x32 Version: 5.002.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
iCloud (Version: 3.1.0.40 - Apple Inc.)
Intel(R) Management Engine Components (x32 Version: 9.5.3.1520 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 9.18.10.3165 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.5.0.1066 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.5.0.1066 - Intel Corporation) Hidden
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 3.0.0.63463 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 2.5.0.19 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden
iTunes (Version: 11.1.4.62 - Apple Inc.)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Lagarith Lossless Codec (1.3.27) (x32 Version: - )
LAME v3.99.3 (for Windows) (x32 Version: - )
LogMeIn Hamachi (x32 Version: 2.2.0.114 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.114 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 365 Home Premium - de-de (Version: 15.0.4551.1005 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
NVIDIA GeForce Experience 1.7 (Version: 1.7 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (Version: 331.65 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.140.952 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus 9.3.16 (Version: 9.3.16 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA ShadowPlay 9.3.16 (Version: 9.3.16 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Update 9.3.16 (Version: 9.3.16 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 9.3.16 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.9 (Version: 1.2.9 - NVIDIA Corporation)
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1005 - Microsoft Corporation) Hidden
OpenSource Flash Video Splitter 1.0.0.5 (x32 Version: 1.0.0.5 - )
PS_AIO_06_B109n-z_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Qualcomm Atheros Killer Network Manager (Version: 6.1.0.550 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager (x32 Version: 6.1.0.550 - Qualcomm Atheros)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
REALTEK Bluetooth Driver (x32 Version: 3.9691.663.020613 - REALTEK Semiconductor Corp.)
Realtek Card Reader (x32 Version: 6.2.9200.21228 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6959 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (x32 Version: 1.00.0212 - REALTEK Semiconductor Corp.)
RTS Wegberg Version 2.0 (x32 Version: 2.0 - Marco H.)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
SCM (Version: 13.013.04011 - Application)
SHIELD Streaming (Version: 1.6.34 - NVIDIA Corporation) Hidden
Shop for HP Supplies (Version: 14.0 - HP)
Skype™ 6.6 (x32 Version: 6.6.106 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (Version: 3.0.13 - TeamSpeak Systems GmbH)
TeamViewer 8 (x32 Version: 8.0.19617 - TeamViewer)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Ultimate Codec Packages (HKCU Version: - ) <==== ATTENTION
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VisualBee for Microsoft PowerPoint (HKCU Version: V3.9 - VisualBee.com)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
WinRAR 4.20 (64-Bit) (Version: 4.20.0 - win.rar GmbH)
Xvid Video Codec (x32 Version: 1.3.2 - Xvid Team)
==================== Restore Points =========================
14-01-2014 19:34:10 Simulationsprogramm Integrierte Leitstelle V4 wird entfernt
15-01-2014 17:11:54 Windows Update
21-01-2014 15:30:42 Windows Update
24-01-2014 16:00:21 Windows Update
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {03F808CC-0301-41CD-ABE3-5054223C2515} - \DealPly No Task File
Task: {1387F99A-15FE-4FA6-AF63-8CE83D887660} - System32\Tasks\{A4C329CE-F458-41DD-BF61-1773BBC3C6F5} => C:\Program Files (x86)\BK Elektronik\Simulationsprogramm Integrierte Leitstelle V4\ILS-SimV4.exe
Task: {15E94D35-C012-47FB-A12C-0A3DC768E5E0} - System32\Tasks\{FA798317-5274-4139-BDD9-F7ACED4F978E} => C:\Program Files (x86)\BK Elektronik\Simulationsprogramm Integrierte Leitstelle V4\ILS-SimV4.exe
Task: {24728299-8AEC-4185-BF22-366BFDADD8D4} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {5D31E009-A7ED-40F5-91BA-9C8FEE0C3753} - \DealPlyUpdate No Task File
Task: {5E4FB163-AB17-426D-BA76-192DCCD6D649} - System32\Tasks\{A37A6CF3-C1B8-4009-A9F1-643F4DB14663} => C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe
Task: {630DB15E-BFE5-4B26-B6DE-2B20C48A34DB} - \QtraxPlayer No Task File
Task: {70629DDF-D57A-4B84-8695-990697AF3C34} - System32\Tasks\{FF5EBAB2-AB0A-46E7-BE67-E2D1BCFDCC80} => C:\Program Files (x86)\BK Elektronik\Simulationsprogramm Integrierte Leitstelle V4\ILS-SimV4.exe
Task: {778E1192-92B8-474D-AC19-3AE3EC19BF89} - \Desk 365 RunAsStdUser No Task File
Task: {7AD17BAC-9420-495A-880D-15FD2E49ECB7} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2013-11-27] (Microsoft Corporation)
Task: {80921214-3AAF-4D3B-B40F-A03CEF1B7EF4} - System32\Tasks\{522814BB-B8EF-4DBB-802C-20E4082F50A2} => C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe
Task: {8C60A5CA-F62E-432E-BB5E-88B8D6C0DFA8} - System32\Tasks\{D9EFB391-AC6E-452E-A9DF-5C0843B1C17B} => C:\Program Files (x86)\BK Elektronik\Simulationsprogramm Integrierte Leitstelle V4\ILS-SimV4.exe
Task: {90BBACD7-06DB-435C-815E-1AA45736BE5B} - \ProtectedSearch\Protected Search No Task File
Task: {945A51F8-10D4-4ECA-99B9-91DEB7470F19} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {95E47A5D-DBFF-442E-BACB-6DA57BA9D034} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-20] (Adobe Systems Incorporated)
Task: {A1E44AD3-CACE-4453-A4F1-ED1119073F8B} - System32\Tasks\{CA407B8C-15F7-4A6D-9E48-910E81F88474} => C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe
Task: {B88727DF-B84D-49DA-BD98-B319A5E0D828} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: {C7C503D3-23E0-4698-977F-69AA16297B61} - System32\Tasks\Microsoft\Office\Office First Run Task => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-09-17] (Microsoft Corporation)
Task: {D639D731-DC23-404C-8477-68412D215113} - System32\Tasks\{B1D7A799-F91D-442A-B17B-4CD41460694E} => C:\Program Files (x86)\sixteen tons entertainment\Emergency4\Em4.exe [2007-10-11] ()
Task: {D6825F7F-0751-41BA-8C19-EB4651D5AE85} - System32\Tasks\{E5CC6569-A8C6-4BAE-A851-06C582F749B9} => C:\Program Files (x86)\sixteen tons entertainment\Emergency4\Em4.exe [2007-10-11] ()
Task: {EEAABF06-B88A-4BAF-8F1D-C0AA996DF335} - System32\Tasks\{0F4DE93C-4B1A-42CF-82FA-6F5EFFFAF858} => C:\Program Files (x86)\sixteen tons entertainment\Emergency4\Em4.exe [2007-10-11] ()
Task: {FF966BCC-5893-4868-81F5-BD6DB8ABBB61} - \Browser Updater\Browser Updater No Task File
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2011-05-09 19:46 - 2011-05-09 19:46 - 02760192 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtCore4.dll
2011-05-09 19:56 - 2011-05-09 19:56 - 09856000 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtGui4.dll
2011-05-09 19:48 - 2011-05-09 19:48 - 00990720 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtNetwork4.dll
2011-05-09 19:47 - 2011-05-09 19:47 - 00416256 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtXml4.dll
2013-03-15 11:22 - 2013-03-15 11:22 - 00217600 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFCommon.dll
2011-05-10 11:32 - 2011-05-10 11:32 - 00731648 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\qwt5.dll
2013-03-15 11:22 - 2013-03-15 11:22 - 00404992 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modApplications.dll
2013-03-15 11:22 - 2013-03-15 11:22 - 00036864 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modFeatures.dll
2013-03-15 11:22 - 2013-03-15 11:22 - 00025088 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modFraps.dll
2013-03-15 11:22 - 2013-03-15 11:22 - 00240128 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modGraph.dll
2013-03-15 11:22 - 2013-03-15 11:22 - 00062464 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modlcd.dll
2013-03-15 11:22 - 2013-03-15 11:22 - 00291328 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modNetwork.dll
2013-03-15 11:22 - 2013-03-15 11:22 - 00184832 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modNpu.dll
2013-03-15 11:22 - 2013-03-15 11:22 - 00211456 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modOptions.dll
2013-03-15 11:22 - 2013-03-15 11:22 - 00064000 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modOverview.dll
2013-03-15 11:22 - 2013-03-15 11:22 - 00317440 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modSystemInfo.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-06-17 12:35 - 2013-06-17 12:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2013-05-08 14:52 - 2013-05-08 14:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
2014-01-08 20:23 - 2013-12-12 23:19 - 00142848 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-01-08 20:23 - 2013-11-05 02:12 - 00890592 _____ () C:\Program Files (x86)\Steam\libavutil-52.dll
2013-07-01 07:20 - 2014-01-11 00:33 - 00717312 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2013-07-26 13:46 - 2014-01-27 20:02 - 01138088 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-07-15 13:32 - 2014-01-11 00:33 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2013-06-14 14:49 - 2013-06-15 00:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2013-06-14 14:49 - 2013-06-15 00:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2013-06-14 14:49 - 2013-06-15 00:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2013-07-28 20:01 - 2013-05-08 05:23 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2013-12-26 13:57 - 2013-12-26 13:57 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-01-20 16:48 - 2014-01-20 16:48 - 16287624 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== Faulty Device Manager Devices =============
Name: Photosmart Wireless B109n-z
Description: Photosmart Wireless B109n-z
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-01-27 19:05:18.360
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-27 19:05:18.360
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-27 19:05:18.344
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-27 19:05:18.328
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-27 19:05:18.328
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-27 19:05:18.313
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-25 17:31:19.905
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-25 17:31:19.903
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-25 17:31:19.900
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-25 17:31:19.885
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 31%
Total physical RAM: 8112.65 MB
Available physical RAM: 5543.6 MB
Total Pagefile: 16223.48 MB
Available Pagefile: 13169.62 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:156.25 GB) (Free:71.62 GB) NTFS
Drive d: () (Fixed) (Total:307.65 GB) (Free:307.55 GB) NTFS
Drive e: (MW3_DVD1) (CDROM) (Total:7.78 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 051DE3B8)
Partition 1: (Active) - (Size=2 GB) - (Type=0B)
Partition 2: (Not Active) - (Size=156 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=308 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
28.01.2014, 15:17
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | WIN7 Extrem langsam! Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes Anti-Malware (MBAM) Hinweis: Denk bitte vorher daran, Malwarebytes Anti-Malware über den Updatebutton zu aktualisieren! Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
28.01.2014, 20:44
| #9 |
| | WIN7 Extrem langsam!Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.01.27.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16476 Anonymus :: FELIX-PC [Administrator] 28.01.2014 16:19:51 mbam-log-2014-01-28 (16-19-51).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 428658 Laufzeit: 57 Minute(n), 59 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.01.27.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16476 Anonymus :: FELIX-PC [Administrator] 28.01.2014 17:25:30 mbam-log-2014-01-28 (17-25-30).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 229866 Laufzeit: 2 Minute(n), 31 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=f1f171806aa9fe4ab567bed4a18fdc53
# engine=16832
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-01-28 07:38:40
# local_time=2014-01-28 08:38:40 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 15863 142567770 0 0
# scanned=211814
# found=0
# cleaned=0
# scan_time=10719
|
|
29.01.2014, 01:09
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | WIN7 Extrem langsam! [gelöst] TFC - Temp File Cleaner Lade dir  TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.
Sieht soweit ok aus  Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.01.2014, 20:51
| #11 |
| | WIN7 Extrem langsam! [gelöst] Erstmal riesen Dank für die flotte hilfe!  Mich macht halt nur noch einiges stutzig. Zuerst das: Code:
ATTFilter Warnung 29.01.2014 20:23:15 Diagnostics-Performance 110 Systemstart-Leistungsüberwachung
Warnung 29.01.2014 20:23:15 Diagnostics-Performance 101 Systemstart-Leistungsüberwachung
Kritisch 29.01.2014 20:23:15 Diagnostics-Performance 100 Systemstart-Leistungsüberwachung
Warnung 28.01.2014 20:15:42 Diagnostics-Performance 301 Standbyleistungsüberwachung
Fehler 28.01.2014 20:15:42 Diagnostics-Performance 300 Standbyleistungsüberwachung
Kritisch 28.01.2014 16:11:12 Diagnostics-Performance 100 Systemstart-Leistungsüberwachung
Warnung 28.01.2014 16:11:12 Diagnostics-Performance 203 Herunterfahr-Leistungsüberwachung
Warnung 28.01.2014 16:11:12 Diagnostics-Performance 200 Herunterfahr-Leistungsüberwachung
Kritisch 28.01.2014 13:28:56 Diagnostics-Performance 100 Systemstart-Leistungsüberwachung
Warnung 28.01.2014 13:28:55 Diagnostics-Performance 200 Herunterfahr-Leistungsüberwachung
Kritisch 28.01.2014 13:13:31 Diagnostics-Performance 100 Systemstart-Leistungsüberwachung
Warnung 28.01.2014 13:13:30 Diagnostics-Performance 200 Herunterfahr-Leistungsüberwachung
Warnung 28.01.2014 12:56:47 Diagnostics-Performance 203 Herunterfahr-Leistungsüberwachung
Warnung 28.01.2014 12:56:47 Diagnostics-Performance 200 Herunterfahr-Leistungsüberwachung
Kritisch 28.01.2014 12:56:45 Diagnostics-Performance 100 Systemstart-Leistungsüberwachung
Der unbekannte virtuelle Datenträger heißt wie folgt: ┐ § ǁ ┘ À² Es ist auch kein USB Stick oder sonst was angeschlossen. Auch ist die Leistungsbewertung enorm schlecht: Code:
ATTFilter Prozessor 7,6
RAM 7,7
Grafik 7,1
Grafik Spiele 7,1
Primäre Festplatte 5,9
 |
|
29.01.2014, 21:37
| #12 | ||
| /// Winkelfunktion /// TB-Süch-Tiger™ | WIN7 Extrem langsam! [gelöst]Zitat:
Zitat:
 MaxWert ist 7.9!! Mehr gibt es nicht!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.01.2014, 22:00
| #13 |
| | WIN7 Extrem langsam! [gelöst] Echt?! Dann muss ich sagen, dass mein Informatik Lehrer keine Ahnung auf dem Gebiet hat, weil er zu mir meinte, dass 1,0 das beste sei und man aufgrund der "schlechten Leistungsbewertungen" (7,1 usw.) in meinem System darauf schließen kann, dass etwas nicht stimmt.  Kannst du mir was zu den Fehlermeldungen sagen? |
|
29.01.2014, 22:04
| #14 |
| | WIN7 Extrem langsam! [gelöst] |
|
29.01.2014, 23:06
| #15 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | WIN7 Extrem langsam! [gelöst]Zitat:
Wirf die mal aus und schau dann nochmal bei Defrag nach. Alternative zum Windows-Defrag: Defraggler - Download - Filepony 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu WIN7 Extrem langsam! |
| browser, direkt, einfach, geforce, großes, hallo zusammen, jahre, komplett, lange, langsam, link, logfiles, notebook, rechner, richtig, ruckel, server, spam, spiele, stelle, super, tipps, win, win7, wirklich, zusammen |
Linear-Darstellung
